Control and Code: Privacy Online: Difference between revisions

Latest revision as of 00:28, 12 April 2012

Syllabus

Jan 29
Feb 5
Feb 12
Feb 19
Feb 26
Mar 5
Mar 12
Mar 19 - No class

Mar 26
Apr 2
Apr 9
Apr 16
Apr 23
Apr 30
May 7 - No class
May 14 – Final Project

April 3

Code is law; the architecture of the Internet and the software that runs on it will determine to a large extent how the Net is regulated in a way that goes far deeper than legal means could ever achieve (or at least ever achieve alone). Technological advances have also produced many tempting options for regulation and surveillance that may severely alter the balance of privacy, access to information and sharing of intellectual property. By regulating behavior, technological architectures or codes embed different values and political choices. Yet code is often treated as a technocratic affair, or something best left to private economic actors pursuing their own interests. If code is law, then control of code is power. If important questions of social ordering are at stake, shouldn't the design and development of code be brought within the political process? In this class we delve into the technological alternatives that will shape interactions over the Internet, as well as the implications of each on personal freedom, privacy and combating cyber-crime.

Slides (PDF)

Readings

Optional Readings

Class Discussion

April 3: Control and Code: Privacy Online

The introduction of Warren and Brandeis “The Right to Privacy” has really left a few unanswered questions in my mind. Invasion of privacy can be applied to many situations in order to protect citizens. For instance, the right to not be detained for any length of time does seem to be arbitrarily attached to this notion of invasion of privacy. However, it is just that – an invasion of one's right to privacy. If I am bound to watch a television program because it captivates me with blistering colors and bright and loud advertising, would this constitute an invasion of privacy? Not so much, because I can always turn off the television. But what it every time I turned on the television I was constantly blasted with these loud adverts mesmerizing me to purchase something. Could this be construed as such? Perhaps. Although, I have yet to see any meaningful case tried in any court of law. Some would argue that the benefit of television far exceeds the negative annoyance of being blasted with obnoxious commercials. However, I might argue that the network has a moral and ethical obligation to upholding societal values. A scientific study could be conducted to demonstrate that long term exposure to certain cable network material has the power to shape collective thoughts that would allow for potential damage claims. However, I think that what we all have to examine more than anything is the question of whether or not this is a benefit or a detriment to society as a whole. Privacy is a key concern that we must all work to preserve while keeping in mind the fundamental concepts revealed through foundational documents. Just Johnny 17:12, 15 February 2012 (UTC)

This NYTimes article about surveillance over a variety of technological mediums in Great Britain could easily be another piece of HW for tomorrow's class if anyone is interested: http://www.nytimes.com/2012/04/03/world/europe/british-government-eavesdropping-plans-draw-protest.html?hp

Interesting about Hotspot Shield, I definitely was one of the people who used it and got the impression it was private without actually noticing what it allowed AnchorFree to track. On the other hand, I'm not at all surprised by the level of intentionally misleading speech Google employs to explain its (lack of) privacy protections by taking some extremely literal approaches to what they do or don't collect. If you have all of the components of a bomb and the ability to create it, it is a little misleading to say "I do not have a bomb in my possession in any way." I doubt the police would agree with this literally correct statement. That's what Google is doing when it says it doesn't collect personal info... it just collects all of the resources needed to immediately extrapolate that personal info, which it may or may not do any time it pleases.

There is still always the problem of information overload: it's no longer what info you can collect (since, as Google shows, you can get basically anything from the average user), but rather how good you are at searching and parsing it into something useful. There is also the issue that, like we discussed with the value of immediacy over accuracy in news reporting through Twitter, it is quite possible for people with good intentions to ruin someone's privacy and safety through a rush to judgement. Look at the Trayvon case, where someone (I think it was Spike Lee?) tweeted what he though was the home address of Trayvon's killer and it ended up being the residence of an older couple who had to leave in fear for their lives. When everything is accessible, massive mistakes can be made in the space of a keystroke, and cannot be undone so easily.

I worry about the word "consent" in terms of the information we share through our technology nowadays. We lose a right to privacy when we intentionally share information with the public; we consent to have that data known. But how many people understand what they are sharing by having a smartphone/GPS in their pocket 24/7? Is the fine print in the cell phone contract enough to count as consent? What about the location tags if I post to Facebook from my phone? How do we measure the level of understanding an individual has of what their technology is broadcasting about them and decide if it counted as "informed consent?" AlexLE 21:30, 3 April 2012 (UTC)

@AlexLE: Interesting comment on how errors can and do happen quite frequently. So, I think that this is interesting as it applies to data retention as is seen in Chapter 3 on the EU policies. It seems that not only is the right to privacy an issue, but also data parsing. Of course, there is damage that lasts far longer than the immediate damage caused by someone entering the wrong address, as you stated in the Spike Lee example. So I think that progress does need to be made in a lot of these ways, particularly within the United States. As far as I can remember, the US has not implemented as stringent policies as is seen in the EU data retention laws. So, I think in a lot of ways this would not only help a lot of people sleep better at night, but make for an overall more secure and therefore more stable society. Just Johnny 03:08, 12 April 2012 (UTC)

This week’s articles were so far the most interesting and appealing to me. The first article about the European Union and their Telecom surveillance was very accurate. The big difference between Europe and the United States in this matter is that unlike the US Government, most European governments are “spying” on their citizens through phone taps and the internet even when national security isn’t at risk. The best example of this are the numerous phone and computer taps applied to VIPs and politicians in Italy especially. The second article was also very fascinating especially when it cited George Orwell’s 1984. I fully agree with what is written in the article and I believe that people nowadays might complain about Government intrusion and their violation of our privacy, but to a certain extent people who use Facebook or even worse, Twitter to always let people know where they are or what they are having for breakfast, are the people who really shouldn’t have anything to say against governmental surveillance. I live in Italy and history has taught us that the biggest Mafia bosses like Toto’ Riina and Bernardo Provenzano were able to hide for decades without being tracked because they didn’t use technological instruments for communicating, but the famous “pizzini” which were pieces of paper with written commands passed on from man to man without being intercepted or tracked by the police. The Privacy 2.0 article was also interesting and I particularly liked reading the 1973 blue-ribbon panel report regarding the relationship between people and organizations/institutions where a physical person is starting to become simply a name on a computer file. I have experienced this to some extent in terms of job searching.Perfect Radiance Free Trial I would describe myself as being a very charismatic person with a decent resume for my age, but unfortunately most jobs I have applied to in the past use an online application system where you just send in your resume and then wait for an improbable interview. I always feel as if I could really advertise myself well if I was given a chance to meet personally with an employer but so far this has not been the case, and I personally blame technology. The article written by Supreme Court Justices Warren and Brandeis was very eloquent and truthful. When I used to take Constitutional Law in college, I was always reminded by my professor that in the US Constitution there is no such word as “privacy”, even though it is one of the biggest legal issues concerning everyday citizens. Emanuele 16:14, 3 April 2012 (UTC)

@Emanuele: This is very interesting that you bring up EU privacy in comparison to the privacy laws within the US. I was always under the impression that the EU has much stricter privacy laws while protecting civil liberties. Of course, the Patriot Act resonates as a strong reminder of the fact that a lot of Americans have had to give up their civil liberties in recent years. However, this is not necessarily to say that US privacy laws are less stringent than those imposed in various states within the EU. Although, I do think that this is an interesting comment that you have made. I do think that in either the EU or the US, both are trying to control citizens through various means.

Privacy is one of these big issues. When I post a blog entry from my home computer, I am exposing myself to a certain extent of government or corporate control. And the information basically remains on the server forever in some instances. If a corporation doesn't like what I've written, that corporation can sue me because they have everything they need to know through my ISP, IP address, and so on and so forth. In a lot of ways, people have been silenced in the online world because they simply don't want to have to deal with the hassle. So, it is a form of progress. But at what cost? And, is it worth those cost? And it's better to be safe, right? Although, this may seem a bit contradictory.

“The monitoring required by the EU data retention directive amounts to a form of surveillance. The directive does not take the form of surveillance that most quickly leaps to mind: the two men in a van with headphones listening to phone conversations of an unwitting crook in a seedy apartment. But it has functional similarities.”

This reminds me of these CCTV cameras that have been recently put in place throughout many major North American and European cities. While the authorities insist they are there only to protect people, by having the cameras on all of the time basically amounts to a 24 hour state of surveillance. Now, I don't want to get to far off topic, so I will only use this as an example to reinforce what I have been discussing.

When we look at ISP an internet surveillance, we are basically looking at a form of surveillance if we do not have laws which require the data to be retained and then destroyed on a regular rolling schedule. “The Internet is a 'surveillance-ready' technology.” So, I think that it is interesting that you bring this up, because I think that it is definitely an important topic for everyone to start to discuss and learn more about. Because once it's out there, gaining control of your own information can be quite problematic.

The home used to be a persons' sanctuary. And, while that may still be true to a certain extent, if you watch television, listen to the radio, go on the internet, use a phone, or check your mail, then there are ways of influencing a person through constant suggestions. Which can be really rather extremely annoying. And, this comes back to the right to privacy and the struggle from corporations, governments, and advertisers. So if my home is under constant surveillance then this does affect quality of life in a negative way and therefore individual contributions towards the overall productiveness of a society. Just Johnny 04:00, 12 April 2012 (UTC)

Great articles. I thought the Brandeis paper was fascinating because you could have removed the publication date and I'd be convinced this was written in the past 10 years and the technologies being discussed were the tools of social media and new media (twitter, blogging). @ Emmanuelle I thought you have some great insight into the EU article. Given the Murdoch UK Scandal I'd be interested in a study that measures the amount of cases "solved" with assistance of digital fingerprints or outright surveilance in contrast versus traditional policework. What is the trend? What is the trend in our quality of privacy given the Brandeis paper? His paper had me believe these problems make "1984" look like old news (or at least they foresaw a trend that would lead to further concern). Also concerned with the number of tools available for people today to snoop on others privacy such as the cellphone services. I'm interested to see what people think of the pro's v. cons of the evolution of our privacy slipping. Brendanlong 17:12, 3 April 2012 (UTC)

This week’s readings made me think of how exposed we are in a digital world, and how difficult it is to avoid being exposed, since our behaviors leave fingerprints and footprints that can be traced. The advent of new technologies also made it easy to find information quickly about individuals. For example, it is not unusual for companies to snoop on their employee’s activity on Facebook. I also agree, to some extent, that certain individuals like to be exposed, for instance, by posting pictures of themselves on Facebook and telling people what they are doing or where they are by posting on their statuses or checking into places using applications on their phone. Due to the findability and availability of personal data, users must be cautious of their online use. For instance, Facebook’s default privacy setting is that “everyone” can publicly view your profile and activities. Most of the time I do not think about privacy invasions, because I do feel some sense of control in allowing who can access my personal information, such as blocking certain people on Facebook. I also do not mind that certain data are made public, if I do not have anything to hide. For instance, I like the fact that hiring managers can “google” my name to find out whether or not I had lied on my resume regarding my employment history. In other cases, I do occasionally worry about identity theft, but new technologies also made it easy track down the offender. Regarding my debit card, I check my bank statements regularly. So, I really think that there are some measures that people can take to protect themselves, since it is difficult to avoid being exposed or leaving a trace. Qdang 18:16, 3 April 2012 (UTC)

Interesting point Brendan on the UK Murdoch scandal... There are certainly age-old constitutional questions regarding this week's readings The notion of privacy is at the heart of this age-old question of legal overreach concerning our "natural" rights to exchange information privately. In particular, the EU Data Retention article is an eyeopening reminder that the internet is full of holes in which security agencies can extract data in non-transparent or covert ways, particularly data that does not necessarily require the legal modalities to extract. Furthermore the centralized nature of the ISP's seems to establish the infrastructure for the practical monitoring of data. The fact that such large quantities of information can be centralized in a few major portals such as Google and Facebook must be a concern if laws are structured in such a way that these internet agencies must comply with private information requests from the government.

One section of the EU retention article is particularly telling:

"We know that the NSA is engaged in some level of warrantless surveillance of the international communications of U.S. citizens, but we do not know precisely what is being done with the data."

George W. Bush's administration was the first time in my generation that I had to be concerned about my privacy, and how the government could seemingly circumvent what we assumed to be legal protections from the Constitution. With the fluidity of the infrastructure, laws that may compel telecommunications companies to provide information, and furthermore a lack of transparency by government security apparatus's, privacy and the internet will be a continued subject for discourse, particularly as circumvention measures increase power of programmers over the security of the users as stated in the story. --Jimmyh 17:20, 3 April 2012 (UTC)

I thought it was pretty neat how Brandeis and Warren were effectively peering into the future and accurately writing about our society's current issues. I agree with Brendan on that one. I think that it can be easy to forget how little privacy we actually have, or maybe it's just that people define privacy in different ways. By now, most everyone knows that what you post on Facebook is basically public (even if your profile is private!), but people don't generally close their accounts over that. Instead, those who are concerned with privacy but still want to use the social media site try to limit what they post, or tend to be a bit more careful (one would like to think, anyway). I think our actions show that we're more accepting of less privacy, even if someone were to ask us about this, we'd say we were in favor of more privacy. Part of this has to do with convenience. But it's also important to consider the environment we live/grew up in. To many of us, certain "privacy losses" are the norm (having our photos online, etc). In "Blown to Bits," they write, "The social evolution that was supported by consumer technologies in turn made us more accepting of new enabling technologies; the social and technological evolutions have proceeded hand in hand." On the flip side of that, I think most of us would be reluctant to endorse RFID scanning of humans (although my dogs are "micro-chipped"!), RFIDs tracking our shoes/steps, or the grocery checkout scenario (in chapter 2 of "Blown to Bits") in favor of a little more convenience. One thing that really stuck out to me was how the concept of "public" has dramatically changed. Sure, campaign contributions or voter records have been available to the public for some time now, but not to the global public. In general, we all know this is as a fact (that the general public is now the "global public"), but if you take a second to think on it, it blows your mind. Companies "accidentally" take personal information they aren't entitled to fairly regularly. What the heck is Google up to these days, anyways? Thanks to their street view cars, they must have a nice collection of personal WiFi network information by now. But how much do we really care? What is being done about this/who is really and actively speaking out? How much does it bother you/what do you do about it? Aberg 19:46, 3 April 2012 (UTC)

The readings for this week about privacy and surveillance on the Internet were very interesting. They made me recall a Colombian case very close to my life. In 2009 I was studying a Summer School at Los Andes University in Colombia. Coincidentally one of the Colombian President Uribe’s sons was doing the same course, and we were in the same working group. We had to do the final presentation, and met for a couple of times, but suddenly he disappeared, didn’t answer the phone or e-mail anymore. Later we knew that somebody created a group in Facebook called “My compromise is to kill Geronimo Uribe (President’s son)” and his security guards had to hide him and take the most vigilant measures, especially because the present of the FARC in Colombia, an insurgent guerrilla commonly associated with terrorism acts, makes every situation to be taken seriously.

Thus, initially this group was attributed to the FARC by the Colombian government. Nevertheless, three months later the police managed to capture the creator of this group. He was a university student around his third year making a joke, but he didn’t know what Internet surveillance was capable of, and had to pay the consequences. He used an old laptop to enter Facebook from his house, located in the countryside of Bogota, Colombia’s capital. Although it was a relief to know that the real source of this threat to the President’s son was a teenager making a joke, first of all he had to apologize for his actions, and second he went to trial to pass sometime in jail.

At that time I was wondering how was possible to achieve this capture. I was surprised by the ability of the tech people from the police to track this person’s movements, but this week, after reading the Jhon Palfrey and Hal Roberts’ article I realized how easy it is to track information through the Internet. Moreover, I felt more astonished knowing that surveillance and violation of privacy is possible even when the information is encrypted.Fabiancelisj 19:59, 3 April 2012 (UTC)

The readings this week were very interesting and prompted me to go on Facebook and check out my own privacy settings and review the guidelines. Many of you above have mentioned some great examples. I believe that in general the public is not as concerned with privacy on the internet until something happens to them. We are reactive instead of proactive. Recently, Justin Bieber tweeted a few digits of his phone number and asked fans to guess the rest…the prize being a phone conversation. Several people’s phones were inundated with calls. Should there be laws in place to prevent instances such as this happening? This could be a slippery slope if laws are imposed.--Hds5 20:32, 3 April 2012 (UTC)

Readings this week make me feel that we often have the choice to leave private information or not on the Internet, at work, etc. But when it comes to Google we do not have that much choice unless not using it, meaning not using Internet anymore to be sure that our privacy is respected.--Sab 21:15, 3 April 2012 (UTC)

Jumping off of Brendan's comment about how contemporary "The Right to Privacy" feels, the idea of a "right to be left alone" that Warren and Brandeis mention continues to be relevant and contentious today. From legal battles to scrub an individual's search engine results to the widespread commercial and state aggregation and analysis of data, it seems that the kind of legal remedies for invasions of privacy that Warren and Brandeis advocate are further out of reach than ever. (Not that I would go as far as they suggest but I can imagine that they would be horrified if they were around today.) Where's the opt-out for how our personal data is leveraged by outside actors to make a profit or to make a case against us?Aditkowsky 21:18, 3 April 2012 (UTC)

Great articles.. Immediately reminded me about Carrier IQ fiasco. Was interesting how Carrier IQ denied, while others admitted it. http://www.theverge.com/mobile/2011/12/1/2604327/att-samsung-carrier-iq/in/2365736

Erzhik 21:40, 3 April 2012 (UTC)

The reading on the EU data retention directive is not surprising to me. I’ve lived in a lot of places and seen the lasso tightening. Of course such efforts are always going to be in the name of protection, and in many or most cases, that can be for the most part true, but power changes hands, and who is really in control becomes unclear. Some actors can indeed be benign, but others are not. Everyone wants to appear to be so, and with control of the media, it is easier than ever for them to camouflage themselves as such. The same people or organizations that start off as well-intentioned sometimes change, or their members change, their motivations change, or they are “bought out” by other interests or pressures. That can apply to political parties, politicians, or commercial interests. Finally, who can we trust? An interestingly related case in point is the malware and anti-malware companies, and who is behind them? Finally, who knows? Even governments make viruses and anti-viruses and pose as commercial companies. When it comes right down to it, what government is not an an intrinsically commercially influence or manipulated organization? Who set it up and why? Who runs it now? Who appears to run it and who actually runs it indirectly—and why? Historically, someone always wants to make the rest of us a part of their kingdom, large or small, and someone else wants to make that kingdom a part of theirs. There is always a “bigger fish.” That being the case, what we are actually trying to protect ourselves from, or escape, is human nature itself, amplified now by our growing technology. From my experience, only God Himself can help us to do that! Blown to Bits gave a very relevant insight to the fact that psychological conditioning is involved in the process of making willing subjects to the kingdom of surveillance. The process is subtle, sort of like the phenomena of boiling a frog. If you put a frog into a pot of warm water over a fire, as the water warms up, the frog does not notice, until you have frog stew.Mike 21:51, 3 April 2012 (UTC)

I found the wikipage on the "Human Flesh Search Engine" to be quite remarkable. In my work in development, I am familair with social capital and how the collaborative actions of communities can enhance the outputs and outcomes of certain projects, etc. I had never researched the impact of social capital in conjunction with social media to solve crimes, identify victims or expose fraud and corruption. I will certainly look more deeply into how such tools can be used in the work I perform in developing nations where fraud and corruption are sometimes major problems. Cfleming27 21:51, 10 April 2012 (UTC)

Links