Posts tagged privacy
Should ISP’s be copyright enforcers?
Feb 5th
A few months ago I started this blog entry and then left it sit because I was so angry about what the potential outcome could mean to the ISP industry. Today I read this article on Wired that give me some hope that the world isn’t about to end for ISPs so I decided to revisit this entry and see if it still makes sense. Let’s see…
——
We live in a society that has mostly agreed on what is right and what is wrong. We have coined the term, Common Values in order to build communities where we can agree on what is acceptable behaviour. To enforce our safe communal living, we turned these common values into laws. As a society, we have set up governments to enforce the laws (common values) and protect us from those who would harm us.
As members of society, I think we’re all in agreement that theft is a bad thing. No matter what country you are from, it’s pretty much a given that stealing is frowned upon. It’s a pretty common value, maybe even sacrosanct.
Manage your email with Aliases
Oct 21st
Mail aliases allow mail to more than one email address to be delivered to the same mailbox. Large companies use aliases all the time. Now small companies and individuals can as well. All ipHouse mailboxes now include 2 aliases.
If you are a small business with just a couple people, you can use addresses like sales@mydomain.com, support@mydomain.com and billing@mydomain.com and have all the email delivered to the same one or two mailboxes.
The use of aliases gives your business a more professional look while at the same time making it easier for your customers to remember how to get in touch with you.
Within your mail client, you can setup rules that sort or mark mail differently, depending on the alias it was sent to. If all your billing mail, for example, is in the same folder, it makes it easier for you to read through all of it before you post invoices.
If you are an individual user, aliases can help you track who is selling off your email address. Just setup a couple aliases that you can use when responding to different offers. Then watch to see which of your mail addresses are receiving any unwanted email.
Setting up your aliases is easy. Just go to our customer account management system ipMom and click on Aliases.
Protect me, G-man!
May 1st
On Monday, April 27, the wise and knowing Minnesota Department of Public Safety (MDPS), Alcohol and Gambling Enforcement Division (AGED) delivered written notice to 11 telephone / Internet service providers demanding they “prohibit access to all Minnesota-based computers to nearly 200 online gambling websites.” Here’s a link to the press release.
Ok, this is the Internet we’re talking about, right? You know, the Information Superhighway?
I am guessing that these 11 respectable companies are recognized as Common Carriers by the great state of Minnesota. That must be the only criteria for being selected for this list, otherwise, we at ipHouse would have received a request too. Just for the sake of clarity, as of this posting, we have not received a request from the AGED. But if we had received a request, we would have asked for some kind of legal backing. And that’s where this falls down. The great state of Minnesota is relying on the Wire Act of 1961 to enforce this ridiculous request.
What I can’t see is how this request can be enforced, even using the Wire Act. Before I snicker at any enforcement discussion I’ll put that question aside and just wait and see.
Now, as a citizen, I understand that the Minnesota Department of Transportation does not expect the companies who build our roads and bridges to enforce the speed limits on the roads they build. Further, we would never expect or request these same construction companies to do vehicle contraband inspections at the state border. So, WHY ON EARTH does the Minnesota Department of Public Safety think that they should conscript the builders of the Internet (Information Superhighway, get it?) to do their enforcement? Why not go after the people who are committing crimes instead of the people who build the roads? You don’t task road builders with catching drunk drivers, do you?
John Willems is the director of AGED and I can’t help but wonder what he was really thinking when he said this:
“In broader context, the long-running debate on online gambling continues to raise significant issues, including absence of policy and regulation, individual rights, societal impact, international fair-trade practices, and funding for criminal and terrorist organizations.”
Does he really think that Joe the Plumber is betting on the Red Sox and innocently funding Al-Qaeda? Come on. Isn’t the whole terrorist thing a little over used?
I agree that there is a long running debate on gambling in our society. But it’s not just online gambling. To me, the issue of gambling in our society PALES in comparison to some of the other issues Mr. Willems mentions; individual rights and international fair trade practice. If Minnesota is going to remain competitive in the WORLD, we cannot be xenophobicly locking down our borders to international trade across any of our transit ways, be it by water, air, rail, road or Internet.
Now, as you look at these various transit ways, all of them EXCEPT the Internet have a specific geographic nexus. Nearly all transit ways have ports of entry and it’s easy to see geographic boundaries between nations and states. It’s pretty easy to understand the nexus of a shipment of goods coming across the St. Lawrence sea way is the port of entry at Duluth harbor. It’s all very black and white. But the Internet is in as gray area and different because the NEXUS of the transaction is vague. What is the nexus of a Minnesotan purchasing software from Belgium or India? What happens when part of the software is written in China? The nexus of Internet transactions are VAGUE.
It appears that Mr. Willems has defined the nexus of online gambling is at the individual users computer, right here in Minnesota. If that’s right, then Mr. Willems should target the individuals who are committing the crimes. Why not go to the credit card companies and ask them to report all the transactions between the citizens of Minnesota and these 200 gambling websites? Because he can’t afford to. It’s easier for him to push on the road builders instead of all the motorists who use the roads.
We all know that as citizens of Minnesota have REAL problems that need REAL attention. Like drunk driving and alcohol addiction. Like air pollution and lung disease. If Mr. Willems wants to protect the citizens of the great state of Minnesota, maybe he should focus on some of the more pressing problems facing the state.
I’m a firm believer in regulating things to protect our society. Regulating polluters so future generations can enjoy the outdoors seems obvious to me. Regulating alcohol sales to prevent underage drinking, I’m all on board. So why not legalized and regulated online gambling? It could be a revenue source for the state just like the other areas that Mr. Willems has under his jurisdiction. Mr. Willems, why not be progressive and start regulating online gambling like you do with bricks and mortar gambling?
Whatever the outcome Mr. Willems, just don’t ask me to collect your revenue for you. I’m neither an enforcer nor a tax collector. I’m a road builder.
Peace.
-Bil
Cookie Monster
Mar 28th
Cookie Monster sounded better than the title “What will they think of next.
Well THEY have thought of a way to track and sell information about you using cookies placed on your computer while shopping. I have been a privacy hawk when it comes to cookies for a while (more on that below). As such I was surprised that a NYTimes article was the one to inform me about a newish Internet marketing technique that uses behavioral targeting and cookies across multiple sites. Read the article quick or you may have to register for their website to read it. Basically there are companies (the two biggest are eXelate and BlueKai) that work with online merchants to place tracking cookies on your computer and mate them with information about your interests.
Those interests may be garnered from products you add to a shopping cart, to search terms on those websites, and pages/products you read about on the websites. These Cookie Monsters then essentially sell the cookies with targeted information to buyers. I suppose there is an argument that “you are going to get ads anyways so and might rather look at targeted ads rather than random ones”. But what would stop a online store from pairing these “anonymous preferences” with your personal information they get from their shopping cart? I suppose the Cookie Monster’s terms of service say they can’t do that, but I am sure it will happen. After all, anti-spam companies are now spam-promoting their anti-spam services.
So, there you go – yet another thing to worry about.
If you are paranoid about cookies (like me – go ahead make fun of me in comments)… I use Mozilla Firefox and have privacy preferences set up to block all cookies. For sites that I trust that require cookies, I add that domain name as an accepted cookie. Firefox also lets me add these exceptions with a condition that deletes the cookie at the end of the browsing session. Therefore when I went to BlueKai’s preferences page to see what info they have about me I got a pleasant message “We currently do not have anonymous information of your online preferences.”
While we are on the subject… Google recently announced behavioral targetting although they call it “interest-based” advertising. When I read Google’s disclosure it just doesn’t seem as intrusive and open to improper capture of preferences with personal data as these other solutions. Just in case I’m drinking the Google Kool-Aid, here are a couple other blogger takes…
- Eric Snyder
Online data privacy?
Jan 26th
Today I spoke at the Humphrey Institute of Public Affairs regarding privacy of data on the Internet.
One big issue at hand is, what happens to the data that you create when using the Internet. “Data I create? I don’t create any data when I’m on the Internet…do I?” Yes, you do.
Currently when you do any of the following, you are likely creating data that can be tracked.
You create data…
- When you make searches at Google.
- When you look at movies at Netflix.
- When you check scores at ESPN.
- When you read customer reviews on Amazon.
- When you search for someone on Facebook.
- When you watch a video on Youtube.
All of these are innocuous, but together, they create a profile of you, and can reveal some very private data.
Let’s start with the first item: Search terms.
Lets stipulate that the actual search term you use on a search engine is private data, similar to a request you make at the library or at a book store. To follow on, it’s strongly possible that the results that are sent to your browser are private data. Today, it requires a search warrant to see the contents of your computer hard drive so I can infer that the results from the search engine are private data.
“Whew, I’m safe, right?”
Nope. In order to use the search engine, it’s possible that you’ve given “consent” to use the data you supplied and have waived any privacy rights you may have had. Further, the search results are logged before they are sent to you. This creates a big gray area for data privacy that is not currently protected. And from the content providers point of view, It’s NOT private data.
This goes for all type of data you send across the Internet. The search requests you make, the stock quotes you review, the movies you download, the books you buy. The list goes on and on.
“Wait a minute, why would someone even WANT this data?”
The motivation for companies to keep your privacy intact is two fold. Penalties from regulatory bodies and the all important revenue. If a company will face a penalty or lose revenue, they will likely keep your privacy intact. But if they analyze the situation, they may conclude that selling the data is more financially beneficial than protecting your privacy. This is not new to data that companies hold, but it’s new in context to the online world in which we live in.
Today, much online content is “free”, with only the hidden cost being you accept some loss of privacy. We are so used to clicking “accept” that we’ve lost track of the value of what we are giving up. It’s compounded by the good track records of the companies that are collecting data. So far, their use of the data has not directly affected us, so who cares if someone knows what movies we like? ”So really, nothing bad has happened so far, right?”
Right. But that’s because the data is broken into chunks that are hard to combine. I would guess that Travelocity and Orbitz and Expedia don’t share too much data because there is probably not an financial model that makes it profitable. But let’s take another model and see what happens… Comcast has an on demand video solution, as does Apple and Netflix. Should Netflix and Apple be worried that Comcast is going to start reviewing what their visitors are doing? Does Comcast wants to have the online video business for themselves?
Luckily or not, each website you visit has only a piece of your online escapades. The New York Post does not know what articles you read at the Washington Times. Fidelity can’t see what stocks you traded at Etrade. From the content providers point of view, you’re a statistic only when you visit them.
Which leads me to the next thought. The ISPs’ point of view.
Above, I talked about data collection from each web site being possibly harmful. That’s nothing. Really.
The real loss of privacy will come when ISPs’ start collecting data on your browsing habits. Think about it. As much as Google knows what you’re doing when you visit Google, your ISP really knows what you’re doing at every website you visit. And they can read your mail (like Google) and track your IM conversations and capture your VOIP calls… They know all that you do online and everything else about you. SCARY.
Thankfully today, ISPs’ do only a little TRAFFIC monitoring. ISPs’ legitimately monitor traffic to:
- To protect their revenue (keep customers online and happy).
- To protect their assets (network).
- To protect their customers (SPAM filtering).
Most ISPs’ don’t monitor the CONTENTS (data) of the traffic they manage except to comply with regulation and law enforcement. Really, most monitoring is often “look at header info and discard”. It’s important here for me to point out that any data collected by ipHouse is not held in order to create profiles of users.
Traditionally, ISPs’ have NOT monitored data because it was just too hard to do. But that’s all changed. Deep Packet Inspection technology has advanced to the point of being able to transparently evaluate traffic for specific patterns and usage without impacting the consumer experience. This allows the ISP to deliver “tailor made” content to users. Remember Travelocity not seeing Orbitz or Expedia data? Forget that. The ISP can now sell all travel related “traffic” from its subscribers to the highest bidder. Or bidders.
Deep Packet Inspection technology allows the management of traffic and/or data according to a set of policies that promote security or revenue or censorship or whatever. The ISP sets the policy according to their desires. “Really? My ISP can just monitor my data if they want to?” Yes. But there may be existing law that prevents the monitoring of data and that needs to be proven.
If the existing law is shown to not be applicable to ISPs’, it might make a lot of sense (and dollars) to monitor customer data. But all things have a cost. One anticipated cost is that spying wouldn’t be done just for profit. How long would it be until ALL data is monitored and reviewed? If ISPs’ monitor data, should they block data based on some policy for decency or obscenity? Who’s policy would that be? Should ISPs’ be responsible for any and all security or ethical breaches (by whos standards?) that occur because of the data on their network? Should ISPs’ send all suspicious activity to some authority for review? Data monitoring could become mandatory.
So, should ISPs’ monitor thier customer data? I say no. This is MY ethical position. It’s ethically wrong to spy on people. Further, I feel it is ethically wrong to profit from spying. ISPs’ should NOT monitor data for profit or for government.
The power and beauty of the Internet is in its ability to bring people together across cultures, faiths and boundaries. Once one group or government starts dictating “inappropriate” content, the Internet becomes simply a tool for that organization to push their own agenda and the “one world” quality of the Internet is lost.
Peace.
-Bil
Thoughts for comments:
- Privacy is not a technical issue and should not be addressed by ISPs’.
- ISPs’ should remain neutral to content of the data streams they manage.
- Our society should rethink privacy from a contextual integrity perspective.
- Online Privacy == Network Neutrality
Further Reading:
Paul Ohm : The Rise and Fall of Invasive ISP Surveillance
Daniel Solove : Understanding Privacy
