Tonight I was on The Drum on ABC News 24 discussing the news of the day, including the Coalition's leaked plan for 100 dams across Australia, Wayne Swan's refusal to rule out an income tax rise, and how far does the British royal family's right to privacy extend?
The Drum 14 February 2013 from Peter Black on Vimeo.
| | | |
|
I'm participating in a new weekly podcast with a few friends - Dan Barrett from Televised Revolution, Michael Meloni from Somebody Think of the Children, and Sarah Moran from @reviewbrisbane - called Digital Much. The eighth episode of Digital Munch is now online for your listening pleasure:
Online dating is now pretty mainstream. But, what of just meeting friends from the Internet? Is there still a stigma? The panel discuss their own experiences in meeting people online.
As we do every week on Digital Munch, we also consume a snack as we talk all things digital. This week we’re enjoying the awkwardly named jaffa-choc snack ‘Negro’.
You can listen or download the podcast here or subscribe to it in iTunes here. It's still very much a work in progress, so I'd love to hear your feedback.
| | | |
|
I'm participating in a new weekly podcast with a few friends - Dan Barrett from Televised Revolution, Michael Meloni from Somebody Think of the Children, and Sarah Moran from @reviewbrisbane - called Digital Much. The seventh episode of Digital Munch is now online for your listening pleasure:
On the last episode of Digital Munch we discussed the notion of privacy. Are we simply too concerned about the sort of information available online about us. Ultimately there becomes the question of ‘Who cares?”. Since then, an incident has caused Sarah to rethink her position on this. What happened? You’ll have to download to find out. #sizzle
As we do every week on Digital Munch, we also consume a snack as we talk all things digital. This week we’re enjoying the limited edition ‘Strawberries and Cream” Snack block of chocolate by Cadbury.
You can listen or download the podcast here or subscribe to it in iTunes here. It's still very much a work in progress, so I'd love to hear your feedback.
| | | |
|
I'm participating in a new weekly podcast with a few friends - Dan Barrett from Televised Revolution, Michael Meloni from Somebody Think of the Children, and Sarah Moran from @reviewbrisbane - called Digital Much. The sixth episode of Digital Munch is now online for your listening pleasure:
Privacy. Is it really that big a deal?
There is a lot of fear surrounding online privacy, but how much of that fear is actually warranted? This week the panel discuss the etiquette of location sharing, is it possible to clamp down your privacy entirely, and is there any point to even trying to remain private anymore?
As we do every week on Digital Munch, we also consume a snack as we talk all things digital. This week we’re enjoying the Kit Kat Chunky – Cookies & Cream.
You can listen or download the podcast here or subscribe to it in iTunes here. It's still very much a work in progress, so I'd love to hear your feedback.
| | | |
|
I am interviewed this week in Stilgherrian's bumper edition of Patch Monday on the arrest Ben Grubb last week (what else?):
AusCERT, Australia's largest information security conference, dominates an extended Patch Monday podcast this week, with the latest on Stuxnet, the insecurities of internet routing and the drama that started with a Facebook hack and ended with a journalist being arrested.
I've selected just three AusCERT-related stories for the podcast. For more, see ZDNet Australia's complete AusCERT coverage.
First, Stuxnet — the worm targeted at Iran's nuclear program last year. It's the most sophisticated cyber weapon ever developed. Security analyst Eric Byres, one of the world's leading experts in protecting critical infrastructure, believes that we'll see Son of Stuxnet, a less sophisticated copycat malware, in as little as a year. He also believes that the "air gap" — physically separating critical infrastructure networks from the broader internet — won't be the answer to this emerging threat.
Second, internet routing. There are problems with the protocols used to route traffic around the internet, as we explained on Patch Monday in November 2010. Routers trust other routers to tell them what's going on, but mistakes happen. Geoff Huston, chief scientist at APNIC, goes one further, denigrating this process mapping by rumour. "If you get bad players, how do you tell who's lying?" he said. "Our vulnerability is horrifying, that in the face of determined malicious cyber warfare you won't have an internet tomorrow when it happens."
Third, Christian Heinrich's demonstration of a Facebook privacy hack at BSides Australia, which used as its target the Facebook account of another security researcher's wife. That in itself raises ethical questions. But subsequently, a journalist who reported the story was arrested, and his iPad was seized by Queensland police.
To help us understand the issues:
- Peter Black, who teaches internet and constitutional law at Queensland University of Technology, explains the Australian laws that apply.
- Adam Palmer, lead cybersecurity adviser for Norton and former US Navy JAG prosecutor, provides a US legal perspective.
- Ty Miller, chief technology officer of Pure Hacking, explains the boundaries of Ethical Hacking.
- Sean Morrissey, chief executive officer of Katana Forensics, a digital forensics firm specialising in iOS-based devices like iPhones and iPads, explains what can be done with an iPad in just two days.
- Colin Jacobs, chair of Electronic Frontiers Australia.
To leave an audio comment on the program, Skype to stilgherrian, or phone Sydney 02 8011 3733.
Running time: 59 minutes, 55 seconds.
| | | |
|
I have written a piece for ABC's The Drum on the decision of the Queensland Police to arrest Fairfax journalist Ben Grubb in response to material he had obtained while reporting a story on how a security researcher managed to bypass Facebook’s privacy settings to access someone’s private photos.
You can read my thoughts here.
| | | |
|
On ABC Radio National's Future Tense program this morning, I was interviewed about online reputation management:
It's called ORM—Online Reputation Management—and as the boundaries between the digital and the real world become more blurred, a growing number of companies are now offering to help you protect and preserve your reputation.
Other guests included Kate Carruthers, Sydney based digital strategist; Neerav Bhatt, Freelance IT Journalist and blogger; Stephen Collins, Board member for Electronic Frontiers Australia; Dr Rob Sparrow, ARC Future Fellow and Senior Lecturer, Monash University; and David Cannell, Founder of Online Reputation Management Sydney.
You can listen to the segment now or download the audio here.
| | | |
|
Every Tuesday morning I have a regular weekly segment on Breakfast with Spencer Howson on 612 ABC Brisbane talking about technology and how it frames our world. In the segment this week we talked broadcasting your location with Google Latitude, how kids consume media, why we use social media on Fridays, file sharing as a religion in Sweden, and US Government terror warnings to be posted to Facebook and Twitter:
| | | |
|
Just a quick heads up to let you know that I piece in yesterday's Courier Mail, "When your love life goes viral" (it's not online unfortunately), and a piece on New Matilda today, "How To Make Laws For The Internet".
Now that teaching is over for the year, I hope to have the time to write a lot op-ed pieces, so stay tuned ...
| | | |
|
Every Tuesday morning I have a regular weekly segment on Breakfast with Spencer Howson on 612 ABC Brisbane talking about technology and how it frames our world. In the segment this week we talked about using Google, the Facebook-Farmville privacy scare, The Social Network movie, one billion views for Lady Gaga on YouTube and Communication Shutdown:
| | | |
|
This morning I was included in a discussion on ABC Radio National's Future Tense program about the rise of geolocation:
We've seen huge growth in the popularity of social networking services. But what happens when you combine social networking with your location? The rise of smartphones has led to a massive increase in geo-location based services. So what are the advantages and disadvantages of providing your location? And in a geo-located world will we ever be off the grid?
Peter Marks
ABC Radio National Breakfast's technology editor.Boy Van Amstel
Programmer and co-creator of 'Please Rob Me' website.Peter Black
Senior Law Lecturer at the Queensland University of Technology and avid user of geo-location services.Neerav Bhatt
Professional blogger, freelance journalist and photographer.
| | | |
|
Every Tuesday morning I have a regular weekly segment on Breakfast with Spencer Howson on 612 ABC Brisbane talking about technology and how it frames our world. In the segment this week we talked about my Analog Sunday, stalking celebrities with Just Spotted, checking into what you are watching, and Mixels, a safe social network for young children:
| | | |
|
Every Tuesday morning I have a regular weekly segment on Breakfast with Spencer Howson on 612 ABC Brisbane talking about technology and how it frames our world. This week we talked about Twitter and daylight saving, Facebook Places, social networkers being happy to lurk, LinkedIn and cyberbullying:
Last week Kirsten MacGregor was filling in for Spencer Howson and we talked about anonymity on the internet, the My Lecturer website and the dangers of status jacking:
| | | |
|
Every Tuesday morning I have a regular weekly segment on Breakfast with Spencer Howson on 612 ABC Brisbane talking about technology and how it frames our world. This week Kirsten MacGregor was filling in for Spencer Howson and we talked about tech speak, celebrities leaving Twitter, and a geolocation urban legend:
| | | |
|
Every Tuesday morning I have a regular weekly segment on Breakfast with Spencer Howson on 612 ABC Brisbane talking about technology and how it frames our world. In this segment we talk about the Oxford Dictionary moving online, "accidental pirates" and your digital footprint:
| | | |
|
danah boyd, one of the world's leading researchers of social media, has published with Eszter Hargittai, a fascinating article on how people approach Facebook's privacy settings. This is the abstract:
"Facebook privacy settings: Who cares?"
With over 500 million users, the decisions that Facebook makes about its privacy settings have the potential to influence many people. While its changes in this domain have often prompted privacy advocates and news media to critique the company, Facebook has continued to attract more users to its service. This raises a question about whether or not Facebook's changes in privacy approaches matter and, if so, to whom. This paper examines the attitudes and practices of a cohort of 18- and 19-year-olds surveyed in 2009 and again in 2010 about Facebook's privacy settings. Our results challenge widespread assumptions that youth do not care about and are not engaged with navigating privacy. We find that, while not universal, modifications to privacy settings have increased during a year in which Facebook's approach to privacy was hotly contested. We also find that both frequency and type of Facebook use as well as Internet skill are correlated with making modifications to privacy settings. In contrast, we observe few gender differences in how young adults approach their Facebook privacy settings, which is notable given that gender differences exist in so many other domains online. We discuss the possible reasons for our findings and their implications.
Read the article here.
| | | |
|
In a thought provoking piece for Slate, Farhad Manjoo looks at the paradox at the heart of Wikileaks:
Julian Assange, the founder of WikiLeaks, doesn't know who leaked the thousands of Afghanistan war documents that his site posted this week. That's not unusual—it's how WikiLeaks works. To get a scoop to WikiLeaks, a would-be whistle-blower clicks the Submit Documents button on the site's home page, then uploads a file through a form that encrypts every interaction between the source and the site. WikiLeaks keeps no logs of the submission, and the site says that it is legally bound, under Sweden's press secrecy laws, never to cooperate with any investigation into the identity of the source. The site takes several additional measures to scrub submitted documents of any information that could compromise the leaker, removing any ID trails left by word processing software, for instance. The site also constantly feeds fake submissions through its network in order to fool potential attackers. "We have never lost a source," Assange declares in his pitch to whistle-blowers around the world. "None of our sources has been exposed or come to harm."
At the same time, WikiLeaks says its founding mission is radical transparency. Assange argues that "increased scrutiny"—of governments, corporations, and institutions like the Church of Scientology—can be a powerful force for good, reducing corruption and oppression. "Principled leaking has changed the course of history for the better; it can alter the course of history in the present; it can lead us to a better future," WikiLeaks says.
This is the paradox of WikiLeaks' methods. Is radical transparency compatible with total anonymity? If we don't know who the leaker is, why he's leaking, and how he came upon his information, can we really know the full story the document tells? More importantly, how can we know that the information is authentic? Look deeply into WikiLeaks' efforts at radical transparency and you find complete opacity; WikiLeaks wants to shine a light on the world, but only by keeping itself shrouded in secrecy.
Read more here.
| | | |
|
The Brisbane Times reports that the police are using Go Cards to track people's movements:
Police are tracking commuters' movements on Brisbane public transport using their Go Card records.
Officers are using the technology to not only pinpoint the movements of criminal suspects but also potential witnesses.
One woman has told brisbanetimes.com.au she was contacted last month as part of a murder probe after police tracked her down via her Go Card, which is registered with her details by TransLink.
...
A TransLink spokesman said police sought Go Card records “less than a handful of times a week” under an exemption to the Information Privacy Act 2009 (Chapter 29).
“Requests must be made in writing and the information provided can be used in court,” a Translink spokesman said in a statement.
“This is the same procedure that police and other law enforcement agencies follow to gain credit card or banking information, driver's licence data or any other detail which may help confirm a person's identity or movements.”
The records often relate to missing persons or stolen cards and a warrant is needed if the record is to be used in court.
But the practice of tracking people's movements without their consent has raised the ire of civil libertarians.
...
Australian Council for Civil Liberties president Terry O'Gorman said he was not surprised to find police were accessing Go Card records as part of investigations.
“We warned when the Go Cards were introduced that the electronic records could be used for various forms of surveillance and we were pooh-poohed and told that we were being unnecessarily concerned,” he said.
“This shows that our concerns are justified.
“In the light of this I'd urge people who are concerned about their privacy to take the de-identification route so that agents of the state can't willy-nilly access information on their travel patterns.”
Read more here. As a result of this you may want to think twice before you register your Go Card.
| | | |
|
A fascinating post from Stan James on how we see our acquaintances on Facebook:
Yesterday afternoon I shared a cold drink with a friend in one of Berlin’s beer gardens, taking a short break from the current heat wave to talk about my research. “I used to be on Facebook a lot,” she said, “but found that it left me feeling bad about my life.” It’s a sentiment that I’ve heard from lots of people over the last few months: you see others leading amazing lives, and wonder why your life seems so not-so-amazing in comparison.
My friend was quick to point out that she knows rationally that this makes no sense. Of course those people have problems too. Of course they post pictures of vacations (but only the flattering ones) and not of boring days at work.
In my trips back to Colorado, I have been struck each time by the discord between people’s Facebook lives and what they say in private. On Facebook they have been on an amazing vacation to exotic beaches. In person they confess that the vacation was a desperate attempt to save a marraige. On Facebook they have been to gliteratee tech conferences. In person they confess they haven’t been able to sleep for months, and are on anti-anxiety medication from the stress of financial pressures on their company. It is a strange case of schadenfreude for me to hear this, knowing that I had been jealous of their beach time and glamor.
What’s interesting is that this feel-bad Facebook effect seems to come from a distinct source: not-so-close Facebook friends.
In the case of true close friends, you know about all the crap that is going on in their lives. From deep interaction, you know the specific pains and doubt that lies behind the smiling profile picture.
No, the life-comparison danger comes from the weak ties; from those people you met at a conference, or the friends from High School that you haven’t interacted with since they friended you last year. From these people you get a constant stream of life, edited to show the good parts.
Since TV was invented, critics have pointed out the dangers of watching the perfect people who seem to inhabit the screen. They are almost universally beautiful, live in interesting places, do intereseting work (if they work at all), are unfailingly witty, and never have to do any cleaning. They never even need to use the toilet. It cannot be pschologically healthy to compare yourself to these phantasms.
So it’s interesting that social networks have inadvertantly created the same effect, but using an even more powerful source. Instead of actors in Hollywood, the characters are people that you know to be real and have actually met. The editing is done not by film school graduates, but by the people themselves.
In the end, my friend’s strategy seems to be the right one: don’t spend too much time purusing the lives of people who aren’t in your life. And spend more time learning about the uncut, unedited, off-line lives that your friends are actually living.
Read it here.
| | | |
|
In the New York Times Magazine, Professor Jeffrey Rosen has a thought provoking essay on privacy on the internet, "The Web Means the End of Forgetting":
Four years ago, Stacy Snyder, then a 25-year-old teacher in training at Conestoga Valley High School in Lancaster, Pa., posted a photo on her MySpace page that showed her at a party wearing a pirate hat and drinking from a plastic cup, with the caption “Drunken Pirate.” After discovering the page, her supervisor at the high school told her the photo was “unprofessional,” and the dean of Millersville University School of Education, where Snyder was enrolled, said she was promoting drinking in virtual view of her under-age students. As a result, days before Snyder’s scheduled graduation, the university denied her a teaching degree. Snyder sued, arguing that the university had violated her First Amendment rights by penalizing her for her (perfectly legal) after-hours behavior. But in 2008, a federal district judge rejected the claim, saying that because Snyder was a public employee whose photo didn’t relate to matters of public concern, her “Drunken Pirate” post was not protected speech.
When historians of the future look back on the perils of the early digital age, Stacy Snyder may well be an icon. The problem she faced is only one example of a challenge that, in big and small ways, is confronting millions of people around the globe: how best to live our lives in a world where the Internet records everything and forgets nothing — where every online photo, status update, Twitter post and blog entry by and about us can be stored forever. With Web sites like LOL Facebook Moments, which collects and shares embarrassing personal revelations from Facebook users, ill-advised photos and online chatter are coming back to haunt people months or years after the fact. Examples are proliferating daily: there was the 16-year-old British girl who was fired from her office job for complaining on Facebook, “I’m so totally bored!!”; there was the 66-year-old Canadian psychotherapist who tried to enter the United States but was turned away at the border — and barred permanently from visiting the country — after a border guard’s Internet search found that the therapist had written an article in a philosophy journal describing his experiments 30 years ago with L.S.D.
According to a recent survey by Microsoft, 75 percent of U.S. recruiters and human-resource professionals report that their companies require them to do online research about candidates, and many use a range of sites when scrutinizing applicants — including search engines, social-networking sites, photo- and video-sharing sites, personal Web sites and blogs, Twitter and online-gaming sites. Seventy percent of U.S. recruiters report that they have rejected candidates because of information found online, like photos and discussion-board conversations and membership in controversial groups.
Technological advances, of course, have often presented new threats to privacy. In 1890, in perhaps the most famous article on privacy ever written, Samuel Warren and Louis Brandeis complained that because of new technology — like the Kodak camera and the tabloid press — “gossip is no longer the resource of the idle and of the vicious but has become a trade.” But the mild society gossip of the Gilded Age pales before the volume of revelations contained in the photos, video and chatter on social-media sites and elsewhere across the Internet. Facebook, which surpassed MySpace in 2008 as the largest social-networking site, now has nearly 500 million members, or 22 percent of all Internet users, who spend more than 500 billion minutes a month on the site. Facebook users share more than 25 billion pieces of content each month (including news stories, blog posts and photos), and the average user creates 70 pieces of content a month. There are more than 100 million registered Twitter users, and the Library of Congress recently announced that it will be acquiring — and permanently storing — the entire archive of public Twitter posts since 2006.
In Brandeis’s day — and until recently, in ours — you had to be a celebrity to be gossiped about in public: today all of us are learning to expect the scrutiny that used to be reserved for the famous and the infamous. A 26-year-old Manhattan woman told The New York Times that she was afraid of being tagged in online photos because it might reveal that she wears only two outfits when out on the town — a Lynyrd Skynyrd T-shirt or a basic black dress. “You have movie-star issues,” she said, “and you’re just a person.”
We’ve known for years that the Web allows for unprecedented voyeurism, exhibitionism and inadvertent indiscretion, but we are only beginning to understand the costs of an age in which so much of what we say, and of what others say about us, goes into our permanent — and public — digital files. The fact that the Internet never seems to forget is threatening, at an almost existential level, our ability to control our identities; to preserve the option of reinventing ourselves and starting anew; to overcome our checkered pasts.
Read the rest here.
| | | |
|
There have been two big posts on this blog about Facebook this week. The first was my Facebook focused Blawg Review #266 and the second was my explanation as to why instead of quitting Facebook I opened my profile to everyone. Therefore I thought I'd just post a quick update on Facebook's attitude to privacy.
During the week the Facebook CEO Mark Zuckerburg gave a poor performance under pressure at the AllThingsD conference in Palos Verdes:
In a live interview at the AllThingsD conference in Palos Verdes, he stammered and sweated and often spoke in circles while discussing the issues that have drawn the attention of Congress and a growing number of angry Facebook users (some of whom staged a Quitting Facebook protest recently).
“We recommended (privacy) settings for people, we always do. And we ask that everyone go and review their settings and make a choice,” Zuckerberg began.
“We didn’t change any settings. That’s really important.”
Some have criticized Facebook as being too open with user information, or too complicated for users to implement privacy controls.
“The big feedback I got was that privacy settings were too complex,” said Zuckerberg. “We built one main setting for everyone to use.”
But as the interview by AllThingsD's Kara Swisher and Walt Mossberg continued, he grew increasingly nervous. At one point, Swisher suggested Zuckerberg take off his hoodie, which he did – but even so, continued to sweat.
“We continue to do what we think are the right changes, even if they are controversial, and it’s what we think people are counting on us to do as the leaders in the space,” he said.
Mossberg suggested that some users might feel that: “You seem to have taken steps to make more public my information as a Facebook member on your own … why is the management of the company saying they’re gonna take this information and do something with it?”
Swisher chimed in, asking, “Sharing means something different to you than to Walt? This is what privacy means?”
Zuckerberg: “Simple control has been one of the most important parts of using facebook. More than 50 percent of Facebook users have changed their privacy settings.”
Out in the hallway, the verdicts were brutal, with observers saying Zuckerberg seemed lost, in the midst of a panic attack or at the start of a meltdown.
Read more here.
Facebook responded to some of the criticism by launching a new page, Facebook and Privacy, which is designed to keep everyone up to date on Facebook's privacy policy and settings:
Today, we've launched a new Facebook and Privacy Page to complement the privacy guide we previously revamped on the site and a series of video tutorials we started publishing last week.
The Facebook and Privacy Page serves as a living resource and a venue to facilitate an interactive discussion about privacy with all of you. We'll regularly post updates on relevant new content, products and news stories related to online privacy. Already you'll find a repository of online privacy resources both from Facebook and outside experts, including our video tutorials on how to choose your settings as well as links to our privacy guide and FAQs.
Going forward, we'll be posting updates about new materials we create, tips on how to control your sharing and links to relevant news stories and viewpoints.
Visit the page here. It seems as though Facebook is in full damage control mode at the moment. It will be interesting to see if this flows through to any actual changes in Facebook's privacy policy or settings, as opposed to cosmetic changes and PR spin.
| | | |
|
Yesterday was Quit Facebook Day and I used the occasion to think about my social media presence generally, and my use of Facebook specifically. Although I read many compelling pieces about why we should all quit Facebook, most notably from Mark Pesce and Renai LeMay, I am still on Facebook today. Indeed, instead of quitting Facebook altogether, I instead opened up my Facebook profile to everyone. Given this is somewhat a move against the trend, I thought I should explain my reasoning.
Ever since I created a profile on Facebook I have been very aware of my privacy settings. I used to use the Limited Profile feature extensively to limit who could view certain parts of my profile (especially the pictures). When Facebook introduced the ability to create groups (or lists) of friends, I created over a dozen different groups, each with slightly different privacy settings. As of today I in fact have 18 different groups of friends, all with different privacy settings. I also considered the privacy paranoia surrounding Facebook to be a little bit exaggerated because if you took the time, Facebook gave you a great deal of control of your privacy. The problem was, and is, that most people just accept the default settings and don't invest the necessary time to individually configure their privacy settings. However, it is for that reason that so many people have been understandably upset that Facebook has steadily changed the default privacy settings, so that more and more information has been made available to everyone by default, especially to Facebook's commercial partners.
So I took some time yesterday to think about how Facebook uses my personal information and whether I should quit Facebook. I reached four conclusions that may appear at first to be somewhat contradictory (or at least counter-intuitive).
First, I am troubled by the contempt that Facebook seems to have for its users when it comes to privacy. However, when it comes to my privacy on Facebook, I am not troubled because it has always given me the power to customise my own privacy settings.
Second, given Facebook's general attitude to the privacy of its users, I understand and support those who have decided to quit Facebook. But I am not willing to quit Facebook (yet). In part this is because I am comfortable with my own individual privacy on Facebook, but it is also because I feel the utility Facebook provides outweighs my concerns about Facebook's general attitude to the privacy of its users. My social graph on Facebook does not yet exist (or is duplicated) on any of the alternative social networks, nor is the ability to arrange and RSVP to events. The reality is also that even if I was to quit Facebook, I would continue to be tagged in posts and photos on Facebook without the ability to easily monitor those posts and photos. As I feel it is important for me to remain in control of my digital footprint and my online brand, the need to monitor how others tag me on Facebook was an important factor in my decision to remain on Facebook.
Third, it occurred to me that the way I use Facebook has changed over the past few years. Indeed, it has changed so much that I no longer feel the need to have elaborate privacy settings at all. So I decided to take advantage of Facebook's new simplified privacy settings, and make my profile available to everyone. When I first started using Facebook, I was creating content specifically for Facebook - photos, status updates, links were posted to Facebook because that was the only forum I had to share at the time. However today I almost never create content specifically for Facebook. Instead, I import my status updates, photos, links and other content from a range of other different online platforms, such as Typepad, Tumblr, ipadio, Twitter, Posterous and Vimeo. What this means is that almost everything that gets posted to my Facebook profile is already available to everyone somewhere else on the web, without any privacy settings or other limitations at all. Therefore it makes sense for me to treat Facebook as a social hub or aggregator for the content I create online. Opening up all my content to everyone also simplifies the process of protecting my privacy. I can now operate on the assumption that everything on my Facebook profile is open to the world at large, and, if necessary, delete some content or remove tags to protect both my privacy and my online brand.
Fourth, by treating my Facebook profile as an open platform, where almost all of the content on my Facebook profile is posted somewhere else on the web first, my profile and content is very portable. This means that when there are viable alternatives to Facebook, it will be very easy for me to transport my content (as well as hopefully my social graph) to that new social network. In that admittedly very limited respect, I like to think that my decision to open up my Facebook page to everyone does not mean I have sold my soul to Facebook, but instead means that I am preparing for the day when I too can quit Facebook and use an alternative social network.
After all that, if you want to find me on Facebook, you can do so here.
| | | |
|
The brilliant Eben Moglen, Professor of Law and Legal History at Columbia University, and founder, Director-Counsel and Chairman of the Software Freedom Law Center, recently gave a lecture at the Internet Society of New York on “Freedom in the Cloud: Software Freedom, Privacy and Security for Web 2.0 and Cloud Computing”:
Everyone wants a piece of you these days: Google, Facebook, Flickr, Apple, AT&T, Bing. They’ll give you free e-mail, free photo storage, free web hosting, even a free date. They just want to listen in. And you can’t wait to let them. They’ll store your stuff, they’ll organize your photos, they’ll keep track of your appointments, as long as they can watch. It all goes into the “Cloud.”
How we got here is quite a scary story. But nowhere near as scary as getting out again. Eben Moglen, a Professor of Law and Legal History at Columbia University and the founding director of the Software Freedom Law Center, warned you about privacy and the cloud before. At a public meeting of the Internet Society of New York on February 5, Moglen asked you to consider how much worse things have become since then and explain what you can do to reclaim your freedom in the era of Web 2.0.
| | | |
|
Over at The Volokh Conspiracy, Orin Kerr has an unusual way to protect your privacy in the age of Google:
Many wonder how much privacy you can have when a simple Google query reveals so many details of your life. I think there’s an easy answer to this problem. Just change your name to something that already pulls up a lot of Google hits.
If your name is Jernicky Washington, for example, just change your first name to “George.” Is your name Sallisan Poppins? Change your first name to “Mary.” Maybe you’ve had the misfortune of being Yasmarine Table? Change your first name to “Oak.” With a name like George Washington, Mary Poppins, or Oak Table, it will be really hard for people to find out much information about you.
I realize there’s a downside. Every time you meet someone new, they’ll ask, “Wait, is your name really ____?” Plus, everyone will assume your parents had a terrible sense of humor. That’s unfortunate. But hey, just let them try to Google you.
Read it here.
| | | |
|
At the State Legal Educators Conference this morning, I am presenting a paper titled Law 2.0: The Challenge of User-generated and Peer-produced Networks, Content & Culture. You can watch a video of that presentation here:
Law 2.0: The Challenge of User-generated and Peer-produced Networks, Content & Culture from Peter Black on Vimeo.
You can download a copy of the PowerPoint slides here. These are the videos I will be showing as part of my presentation:
| | | |
|
Time's Claire Suddath has understandably had enough of the latest ridiculous Facebook meme, "25 Things About Me":
A girl I knew in high school has memorized all of Janet Jackson's dance routines. A college acquaintance is afraid of train whistles. Five separate people harbor lifelong desires to visit New Zealand. How do I know these things? Because they won't stop writing about them on Facebook! (See the 50 best websites of 2008.)
Facebook's "25 Things About Me" meme seems harmless enough; people write 25 facts about themselves and post them on their Facebook pages, just as they do with videos, status updates and photos of last weekend's party. An estimated 5 million of these notes — that's 125 million facts — have appeared on the website within the past week. Assuming it takes someone 10 minutes to come up with their list, this recent bout of viral narcissism has sent roughly 800,000 hours of worktime productivity down the drain. (Read "Does Facebook Replace Face Time or Enhance It?")
But it's just so stupid. Most people aren't funny, they aren't insightful, and they share way too much. Facebook is a loose social network; a "friend" on Facebook might translate to someone you'd barely recognize in real life. I don't care that my college roommate's sister is anemic or that my stepcousin's boyfriend gets nervous around old people (apparently he's afraid they're going to die). (See the best social-networking applications.)
Below are 25 facts I wish people hadn't told me about themselves.
Read those facts here. I thought of compiling my own list based on what my Facebook friends have disclosed through this meme, but I decided that would be cruel. Claire Suddath's list will have toto.
| | | |
|
I thought I should post an update to the story on the interesting marketing strategy employed by Burger King on Facebook that I blogged about two weeks ago(see here). From TechCrunch:
Burger King, through their insanely creative advertising agency Crispin Porter + Bogusky (see their recent Burger King perfume launch), launches a Facebook application that encourages users to remove Facebook friends. Sacrifice ten of them and you got a free Whopper. 233,906 friends were removed by 82,771 people in less than a week.
Facebook is overjoyed, right? What a great example to show the
Madison Avenue agencies on how a big brand can get real engagement from
users. This is the future of advertising. Or it could have been, if
Facebook hadn’t shut it down
, citing privacy issues:
We encourage creativity from developers and brands using Facebook Platform, but we also must ensure that applications follow users’ expectations of privacy. This application facilitated activity that ran counter to user privacy by notifying people when a user removes a friend. We have reached out to the developer with suggested solutions. In the meantime, we are taking the necessary steps to assure the trust users have established on Facebook is maintained.
Did anyone talk to the sales department before pulling the trigger on this? All that happened is the user being dissed got a message telling them, which helps the application spread virally. Without that feature the app is far less powerful. There is no real privacy issue here, just a policy decision by Facebook that people shouldn’t be notified when you remove them as a friend.
Read more here.
| | | |
|
The new Web site for Obama's White House is already drawing attention from privacy activists and tech bloggers. While the initial focus has been on the site's policies relating to search engine robots, a far more interesting tidbit has so far escaped the public eye: the White House has quietly exempted YouTube from strict rules relating to the use of cookies on federal agency Web sites.
The new White House Web site privacy policy promises that the site will not use long-term tracking cookies, complying with a decade-old rule prohibiting such user tracking by federal agencies. However, the privacy policy then reveals that Obama's legal team has exempted YouTube from this rule (YouTube videos are embedded at various places around the White House Web site).
While the White House might not be tracking visitors, the Google-owned video sharing site is free to use persistent cookies to track the browsing behavior of millions of visitors to Obama's home in cyberspace.
No other company has been singled out and rewarded with such a waiver.
...
For the past 10 years, federal agencies have been prohibited from using tracking cookies on their Web sites, except in a few special cases. The Office of Management and Budget rule M-03-22 states that:
"Agencies are prohibited from using persistent cookies or any other means (e.g., web beacons) to track visitors' activity on the Internet except .... [when there is] a compelling need."
The question we must now focus on is this: Is the need for Obama to use embedded videos hosted by YouTube (and not, say, another company's video-streaming platform that does not force cookies upon its users) a use that can be reasonably described as compelling?
Presumably, this has been justified on the basis that YouTube forces cookies on the visitors of any Web site that embeds one of its videos. However, while Joe or Jane blogger has no bargaining power with YouTube/Google, the federal government certainly does.
In just the past couple weeks, YouTube has launched dedicated pages for both the House and Senate to show off their own videos, and the site also recently started allowing users to directly download copies of some videos. This latter feature has not yet been widely deployed across the site, and is seems to be limited to videos posted by Obama's team.
Given the famously close connections between Obama and Google, you'd think his tech team could negotiate for a cookie-less way to embed videos. At a technical level, this would be an easy enough change, even if it would deny Google the ability to collect even more information on millions of Americans.
| | | |
|
Josh Harris has created a documentary We Live in Public, about the possibility of the virtual world taking over society in the future, which premiered this week at the 2009 Sundance Film Festival:
| | | |
|
Mashable reports on a precocious baby twittering from the womb:
Think you’re an early adopter, huh? @kickbee has you beat.
Expectant father Corey Menscher wanted to “create a device that would give me a chance to be aware of our baby’s movements”. He created a waistband for his wife which sends a Tweet everytime the baby kicks, naming the project “Kickbee”. Corey writes:
The Kickbee is a wearable device made of a stretchable band and embedded electronics and sensors. Piezo sensors are attached directly to the band, and transmit small but detectable voltages when triggered by movement underneath. An Arduino Mini microcontroller transmits the signals to an accompanying Java application wirelessly via Bluetooth. (a SparkFun BlueSMIRF v2 module that communicates serially with a Macbook Pro)
The Java application receives the sensor values and analyzes them. When a kick event is detected, a Twitter message is posted via the Twitter API. I chose to use Twitter because it is easy to initiate an SMS message to any mobile phone when a kick is detected. It also acts as a data log that can be accessed programmatically for visualization or archiving.
What do you think: a sweet gesture of solidarity with his wife, or a bit too much time on his hands?
Read it here.
| | | |
|
TechCrunch's Michael Arrington reports on a fascinating project looking at privacy settings on Flickr:
This picture was presented by Elizabeth Churchill, Principal Research Scientist at Yahoo at a meeting I am attending today. It shows the privacy settings of a sample of a million Flickr users from 2005. Red spots note users who have photo sharing turned off (private), green shows users who have photo sharing turned on (public).
The results are fascinating. The US is widely public except for users who seem to be hovering around Utah, and varies by state. Europe, by contrast, is largely private, and more so as you move north. The Middle East is wide open. South East Asia is mixed. India is private.
Read it here.
| | | |
|
At apophenia, danah boyd acknowledges a feature of Facebook that is one of it's great strengths and one of it's weaknesses:
Facebook's privacy settings are the most flexible and the most confusing privacy settings in the industry. Over and over again, I interview teens (and adults) who think that they've set their privacy settings to do one thing and are shocked (and sometimes horrified) to learn that their privacy settings do something else. Furthermore, because of things like tagged photos, people are often unaware of the visibility of content that they did not directly contribute. People continue to get themselves into trouble because they lack the control that they think they have. And this ain't just about teenagers. Teachers/professors - are you _sure_ that the photos that your friends post and tag with your name aren't visible to your students? Parents - I know many of you joined to snoop on your kids... now that your high school mates are joining, are your kids snooping on you? Power dynamics are a bitch, whether your 16 or 40.
Why are privacy settings still an abstract process removed from the context of the content itself? Privacy settings shouldn't just be about control; they should be about the combination of awareness, context, and control. You should understand the visibility of an act during the moment of the act itself and whenever you are accessing the tracings of the act.
Tech developers... I implore you... put privacy information into the context of the content itself. When I post a photo in my album, let me see a list of EVERYONE who can view that photo. When I look at a photo on someone's profile, let me see everyone else who can view that photo before I go to write a comment. You don't get people to understand the scale of visibility by tweetling a few privacy settings every few months and having no idea what "Friends of Friends" actually means. If you have that setting on and you go to post a photo and realize that it will be visible to 5,000 people included 10 ex-lovers, you're going to think twice. Or you're going to change your privacy settings.
...
In the meantime.. for everyone else... have you looked at your privacy settings lately? Did you really want your profile coming up first when people search for your name in Google? Did you really want those photos tagged with your name to be visible to friends-of-friends? Or your status updates visible to everyone in all of your networks? Think about it. Look at your settings. Do your expectations match with what those setting say?
Read more here. I've always appreciated the level of granularity that Facebook's privacy settings have afforded me ... but I'm thinking I should folow danah's advice and double check if my expectations match with the settings.
| | | |
|
My QUT colleague Axel Bruns is live blogging a conference in Germany on the political dimensions of Web 2.0: "Das Internet zwischen egalitärer Teilhabe und ökonomischer Vermachtung". The opening keynote by Karl-Heinz Ladeur on social media and the law sounded particularly fascinating, in large part to a couple of novel suggestions on how the law can adapt to regulate social media. This is part of Axel's summary:
New rules for communication are emerging here, then, and the law needs to react to this. One approach is to build on existing media law, but Karl-Heinz says that this is unlikely to be particularly successful; on a meta-level, perhaps it would be better to inoculate, to irritate, the inherent self-organisation processes which already exist in social media in order to get these media forms themselves to evolve appropriate rules. This would be more similar to the voluntary codes of ethics in many media sectors - but it must be recognised that the networked organisation of social media still works differently from the more hierarchical structures of broadcast media, for example.
One key field to address here is privacy, where solutions could possibly draw on copyright protection mechanisms: rather than focussing on protecting the data of the individual, on a person-by-person basis, perhaps it would be possible to develop a collecting agency-style collective privacy enforcement agency - an information broker - fighting for privacy rights of user by bundling their individual rights and/or negotiating cases where the use of private data is permissible and in the interest of private individuals (in order to ensure transparency of financial transactions, for example).
Another suggestion relates to eBay and similar sites, where personal rating systems build on the wisdom of crowds to establish personal trustworthiness ratings. Such ratings are complicated today by the fact that making negative ratings could lead to court cases or other repercussions which are not worth the risk if the original transaction covered only small amounts of money in the first place. Karl-Heinz suggests the development of self-organised 'cybercourts' which could reduce such risks by acting as a middle layer in person-on-person buyer/seller ratings, and address exceptionally positive or negative ratings. (This is perhaps not unlike the way that travel advisory sites like IGoUGo act as a middle layer capturing and accumulating the wisdom of tourists without creating the risk that any individual rater may be sued by a hotel operator unhappy with having received a negative rating.)
Read more here.
| | | |
|
Last week Duncan Riley lamented the end of privacy:
A new first for Ustream.tv and possibly the net, a birth was streamed live to the world today from West Pennsylvania. At the time of writing I can’t find a recording of the birth, with only a video of the child post delivery available, but from all accounts the whole thing was shown.
This is the end. To quote Jim Morrison:
This is the end
Beautiful friend
This is the end
My only friend, the endOf our elaborate plans, the end
Of everything that stands, the end
No safety or surprise, the end
Ill never look into your eyes…againWe have reached the point where nothing left is sacred, where our most intimate moments are now fair game for the world at large.
...
We have reached the point of no return. From Twittering a birth to streaming it live, the floodgates are open. Where there is a willing audience, there will be those willing to expose themselves to the world at large, and as our lust for knowing and seeing all continues, so to will the frequency of everything exposed online.
The remaining question for those in social media is whether we embrace the change and ride the wave, or we rally against it. Where today is the line between privacy and sharing? Does sharing some things open the door to sharing all, or is there still a place for what perhaps can be described as antique ideas of private moments.
What ever the answers, remember September 2, 2008 as the day that the last remaining barrier came down between personal and public. The tipping point where a sea of copycats and unrestricted life streaming that will now surely follow
Read more here (The Inquisitr). Although this is an extraordinary story, I think it is an exaggeration to say that this is the end of privacy. It does, however, represent a phenomenon I've been observing for some time, namely that society's conception of privacy is changing. Digital natives (and the older, early adopter crowd) don't seem to value or protect their privacy in the same way that people did a generation ago. Now you can argue whether this is a good or a bad thing, but ultimately that debate is beside the point as the real challenge this trend presents is the need for our laws to reflect these new notions of privacy. Rather than desperately trying to cling to an outdated concept of what privacy is and impose outdated legal and moral standards on younger generations, our laws and moral judgments need to adapt to this new paradigm.
| | | |
|
The Australian Law Reform Commission’s report on privacy laws in Australia, For Your Information: Australian Privacy Law and Practice (ALRC 108), has been released. You can download the three-volume, 2700 page report here, or view the media release and accompanying briefing notes here.
There is a lot to digest in that report, but I am most interested in the recommendation that Australia should introduce a statutory cause of action for serious invasions of privacy. Read the briefing note relating to that recommendation here. I will try to comment on this recommendation in the next few days.
| | | |
|
I have a piece in today's Courier Mail that wonders what the privacy issue is with Google Street View. You can read it here.
| | | |
|
Australian swimming's golden couple Eamon Sullivan and Stephanie Rice have apparently broken up. It seems only appropriate that the couple, who shot to fame thanks to some "raunchy" party picks on Facebook, announced the break up by changing their Facebook relationship status:
Australian swimming's glamour couple Eamon Sullivan and Stephanie Rice have reportedly split up just days before the start of the Beijing Olympics.
News Limited reported the couple's parting was revealed on their Facebook pages with both swimmers changing their status to "no longer in a relationship".
Rice, who held the 400m individual medley world record earlier this year, trains in Brisbane while 50 metres freestyle world-record holder Sullivan is based in Perth.
The pair's split undermines their lucrative underwear modelling deal, the newspaper says.
Read more here (from LIVENEWS.com.au).
| | | |
|
The Internet Industry Association has called on the Australian Government to take a "balanced approach" to a proposed but little known Anti-Counterfeiting Trade Agreement that could result in customs officials searching travellers' laptops and MP3 players when they arrive in Australia:
The Internet Industry Association (IIA) today called on the Australian Government to take a balanced approach to a little-publicised Anti-Counterfeiting Trade Agreement (ACTA) that may be in force by the end of the year.
While nominally targeting major counterfeit operators, ACTA reportedly seeks to impose a new regime of enforcement measures that could undermine Australian citizens’ fair-use and privacy rights.
ACTA negotiations have been held behind closed doors. Information is scant, with the exception of an ACTA discussion document leaked online, documents hosted by the US Trade Representative and a sketchy discussion paper from the Department of Foreign Affairs and Trade (DFAT).
“Forthcoming talks in Washington DC scheduled for this week appear to be proceeding in the absence of draft text.”, IIA chief executive, Peter Coroneos said.
“Yet ACTA proponents seem bent on having a treaty in place by the end of the year. How can appropriate outcomes be achieved with such indecent haste?”
The IIA is urging government negotiators to push for a proper timetable so that an inclusive public debate on the proposed measures can take place.
In alliance with CHOICE (Australian Consumers Association), the Australian Library and Information Association (ALIA) and Australian Digital Alliance (ADA), the IIA filed a submission with DFAT, insisting Australia maintains legal rights and due process. In particular, no trade agreement should breach six vital and hard won principles :
- Transparency and accountability (all stakeholders should see and comment on text before it is concluded)
- Presumption of innocence (no enforcement, civil or criminal, without independent findings of infringement)
- Proportionality (all enforcement measures to be proportionate to the seriousness of any infringement)
- Consideration of impact on other treaties and laws (no doubling up or inconsistency with Australia's existing obligations)
- Avoiding the prescription of surveillance technologies for IP enforcement
- Safeguards against liability for intermediaries (such as educational institutions, libraries and Internet Service Providers)
“We are very worried about leaked discussion documents relating to ACTA which would force ISPs to disclose customer information and even disconnect anyone alleged to be an infringer, based on untested and intrusive technological tracking -- without warrant or judicial oversight.” said Mr Coroneos.
“What happened to the presumption of innocence?”
“Whether ACTA ends up seeing iPods and laptops searched at international airports as some are proposing, we can’t say. But we cannot allow it to undermine the balance that exists in our laws.”
“Also what is meant by commercial scale infringement is not clear. ACTA may redefine anyone with an unauthorised copy of a song to be regarded as a criminal, without the minimal protections and subject to disproportionate penalties that go beyond what is legally fair in Australia.”
More generally, the IIA questions the need for Australia to be involved at all in the light of the recently enacted Australian-US Free Trade agreement with toughened intellectual property enforcement provisions in place since the end of 2006.
“We already have new and far reaching legislation that covers off the illegal distribution of digital sound and video recordings via the Internet,” he said.
“We strongly urge the Australian Government to adopt a cautious approach before committing to any sweeping measures as part of ACTA,” Mr Coroneos said.
A copy of the six principles and submission are available at http://www.iia.net.au/images/principles_for_acta_negotiations.pdf
Read more here. This sounds disturbing to say the least. In fact, it sounds so ridiculous I find it hard to believe. Given that I am loathed to comment further until more details come to light.
| | | |
|
As if to demonstrate Judge Ryrie's point from my previous post about the uncertainty of Facebook pages ("that anyone can create an identity that could mimic the true person's identity"), I then read this story about a defamation case in the UK centred around a fake Facebook page:
A businessman whose personal details were "laid bare" in fake entries on the Facebook social networking website has won a libel case at the High Court.
Mathew Firsht was awarded £22,000 in damages against an old school friend, Grant Raphael, who created the profile.
The judge ruled that Mr Raphael's defence - that the entry was created by mischievous party gate-crashers at his flat - was "built on lies".
The profiles were on Facebook for 16 days until they were taken down.
Mr Firsht accused Mr Raphael of creating a false personal profile, and a company profile called "Has Mathew Firsht lied to you?".
Mr Raphael claimed that "strangers" who attended an impromptu party at his house in Hampsted in London sneaked off to a spare bedroom and created the profiles on his PC.
The judge heard that the private information concerned Mr Firsht's whereabouts, activities, birthday and relationship status and falsely indicated his sexual orientation and political views.
Bearing a grudge
Mr Firsht complained about allegations that he owed substantial sums of money which he had repeatedly avoided paying by lying, and that he and his company were not to be trusted.
Deputy Judge Richard Parkes QC awarded Mr Firsht £15,000 for libel and £2,000 for breach of privacy.
Mr Firsht's company, which finds audiences for TV and radio shows and provides warm-up services for live audiences, including the evictions on Big Brother, was awarded £5,000 for libel.
He accused Mr Raphael of bearing a grudge against him since they fell out in 2000 and of creating a false Facebook entry with the aim of causing him anxiety and embarrassment.
| | | |
|
Law students at the University of Ottawa have filed a complaint with the Canadian federal privacy commissioner against Facebook:
The students, including several dedicated Facebook users, allege the popular social networking website has committed 22 violations of Canadian privacy law.
They allege Facebook fails to inform members about how their personal information is disclosed to third parties for advertising and other profit-making activities, and also that it doesn't get permission from users to do so.
The students drew up the complaint after analyzing the company's policies and practices as part of a clinic course during the winter term.
Clinic director Philippa Lawson said the group focused on Facebook — which boasts more than seven million Canadian members — because it appeals to young teens who may not realize the risks of exposing personal information online.
Under law, the privacy commissioner has up to one year to investigate the complaint and present findings.
Read more here (from CBC News). Although I wouldn't know the first thing about Canadian privacy law, my feeling Facebook's terms of service would not violate Australian law, but it did remind me of part an internet class I taught with John Swinson on the law of Google. Given that experience the more interesting point from my perspective is that this lawsuit was driven by a clinic at the University of Ottawa. And although the merits may ultimately fail it highlights what an effective teaching tool it is to use clinics. Although common in the US and Canada, there a very few clinics in Australia's law schools, which I think is a pity. QUT has recently introduced a work integrated learning program, which includes plans for a legal clinic and I hope that this a form of learning that becomes more dominant in Australian law schools.
| | | |
|
Media Post's Daily Online Examiner looks at how ISPs are responding to the phorm threat:
Behavioral targeting company Phorm hasn’t launched yet, but is already facing more pushback than even the staunchest privacy advocates likely anticipated. The latest news is that Phorm opponent Alex Hanff is calling for people to picket the annual meeting of BT — one of the Internet service providers that’s working with Phorm.
“The purpose of the protest is to make BT shareholders aware of the past and planned use of allegedly illegal interception technologies to sell behavioral profiles to an ex-spyware company,” he
said, according to a report today in the U.K. paper The Register.At the same time, an anti-Phorm petition in the U.K. has drawn more than 13,000 signatories to date. The petition, stating that Phorm’s plan “would result in the browsing habits of the majority of the UK population being sold to a third party for advertising purposes,” warns that “the opt out system for this technology is vague and unproven.”
“Surely this must be a breach of privacy laws, if not then the privacy laws need to be changed to cover such invasive technology,” the petition states.
These same arguments are increasingly surfacing here. Advocates say marketers shouldn’t snoop on people’s Web-surfing activity to send them ads without first obtaining users’ consent.
If behavioral targeting in general has raised advocates’ ire, platforms that rely on data from Internet service providers especially trouble privacy rights groups. That’s because ISPs know every site users’ visit and every search query they make. Online ad companies argue that the targeting is all done anonymously, so that companies only know which sites particular users have visited, but not their names or e-mail addresses.
But the prospect of ISP-based targeting is so troubling that lawmakers have asked to meet with the Internet service provider Charter Communications before it follows through on a plan to share data with behavioral targeting company NebuAd.
Phorm is poised to launch soon in the U.K., following which it intends to launch in the U.S. as well. If increasing public pressure in the U.K. results in Phorm deciding to seek users’ consent before targeting them, it seems likely that the company will ask U.S. users for their agreement as well. If nothing else, declining to do so would put the company in a very awkward position of explaining why European Web users have more privacy rights than U.S. consumers.
Read more here.
| | | |
|
Australian IT reports that a proposed cyber treaty may mean new surveillance laws in Australia:
LAWS allowing police to rapidly secure evidence held on computers, and to obtain real-time access to network traffic, may be needed for Australia to join a global treaty aimed at fighting fraud and electronic crime.
Federal Attorney General's Department project director Steven Stroud said a review was being carried out to establish what legislative changes would be needed if the Australian government were to join the Council of Europe's Convention on Cybercrime.
"We're fundamentally well-placed to accede, given our cybercrime laws in the Crimes Act and the Customs Act," he said.
"But the convention requires specific actions and measures, so consideration is needed about what the obligations would be."
Mr Stroud said a number of pieces of legislation would need to be amended, "and some of these would be quite significant".
"The convention has provisions for data retention by carriers, and we don't have those laws in Australia," he said.
"There are also provisions for expedited collection of evidence held on computers, and we don't have those laws either.
"The Telecommunications Interception Act allows law enforcement to obtain material with a warrant, but there's no way police can just ring someone up and say they need something can they have it.
"These are the kinds of issues we need to explore."
The convention, which provides a standard framework for investigating and prosecuting crimes involving computers across national borders, has already been adopted by more than 45 countries.
Read more here.
| | | |
|
Australian social networking expert Laurel Papworth analyses social networking profiles for News.com.au:
IF you're changing your Facebook status every five minutes there is a good chance the only thing people will notice is that you're an attention-seeking extrovert.
Social networking analyst Laurel Papworth says there are hidden messages behind the overt displays of self-promotion on websites like Facebook or MySpace.
Status updates can show if someone is an extrovert or fishing for sympathy, she claims.
"The extrovert, they are always going to be updating because the world revolves around them and one can assume that means the world needs to know how they are feeling from minute to minute," Ms Papworth told NEWS.com.au.
"There's a lot of passive-aggressive behaviour in social networks and some interesting statuses — I'm mad at my boss, I'm mad at my mum, my teacher.
"We're expecting our good friends to come and commiserate and give presents on our page or leave comments on our page presumably in support of our emotional state."
Read more here.
| | | |
|
The cover story for this Sunday's Times Magazine, is an insightful and poignant piece by Emily Gould looking at the consequences of exposing her life - and the lives of those around her - in her blog Emily Magazine:
Back in 2006, when I was 24, my life was cozy and safe. I had just been promoted to associate editor at the publishing house where I’d been working since I graduated from college, and I was living with my boyfriend, Henry, and two cats in a grubby but spacious two-bedroom apartment in Greenpoint, Brooklyn. I spent most of my free time sitting with Henry in our cheery yellow living room on our stained Ikea couch, watching TV. And almost every day I updated my year-old blog, Emily Magazine, to let a few hundred people know what I was reading and watching and thinking about.
Some of my blog’s readers were my friends in real life, and even the ones who weren’t acted like friends when they posted comments or sent me e-mail. They criticized me sometimes, but kindly, the way you chide someone you know well. Some of them had blogs, too, and I read those and left my own comments. As nerdy and one-dimensional as my relationships with these people were, they were important to me. They made me feel like a part of some kind of community, and that made the giant city I lived in seem smaller and more manageable.
...
I understand that by writing here about how I revealed my intimate life online, I’ve now revealed even more about what happened during the period when I was most exposed. Well, I’m an oversharer — it’s not like I’m entirely reformed. But lately, online, I’ve found myself doing something unexpected: keeping the personal details of my current life to myself. This doesn’t make me feel stifled so much as it makes me feel protected, as if my thoughts might actually be worth honing rather than spewing. But I still have Emily Magazine as a place to spew when I need to. It will never again be the friendly place that it was in 2004 — there are plenty of negative comments now, and I don’t delete them. I still think about closing the door to my online life and locking them out, but then I think of everything else I’d be locking out, and I leave it open.
Read more here.
| | | |
|
At Concurring Opinions Frank Pasquale introduces me to a new term, "bodysnarking":
Author Hannah Seligson coins a new term in her critique of celeb-mocking websites: bodysnarking, which she defines as
the snide, often witty, comments that have become a ubiquitous part of under-30 female conversation. In an age when the digital camera is a must-bring accessory for a night out (how else are you going to upload the pictures to Facebook?), when blogs give everyone with an opinion a venue for comment, and when tabloid culture has made it fine to dissect other women's looks, bodysnarking appears to be a favorite female pastime.
The watershed moment for bodysnarking, Ms. Redd says, came a few years ago when Google introduced its advertising program AdSense. "The program allowed sites to track pages viewed and make ad revenue based on the number of visitors. [Blogger] Perez Hilton realized that nobody cared about his personal shopping trips; they cared when he [mocked mostly female celebrities.]" The masses had spoken: Bodysnarking was now a revenue generator.
As I've noted before, sometimes the technology that "gives the people what they want" serves only to reinforce destructive trends. In addition to Seligson's analysis, I'd say that the rise of the bodysnarkers is an unexpected side effect of the prevalence of plastic surgery. Whereas "defects" in appearance were once largely assumed unavoidable, they can now be "cured." So celebrity's "fans" demand ever more appearance-wise. Given their wealth, whatever can be fixed, must be fixed.
The bodysnarkers may also be reacting to the trend of "faked photos:"
Increasingly, photos for print are enhanced and perfected to an astonishing degree. Not only are moles, acne and subtle facial hair erased from already pretty faces, but retouchers are routinely asked by editors and advertisers to enlarge eyes, trim normal-size ears, fill in hairlines, straighten teeth and lengthen . . . already-narrow necks, waists and legs . . . .
Some of the "10 million women and one million men in the United States who struggle with anorexia and bulimia" turn these impossible standards on themselves. The bodysnarkers choose to reinforce the norms for celebrities. . . and increasingly for others. It's not surprising that some people simply give up in response. As one article notes, "the contrast between the girls on the catwalks and the girls at the mall is creating an atmosphere ripe for binge dieting and the kind of unhealthy eating habits that ultimately result in weight gain, not loss."
Read it here.
| | | |
|
Much has been over the past few days of the decision to indict a Missouri mother on charges connected to the suicide of a 13-year-old MySpace user (see my post here). However, MSNBC approaches it from a different angle:
Think twice before you sign up for an online service using a fake name or e-mail address. You could be committing a federal crime.
Federal prosecutors turned to a novel interpretation of computer hacking law to indict a Missouri mother on charges connected to the suicide of a 13-year-old MySpace user.
Prosecutors alleged that by helping create a MySpace account in the name of someone who didn't exist, Lori Drew, 49, violated the News Corp.-owned site's terms of service and thus illegally accessed protected computers.
Legal experts warned Friday that such an interpretation could criminalize routine behavior on the Internet. After all, people regularly create accounts or post information under aliases for many legitimate reasons, including parody, spam avoidance and a desire to maintain their anonymity or privacy online or that of a child.
This new interpretation also gives a business contract the force of a law: Violations of a Web site's user agreement could now lead to criminal sanction, not just civil lawsuits or ejection from a site.
"I think the danger of applying a statute in this way is that it could have unintended consequences," said John Palfrey, a Harvard law professor who leads a MySpace-convened task force on Internet safety.
"An application of a general statute like this might result in chilling a great deal of online speech and other freedom."
Read it here.
| | | |
|
TechCrunch's Michael Arrington highlights a difficult issue for US technology companies - balancing commercial interests against free speech:
These stories are becoming more common as Internet companies operate under the laws of many counties.
In February A Moroccan man was arrested for pretending to be the Moroccan king’s younger brother, Prince Moulay Rachid, on Facebook. Facebook complied with Morrocca information requests about the man, leading to his arrest. The man was granted a royal pardon after his sentencing, and was out of jail by mid March.
Today we’re hearing of another arrest, this time in India. 22-year-old IT professional Rahul Krishnakumar Vaid. His crime was writing in an orkut community named “I hate Sonia Gandhi.” Sonia Gandhi is a prominent politician in India.
Vaid was charged under section 292 of Indian Penal Code and section 67 of the Information TVechnology Act because he created a profile and then posted content in vulgar language about Sonia Gandhi in the community.
During investigations, the cyber crime cell of Pune police communicated with Google (which owns Orkut) seeking details about the who formed this forum and circulated the obscene content. It was known that the vulgar message about Sonia Gandhi was circulated through an email address – Rahulvaidindia@gmail.com . The owner of the email id Rahul Vaid was traced, using information supplied by Google, to Chakarpur in Gurgaon city of Haryana.
He was thn charged under section 292 of Indian Penal Code and section 67 of the Information Technology Act because he created a profile and then posted content in vulgar language about Sonia Gandhi in the community. If he’s convicted, he can be imprisoned for up to five years and may have to pay a fine up to Rs one lakh.
This is an issue that needs to be addressed everywhere, but the hot spots right now are areas where extreme laws make what would be legitimate actions in the US or Europe into fairly serious crimes in their jurisdictions. Our companies have to decide if they’ll defy the law and take the consequences. On the upside, users will flock to them knowing their data is secure.
Read more here.
| | | |
|
The Age has a detailed look at identity fraud in social networking sites:
IT'S what makes you unique among the Earth's 6.65 billion humans - your identity. Your name, your date of birth, where you live, who you barrack for, even your pet's name - private details now so easily made public on social networking sites that attract 500 million users around the world.
To an identity thief, these personal details are all they need to flesh out a fake ID that can let them clean out your bank account or set up a false credit card, loan, welfare payments or even a passport.
With 200,000 Australians now on social networking sites such as Facebook, MySpace and Bebo every day, security experts and consumer groups are predicting this year will be a bumper one for ID fraud.
Security software company Symantec's global internet security report for the last six months of 2007 shows malicious attacks are now focused on trusted websites putting the attackers in our midst.
"We used to tell people not to go down the dark alleys of the internet, but that doesn't apply today," Symantec Australia chief Craig Scroggie says. "It's not the back alleys, it's the main roads like the social networking sites where the attackers are actively seeking us out."
...
Where it's happening is the most significant twist, with the latest data showing that trusted sites such as Facebook and Second Life are being infiltrated to strip individuals of their personal information.
...
The BBC's Watchdog program recently uncovered that murky truth with a Facebook experiment using a fictional character called Amba Friend. Watchdog set up a Facebook account for her and sent out messages to 100 random Facebook users asking them to be her friend. Of those, 35 strangers said yes, including 23-year-old Scott Gould. Watchdog used the personal details on Mr Gould's profile, including his date of birth, to apply for an online bank account and credit card in his name. Both were instantly approved.
Software security provider Sophos followed suit, fabricating a character called Freddi Staur, who lured 82 users into handing over their personal details, including their phone numbers.
A spokesman for the Australian Consumer Association Choice, Christopher Zinn, says there is a false sense of security online that leads people to behave more recklessly than they would in the real world.
"Would people stick personal details like pictures of themselves growing up on a lamppost outside their house or on a public bulletin board in the supermarket?" he asks.
"The exuberance and the excitement that these sites generate tend to work against the cautions. But once you give those details out, you've lost control of them forever."
Digital strategist and researcher Julian Cole did his thesis on the way young people use social networking. He says security just doesn't concern them.
"This generation is much more forward in the information they're giving over to sites like Facebook," he says. "There's no reservation in revealing date of birth, schools, football teams, even mobile phone numbers. They don't have that worry about security."
...
The Privacy Commissioner Karen Curtis says "it is likely that individuals posting information on social networking sites would be exempt from the coverage of the Privacy Act" as the act doesn't extend to individuals or organisations based overseas such as Facebook and MySpace.
In his recent report on identity crime, Federal Home Affairs Minister Bob Debus pushed for new laws against identity theft, including victim certificates issued by the courts to help undo damage done by identity thieves.
Only in South Australia and Queensland is it an offence to assume or steal another person's identity. By comparison, identity theft is a federal crime in the US with penalties of up to 15 years' jail and fines of $250,000.
AUSTRALIAN Privacy Foundation chairman Roger Clarke says that beyond companies and criminals, there's also reckless behaviour coming from individuals using social networking sites.
"We've always assumed fraud was a threat in big organisations," he says. "Now we've reached the stage where individuals are a threat to one another in handling data like disclosing photos of someone off their brain, which a boss might see before a job offer."
But Mr Clarke argues stricter laws aren't the answer.
"When somebody uses a social networking site, it's a consent-based arrangement," he says. "What we don't want to do is wreck the balance between freedom and protection."
Ultimately, he believes web users might find their own solutions. "As we get a bigger pile up of embarrassment and significant loss, we'll see a lot more use of pseudonyms, like spelling your first name in an interesting way, so that only your 'group' knows who you are."
Read more here.
| | | |
|
CNN has a story on an extraordinary use for YouTube:
The video is hard to turn away from. A sobbing 16-year-old sits in her bedroom and, staring into a camera, says she has been raped.
"Hi, my name is Crystal. ... I need some help. I didn't want to do it this way, but it's the only way I know that's going to work, that someone out there in the world is gonna listen to me."
The teen, whom CNN interviewed but is not identifying by her last name, is among dozens of young people who are turning to social networking sites like Facebook and MySpace to talk about sexual assault.
For an online generation, the Web offers what traditional counseling does not. It's a chance to communicate without having to face someone or fear their judgment. Some people are seeking legal advice and medical information, and many younger victims believe that they can warn others about their accused attacker, counselors say.
There also are people like Crystal, whose case was dropped by the Orange County, Florida, state attorney's office, who feel slighted by the justice system.
"Young victims, particularly girls, turn inward. They are going to reach out and try to connect in the isolation of their dorm room or their bedrooms," said Jennifer Dritt, the director of the Florida Council Against Sexual Violence. "Most young women feel like they want somebody to know that someone did this to them."
...
"We noticed that this trend of posting details of an attack really picked up speed a few years ago," said Scott Berkowitz, RAINN's founder and president. "A rape survivor's intention may be to reach out, and we encourage that, but this is a dangerous way to do it."
Advocates worry that victims are divulging too much information. CNN found several Facebook and MySpace profiles on which young people say they have been raped. The postings include their names, photographs and hometowns. But Crystal is probably one of the few who have gone so far as to post a plea for help on YouTube.
Because anything posted on the Web is available forever through an Internet search, a rape survivor must consider how they would feel if that information were dredged up in the future, counselors said. By making themselves -- or their IP address -- available, victims open themselves to unreliable and unprofessional advice and the harsh judgment of their peers.
Perhaps worst of all, they could give their perpetrator a chance to find them again or gain more satisfaction.
Read more here.
| | | |
|
Two interesting pieces of news to note relating to people using MySpace for criminal purposes. The first, is a ruling of the U.S. Court of Appeals for the Fifth Circuit in Doe v. MySpace Inc that predictably held that MySpace is immune under s 230 of the Communications Decency Act from a lawsuit over the alleged sexual assault of a teenage girl by a man she met on the site. As Howard Bashman amusingly notes at How Appealing footnote one in the ruling helpfully explains that:
The term 'blog' is a portmanteau of 'Web log' and is a term referring to an online journal or diary.
The second is a post from Brett Trout at Blawg IT on the case of Missouri Mother Lori Drew who allegedly used MySpace to cause the suicide of her 16-year old neighbor Megan Meier. This week a federal grand jury in Los Angeles indicted Drew on one count of conspiracy and three counts of unauthorized access of protected computers to intentionally inflict emotional distress upon Meier:
Los Angeles federal prosecutors allege that back in 2006, Drew created a MySpace page for a fictitious 16-year old boy named "Josh." Drew allegedly used the MySpace account to send numerous messages to Meier. After initially befriending Meier, "Josh" ended the relationship with a message indicating the world be a better place without Meier. Meier killed herself that same day.
After state and federal prosecutors in Missouri refused to take any action against Drew, attorneys representing the Cyber and Intellectual Property Crimes Section of the U.S. Attorneys Office in MySpace’s hometown of Los Angeles brought the indictment against Drew. As reported by Wired, federal authorities have granted alleged co-conspirator, 19-year old Ashley Grills, immunity in return for her cooperation with the investigation. If convicted on all counts, Drew could be sentenced to up to 20 years in federal prison.
The laws being enforced against Drew were originally enacted to deter and punish computer hackers. It is important to note however, that despite any underlying legislative intent, there is nothing to prevent authorities from asserting these new laws against social networkers. Even though it is unlikely that even your most offensive social networking activities amount to what federal prosecutors allege took place in the Drew case, this case should sound as a warning call to all social networkers to double check how their actions might be perceived by others. Every social networker should double-check that none of their social networking activities might be construed as deceptive, fraudulent or harassing.
Most importantly, if you suspect your child may be the victim of a cyberbully, take action immediately. For more information on how to address cyberbullying, click here for my previous post on the subject. As the Drew case demonstrates, unchecked social networking can lead to much worse things than federal prison.
Read more here. The Wall Street Journal Law Blog also comments on the legal merits of the case:
Was Lori Drew surprised to learn that she committed a federal crime when she signed on to a social networking site using a fictitious identity? We wondered that today while reading an indictment that charges Drew — a 49 year-old resident of Missouri who registered on MySpace as “Josh Evans,” a 16 year-old boy — with violating 18 U.S.C. Section §1030, a broad statute that criminalizes computer fraud.
The backstory: As detailed in this January New Yorker article and today’s indictment, Drew — under the guise of “Josh” — struck up a flirtatious online relationship with Megan Meier, a 13-year old MySpace member, that lasted for several weeks. According to the indictment, “Josh” told Megan she was “sexi” and made other sexually suggestive overtures. Then, “Josh” told Megan he was moving away and that the world would be a better place without her. After “Josh” broke off the relationship, Megan hanged herself in her bedroom.
Here, the theory of the case seems to be that when Drew registered on MySpace she agreed to certain terms of service that required her to, among other things, provide “truthful and accurate registration information” and “refrain from promoting information that” she knew was “false or misleading.” For violating the terms of service, the feds have charged her with conspiracy to access MySpace without authorization.
“A very sympathetic set of facts,” concedes Orin Kerr, a cyberlaw prof at George Washington. “But highly dubious; a weak legal argument.” Kerr, who says he’s considering making an offer to represent Drew, told the Law Blog that there are two problems with the legal theory. First, the statute requires a conspiracy to intentionally access the site without authorization, and there’s no evidence that Drew read or knew the terms of service. Second, it needs to be a conspiracy to obtain information, and this was not. “It was a conspiracy to harass,” said Kerr, “but that’s not what the statute is about.”
He added: “It’s a dangerous theory because terms of service are violated so often, and that means there’s a choice courts must face: maybe any violation of any terms of service is a federal crime; maybe no violations are a crime; or maybe some violations are a crime. If a court allows it, then it means that if the government is looking for a criminal charge against someone, they just need to show someone violated a term of service. Do I expect the Ninth Circuit Court of Appeals to allow it? No.”
Read more here.
| | | |
|
