Southwest Virginia Blogs

In a victory for personal privacy, a German court has ruled that if a customer requests it, an Internet Service Provider (ISP) must delete the IP log data that shows what a customer has been doing on the Internet and when. In the U.S., unfortunately, we are headed in the other direction, with the Federal government anxious to make ISPs responsible for retaining such information--forever! It is a huge and costly burden, with little justification, since most of us will never commit a crime that might require such data, and in my opinion, it is intrusive and an invasion of privacy.

In a victory for personal privacy, a German court has ruled that if a customer requests it, an Internet Service Provider (ISP) must delete the IP log data that shows what a customer has been doing on the Internet and when. In the U.S., unfortunately, we are headed in the other direction, with the Federal government anxious to make ISPs responsible for retaining such information--forever! It is a huge and costly burden, with little justification, since most of us will never commit a crime that might require such data, and in my opinion, it is intrusive and an invasion of privacy.

In a victory for personal privacy, a German court has ruled that if a customer requests it, an Internet Service Provider (ISP) must delete the IP log data that shows what a customer has been doing on the Internet and when. In the U.S., unfortunately, we are headed in the other direction, with the Federal government anxious to make ISPs responsible for retaining such information--forever! It is a huge and costly burden, with little justification, since most of us will never commit a crime that might require such data, and in my opinion, it is intrusive and an invasion of privacy.

The recent uproars--one at Hewlett-Packard over obtaining phone records illegally and the other with the instant messaging Congressman--are a sober reminder that almost everything we do leaves tracks these days. In both of these cases, someone other than the intended recipient of the electronic records ended up with the information, legally or illegally.

There are several implications. One is that we had all better understand the technology we are using before we use it. As obvious as this sounds, the Congressman probably thought his IM text was disappearing as soon as the conversation was over. But it wasn't.

Even the telephone is changing. While the old-fashioned phone system records what time calls were made and to whom, it does not record the call itself. While anyone can do that, it requires a lot of fussing with wires and recorders. But the new software-based VoIP systems will happily record phone conversations on your hard drive with the click of your mouse.

What does this mean? It means face to face meetings are not likely to go out of style entirely, for all sorts of good and bad reasons. And I think that is a good thing.

The recent uproars--one at Hewlett-Packard over obtaining phone records illegally and the other with the instant messaging Congressman--are a sober reminder that almost everything we do leaves tracks these days. In both of these cases, someone other than the intended recipient of the electronic records ended up with the information, legally or illegally.

There are several implications. One is that we had all better understand the technology we are using before we use it. As obvious as this sounds, the Congressman probably thought his IM text was disappearing as soon as the conversation was over. But it wasn't.

Even the telephone is changing. While the old-fashioned phone system records what time calls were made and to whom, it does not record the call itself. While anyone can do that, it requires a lot of fussing with wires and recorders. But the new software-based VoIP systems will happily record phone conversations on your hard drive with the click of your mouse.

What does this mean? It means face to face meetings are not likely to go out of style entirely, for all sorts of good and bad reasons. And I think that is a good thing.

The recent uproars--one at Hewlett-Packard over obtaining phone records illegally and the other with the instant messaging Congressman--are a sober reminder that almost everything we do leaves tracks these days. In both of these cases, someone other than the intended recipient of the electronic records ended up with the information, legally or illegally.

There are several implications. One is that we had all better understand the technology we are using before we use it. As obvious as this sounds, the Congressman probably thought his IM text was disappearing as soon as the conversation was over. But it wasn't.

Even the telephone is changing. While the old-fashioned phone system records what time calls were made and to whom, it does not record the call itself. While anyone can do that, it requires a lot of fussing with wires and recorders. But the new software-based VoIP systems will happily record phone conversations on your hard drive with the click of your mouse.

What does this mean? It means face to face meetings are not likely to go out of style entirely, for all sorts of good and bad reasons. And I think that is a good thing.

Disney intends to start fingerprinting inmates, er, I mean "guests" at Disneyworld. The company claims it needs to do this to prevent "ticket fraud," but this is rubbish. There are other ways to combat ticket fraud that don't include collecting biometric data. Biometric fingerprint data allows the company to uniquely identify everyone who visits, forever. It is the ultimate in marketing research and analysis, and don't think they won't try to sell it or use it for other purposes. Expect Google to be lining up to grab this data from the giant mouse; it fits nicely with Google's plan to eavesdrop inside our homes.

Disney intends to start fingerprinting inmates, er, I mean "guests" at Disneyworld. The company claims it needs to do this to prevent "ticket fraud," but this is rubbish. There are other ways to combat ticket fraud that don't include collecting biometric data. Biometric fingerprint data allows the company to uniquely identify everyone who visits, forever. It is the ultimate in marketing research and analysis, and don't think they won't try to sell it or use it for other purposes. Expect Google to be lining up to grab this data from the giant mouse; it fits nicely with Google's plan to eavesdrop inside our homes.

Just when you thought Google can't possibly get any creepier, they come up with something so far out there your jaw just drops open. According to the Register, Google's techies have been playing with the microphones on your computer. They have figured out how to turn them on and listen to the conversation in the room, and/or what you are watching on TV. Why would they want to do this? So they can better "understand" you and what kinds of advertisements to show you. According to the Register, Google says it won't actually listen to conversations--it just wants to track what you watch on TV. Uh huh. And any time they change their minds, they don't have to tell you, either.

You might ask, "How can they do this? How can listen in on the microphone on MY computer?" Well, the next time download Google Desktop, it could have the ability to do this, and it works because you chose to download the software, install it, and let it run on your desktop.

Creepy. Just plain creepy. As I have been saying for years, it is not the government that I worry about--we have safeguards that keep the government reasonably accountable most of the time. But Google is accountable to no one, and we are so enamored of all this "free" software and services that we are giving our privacy away--no government snooping even needed!

This article demonstrates how easy it is for others to snoop around in your personal affairs if you like to use "free" services like Google Calendar. The author, simply by clicking on calendar items and using the information to dig up additional detail, was quickly able to identify where a woman lived and when she would be out of the house (handy for burglars).

Google Calendar has a privacy setting, but not everyone uses it. Sharing a calendar with your friends and family often has the unintended side effect of sharing it with everyone else in the world. Use these services carefully, and never, ever let your children use these.

If you have not tried the Snap search engine lately, you should take a look. Snap has added site preview screens, which will be familiar to those of you that use RSS readers, but may not be for others.

One of the most tedious parts of using a search engine is slogging through all the links that are not really what you want. Snap now puts up a preview of the site right in the browser window, so you can quickly see if it looks like what you are looking for. It is one more example of how far behind Google is falling in the search engine wars.

If you are one of the people who don't like the fact that Google keeps a record of everything you have ever searched for, Scroogle is one of a new breed of mostly nonprofit search anonymizers. Scroogle takes your search query, submits it to Google using a different IP address, and returns the results to you. Scroogle throws away all its search queries, so your privacy is protected.

Much is being made of the AOL security lapse, where they left millions of search records sitting in a file anyone could download if they knew where it was.

The real issue that everyone forgets is that the major search engines, not just AOL, routinely compile and save billions of these records, and sell either the raw data or data summaries, or both. There are plenty of eager customers, and this is a business worth many millions of dollars. AOL execs are probably not losing much sleep over the security breach. They are probably kicking someone silly, though, for screwing up the opportunity to sell all those records.

Whether we like it or not, our daily travels around the Internet--almost everything we do--leaves a nice clear trail of bread crumbs that are easily available to others. Some Web sites are ethical and don't redistribute or sell any of these results (including this site). Others, like Google, Yahoo!, MSN, and AOL, have made a business of telling other people what you are doing. We love our "free" search engines and the convenience that it brings to us in our personal and business work. But this is not a free lunch; we all pay every time we use a "free" search service or some other kind of "free" service--Flickr, FaceBook, MySpace, YouTube--all these "free" services have enormous costs associated with them, and we pay by giving up some of our privacy.

I worry most about our kids, who need our help understanding what they may be losing permanently. Already, FaceBook and MySpace are being used by employers to learn more about prospective employees, and many college students are learning a hard lesson: there are consequences to posting personal information online, where the whole world can see it.

As the crusty old seargent used to say on "Hill Street Blues," "Let's be careful out there."

Much is being made of the AOL security lapse, where they left millions of search records sitting in a file anyone could download if they knew where it was.

The real issue that everyone forgets is that the major search engines, not just AOL, routinely compile and save billions of these records, and sell either the raw data or data summaries, or both. There are plenty of eager customers, and this is a business worth many millions of dollars. AOL execs are probably not losing much sleep over the security breach. They are probably kicking someone silly, though, for screwing up the opportunity to sell all those records.

Whether we like it or not, our daily travels around the Internet--almost everything we do--leaves a nice clear trail of bread crumbs that are easily available to others. Some Web sites are ethical and don't redistribute or sell any of these results (including this site). Others, like Google, Yahoo!, MSN, and AOL, have made a business of telling other people what you are doing. We love our "free" search engines and the convenience that it brings to us in our personal and business work. But this is not a free lunch; we all pay every time we use a "free" search service or some other kind of "free" service--Flickr, FaceBook, MySpace, YouTube--all these "free" services have enormous costs associated with them, and we pay by giving up some of our privacy.

I worry most about our kids, who need our help understanding what they may be losing permanently. Already, FaceBook and MySpace are being used by employers to learn more about prospective employees, and many college students are learning a hard lesson: there are consequences to posting personal information online, where the whole world can see it.

As the crusty old seargent used to say on "Hill Street Blues," "Let's be careful out there."

The FBI continues to lobby to try to force ISPs to snoop for the government. This is something the federal agency has been asking for for years, and has tried to get Congress and the FCC to go along with the plan.

What the FBI wants is for every ISP to provide private access to an ISPs entire network so that the FBI can just log in and snoop at its convenience. In theory, court orders would be required, just like wiretaps, but to have private backdoors is to invite abuse.

And if the FBI really believes they need access to the network of an ISP, they can get a court order today and go to the ISP and get whatever records they need. So it is not like they need the new regulations to get something they don't have. Even in a time of war, the FBI is asking for too much power.

The FBI continues to lobby to try to force ISPs to snoop for the government. This is something the federal agency has been asking for for years, and has tried to get Congress and the FCC to go along with the plan.

What the FBI wants is for every ISP to provide private access to an ISPs entire network so that the FBI can just log in and snoop at its convenience. In theory, court orders would be required, just like wiretaps, but to have private backdoors is to invite abuse.

And if the FBI really believes they need access to the network of an ISP, they can get a court order today and go to the ISP and get whatever records they need. So it is not like they need the new regulations to get something they don't have. Even in a time of war, the FBI is asking for too much power.

Google has announced it will offer an online spreadsheet application, which sounds terrific in theory. How many times have you wished you could have several people on a phone call all look at the same spreadsheet at the same time, and even make live updates while talking. And a spreadsheet stored online means you don't have to keep emailing copy after copy of the same spreadsheet to people just because you updated a single cell.

So what's not to like about the Google app?

For starters, how about losing control over all the information in your spreadsheet? Google's sample page shows a spreadsheet that has information about a Little League baseball team. Great. Put the phone numbers, names, email, and addresses of minors in a spreadsheet and give it to a company that is very likely to mine all that information and sell it to advertisers, to say nothing of the security problems of having all that fall into the hands of sexual predators.

And any business that uses this to save a few bucks on software is crazy. You have no control over what Google does with this information, and why would you let Google have access to all your financial information, customers names and addresses, and all the other sorts of critical business information that routinely gets put into spreadsheets.

I'll pass on this one.

Lauren Weinstein, an expert on privacy issues, has written an open letter to Google asking the company to create the Google Privacy Institute. The new organization would not only advise Google on how best to protect the privacy of individuals and organizations using Google services, but also serve as a think tank and example for how to manage privacy in an Internet-connected world.

Like me, Weinstein appreciates the extraordinary power and utility of Google while also being concerned that the company could, in the future, mis-use and abuse the massive data sets that firm collects. It's a good read.

This hair-raising story from the UK is an illustration of the dangers that we all face from identity theft. A British security expert was able to obtain, among other information, a Dutch citizen's passport number and date of birth from a discarded boarding pass stub--the little scrap of paper many of us discard in the nearest airport trash can as we walk off the plane (I have been taking mine home and shredding them for years). The key to the theft was the frequent flier number, which allowed the security expert to get the passport and date of birth from the airline, without a password.

The article blames it in part on the U.S. terrorist screening system, but the airline also has some problems with its system, which coughed up the information without verifying who was buying the ticket.

Dell has been pre-installing spyware on their computers that is apparently quite difficult to remove, and then asking customers to pay $49 to have it removed.

The company installs a program called My Way Search Assistant which tracks where you go on the Web and sends the results back to a central server, where the data is used to send customized pop-up ads to your machine. According to the writer of the article, it is very difficult to uninstall the software, and a call to Dell revealed that the support group at Dell seems to be unaware that the company is doing this. Once you tell them you have spyware, they send your call to the Dell spyware hotline, where they ask for $49 to help you remove it.

You might think that's bad enough, to charge to remove software installed deliberately by the company. But wait! There's more!

Dell gets paid by My Way to put the software on the machine.

That's right...Dell collects cash to put the snooping software on your machine, then wants you to pay them to take it off. Good work if you can get it, I guess, but a sure fire way to alienate your customers.

What this really reveals, aside from the fact that Dell has no ethics at all, is that profit margins on Dell equipment are so thin that they have to resort to doing this sort of thing.

Add Dell to the IT Hall of Shame, along with Google, Yahoo!, and Microsoft.

Congress is at it again. Apparently our Federal legislators don't have enough to do, so they have cooked up a new bill that would require every service provider and Web site to maintain access records indefinitely. Sponsored by Colorado Democrat Diana DeGette, the bill is supposedly to fight child pornography. But the bill would give law enforcement officials unlimited rights to snoop everywhere that anyone has ever been online, forever.

This is the most egregious abuse of privacy Congress has yet managed to think up. Lest you think it applies only to the likes of AOL and Verizon, it would apply to anyone that runs a Web site, even the Ladies Garden Club.

In the real world, this would be like requiring local stores (e.g. your local hardware store or quick-stop) to make every customer sign in, record the time and date, and then make the book available to police and Federal officials whenever they wanted it, even fifty years from now.

It is a law enforcement dream come true, but a citizen and business nightmare. One little problem--the amount of data that sites would have to maintain (over years and years, remember) will create a boom in hard drive sales and would become a backup and data retention nightmare. Big sites with lots of traffic (e.g. CNN, ESPN, etc.) throw most of their data away very quickly because it is a storage problem.

Your tax dollars at work. Call or write your Congressional reps and tell them the DeGette bill is an invasion of your privacy and that you don't want businesses turned into police snoops.