The privacy chain

/ Big Brother

After a couple days soaking in privacy issues I’m starting to break everything into a three-part chain: identification, information and actions. (Appropriately enough for this conference, these these are fairly well associated with computers, privacy and freedom respectively.)

  1. Identification: ability to identify an individual person or class of person. Includes face recognition, mandatory ID cards, DNA, iris scanners, retinal scanners, thumbprint, spyware, phone-home DRM, RFID chips in your clothing and other “Things That Fink,” etc., as well as obvious things like racial profiling and having someone sign their name.
  2. Information/Databases: access to information about those people or class of people. Medical, criminal, financial, your race/culture/religion, consumer preference data, where you’ve been, who you know, who you talk to, what you say…
  3. Actions: what people with access to this information do. Some are good for the identified person or society (completing financial transactions, stop crime & terrorism, etc.). Many are bad, including police harassment of a particular race or religion, suppression of political dissent and travel of political activists, identity theft, scam games, red-lining, employment and insurance discrimination, price differentiation, loss of social reputation, and coercive advertising.

Many people have just a visceral negative reaction to someone knowing too much about them, but the consequences are mostly in part 3 — that’s where you get stung. That said, sometimes the best way to stop something bad happening in step 3 is to stop steps 1 or 2 from happening, and often you never even find out that you didn’t get a loan or a job due to a privacy violation.

The privacy chain Read More »

Second stage of national PTSD

/ Culture

Interesting comment by Edward Hasbrouck about the collection of data on where everyone travels, especially the collection of air-travel data. He sees the US, and especially people living in New York City (media) and Washington D.C. (government), as collectively suffering from post-traumatic stress disorder after 9/11. The Travel Panopticon is the core of that response to 9/11/2001. Our first response was panic, leading to investigation: integrated databases, etc. Now we’re entering second phase of PTSD: trama, leading us to go from investigation into surveillance. Our main thrust is explicit prohibition of anonymous travel, and by that act to enforce the non-transportation of undesirables.

This sort of panic explains for why we require all sorts of inconvenient and sometimes dangerous privacy-violations when it comes to travel, even though it doesn’t make us more secure. As Bruce Schneier points out, asking for ID before you get on a plane not only doesn’t stop terrorists (unless we can convince them to put “terrorist” on their cards) but it doesn’t even keep people from passing tickets on to someone else. When you’re in a state of panic, it doesn’t matter if something is sensible — you just want to be doing something, anything.

Second stage of national PTSD Read More »

Sex offenders in our midst

/ Big Brother

Veronica Pinero’s presentation, Panopticism vis-a-vis criminal records, had an interesting graphic which I’ve reproduced on the right. It’s a map of all the sex offenders living within a 10-block radius of the CFP conference hotel.

The thing that strikes me is how fear-inducing this list is, both because of what it says and what it leaves out. It includes a map, showing that we’re surrounded by no less than 39 sex offenders, and gives their names, mean-looking photos, and the name of the crime they were convicted of. What it leaves out is exactly where they are (addresses only within 100 numbers) and any sort of details of the crime that might help people figure out whether they or their children are actually at risk. I expect most of these guys did horrible things (is there any way “child molestation” can be better than it sounds?). Some I have no idea about, like “indecent liberties,” or even whether “child rape” includes a 19-year-old having sex with his 17-year-old girlfriend. More importantly, I don’t have any way to tell how frightened I should be or what I should do about it. Avoid downtown? Lock myself in my house? Buy duct tape? What good is this information to us, beyond making us even more afraid than we already are?

Sex offenders in our midst Read More »

Doodle Writer on steroids

/ Media Technology

Remember the Doodle Writer, the writing-desk toy with the magnetic stylus that lets kids (or you) write without making a mess? Well, Pilot has the same thing in whiteboard size. It’s called the CleanWriter Chalkless Board, and it’s mainly being marketed as a whiteboard replacement for clean rooms. A coworker of mine just picked one up for the new playroom he’s setting up for his two-year-old — I’ll post an update when I find out how she likes it. (I know I’d think it was way cool at age two — or even age 35.)

Doodle Writer on steroids Read More »

Blog without fear

/ Media Technology

EFF has posted a short paper on how to blog without getting fired, breaking it down roughly into (1) blog pseudonymously, (2) limit your audience and (3) know your (lack of) legal rights.

It’s unfortunate that (4) come to a reasonable agreement with management about what’s acceptable wasn’t even in the running. That’s a tricky negotiation though, both because once you broach the subject it’s much harder to go back to being anonymous and because your management might feel OK about looking the other way but when pressed might feel the need to say no rather than yes. And when it comes to protecting themselves from upper management or angry stockholders should your blog embarrass the company, they’re probably right.

I’m of two minds when it comes to pseudonymous writing. On the one hand, I still want more choice of soft walls when it comes to managing what I write. Mailing lists and things like LiveJournal‘s friends lists are good starts, but what I really want is a publish-this-to-everyone-except-those-who-would-get-me-in-trouble-for-what-I-wrote button. But on the other hand, I can’t help but see such a button as a kind of cowardly way out. Maybe it just stirs some deep emotion implanted during half-listened to high-school discussions of Thoreau, but isn’t the measure of a writer, at least in some small way, just how much trouble his writing gets him into?

Blog without fear Read More »

Orphan works update

/ Intellectual Property

Quick update on the orphan works issue: The Copyright Office has posted initial comments, and reply-comments deadline are due May 9th.

The crux of the problem is the fact that you needn’t register a work with the Copyright office, or even put the little “(C) Copyright 2005” mark on it for it to be copyrighted anymore, nor do you need to renew. A doodle on a napkin is just as copyrighted as a composition registered with the Copyright office (though you can’t collect damages until you actually register the work). So nowadays copyright isn’t even fire-and-forget — the gun can be still sitting on the mantle. Until that’s changed I’m not sure of a good way out of this morass.

Personally I’d like the current copyright rights only be enforceable for works that are registered with the Copyright Office, with the onus of the copyright holder to update his or her contact information in a timely fashion, and every so often to take active steps to renew the copyright. These shouldn’t be onerous steps — a simple form with little or no processing fee should be sufficient. If a work is not registered or renewed, or if it’s deemed impossible to find the copyright owner, then the either the work should fall into the public domain or possibly become protected under a much more limited set of copyright restrictions such as those provided under the Creative Commons Attribution License.

Orphan works update Read More »

Next step in the anti-comment-spam arms race

/ Media Technology

Comments are working after being down for a day, now that I’ve finished installing MT-Keystrokes, the latest weapon in the anti-comment-spam arms race. It’s a plug-in that uses Javascript to detect whether a person has typed something on the form prior to submission — it’ll be pretty simple for spammers to code around, but it may give me a month respite in the mean time. (Note that this also means you’ll need Javascript enabled to post comments… shouldn’t be a problem for the one or two of you who comment every month, and hopefully it’ll be slightly more of a problem for the hundred or so spambots that try to post and clog my filter box.)

Movable Type has so much effort going into trying to block spam — I wish they’d put even half that effort into making a half-decent interface for just deleting comments in bulk…

Next step in the anti-comment-spam arms race Read More »