Domain Names Can't Defend Themselves: Via Freedom to Tinker.

Today, the Kentucky Supreme Court handed down an opinion in the saga of Kentucky vs. 141 Domain Names (described a while back here on this blog). Here's the opinion.

This case is fascinating. A quick recap: Kentucky attempted a property seizure of 141 domain names allegedly involved in gambling on the theory that the domain names themselves constituted "gambling devices" under Kentucky law and were therefore illegal. The state held a forfeiture hearing where anyone with an interest in the "property" could show up to defend their interest in the property; otherwise, the State would order the registrars to transfer "ownership" of the domain names to Kentucky. No individual claiming that they own one of the domain names showed up. Litigation began when two industry associations (iMEGA and IGC) claimed to represent unnamed persons who owned these domain names (and another lawyer showed up during litigation claiming representation of one specific domain name). [ Read more ... ]

Judges Approves $9.5 Million Facebook ‘Beacon’ Accord: Via Threat Level.

A federal judge on Wednesday approved a $9.5 million settlement to a class action lawsuit challenging Facebook’s program that monitored and published what users of the social networking site were buying or renting from Blockbuster, Overstock and other locations.

The case concerned allegations Facebook’s now defunct “Beacon” program breached federal wiretap and video-rental privacy laws. Terms of the settlement, in which Facebook denied any wrongdoing, require the site to finance what the deal calls a “Digital Trust Fund” that would issue more than $6 million in grants to organizations to study online privacy.

The social networking site will have a seat on the fund’s three-member board — a fact that was a big bone of contention (.pdf) in the privacy community, but one U.S. District Judge Richard Seeborg in San Jose, California, said Wednesday was immaterial.

“There has been no pervasive showing that the foundation will be a mere publicity tool for Facebook,” (.pdf) Seeborg wrote.

Seeborg gave preliminary approval to the deal last year, but finalized it Wednesday after reviewing objections. [ Read more ... ]

Undercover Feds on Social Networking Sites Raise Questions: Via Threat Level.

The next time someone ties to “friend” you on Facebook, it may turn out to be an undercover fed looking to examine your private messages and photos, or surveil your friends and family, according to an internal Justice Department document obtained by the Electronic Frontier Foundation.

The 33-page document shows that law enforcement agents from local police to the FBI and Secret Service have been logging on to MySpace and other sites undercover to communicate with suspects, read private postings and view photos and videos that are restricted to a user’s friends, according to the Associated Press.

The document also describes techniques for verifying alibis — such as checking messages posted by a suspect on Twitter disclosing his whereabouts at the time a crime was committed — and uncovering information that might point to illegal activity, such as photos depicting a suspect with expensive jewelry, a new car or even a weapon.

The document says that evidence from social networking sites can: [ Read more ... ]

EFF Asks Illinois Appellate Court to Block Unmasking of Anonymous Online Critic: Via EFF.org Updates.

Chicago - The Electronic Frontier Foundation (EFF) and the Media Freedom and Information Access Practicum (MFIA) at Yale Law School filed a friend-of-the-court brief today urging the Illinois Court of Appeals to block the unmasking of an anonymous online critic of a local political candidate.

The critic, commenting on a story on the website of a suburban Chicago newspaper called the Daily Herald, engaged in a heated debate with other commenters. One turned out to be the son of the village trustee candidate in Buffalo Grove, Illinois, who was discussed in the article. The candidate, Lisa Stone, who eventually won her race, asked a state court to order the newspaper to release the critic's name and address without appropriately showing that the statements directed towards her son were defamatory or otherwise illegal. Stone indicated that she may choose to subsequently file a lawsuit once she determines the critic's identity through the pre-complaint procedure.

"Because of the enormous potential for abuse, the First Amendment requires litigants to demonstrate that they have a legitimate case before they can use the courts to unmask anonymous online critics," said EFF Senior Staff Attorney Matt Zimmerman. "Insults are not enough, especially when the conversation takes place in the context of a political campaign." [ Read more ... ]

Secret Document Calls Wikileaks ‘Threat’ to U.S. Army: Via Threat Level.

Wikileaks presents a “threat to the U.S. Army” and publishes “potentially actionable information” for targeting military personnel, according to a classified intelligence report posted Monday on the whistleblowing site.

The 32-page report entitled Wikileaks.org – An Online Reference to Foreign Intelligence Services, Insurgents, or Terrorist Groups? (.pdf) indicates the government’s concern that “current employees or moles” within the Defense Department or the U.S. government “are providing sensitive or classified information to Wikileaks.” To stop this, the 2008 report had suggested a campaign to expose and punish those who leak to the site, which was founded in 2007 by Chinese dissidents, journalists and mathematicians.

“Wikileaks.org uses trust as a center of gravity by assuring insiders, leakers, and whistleblowers who pass information to Wikileaks.org personnel or who post information to the website that they will remain anonymous,” according to the report. “The identification, exposure, or termination of employment of or legal actions against current or former insiders, leakers, or whistleblowers could damage or destroy this center of gravity and deter others from using Wikileaks.org to make such information public.” [ Read more ... ]

NetFlix Cancels Recommendation Contest After Privacy Lawsuit: Via Threat Level.

Netflix is canceling its second $1 million Netflix Prize to settle a legal challenge that it breached customer privacy as part of the first contest’s race for a better movie-recommendation engine.

Friday’s announcement came five months after Netflix had announced a successor to its algorithm-improvement contest. The company at the time said it intended to expand the amount of information it gave to researchers in hopes that its recommendation system — a key part of Netflix’s customer retention strategy — would get even better. That was then followed with a warning by prominent data privacy lawyers that the new dataset was easily de-anonymized.

Those fears were highlighted in December, when an in-the-closet lesbian mother sued Netflix for privacy invasion, alleging the movie-rental company made it possible for her to be outed when it disclosed insufficiently anonymous information about nearly half-a-million customers as part of its $1 million contest. [ Read more ... ]

Advertising - Instant Ads Set the Pace on the Web: Via NYTimes.com .

Now, companies like Google, Yahoo and Microsoft let advertisers buy ads in the milliseconds between the time someone enters a site’s Web address and the moment the page appears. The technology, called real-time bidding, allows advertisers to examine site visitors one by one and bid to serve them ads almost instantly.

For example, say a man just searched for golf clubs on eBay (which has been testing a system from a company called AppNexus for more than a year). EBay can essentially follow that person’s activities in real time, deciding when and where to show him near-personalized ads for golf clubs throughout the Web.

If eBay finds out that he bought a driver at another site, it can update the ad immediately to start showing him tees, golf balls or a package vacation to St. Andrew’s, Scotland, often called the home of golf. If a woman was shopping, eBay could change the ad’s color or presentation. [ Read more ... ]

Classmates.com’s Facebook Mimicking Prompts Privacy Suit: Via Threat Level.

The long-lost pal locating site, Classmates.com, has been hit with a class action privacy lawsuit alleging the company violated the law when it decided to make user profiles public in order to compete with Facebook.

The suit alleges that Classmates.com duped its paying customers in late January when it sent them an e-mail saying that members would have to opt-out of new Facebook and iPhone apps to keep their data private. That’s a massive change to the site’s privacy policy and violates federal and Washington State privacy and fairness laws, according to the suit (.pdf) filed in a Washington State federal district court March 5.

Classmates.com has long kept user information non-public, and only paying members can read e-mails sent to them by others, see ‘old friends’ on a map, and see who has been looking at their profile. While the site has some 3 million paying users, it’s been eclipsed by sites like Facebook and MySpace, which have more members, more public profiles and don’t charge.

In order to keep up, Classmates.com decided to make “public Classmates content available to people using a variety of sites and devices, including Facebook and the iPhone,” according to a January 30 e-mail sent to users. [ Read more ... ]

Major ISPs Help Fund BitTorrent User Tracking Research: Via Slashdot YRO.

An anonymous reader writes "I was scanning conference proceedings to come up with ideas for a reading group I run at my workplace, and I noticed an interesting paper from the new IEEE WIFS forensics conference. Researchers from the University of Colorado have published a technique for tracking BitTorrent users (PDF) by joining and actively probing torrent swarms using low-cost cloud computing services. They claim their methods allowed them to monitor the entire Pirate Bay torrent set for as little as $13/mo using EC2. But that's not even the interesting part. Their work appears to have been 'funded in part through gifts from PolyCipher' — a broadband ISP consortium. That's right; three major national ISPs funded this round of BitTorrent tracking research, not the MPAA/RIAA. Could this be evidence of ISP support for ACTA and a global three-strikes law?"

Read Original Article:(Via Slashdot.)

Italy Convicts Google Execs To Protect Privacy: Via NPR.

Europeans are debating the overall reach of the Internet into their lives. An Italian court recently convicted three Google executives for privacy violations after a clip was posted on Google Video showing a disabled student being bullied by classmates in Turin. The ruling highlights a deep trans-Atlantic cultural gap: Americans see the ruling as undermining the concept of freedom of expression, while Europeans put privacy first — they consider it a fundamental human right. [ Read more ... ]

CDT Issues Report Recommending Privacy Guidelines for Digital Signage Industry: Via CDT - Center for Democracy & Technology.

Washington -- On Monday, the Center for Democracy & Technology (CDT) released a report that includes a set of privacy recommendations for the rapidly growing digital signage industry.  The report focuses on the industry's adoption of identification and interactivity technologies such as facial recognition, mobile marketing, social networking, RFID tracking and license plate scanners.

The recommendations in CDT's report, "Building The Digital-Out-Of-Home Privacy Infrastructure," are based on the widely accepted Fair Information Practices (FIPs). [ Read more ... ]

The Eternal Value of Privacy: Via Bruce Schneier's personal blog .

The most common retort against privacy advocates -- by those in favor of ID checks, cameras, databases, data mining and other wholesale surveillance measures -- is this line: "If you aren't doing anything wrong, what do you have to hide?"

Some clever answers: "If I'm not doing anything wrong, then you have no cause to watch me." "Because the government gets to define what's wrong, and they keep changing the definition." "Because you might do something wrong with my information." My problem with quips like these -- as right as they are -- is that they accept the premise that privacy is about hiding a wrong. It's not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.

Two proverbs say it best: Quis custodiet custodes ipsos? ("Who watches the watchers?") and "Absolute power corrupts absolutely." [ Read more ... ]

Redrawing the Route to Online Privacy: Via NYT > Privacy.

ON the Internet, things get old fast. One prime candidate for the digital dustbin, it seems, is the current approach to protecting privacy on the Internet.

It is an artifact of the 1990s, intended as a light-touch policy to nurture innovation in an emerging industry. And its central concept is “notice and choice,” in which Web sites post notices of their privacy policies and users can then make choices about sites they frequent and the levels of privacy they prefer.

But policy and privacy experts agree that the relentless rise of Internet data harvesting has overrun the old approach of using lengthy written notices to safeguard privacy. [ Read more ... ]

I don't bleepin' believe it - Insurers may raise your home insurance premiums if you use social networking.: Via Network World on computerworld.

From the Backspin "I don't believe it" department comes this week's top story: Insurers may raise your home insurance premiums if you use social networking.

Yep, according to Legal and General, one of the United Kingdom's biggest home insurers: "The insurance industry is aware that, with increasing acceptance of social media, the standard risk indicators may need to be reviewed. New risks and patterns in crime and claims are continually monitored to ensure the implications do not impact viable business models …. This social networking trend is clearly one that is making home insurers sit up and take note."

The rationale behind the interest in social networking can be found in L&G's "Digital Criminal Report". This document, based on a survey of "more than 2,000 social media users," found that "38% of users of sites such as Facebook and Twitter have posted status updates detailing their holiday plans and ... 33% have posted status updates saying they are away for the weekend." [ Read more ... ]

Location Data Sensitive Like Medical Information, Says Congressional Witness: Via NYTimes.com .

"The writing is on the wall that there will be baseline privacy legislation introduced," said John Morris, general counsel for the Center for Democracy & Technology at a Congressional hearing on location data and privacy yesterday. "It will require location be treated as sensitive data, like medical data. You'll need to do more than just post a disclosure statement."

We're entering an era of location as platform but should that location data be as fundamentally private by default as medical information is?

Many users are concerned about their location being exposed in ways they don't control and that have adverse impacts on their safety and freedom. That's one side of the debate. [ Read more ... ]

EPIC Urges Congress to Adopt Privacy Safeguards for Locational Data: Via EPIC - Electronic Privacy Information Center .

Today, EPIC submitted comments for an upcoming joint hearing on "The Collection and Use of Location Information for Commercial Purposes." EPIC cited the growing uses of location data for advertising and tracking purposes, typically without any legal protections, and noted widespread support among US and European consumer organizations for clear protections. EPIC recommended that Congress establish strong rules, similar to those in the European Union Eprivacy Directive, that would give users meaningful control over their locational data. EPIC had previously recommended that the F.C.C. establish guidelines for the protection of users' locational privacy. For more information, see EPIC: CPNI.

Read Original Article:(Via EPIC - Electronic Privacy Information Center .)

China Widens Net Censorship; Google Exile Looms: Via Threat Level.

The Chinese government is imposing new internet restrictions demanding personal-website operators to acquire central-government permission to operate their sites.

The latest censorship measure, which covers .cn domestic domains, comes as Google is trying to convince Chinese censors to ease up. Google said 43 days ago it would undertake a self-imposed exile from China if the government does not back off from requiring it to censor search results.

The government said the latest move — which also requires site owners to submit a photograph and to show identification — was targeted at tackling pornography. Critics, though said it was based on silencing political dissent. China did not say when the rules would be enforced. [ Read more ... ]

Are Aggregation Services Security Risks?: Via NYTimes.com .

Do you like social aggregation and tracking services like FriendFeed, Google Buzz and Cliqset? If so, there's another startup launching today that wants your attention: Strings. This service is focused less on social content sites like flickr and YouTube (although supported) and more on traditional online activity like clothing purchases from JCrew or Saks, groceries from Amazon Fresh, beauty products from Sephora and a slew of other purchases from web-based shopping sites.

But before you rush to sign up with yet another activity aggregation service, it may be time to pause and think. Do the benefits of seeing your friends' purchases on sites like Strings and the online shopping tracker Blippy outweigh the risks of handing over login credentials to these third parties? [ Read more ... ]

Ninth Circuit addresses “actual damages” under the Privacy Act: Via Personal Health Information Privacy blog.

I posted this yesterday to PogoWasRight.org but then it dawned on me today that since this involved medical information, I should have posted it here, too:

A new ruling from the Ninth Circuit in Cooper v. FAA addresses the meaning of “actual damages” in the Privacy Act. The case arose when federal agencies shared information without consent in “Operation Safe Pilot:”

Read Original Article:(Via Personal Health Information Privacy blog.)

Redefining privacy in the era of personal genomics: Via Ars Technica.

DNA, the storage bank of genetic information for all living organisms, is challenging scientists and policy makers to reconsider the issue of privacy. With the completion of the human genome and advancements in DNA sequencing technologies, a person’s DNA can potentially be tested for risks related to a number of genetic diseases. This progress is promising for personalized medicine, but ethical and policy issues are coming to the forefront as well. After all, can DNA data ever be truly private and anonymous when DNA itself can also act as a unique identifier? [ Read more ... ]

Cell phones show human movement predictable 93% of the time: Via Ars Technica.

We'd like to think of ourselves as dynamic, unpredictable individuals, but according to new research, that's not the case at all. In a study published in last week's Science, researchers looked at customer location data culled from cellular service providers. By looking at how customers moved around, the authors of the study found that it may be possible to predict human movement patterns and location up to 93 percent of the time. These findings may be useful in multiple fields, including city planning, mobile communication resource management, and anticipating the spread of viruses. [ Read more ... ]

Technologists need to step up in privacy debate: Via Tom Mitchell: Computerworld Blogs.

Could a lack of privacy regulations in the U.S. and abusive practices lead to a backlash that negatively affects scientific research for the greater social good? That worries Tom Mitchell, a Carnegie Mellon professor and machine learning researcher, whose profile appears this week in the pages of Computerworld.

As smart phones diligently record people's locations, movements and other activities, machine learning and real time data mining can be used for the greater good. For example, real time positioning and movement data from you smart phone is already being used to track traffic congestion. Soon it could be used to change traffic light patterns in order to optimize traffic flows.

Machine learning algorithms feed on such data to make predictions for good -- or ill. Patient data could be analyzed to inform you that yesterday you came in contact with someone who has a contagious disease. But if you have the disease, do you want that information made public? What about entities that might use machine learning tools to identify you in random groups of photos that you or others have posted on the Web? How about identifying your mother or your child? [ Read more ... ]

Augmented Identity App Helps You Identify and Friend Perfect Strangers, Face to Face : Via Popular Science.

By this point, we're all familiar with augmented reality, but Swedish mobile software firm The Astonishing Tribe is taking information overload to the next logical step: augmented identity. Mashing up face recognition technology, computer vision, cloud computing, and augmented reality with the complex digital lives many of us lead on the Internet, TAT has created an app that allows you to gather information on a person and their social networking life simply by pointing your camera phone at their face.

Dubbed Recognizr, the app essentially works like this: the user points the camera at a person across the room. Face recognition software creates a 3-D model of the person's mug and sends it across a server where it's matched with an identity in the database. A cloud server conducts the facial recognition since and sends back the subject's name as well as links to any social networking sites the person has provided access to. [ Read more ... ]

The Dark Side of Social Media and Privacy | Mark Evans Tech: Via Mark Evans Tech.

At PodCamp Toronto yesterday, one of the intriguing sessions was Brad Buset’s presentation about privacy, and how there needs to be more awareness of how much information we’re disclosing via social networks.

It’s an issue that has been lost in the shuffle amid the excitement about sharing what you’re doing, thinking, eating, going, drinking, buying and where you’re located. Everyone is pounding away on their keyboards to broadcast everything and anything without much thought to whether disclosing this information has a downside. In many ways, we’re drunk on social media.

The reality is there’s a dark side to social media that people need to serious start thinking about now. Every tweet, update, video and blog post is micro-chapter of your public profile that anyone can access. Sure, it’s information that is created for friends, family and colleagues but it’s also out there for other people with less virtuous interests. [ Read more ... ]

Student slaps Google Buzz with privacy lawsuit: Via The Money Times .

Lawsuit against Google

Now a student at Harvard Law School has filed a class action suit against the company for making personal information of the users public.

Law firms in San Francisco and Washington, D.C. have sued Google on behalf of Eva Hibnick.

The 24-year-old law student filed the law suit against the search giant after finding herself automatically opted to the new networking service, without consent. [ Read more ... ]