Privacy

4332780839_5bbe4c9494_z

Copyright Infringement: Science Pirates Are Still Pirates

The scientific community has become embroiled in a debate around online piracy after Alexandra Elbaykyan, a graduate student based in Russia, setup Sci-Hub—an online database of 50 million stolen scholarly journal articles. After encountering paywalls for scientific journals, she setup Sci-Hub because she said she believed that scientific information should be free to use and share. Elbaykyan can try to justify it in whatever way she wants, but what she is doing still involves the theft of property that is not her own.

Sci-Hub has garnered some support in the online piracy debate as the business model used by scientific publishing firms has clearly not caught up to the digital age and is in need of reform. The firms commonly charge as much as $35 for a digital copy of a journal article. Yet, an annual subscription to a top journal, such as The Lancet, costs $233 for both digital access and a print copy. This means, assuming four journal articles per weekly issue, that they charge 31 times more for a single digital article than a paper one, with zero marginal costs for the digital. While

Read the rest

Censorship in France threatens to go abroad.

France Demands Right to Censor the Global Internet

In 2014, Europe’s highest court ruled that Europeans have the ability to request that search engines remove links from queries associated with their names if those results are irrelevant, incorrect, or outdated. As a result of this ruling, Google agreed to delist search results from country code level domains—such as Google.fr for France—to remove offending results for European users, without affecting the rest of its users worldwide. Earlier this month, Google expanded its practice so that it now will delist offending results from all Google search domains, including Google.com, for all European users, based on geo-location signals, such as IP addresses. So a user in France would not see delisted URLs even if they visit Google.com instead of Google.fr. France is now saying that this is insufficient and Google must take down offending material for all users visiting any of its domains worldwide.

Last week, the French privacy authority, the Commission Nationale de l’informatique et des Libertés (CNIL), fined Google €100,000 ($112,000) for failing to remove links associated with French right-to-be-forgotten requests from its global search index. France is trying to force its domestic policies on the rest of

Read the rest

privacy-key

With PrivacyCon, FTC Packs the Stage with “Yes People”

The Federal Trade Commission (FTC) hosted the first annual PrivacyCon in January 2016, an event designed to highlight the latest research and trends for consumer privacy and data security. The FTC’s stated goal was to bring together “whitehat researchers, academics, industry representatives, consumer advocates, and government regulators” for a lively discussion of the most recent privacy and security research. Unfortunately, not only did the event not reflect the diversity of perspectives on these issues, but the whole event seemed to be orchestrated to reinforce the FTC’s current regulatory strategy.

First, the “data security” side of this discussion was almost non-existent in the agenda. Of the 19 presentations, only 3 were about security. Given that the FTC has been flexing its regulatory muscle on corporate cybersecurity practices, this was a missed opportunity to delve into important cybersecurity research that could inform future oversight and investigations.

Second, the FTC mostly selected papers that jibed with its current enforcement agenda. As Roslyn Layton, a visiting fellow at the American Enterprise Institute, noted recently, of over 80 submissions that the FTC received for PrivacyCon, it selected 19 participants to give presentations with

Read the rest

Privacy Panic Cycle.

Pew Survey Offers Further Evidence of the Privacy Panic Cycle

The Pew Research Center released a survey last week that investigated the circumstances under which many U.S. citizens would share their personal information in return for getting something of perceived value. In the survey, Pew set up six hypothetical scenarios about different technologies—including office surveillance cameras, health data, retail loyalty cards, auto insurance, social media, and smart thermostats—and asked respondents whether the tradeoff they were offered for sharing their personal information was acceptable.

To be sure, some of the questions that Pew asked described one-sided tradeoffs that could have tainted the findings. Nevertheless, the overall results reveal that the Privacy Panic Cycle, the usual trajectory of public fear followed by widespread acceptance that often accompanies new technologies, is still going strong for many technologies.

The Privacy Panic Cycle explains how privacy concerns about new technologies flare up in the early years, but over time as people use, understand, and grow accustomed to these technologies, the concerns recede. For example, when the first portable Kodak camera first came out, it caused a big privacy panic, but today most people carry around phones in their pockets and do not give

Read the rest

Devices are becoming increasingly common in classrooms.

EFF Accelerates the Privacy Panic Cycle for EdTech

Earlier this month, the Electronic Frontier Foundation (EFF) launched a “Spying on Students” campaign to convince parents that school-supplied electronic devices and software present significant privacy risks for their children. This campaign highlights a phenomenon known as the privacy panic cycle, where advocacy groups make increasingly alarmist claims about the privacy implications of a new technology, until these fears spread through the news media to policymakers and the public, causing a panic before cooler heads prevail, and people eventually come to understand and appreciate innovative new products and services.

When it comes to privacy, EFF has a history of such histrionics. The organization has accused desktop printers of violating human rights, spread misinformation about the effectiveness of CCTV cameras, escalated confrontations around the purported abuse of RFID, cried foul over online behavioral advertising, and much more. These claims, even if overblown and ultimately disproved by experience, generate headlines and allow EFF to spread fear, ploughing the ground for harmful regulation or even technology bans.

EFF’s newly launched “Spying on Students” campaign is yet another example of this tendency to put fear ahead of fact. EFF

Read the rest

privacy-panic-blog-image

When Should We Hit the Panic Button on Privacy Concerns?

ITIF‘s latest report—“The Privacy Panic Cycle: A Guide to Public Fears About New Technologies”—analyzes the stages of public fear that accompany new technologies. Fear begins to take hold when privacy advocates make outsized claims about the privacy risks associated with new technologies. Those claims then filter through the news media to policymakers and the public, causing frenzies of consternation before cooler heads prevail, people come to understand and appreciate innovative new products and services, and everyone moves on. This phenomenon has occurred many times—from the portable Kodak Camera in 1888 to the  commercial drones of today. And yet, even though the privacy claims made about technology routinely fail to materialize, the cycle continues to repeat itself with many new technologies.

PPC

The privacy panic cycle breaks down into four stages:

  1. In the “Trusting Beginnings” stage, the technology has not been widely deployed and privacy concerns are minimal. This stage ends when privacy fundamentalists, a term coined by the noted privacy researcher Alan Westin, begin raising the alarm creating a “Point of Panic.”
  2. In the “Rising Panic” stage, the media, policymakers, and others join the privacy fundamentalists in exacerbating

Read the rest

Verizon,_228_East_56th_Street

Premature Privacy Concerns Over Verizon-AOL Deal

The recent announcement that Verizon Communications Inc. intends to acquire AOL Inc. generated a surprising amount of media coverage, and unfortunately some groups are using the news as an excuse to push for expanded privacy regulations that would stifle innovation and competition in the burgeoning mobile ecosystem.

By telecom standards, this is not a huge transaction. At $4.4 billion, it is a full order of magnitude smaller than either the AT&T-DirecTV deal or the ill-fated Comcast-Time Warner Cable merger. And Verizon’s purchase of the 45% stake Vodafone had in Verizon Wireless was almost 30 times larger. Nevertheless, reporters flocked to the story, perhaps drawn by potential jokes about promotional CDs or the opportunity to poke fun at the 2 million Americans who remain AOL dial-up subscribers.

More likely interest in the deal was driven by its implications for the business Verizon wants to become. AOL is well known for its content, such as Huffington Post and TechCruch, but its growth is now in online ad sales—especially in video ads. The nation’s leading wireless company is looking down the road and seeing mobile video (presumably sprinkled with advertisements) as the future.

Read the rest

"The Right to be Forgotten"

Another Problem with the “Right to be Forgotten”

History is riddled with examples where attempts to achieve one outcome actually led to the opposite result. In May, the European Court of Justice (ECJ) ruled that Europeans have the “right to be forgotten,” the ability to request search engines to remove links from queries associated with their names if those results are irrelevant, inappropriate, or outdated. Just as Prohibition famously increased alcohol consumption, it would seem the “right to be forgotten,” while intended to increase online privacy, may actually have the opposite effect, both by cataloging shameful information and incentivizing individuals to publicize the very materials people want forgotten.

Since the decision, Google has scrambled to meet Europe’s demands by creating an online form to process removal requests and hiring new personnel to handle compliance. When individuals want information removed about themselves, they must submit verification of their identity, provide the URLs to be removed, and justify why they should be taken down. Google then verifies that the submitted information is accurate and meets the criteria for removal. Then, if the company decides to take the link down, it notifies the website where the content was posted of

Read the rest

The Nanny Police Are at IT Again

The Washington Post printed a story about how the Campaign for a Commercial-Free Childhood has submitted the opinions of six experts on child development to the Federal Trade Commission in support of CCFC’s complaint against toy maker Fisher-Price for marketing its “Laugh and Learn” app for infants and small children.

One of the six experts, Herbert Ginsburg writes, “Existing research suggests that infants and very young children are not cognitively ready to learn key abstract ideas about numbers. Although some children at the upper bounds of this age range might learn to parrot some number words they are highly unlikely to learn important concepts of numbers.”

To be sure I am not a child development expert (although I did study child development in college.) I am a parent of a wonderful daughter. When she was 19 months old I ran across a Fisher Price online game, “The ABC Game“, which taught infants and toddlers their letters. (This was pre-tablet so I used a laptop). My daughter would press keys on my laptop and up would pop a picture of the letter, a picture of an animal whose first

Read the rest

Robyn T-240D CB Radio

If the Courts Do Not Recognize Technology Neutrality in the Wiretap Act, Congress Should Intervene

Yesterday the United States Court of Appeals for the Ninth Circuit ruled that a lawsuit against Google for illegal wiretapping could proceed.

The case involves Google’s Street View project which provides online access to panoramic views of public streets in cities around the world. To build the database of images, Google sent vehicles into cities to photograph public streets. At times, these vehicles also unintentionally recorded data that users were transmitting over unencrypted wireless networks. The central claim of the lawsuit is that this collection of unencrypted data from wireless networks is a violation of the Wiretap Act. Google argued that the case should be dismissed because the Wiretap Act exempts “electronic communications” that are “readily accessible to the general public.” In its ruling, the Court denied Google’s motion to dismiss.

The basic logic of the Wiretap Act is that if people do not take action to make their communications private, then they do not have an expectation of privacy. For example, if two individuals use unscrambled CB radios to have a conversation, then other radio users are not in violation of the Wiretap Act if they hear this conversation.

Read the rest