January 10, 2011

Privacy dangers — an overview

This post is the first of a series. The second one delves into the technology behind the most serious electronic privacy threats.

The privacy discussion has gotten more active, and more complicated as well. A year ago, I still struggled to get people to pay attention to privacy concerns at all, at least in the United States, with my first public breakthrough coming at the end of January. But much has changed since then.

On the commercial side, Facebook modified its privacy policies, garnering great press attention and an intense user backlash, leading to a quick partial retreat. The Wall Street Journal then launched a long series of articles — 13 so far — recounting multiple kinds of privacy threats. Other media joined in, from Forbes to CNet. Various forms of US government rule-making to inhibit advertising-related tracking have been proposed as an apparent result.

In the US, the government had a lively year as well. The Transportation Security Administration (TSA) rolled out what have been dubbed “porn scanners,” and backed them up with “enhanced patdowns.” For somebody who is, for example, female, young, a sex abuse survivor, and/or a follower of certain religions, those can be highly unpleasant, if not traumatic. Meanwhile, the Wikileaks/Cablegate events have spawned a government reaction whose scope is only beginning to be seen. A couple of “highlights” so far are some very nasty laptop seizures, and the recent demand for information on over 600,000 Twitter accounts. (Christopher Soghoian provided a detailed, nuanced legal analysis of same.)

At this point, it’s fair to say there are at least six different kinds of legitimate privacy fear. The first five I have in mind are:

The sixth is:

You probably knew most of that already. Even so, here are a number of examples and links.

Slashdot has more on the Jensen case, in which a man was convicted of murder in no small part because his computer revealed that he had searched for information about murder methods, including one that duplicated the actual method of his wife’s death. The money quote in an appeals court decision is in Section 37.1, which characterizes “computer evidence” as “probably the most incriminating other evidence.”

Obviously, that particular trial had the correct outcome. But would you want a court to hear about the research you did about minimizing your taxes? What about when you considered changing jobs, something that might be of interest both in employment and child custody litigation? How about your viewing of sexy images other than those of your spouse? And by the way — just what kinds of online viewing or writing should get you on a terrorist watch list?

It’s getting ever more practical to track our actions and movements. The privacy implications are potentially grave — would you want THAT kind of information used in court, or for decisions about your insurance? Accordingly, the Electric Freedom Foundation coined the word “traitorware” to describe and call attention to consumer (mainly) devices that keep or even transmit records of your movements and doings. And mind-bogglingly, Forbes says that Sprint “turned customers’ GPS information over to law enforcement 8 million times in a year.”

But it’s not just your own devices. The New York Times recently wrote of uses for smart video technology. Enforcing good hand-washing procedure on doctors sounds great. But how about enforcing busy-ness on cubicle workers? Watching movie previewers’ emotional reactions to specific scenes and characters seems kosher. But what if all movie-goers are watched? Or what if this is done at supermarkets or vending machines, perhaps even repeatedly over time? Could be creepy, huh? And by the way, while it could be a way to get you great discounts and service, it could also be a way to categorize you as unworthy of same.

Meanwhile, the Washington Post reminds us that battlefield video surveillance technology is getting ever better. Obviously, such technology could be used for domestic law enforcement as well. More immediately, the Washington Post tells us of things like automatic recognition of license plates being used by police departments that repurpose anti-terrorism grants to general law enforcement. (Analogies to the 1980’s habit of tying every grant proposal to the Strategic Defense Initiative “Star Wars” project are probably not misplaced.)

But the benefits foregone if we don’t use this technology are also scary. The biggest current examples are probably the ones I cited above — medical research, anti-terrorism, and the whole online advertising industry. But even more examples are coming down the pike, of clever electronic aids with privacy implications. Most notably — as the population ages, and nursing homes continue to be miserable (and costly) places, revolutionizing elder care becomes ever more desirable. Well, sensor technology will soon be able to watch over old folks, keeping them safe(r) in their independence — but only if it is highly detailed or intrusive.

Also:

Finally, privacy-threatening observations of our web use, postings, and other internet communications are much too numerous to list. But some high/lowlights include:

Comments

6 Responses to “Privacy dangers — an overview”

  1. Dan Weinreb on January 11th, 2011 10:20 am

    You mention how “It’s getting ever more practical to track our actions and movements.” Recently, a police procedural TV show called “Law and Order: UK” has been showing on BBC America. One immediately notices that the police make use of CCTV (“closed circuit television”) very commonly. There are cameras all over London (and perhaps other parts of the UK), which I think were installed during the time of IRA “troubles”. They’re still there. American TV uses CCTV results but only in specific cases, like banks and ATM’s.

    I wonder if police can use Lojack data to locate a vehicle. Perhaps the need a subpoena. I wonder how long it takes to obtain such a subpoena and act on it.

  2. Dan Weinreb on January 11th, 2011 10:24 am

    An interesting issue in US law is that if you have data on your own computer in your own house, it is subject to “search and seizure” limitations of the Fourth Amendment. But if the data is in the cloud, those limitations apply less, if at all. Law enforcement may need a subpoena to get your data from the cloud provider, but you would not necessarily know it. And your data might even be physically located in a country with laws that make it even easier for law enforcement officials to get your data.

    It has always been true that having higher security has costs. Often the costs are in terms of convenience and ease of use, and you make good points about other tradeoffs.

  3. The technology of privacy threats | DBMS 2 : DataBase Management System Services on January 11th, 2011 11:15 am

    [...] Examples of information being tracked (more particulars were covered in the first post of this series): [...]

  4. Notes, links, and comments January 20, 2010 | DBMS 2 : DataBase Management System Services on January 20th, 2011 7:35 am

    [...] I haven’t done a pure notes/links/comments post for a while. Let’s fix that now. (A bunch of saved-up links, however, did find their way into my recent privacy threats overview.) [...]

  5. Privacy and data use — the problem of chilling effects | DBMS 2 : DataBase Management System Services on July 27th, 2013 5:34 am

    [...] The discussion above of privacy-related harms is based in part on a 2011 post. [...]

  6. Very chilling effects | DBMS 2 : DataBase Management System Services on September 14th, 2013 4:07 am

    [...] spelled out some mechanics of privacy-related dangers in January, 2011. Categories: Liberty and privacy  Subscribe to our complete [...]

Leave a Reply




Feed: DBMS (database management system), DW (data warehousing), BI (business intelligence), and analytics technology Subscribe to the Monash Research feed via RSS or email:

Login

Search our blogs and white papers

Monash Research blogs

User consulting

Building a short list? Refining your strategic plan? We can help.

Vendor advisory

We tell vendors what's happening -- and, more important, what they should do about it.

Monash Research highlights

Learn about white papers, webcasts, and blog highlights, by RSS or email.