Privacy and technology

Jul 14

Barton Gellman, Julie Tate and Ashkan Soltani (Washington Post) | US | In NSA-intercepted data, those not targeted far outnumber the foreigners who are -

From the article:

"Ordinary Internet users, American and non-American alike, far outnumber legally targeted foreigners in the communications intercepted by the National Security Agency from U.S. digital networks, according to a four-month investigation by The Washington Post. Nine of 10 account holders found in a large cache of intercepted conversations, which former NSA contractor Edward Snowden provided in full to The Post, were not the intended surveillance targets but were caught in a net the agency had cast for somebody else."


Jul 13

Dr Monika Zalnieriute and Thomas Schneider (Council of Europe) | EU | ICANN's procedures and policies in the light of human rights, fundamental freedoms and democratic values [PDF linked from this page] -

From the Executive Summary:

"As has been put forward by many experts in the field, public access to personal information in the WHOIS database is not fully consistent with international human rights law. National and international data protection instruments establish high standards for accessing and processing personal information by third parties. [Governmental Advisory Committee] members have the responsibility to protect the human rights of their citizens and should therefore make sure that ICANN includes provisions governing the disclosure and third party use of data."

See also: Full text, PDF.


Jul 12

Laura A. Ballard (Masaryk University Journal of Law and Technology) | The Dao of privacy [PDF linked from this page] -

From ‘1. Introduction’:

"As this article discusses, a wave of recent scholarship examining how privacy has been experienced in East Asian cultures makes readily apparent that the universal need for privacy is felt just as acutely in East Asian cultures as in Western cultures, with equally robust traditions and practices. Indeed, there is much in recent East Asian studies to suggest that Cohen’s postmodernist notions of selfhood, as exemplified in East Asian culture and society, result in a more nuanced and thorough understanding of privacy. The East Asian experience also validates Altman’s conception of privacy as a dynamic process of navigating one’s interpersonal boundaries, a universal human need to which virtually anyone of any society can relate regardless of whether the society is more or less collectivistic than any other society. There is, quite simply, no discernible link between a culture’s tendency toward individualism or collectivism and the value it places on privacy. The rub is that, while political liberalism is not necessary for an understanding of privacy, the East Asian experience suggests that the Kantian tradition is somewhat necessary for the rule of law, at least in the traditional Western sense of the term. East Asia has a tradition of privacy, but not privacy rights. What is novel to East Asia is Western legalism, i.e., ‘the view that law and legal institutions can keep order and resolve policy disputes,’ through a combination of ‘powerful courts, a dominant class of lawyers, and reliance in legalistic procedures in policymaking bodies.’"

See also: Full text, PDF.

Jul 11

Privacy and Civil Liberties Oversight Board | US | Report on the surveillance program operated pursuant to Section 702 of the Foreign Intelligence Surveillance Act [PDF] -

From ‘C. Policy analysis’:

"Overall, the Board finds that the protections contained in the Section 702 minimization procedures are reasonably designed and implemented to ward against the exploitation of information acquired under the program for illegitimate purposes. The Board has seen no trace of any such illegitimate activity associated with the program, or any attempt to intentionally circumvent legal limits. But the applicable rules potentially allow a great deal of private information about U.S. persons to be acquired by the government. The Board therefore offers a series of policy recommendations to ensure that the program appropriately balances national security with privacy and civil liberties."


Jul 10

United Nations Public Administration Country Studies | United Nations e-government suvey 2014 - E-government for the future we want [PDF documents linked from this page] -

From the Executive Summary:

”[…] it is clear that all governments are faced with a set of complex, multi-faceted and interdependent challenges. Global challenges including poverty, inequality, climate change, peace and security, are such that no single actor—let alone single government or single ministry—can effectively deal with them on their own. Effective collaboration among agencies across all levels of government is essential, as it is with non-governmental actors, to ensure good governance and good development outcomes. Collaborative governance, underpinned by a well-functioning public administration, is crucial to improving people’s lives. The public sector must deliver, equitably and efficiently, essential services that meet citizen needs, provide opportunities for economic growth, as well as facilitate citizen engagement and participation in public policymaking and service delivery, so as to promote the empowerment and well-being of all people. E-government and innovation can provide significant opportunities to transform public administration into an instrument of sustainable development. E-government is ‘the use of ICT and its application by the government for the provision of information and public services to the people’ (Global E-Government Readiness Report 2004). More broadly, e-government can be referred to as the use and application of information technologies in public administration to streamline and integrate workflows and processes, to effectively manage data and information, enhance public service delivery, as well as expand communication channels for engagement and empowerment of people.”


Jul 09

Theodoric Meyer (ProPublica) | US | No warrant, no problem - How the Government can get your digital data -

From the article:

"The government isn’t allowed to wiretap American citizens without a warrant from a judge. But there are plenty of legal ways for law enforcement, from the local sheriff to the FBI to the Internal Revenue Service, to snoop on the digital trails you create every day. […] Here’s a look at what the government can get from you and the legal framework behind its power: […]"

Jul 08

Chris Sonderby (Facebook) | US | Fighting bulk search warrants in Court -

From the blog post:

"Since last summer, we’ve been fighting hard against a set of sweeping search warrants issued by a court in New York that demanded we turn over nearly all data from the accounts of 381 people who use our service, including photos, private messages and other information. This unprecedented request is by far the largest we’ve ever received—by a magnitude of more than ten—and we have argued that it was unconstitutional from the start."

See also: Facebook’s opening brief, PDF.

Jul 07

FTC | US | Privacy & data security update (2014) [PDF linked from this page] -

From ‘Privacy’:

"The FTC has brought enforcement actions addressing a wide range of privacy issues, including spam, social networking, behavioral advertising, pretexting, spyware, peer-to-peer file sharing, and mobile. These matters include over 130 spam and spyware cases and more than 40 general privacy lawsuits."

See also: Full text, PDF.


Jul 06

Hunton & Williams LLP (Centre for Information Policy Leadership) | US | A risk-based approach to privacy - improving effectiveness in practice [PDF linked from this page] -

From the text:

"Principle-based data privacy laws often leave room for interpretation, leaving it both to organisations to make appropriate decisions on how to implement these principles and to regulators on how to interpret and enforce the law. The Privacy Risk Framework Project aims to bridge the gap between high-level privacy principles on one hand, and compliance on the ground on the other, by developing a methodology for organisations to apply, calibrate and implement abstract privacy obligations based on the actual risks and benefits of the proposed data processing. While certain types of risk assessments are already an integral part of accountable organisations’ privacy management programs, they require further development. This project seeks to build consensus on what is meant by privacy risks to individuals (and society) and to create a practical framework to identify, prioritise and mitigate such risks so that principle-based privacy obligations can be implemented appropriately and effectively."

See also: Full text, PDF.


Jul 05

Symantec | Dragonfly - Cyberespionage attacks against energy suppliers [PDF linked from this page] -

From ‘Overview’:

"A cyberespionage campaign against a range of targets, mainly in the energy sector, gave attackers the ability to mount sabotage operations against their victims. The attackers, known to Symantec as Dragonfly, managed to compromise a number of strategically important organizations for spying purposes and, if they had used the sabotage capabilities open to them, could have caused damage or disruption to the energy supply in the affected countries. The Dragonfly group, which is also known by other vendors as Energetic Bear, are a capable group who are evolving over time and targeting primarily the energy sector and related industries. They have been in operation since at least 2011 but may have been active even longer than that. Dragonfly initially targeted defense and aviation companies in the US and Canada before shifting its focus to US and European energy firms in early 2013. More recent targets have included companies related to industrial control systems."

See also: Full text, PDF.

(Source: Ars Technica)

Jul 04

Adam D.I. Kramer, Jamie E. Guillory, and Jeffrey T. Hancock | Experimental evidence of massive-scale emotional contagion through social networks -

From the Abstract:

"Emotional states can be transferred to others via emotional contagion, leading people to experience the same emotions without their awareness. […] In an experiment with people who use Facebook, we test whether emotional contagion occurs outside of in-person interaction between individuals by reducing the amount of emotional content in the News Feed. When positive expressions were reduced, people produced fewer positive posts and more negative posts; when negative expressions were reduced, the opposite pattern occurred. These results indicate that emotions expressed by others on Facebook influence our own emotions, constituting experimental evidence for massive-scale contagion via social networks. This work also suggests that, in contrast to prevailing assumptions, in-person interaction and nonverbal cues are not strictly necessary for emotional contagion, and that the observation of others’ positive experiences constitutes a positive experience for people."


Jul 03

Peter Bright (Ars Technica) | US | We don't need net neutrality; we need competition -

From ‘The real problem is competition’:

"All these questions, however, dance around the real issue. The reason that these ISP policies are so troublesome, and the concerns over network neutrality so grave, is that the ISP market in the US is remarkably uncompetitive. It wouldn’t be a big deal if Verizon’s Netflix performance were suffering so long as Verizon’s DSL and FiOS customers had abundant ISP alternatives offering similar performance. Indeed, such competitive pressure would probably prevent Verizon’s Netflix performance from dropping in the first place."

Jul 02

Robert McMillan (Wired) | US | What everyone gets wrong in the debate over net neutrality -

From the article:

"The concepts driving today’s net neutrality debate caught on because the internet used to operate differently—and because they were easy for consumers to understand. In many respects, these concepts were vitally important to the evolution of the internet over the past decades. But in today’s world, they don’t address the real issue with the country’s ISPs, and if we spend too much time worried about fast lanes, we could hurt the net’s progress rather than help it."


Jul 01

EU Court of Justice | EU | Judgment of the Court (Fourth Chamber) [...] In Case C-360/13 -

From the judgment:

"63. […] the answer to the question referred is that Article 5 of Directive 2001/29 must be interpreted as meaning that the on-screen copies and the cached copies made by an end-user in the course of viewing a website satisfy the conditions that those copies must be temporary, that they must be transient or incidental in nature and that they must constitute an integral and essential part of a technological process, as well as the conditions laid down in Article 5(5) of that directive, and that they may therefore be made without the authorisation of the copyright holders."

(Source: Ars Technica)

Jun 30

Supreme Court of the United States | US | Syllabus, Riley v. California [PDF] -

From ‘Opinion of the Court’:

"Modern cell phones are not just another technological convenience. With all they contain and all they may reveal, they hold for many Americans ‘the privacies of life,’ […]. The fact that technology now allows an individual to carry such information in his hand does not make the information any less worthy of theprotection for which the Founders fought. Our answer to the question of what police must do before searching a cell phone seized incident to an arrest is accordingly simple - get a warrant."

(Source: Ars Technica)