Author Archive

Is Simplicity the Key to Privacy?

Friday, February 24th, 2006

While doing a literature search, I ran across an interesting news article. According to this article, Representative Ed Markey (D-MA) is introducing a bill called “Eliminate Warehousing of Consumer Internet Data Act of 2006”. One of the more compelling notions behind this bill is that of deleting data after use. I wonder — could this be a key component to protecting privacy?

Think about it. Even if a company used your information, if they had to delete it afterwards, wouldn’t your privacy most likely be preserved? Furthermore, if they used it to transfer to someone else, and that person is bound by the same law, the same logic would follow. The recipient of the transfer could use your information for its intended purpose and then they must delete it. Granted, there would need to be stringent guidelines for what constitutes “intended use”.

If we were to accept this approach, we would no longer have the staggering number of ubiquitous data warehouses full of our private information, and companies such as ChoicePoint and Axiom would not be selling our information to other vendors.

This sounds like a nice idea, but would such a bill ever be passed? Would politicians be able to withstand the lobbying power of organizations seeking to bar such legislation from being passed?

This certainly isn’t a solution to our privacy woes, but it is a simple idea that may be a step in the right direction. Read more in Markey’s press realease.

To Centralize or Not To Centralize

Friday, February 3rd, 2006

That is the question that this blog post pontificates. According to a recent study by the Privacy Rights Clearinghouse, of 113 data breaches since February 2005, 55 of them took place at colleges, universities, and university-affiliated medical centers. A list of data breaches for 2005 have been posted by Neo Scale here, but a few noteworthy ones are Stanford University, UC-Berkeley, and Carnegie Mellon University.

One of the primary reasons cited for the disproportionate number of data breaches at universities is the decentralized environment — data being spread out in various locations on campus which makes it difficult to control the access to the data. To a degree, this doesn’t seem very intuitive and certainly contrary to the old saying ‘don’t put all your eggs in one basket’. Centralization not only serves as an even more enticing target for would-be hackers, but it also means the result of a successful breakin would be even more catastrophic. However, centralization is more cost effective, as it requires organizations to procure less hardware which results in cost savings.

Decentralization, on the other hand, means that if there were a breakin, consumers/students are less likely to have their information compromised. However, decentralization also means that it is possible that there are multiple copies of a person’s information floating around. The preferable and more secure approach is not entirely clear.

It seems that the largest problem facing decentralized environments is accountability, management, and standards. What can be done about this? Certainly, formalized, comprehensive privacy and security policies would be a step in the right direction. Adherence to these policies is essential. And continued research efforts into technologies and techniques to combat intrusions.

A full article on the Privacy Clearinghouse study can be found here on the UCSD Guardian Online.

Are you on the Federal Terror Watchlist?

Wednesday, December 7th, 2005

According to a C|Net article, 30,000 airline passengers have been mistakenly placed on the federal watch list. Having your name match with a name on the watchlist means you are subject to extra screening. According to Jim Kennedy, director of the Transportation Security Administration’s redress office, none of these passengers were kept from boarding.

In order to avoid these inconveniences, a person must submit forms to the TSA proving their identity, and the evaluation of these forms can take 45 to 60 days. At this point, the passenger’s name is not removed from the list. Instead, their name is put on a “clearance” list. This means they will not be able to check-in at a kiosk, and they would typically have to explain their situation to a customer service representative at check-in.

As a private citizen, I understand that sometimes all we have to go on is a name. Consider the possibility that a list of names were found in a known-terrorist’s desk drawer. These names are then put on the watchlist. This seems like a reasonable action. However, as a computer scientist and a researcher, it seems inefficient and almost irresponsible to just place a person’s name on a “clearance” list after having their identity verified and still subject the individual to inconvenience whenever they travel. If this is the best that the government has come up with, it seems a bit disturbing.

In the government’s defense, it seems they are trying to rectify these issues with a new Secure Flight program that is currently being scrutinized before approval. According to this article, Homeland Security is in the final stages of approving a new pre-flight screening process. The Data Privacy and Integrity Advisory Commitee is advising them to narrowly focus the pre-screening program, possibly by requiring a passenger’s name and date of birth. The advisory panel also says that the TSA has yet to fully define Secure Flight, while the American Civil Liberties Union has repeatedly called on Homeland Security to eliminate the program.

Read more about this C|Net story here.

Privacy and Public Transportation

Saturday, December 3rd, 2005

On the 9th of December, 2005, a Denver woman is scheduled to be arraigned in a federal District court. Apparently, this 50 year old mother of four was taking a public bus to work when a security guard got on the bus and demanded to see everyone’s “papers.” Deborah Davis, knowing she had done nothing wrong, refused, and the security guard called federal officers to arrest her.

This situation raises some interesting concerns. Should we be required to identify ourselves whenever we take public transportation? Allowing this to stand in court may open the door to more disconcerting implications. At what point do we draw the line? In large cities, the government would be able to track the movement of the majority of its citizens at all times. This is already possible when a person purchases a monthly, electronic pass. However, this is currently optional and an individual may opt to pay cash for their transportation to avoid Big Brother knowing their location. If this case holds up, it seems to me that it could be used to justify a system where everyone can be tagged, identified, and located whenever they use public transportation.

In London, surveillance cameras provide the government means to visually track persons using their public transportation. This seems to be a less invasive way of tracking people who use public transportation without forcing them to identify themselves. It would also prove to be more useful to prove criminal offenses carried out in public areas. However, many feel this alternative also exploits the privacy rights of citizens. Read more here.

NC Law Helps Fight ID Theft

Friday, December 2nd, 2005

According to a Raleigh News & Observer article, North Carolina passed a law that allows people to freeze their credit reports to thwart identity thieves. Essentially, by freezing their credit reports, the person creates a shield around their credit report so that companies attempting to view their credit report are denied. Since creditors generally will not grant credit to people when they cannot access their credit report, this keeps identity thieves from applying for credit cards, loans, etc. under the victim’s name. This is one of 40 laws that North Carolina is enacting in order to combat a problem that carries a national cost of $48 billion a ear for businesses and $5 billlion for consumers.

Read more about this by accessing the N&O article here.

Enforcement of Privacy Policies

Monday, November 28th, 2005 is currently conducting a survey to gauge user comprehension and views on privacy policies. While conducting the survey, we’ve received several pieces of valuable feedback from our participants. One particular area of interest is the lack of enforceability of privacy policies. Many respondants expressed concerned that privacy policies are useless because the privacy practices of an institution may not be in compliance with their privacy policy. Furthermore, the privacy policy may not be a consideration when the business is sold or goes bankrupt.

This is a very good point. However, we cannot abandon privacy policies because of current lack of enforcement. We will need to maintain privacy policies for those mechanisms that are in place, or being put into place, to ensure compliance of the policies. For example, consider the UK Information Commisioner’s Office’s recent unveiling of their new enforcement strategy. David Smith, the new deputy information commissioner, has announced that his office will bring enforcement actions against businesses that deliberately or repeatedly ignore their responsibilities under the Data Protection Act of 1998.

Privacy policies are necessary policies because we require accountability. We need to hold organizations accountable for their privacy practices, and one such way of doing so is to ensure that companies are keeping their promises (via the privacy policies) to consumers.

Read more about the Information Commisioner’s Office’s new Strategy here.

Can Your Google Searches Incriminate You?

Tuesday, November 22nd, 2005

Slashdot posted a blurb about a Raleigh, NC news article detailing how a Google search has been used in a criminal case. Apparently, the defendent searched Google for the words “neck”, “snap”, “break”, and “hold” before the death of his wife. The evidence was found on the defendent’s computer after a search of his home.

The slashdot blogger asks questions such as: “Should police be able to search through your search history for “questionable” searches before you’ve been arrested for a crime, and what effect would this have on the health of society?”

It seems to me that the debate here is about the confidentiality of your online activities and whether the lack thereof would compromise the health of society. Personally, I believe that, with probable cause and a warrant, Google searches and search histories are fair game. It seems no different than rifling through your videotapes, mail, and magazines to see what you’ve been reading about lately. If all of these media are admissible, I don’t see why Google searches wouldn’t be. The fact that it is in digital form and easily accessible would seem irrelevant.

As privacy researchers, we are interested in protecting the rights of individuals. However, this must be tempered with common sense and an overarching goal of benefiting society. In this case, it seems that this particular invasion of privacy is legal and probably just.

Read more about the article and commentary here.

Sony’s Secret Software on CDs

Thursday, November 10th, 2005

The Electronic Frontier Foundation reports that Sony has been shipping CDs that infect computers with a Rootkit. A rootkit is a set of programs or tools, generally installed by hackers, that run stealthily in the background. Sony’s rootkit, called XCP2 and developed by First 4 Internet, “protects” music from being illegally copied. However, the software also seems to prevent legal uses of the CDs such as listening to the songs on your iPod. It also reportedly slows down PCs and makes computers more susceptible to attacks. Unfortunately, the software hides itself, so you may not even know you are infected.

To Sony’s credit, you can distinguish which CDs have this software by the noting the “CONTENT-FILTERED” label on the left transparent spine of the CD case and the fine print on the back of the CD case. Although, I might take that back. Given the stealthy nature of the software, and the fact that Sony is unwilling to disclose a list of the CDs with this software installed on it, it seems that Sony is only disclosing as much information as is required. Privacy doesn’t just deal with the confidentiality of information, it also concerns the availability of your information. In this instance, Sony is abusing the inherent trust a consumer has in their newly purchased product.

To read more about this or to obtain a list of the known infected CDs, click here to read the EFF article.

Apparently, laywers in California has filed a class-action lawsuit against Sony to prevent them from selling CDs with this software on it. Furthermore, California is seeking monetary damages for its consumers. A suit in New York is expected to be filed later today.

National Security Letters

Wednesday, November 9th, 2005

According to a Washington Post article, the FBI can issue a letter to an Internet Service Provider (ISP) or Financial Institution forcing them to hand over information on their customers. The Post article describes a situation where George Christian, who manages digital records for libraries in Connecticut, was approached by the FBI who demanded he turn over information about usage on a specific computer. They also warned him not to tell anyone about the demand, ever.

The Washington Post explains the nature of the letters:

The FBI now issues more than 30,000 national security letters a year, according to government sources, a hundredfold increase over historic norms. The letters — one of which can be used to sweep up the records of many people — are extending the bureau’s reach as never before into the telephone calls, correspondence and financial lives of ordinary Americans.

Issued by FBI field supervisors, national security letters do not need the imprimatur of a prosecutor, grand jury or judge. They receive no review after the fact by the Justice Department or Congress. The executive branch maintains only statistics, which are incomplete and confined to classified reports. The Bush administration defeated legislation and a lawsuit to require a public accounting, and has offered no example in which the use of a national security letter helped disrupt a terrorist plot.

The most disturbing part about this, to me at least, is the lack of checks and balances in place. This gives the FBI carte blanche to invade the privacy of any individual, at any time, for any reason, leaving individuals with little to no recourse.

Read more in the Washington Post article here.

What Your Word Processor Can Reveal About You

Tuesday, November 8th, 2005

The Concurring Opinions Privacy Blog had a very descriptive and informative post that explains how Microsoft Word documents may give away information about you that you are unaware of. They point out that Microsoft Word documents contain “metadata” that encodes information about the authors and editors of each document. They also cite a few examples of how this can come back to haunt you.

Similarly, according to this article, the Electronic Frontier Foundation has cracked a secret printer code with the Xerox DocuColor line of laser printers. Apparently, this is the word of the U.S. Secret Service. Encoded in each document printed from the laser printer is the date and time the document was printed, as well as the serial number of the printer.

The point is, your privacy may be at risk in ways you aren’t aware of.