| |
|
Thursday, March 15, 2007
|
|
Welcome. We're covering a story:
How the Web makes it possible for the crowd to be the source of good
ideas. But instead of one journalist reporting, we've created a site
where many people can work on the story, with editors as guides. You are now in the Newsroom, where you can find an overview and learn what others are doing. The Assignment Desk is where you can see what we're covering in detail, and get an assignment. The Exchange is a place to offer new ideas. Check the day's developments with The Scoop. Ready? Join up.
3:36:39 PM 
|
|
Welcome to Assignment Zero. It's pro-am journalism in the open style
made possible by the web. This is a collaboration among
NewAssignment.Net, Wired and those who choose to participate.
I hope you will. Because we're trying to figure something out here.
Can large groups of widely scattered people, working together
voluntarily on the net, report on something happening in their world
right now, and by dividing the work wisely tell the story more
completely, while hitting high standards in truth, accuracy and free
expression?
If they can, this would matter.
It's called Assignment Zero
because we needed to jump start our site somehow, and this project with
Wired turned out to be it. We're trying to create a pro-am,
open-platform reporting tool that we can improve and modify later, for
use in bigger, more sprawling and difficult stories down the road.
Maybe about the environment. Or the schools. Or -- who knows? -- the
war.
3:35:07 PM
|
|
Assignment Zero Tests Pro-Am Journalism Jay Rosen writes "Assignment Zero
is a pro-am, open-platform reporting project. The investigation: crowd
sourcing and peer production are a social trend growing well beyond
tech. Why is this happening? Partners: NewAssignment.Net and Wired.com, with Newsvine. From the Wired essay:
'We're trying to figure something out here. Can large groups of widely
scattered people, working together voluntarily on the net, report on
something happening in their world right now, and by dividing the work
wisely tell the story more completely, while hitting high standards in
truth, accuracy and free expression?' Wired.com: 'We want out readers
and our sources to be one and the same. We think it will make for
better journalism.'" [Slashdot]
3:32:28 PM
|
|
Democrats grill FCC about neutrality, surveillance, more. Surveying the FCC's accomplishments in the three years since commissioners were last been required to make an account before a House oversight committee, some representatives question whether recent Republican supervision on such issues as emegency preparedness, NSA surveillance and Net neutrality wasn't somewhat lax [Computerworld Privacy News]
3:24:37 PM
|
|
JEFFERSON CITY, Mo. - Residents tired of getting junk ads in the mail could get a slight reprieve after action by the Senate on Wednesday night.
The Department of Revenue last year began sending out advertisements
along with license plate renewal notices. The state contracted with a
company to handle the printing of vehicle registration notices in
exchange for the right to sell and insert commercial ads in the
packets. Senate Transportation Committee chairman Bill Stouffer,
R-Napton, said the decision saves the state about $750,000.
Missouri signed up partly because of the savings and partly in
response to privacy concerns after it began mailing renewal notices on
postcards in another budget-cutting move, the Revenue Department said
at the time.
The Senate was debating a wide-ranging bill to change motor vehicle
laws, and Sen. Tim Green, D-St. Louis, offered an amendment preventing
the state from including ads in the vehicle renewal notices.
"The state has become a marketing agent," Green said. "It's just not
the right of the state to use a requirement you have to fulfill to sell
a product."
3:22:18 PM
|
|
Chertoff: Security and privacy not at odds. Calling privacy groups "Luddites," DHS head Michael Chertoff defends the Real I.D. Act. He claims that the data-chipped drivers licenses, which will be linked to a numbers of databases around the country, will actually protect privacy Editor:And down is up, black is white, and I have a bridge I'd like to sell you.
[...]
The head of the Department of Homeland Security on Thursday
downplayed privacy concerns raised by the government's efforts to
create standardized, data-chipped drivers licenses across the country.
The same technology that makes information on identification
cards more reliable can also protect privacy, DHS Secretary Michael
Chertoff said during a speech to the Northern Virginia Technology
Council. "It's my contention that properly used technology ... actually
protects privacy," he said. "We should not allow folks to be captivated
by the argument that every time we do something with a computer, it
invades privacy."
Chertoff was referring to privacy concerns surrounding the Real ID
Act, a law passed by Congress in 2005 that would require states to
create machine-readable ID cards containing the name of the holder, the
data of birth, a digital photograph and other information.
Privacy groups, including the Electronic Privacy Information Center
(EPIC), have said that the DHS hasn't come up with rules on how the
information on the cards should be protected. DHS has made only "vague"
plans for card security and for restricting which state motor vehicle
agency employees would have access to the information, EPIC says.
"On security and privacy standards for the card, state motor vehicle
facilities, and the personal data and documents collected in state
motor vehicle databases, DHS shows little interest," EPIC says on its
Web site.
But Chertoff said those raising privacy concerns about the use of IT
in the U.S. government's domestic security efforts create a false
tension between security and privacy. "This kind of Luddite attitude
... is exactly wrong," he said. "Security and privacy are very much the
same type of value. I don't think they're mutually exclusive, they're
mutually reinforced."
Chertoff also talked about how DHS is using IT. Technology plays a
part in nearly all the agency's efforts, including machines that read
fingerprints at border crossings, databases that link law enforcement
investigations and scanning technologies for containers coming into the
U.S. [Computerworld Privacy News]
3:12:44 PM
|
|
Google's New Plan to "Anonymize" Search Logs: A Good First Step, But More Is Needed. After years of criticism from EFF and other privacy advocates, Google announced yesterday a new policy on how it handles logs of its users' searches: after 18-24 months, it will delete key information in its server logs that could be used to link particular users to records of their search queries. This is a big change from Google's previous policy, which was essentially to keep all of those logs forever in identifiable form, and we're certainly glad to see that Google is starting to limit its retention of such sensitive data. Your Google search history can paint an intimate portrait of your most private interests and concerns. Particularly in light of the disastrous AOL search terms disclosure, recent scandals involving government surveillance, and Google's own recent court fight with the government over a subpoena for search records, it seems that Google has finally realized that limiting the retention of such records is essential to protecting your privacy. Hopefully, Google's change in policy will spur other online service providers to consider how they can minimize the amount of personal data that they store, and perhaps even prompt competition between service providers to offer the most privacy-protective services. However, we hope that this new announcement is only Google's first step in changing its privacy practices, because additional changes would better protect user privacy and set an even better example for the industry: - Google should shorten the retention period for identifiable logs to six months at the outside, and ideally to only thirty days (which is AOL's retention limit for similar logs). Barring this, it should at least justify why it needs such records for up to two years, beyond offering one-sentence platitudes about how such records are used to improve Google's service.
- Google should also shorten the retention of the "anonymized" logs, which Google apparently still intends to keep forever. As Google itself admits, the new policy changes still don't guarantee users' anonymity, and holding onto those records indefinitely still poses a serious private threat.
- Therefore, Google should consider more robust anonymization techniques, up to and including scrubbing entire IP addresses rather than just the last quarter or "octet" of such addresses.
- Finally, Google should expand its new anonymization policy to include the search records of users with Google Account log-ins, and to records generated by their myriad other services, rather than limiting the policy change to regular search logs.
Beyond making these additional policy changes, there's one more thing that Google should be doing[~]something we think it actually has a duty to do as a good corporate citizen and as a preeminent Internet powerhouse[~]and that is using its considerable political clout to fight for better Internet privacy laws on Capitol Hill. Right now, there are significant questions as to whether or how Internet search logs are protected by existing federal privacy laws, and Google owes it to its customers to publicly advocate for updating those privacy laws for the 21st century. [EFF: Deep Links]
3:05:57 PM
|
|
Google To "Anonymize" Personal Data after 18-24 Months.Google made a major announcement today that by the end of the year will begin removing identifying data from its search logs after 18 -24 months:
When you search on Google, we collect information about
your search, such as the query itself, IP addresses and cookie details.
Previously, we kept this data for as long as it was useful. Today we're
pleased to report a change in our privacy policy: Unless we're legally
required to retain log data for longer, we will anonymize our server
logs after a limited period of time. When we implement this policy
change in the coming months, we will continue to keep server log data
(so that we can improve Google's services and protect them from
security and other abuses)--but will make this data much more
anonymous, so that it can no longer be identified with individual
users, after 18-24 months.
They've released a log retention FAQ (PDF) with more details, including how they will "anonymize" the log data:
What does it mean to anonymize the logs?
We will change some of the bits in the IP address in the logs as well
as change the cookie information. We're still developing the precise
technical methods and approach to this, but we believe these changes
will be a significant addition to protecting user privacy.
How do these anonymizing measures protect user privacy?
Changing the bits of an IP address makes it less likely that the IP
address can be associated with a specific computer or user. Cookie
anonymization makes it less likely that a cookie can be used to
identify a user.
Do these changes guarantee anonymization?
It is difficult to guarantee complete anonymization, but we believe
these changes will make it very unlikely users could be identified.
This is an important and promising step towards greater privacy and
protection of personal search history records. But remember, AOL thought they had released anonymized data as well.
Just because and IP and cookie has been modified doesn't mean that user
privacy is ensured. The preferred solution would be for Google to purge the data altogether after, or just don't collect it in the first place.
Unfortunately I don't have much time for further analysis (baby, dissertation, oh my!), but 27B Stroke 6 is on top of it, and CNet has reaction from CDT, EFF, and others.
michaelzimmer.org]
2:12:41 PM
|
|
|
© Copyright 2007 Paul Hardwick.
Last update: 3/18/07; 6:46:17 PM.
|
|
|
