Hi, please

Tag Archives: privacy

Surveillance Society & the Increasing Scarcity of Privacy

Below are some readings that dig into the increasing surveillance of today’s society. In many instances, these new surveillance methods are first being tested in Las Vegas & prisons, and then brought into every day life, most notably through companies searching for the next best way to track consumers.

Required Reading:

Recommended Reading:

Optional:

Mobile Donations – Concluding Post

1. Please text MONKEY to 89183 for a brief summary via 3 Text Messages to your mobile phone!

OR

2. Listen to the podcast and view the accompanied slides.



References:

Mobile Active Org

American Red Cross – Mobile Giving Program

US Mobile Carriers

Mobile Giving Foundation

Micah Sifry Updates “Social Networking, New Governing”

This was his e-mail back to me (as I reminder I had forwarded him Juliette’s question about whether or not a year has changed whether or not Facebook was issuing a new kind of governing).

So here’s his response (short and sweet).

Elizabeth,

Sorry for the delay in getting back to you. The more I thought about it the more I don’t think there’s much to update on to be honest. I can pretty much sum up how I feel about it in one line:

Facebook is still a Truman Show style democracy.

You can quote me on it.

Micah

WebcamGate: general state of (dis-)TRUST

The webcam school spying scandal that broke in mid-February was a bombastic scoop. It offered excellent material for sensationalist media coverage, nourished paranoiac fears, and created a heated debate about security and privacy in the Internet.

Harriton High school caught spying!

15-year-old student Blake Robbins accused its school of spying

A high school in Pennsylvania that distributed about 2300 laptops to its students, has got in the spotlight of the news as it was revealed that school officials activated secretly the webcameras, even when students were at home. The scandal unfolded when the assistant principal summoned a student to her office, and accused him of “inproper behavior” consuming drugs. She based her allegations on photos that were taken by the kid’s webcam showing him eating suspicious substances at home, or what later turned out to be Mike and Ikes candy. Shortly after, the student’s parents have filed a class-action lawsuit against the school. As the scandal become public, various other students reported that they had been perplexed by the bizarre on- and off-going green lights of their laptops. The school denied that it invaded the students privacy, and explained that the software installed on the computers that allowed to remotely access the cameras was a monitoring and security device that allowed to locate laptops in case of theft. It admitted that it has activated the students’ webcams 42 times over a 14-month period to recover 28 laptops. However, the family claims that it has never reported the computer missing. The FBI is now leading its own investigation. YouTube Preview Image

However, in the era of Skype, ChatRoulette, and the ubiquitous use of security cameras and webcams, this case raises concerns about general security and privacy issues in the Internet. Similar scenarios have occurred in the past. In 2008, a woman discovered that she was webcamera-stalked by a tech guy who was supposed to repair her computer, but turned out to take about 20,000 photos of her and her friends.

The slippery slope between monitoring and spying

It is not unusual that schools monitor on their students, as a documentary segment called „How Google saved a school“ indicates. However, the Harriton WebcamGate stands out as teachers accessed the webcameras of their students in their private homes. A blogger called Stryde Hax , a part-time hacker and consultant for an Internet security company called Intrepidus Group, has investigated the case and discussed it on his blog. Stryde Hax explains that the school installed a remote monitoring product named LANRev on their laptops. Even when computer were connected outside the school networks, the track-and-monitor feature reported back to the administrator, and allowed to remotely activate the camera. As the remote control was invisible (except the brief moments when the camera lit up), and the victims were unaware about it, this software qualifies as spyware, defined as„a type of malware that is installed on computers and collects little bits information at a time about users without their knowledge.“ Abundant similar products are on the market for private use, as for example Power Spy 2010, and even skype cameras can be converted into covert snoopers. Another troubling factor is that in Harriton High school,  only official computers with monitoring/spyware were allowed, and “jailbreaking a school laptop in order to secure it or monitor it against intrusion was an offense which merited expulsion“ (source: Stryde Hax).

Two IT employees involved in the spying were placed on temporary leave while the investigations into the case continue. However, their lawyers claim that the technicians only turned on the tracking software when they believed that the computers were stolen.  They argue that the student who filed the lawsuit hadn’t paid a $55 insurance fee to take the laptop home, so technically there were authorized to track down the computer. Computer recovery softwares, like for example Prey, an open source project, seem to have become very common. Even NYU offers such a service.

In the Harriton High case, a federal court judge banned the webcam activation of the school distributed laptops, and the company that sold the tracking feature has changed the name of its program and its user policy; from now on, the end users can’t activate the remote webcam anymore.

Is it legal or not?

Does this sort of spying violate wiretapping laws? In the case of Harriton High, the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU) believe that it constitutes an infringement, and filed an amicus brief in support of the victim. However, the matter is not that obvious. Kevin Bankston, an attorney for EFF, explains why:

“There is no federal statute that criminalizes or creates civil liability for such secret videotaping unless it involves sound, because then it is an intercept of a verbal communication. So no one can plant a bug in your house without violating wiretapping law, but they can still plant a camera without violating federal wiretapping laws.“

A Skype-camera spy-attack would therefore be illegal. But how about monitoring  software use in a school or a company with prior consent? According to the EFF, „private schools or employers can ask you to sign away your right to privacy, but not a government entity like a public school.“ However, there is no juridical precedent, and is up to the court to give further indications. Even for the business world, the case holds important lessons learned for legal monitoring programs. Itn the past, he U.S. Supreme Court has underlined the importance of home privacy, as in 2001-ruling that reaffirmed that “police could not, without a warrant, use thermal imaging equipment outside a home to see if heat lamps were being used inside to grow marijuana.

Similar dilemmas arise also in the context of computer theft tracking software. In the beginning of March, a techie made it into the headlines in Boston when he helped the police to recover his stolen computers. Is is debatable if evidence collected in this way would be admissible in court, as it doesn’t prove who has actually stolen the computers. In addition, justice initiaves by individual citizens shouldn’t be promoted.

Who´s to blame?

The schools behavior provoked a public outcry. How could school officials abuse the trust that students and parents give them? The plaintiff argued that students were unaware of the school’s authority to track their computers. On the other hand, it becomes obvious that the responsibilty for the failure is shared. The statements issued by parents who sends his children to the Harriton High school contacted on Facebook draw a very different picture:

This means that parents knew about the feature, but haven’t discussed the full implications and privacy risks with their children or the school’s officials. Did therefore naiv trust in the school led to the spying scandal? The SANS Computer Security Institute points out that trust is the Internet’s biggest week points, as phishing and pharming- two forms of social engeneering that are based on eliciting crucial information from victims, represent one of the biggest security problems on the Internet. From this perspective, it is crucial to re-establish trust between the school and the students, indispensable for the success of the whole education system. However, the contrary point can be argued too. By installing the surveillance feature, the school proved to generally distrust its students. If the relationship would have been based on trust, the spy-problem wouldn’t have been occurred in the first place.

One for all, but not all for one?

As a commentator called willy25 points out on the comment section of ABC’s local Philadelphia television statement: “[o]nce one child’s rights have been violated, all children are at risk.” However, not all parents back the allagations against the school. In fact, the scandal has divided the school’s community. Students show their opposition to the schools policy with “LMSD [Lower Merion School District] is watching you” T-shirts. On the correspondent Facebook group, they refer to the school as a “prison.”  On the other side, many parents and kids defend the school, and have formed different anti-lawsuit groups, like LMSDParents.org / “Reasonable LMSD parents refusing to rush to judgement” (to whom belongs Jan Klinkewicz), or Parents in Support of the Lowe Merrion School District, which collects signatures for a petition to fight the lawsuit. Concerned about the financial impact of a large class-action settlement, the group held several meetings in opposition to the class-action lawsuit. At its current pace, the Lower Merion could end up spending estimating more than $1 million a year in legal fees to continue until June- at the expense of the taxpayers, the parents!

It seems that this week, a compromise has been found as lawyers for the school and the family yesterday agreed to “freeze the case for 30 days while computer experts from both sides determine how often the school used the remote tracking software, and how many students were photographed.” However, the question arises if parents would have gone trough with the lawsuit if they wouldn´t have to pay the costs out of their own pockets. Do we assist to a partial interpretation of privacy? Is the defense of civil rights a matter of financial resources? Besides these important questions, the Harriton Hight spy-case should open a wider and long-lasting debate about the education system in general, the implications of new technologies for society, and the role of both private and public actors in addressing its risks and opportunities.

New developments in the “WebcamGate”

Last Thursday, two IT employees involved in the Harriton High School webcam scandal were placed on temporary leave while the investigations into the case continue. However, their lawyers claim that the technicians only turned on the tracking software when they believed that the computers were stolen.  They argue that the student who filed the lawsuit hadn’t paid a $55 insurance fee to take the laptop home, so technically there were authorized to track down the computer.

Justice in your own hands?

According to media reports, the Lower Merrian Police Department also knew about the software. In the case of a theft, the security feature would take every 15 minutes a photo with the webcam. Meanwhile, the company that sold the tracking feature to the Harriton High School, has changed the name of its program and its user policy; from now on, the end users can’t activate the remote webcam anymore. In the Harriton High case, a federal court judge banned the webcam activation of the school distributed laptops. Computer recovery softwares, like for example Prey (open source project!), seem to have become quite common. Even NYU offers such a service. This week, a techie made it into the headlines in Boston when he helped the police to recover his stolen computers. In this case, the victim had previously connected his home computer to his laptops (GoToMyPC is a software that would enable that), and could therefore access the stolen devices, and track their location. However, this feature has a flip side too. As the amateur techie observed, “[i]f (the family) had known what they were doing, they actually could have accessed my home computer from the laptop.” In addition, the question remains if individuals should be motivated to use this software. It is also debatable if evidence collected in this way would be admissible in court. First, it doesn’t prove who has actually stolen the computers; it only shows who the new user is. Second, isn’t first a warrant needed to follow up (even your own) computer?

Who knew what?

The are contrary statements on who knew about the school’s authority to track their computers. On one hand, the plaintiff argues that he was unaware of the feature. On the other hand, I contacted on Facebook a parent who sends his children to the Harriton High school, and he told me the following:

However, it is unclear if teachers have discussed the full implications of the tracking feature with its students, and pointed out the possible risk of privacy invasion. In addition,  as I outlined in my previous post, the Electronic Frontier Foundation (EFF) believes that “private schools or employers can ask you to sign away your right to privacy, but not a government entity like a public school.“

Polarized reactions

The scandal has divided the school’s community. Students show their opposition to the schools policy with “LMSD [Lower Merion School District] is watching you” T-shirts. On the correspondent Facebook group, they refer to the school as a “prison.” I’ve contacted several students to get more details, but they haven’t got back to me (yet). Nevertheless, many parents and kids defend the school, and have formed different anti-lawsuit groups, like LMSDParents.org / “Reasonable LMSD parents refusing to rush to judgement” (to whom belongs Jan Klinkewicz), or Parents in Support of the Lowe Merrion School District, which collects signatures for a petition to fight the lawsuit. Concerned about the financial impact of a large class-action settlement, the group held a meeting in opposition to the lawsuit last Tuesday.

I’ve also detected ad-hominem attacks on the comment section of ABC’s local Philadelphia television statement, that seek to discredit the plaintiff’s family and imply that they are seeking personal financial profit from the affair. What should be the appropriate steps to follow? One commentator called willy25 underlines that “[o]nce one child’s rights have been violated, all children are at risk.” In any case, I believe that the most important step is to (re-)establish trust between the school and the students, indispensable for the success of the whole education system.

Channeled my anger at Google Buzz into a post: #buzzoff

Please RT!

On February 9th Google have unvailed Google Buzz, a service that involuntarily transforms every Gmail user’s private contact list into a public social network. While Google has suffered from privacy concerns in the past, Buzz is considered by many angry users to be crossing a line. Many loyal Google users including myself have hence chosen to disable the service. I present a list of reasons why you and your contact list should do that too.

Read on (and feel free to comment) here: #BuzzOff: 10 reasons to turn Google Buzz off

Chat Roulette!

Have any of you heard about this new Chatroulette phenomenon yet? I keep reading articles on it and hearing people talk about it. Thought I’d share the new chat forum with you guys, in case you haven’t heard of it yet. The general idea behind it is that you can video/audio chat with any stranger at any given time, for any length of time.

Here’s the site: http://chatroulette.com/

Here’s an article about the founder (a 17 year-old kid!): http://bits.blogs.nytimes.com/2010/02/13/chatroulettes-founder-17-introduces-himself/

And an article posted today on Mashable, just better explaining the gist behind it: http://mashable.com/2010/02/17/chatroulette/

Concluding Post – How much *TIME SPENT ON*?

I began this journey by first analyzing the beginning of both Social Networking Websites.. At first I was skeptical as to where my topic would be bring me but now I realize how much of a big part of and time is spend on these sites.

So what REALLY led to the demise of MySpace. I believe that their was no demise and that MySpace and Facebook are two entirely different entities that cannot be compared. I don’t think that they serve the same purpose. MySpace has evolved from being a simple social networking site, to an atmosphere or creative sharing. Those who actually are MySpace users are a new generation of young people. Initially, Facebook was set up as a network for college students to contact each other easier. MySpace was the networking site people would go to catch on fun. MySpace as I stated before is a social hub for music, movies, marketing.

This is where my thought for the comparing/contrasting of the layout came about. Initially, the two layouts served the same common goal. You had a few friends, you left them comments, admired their photos and read about their info and who they “friended”.  The past few years this has changed dramatically.MySpace’s login page has a lot more options. You have the ability to see who is online without joining the community, surf through celebrity pages and catch up the latest music/movies. It is now used a marketing tool. Facebook as a different perception. They do have celebrity fan pages, but there is no media attached. The login page for facebook is simple and clean, and you MUST login to see most features.

I actually joined Foursquare this week and became more active on Twitter as well as a social experiment to myself. After hearing about Foursquare in class and at work, I got the itch to join. I haven’t used it much and figure it’s interesting if you want to boast onto your friends where you are or see if they are in the same place.

This week in my research:

I decided to put myself through a social experiment. Be active on all my accounts (minus MySpace) and see how much time I spent on these sites. On my twitter I “tweeted” about 50 times a day. Mostly all on Thursday due to Iran’s 31st anniversary of the Revolution. My Facebook account I had about 60 posts a day, and Foursquare I barely used only to check in to places so my Facebook friends could see. So you can a few hours were devoted to just updating information on my pages. Was I being paid for this – NO. Did I learn anything? NO – well I did learn that my ex’s mother has a facebook … I think MY IQ dropped a bit more..

Then I thought what purpose does this serve? Do people really give a damn what I think of what I’m doing?

There are those small few who do.. but by using my page as a news central did any message get across to these people.. Remarkably yes. In the past year I have received critiques, opinions, praises in the “PHYSICAL WORLD” through sms, calls and in person of how this information, had I not provided it to them, would have left them in the dark.

But those of us who don’t use these platforms as a broadcasting central.. What are they doing on there.
This is a great link to some information based on the time spent on these sites, it states

From April 2008 to April 2009, total minutes spent on Facebook increased from 1.7 billion minutes to 13.9 billion minutes – an annual growth rate of 700 percent. MySpace comes in second with 5 billion minutes in April 2009, roughly 2 billion minutes shy of time spent in April 2008.

So how much time do you spend on your social networking site? AND what are you doing on there? January 2009 – ages 25-50 spent an average of 3.5 hrs on FB.

An interesting find for the week – when search this topic in GOOGLE and you type “TIME SPENT ON” – see what is the first choice is ….SCARY!

Mini Poll

Hi All – I decided to post a Mini Poll if you don’t mind answering it.. I figure since we are all pretty educated on SNSes.. This group would be a good sampling to test on.. :) Also, if you don’t mind in your comments explaining why you chose that answer… and also, if you can think of a better answer..

Twitter and Geotagging: The Conclusion

This travalogue began several weeks ago with a simple question: Should I enable geotagging on my personal Twitter account?

In my research about what some of the risks could be for users who did enable geotagging, I identified several groups of people that could be risk. They included political activists whose tweets may be used for identification and prosecution of participation in political rallies, young people who may be at risk from lecherous marketers, and sexual predators, and high-profile individuals, such as celebrities, politicians etc who are often targets of the news media, the paparazzi and so called cyber-stalkers.

Although I do not belong to any of the above groups, I’ve decided not to enable geotagging on Twitter. I’m not denying there are benefits to geotagging, many of which I think Nadine has covered in her research on Ushahidi, however the circumstances that people find themselves in those types of situations that may benefit from it are different from my circumstances.

According to this article on The Next Web, only .23% of tweets are geotagged (this article was from January and I couldn’t find any more recent data, but I wonder if this number has jumped significantly). Regardless of whether other people enable geotagging, my main concern is about the ability of this software to track people’s locations with respect to personal privacy. I understand I’m inherently giving up my privacy by participating in Twitter to begin with, but I’m not comfortable with enabling people to track my specific location. I think I would begin to self-censor my tweets if I did enable geotagging, and that’s counter to the way that I want to be using Twitter. Even though Twitter allows its users to delete their geotagged tweets, it takes up to 30 minutes before this can take effect, plus the location information that has been gathered by third-party applications is not necessarily deleted. Plus, geotagged information is exact and links to Google Maps. I also don’t use third-party applications that benefit from enabling this kind of geotagging information, applications such as FourSquare, Birdfeed, Twidroid etc.

This short video from YouTube demonstrates how to locate a random person on Twitter that has their geotagging setting enabled and sums up in under two minutes why I don’t want to enable geotagging.YouTube Preview Image

Clearly I am concerned about privacy, and therefore I think Twitter should be commended for making sure that this service is opt-in. As we’ve discussed several times in class, people rarely change privacy settings that are default, and I think they’ve done a good thing making this something people have to consciously decide to do. This is what annoyed me about Google Buzz – they made it automatic! Twitter also allow users to selectively geotag, which means if I do find myself in a situation where I’d like to reveal my location (eg I’m in some sort of emergency), I would be able to do that.

Lastly I recognize that this issue of geotagging is not limited to the culture of Twitter but has larger implications in various aspects of our society and our given media environment. For example, every time I take a picture with my iPhone it asks if I want to record the location where the picture was taken from (I say no – so at least I tend to be consistent so far!) This travalogue has made me think more seriously about the use of location-based technology more generally, when I swipe my credit card for example I realize its effectively mapping my location at that certain point in time, but in that case only my credit card company has access to it. It reminds me of The Trap, and that I have to come to terms with the fact that I’m mapping my location to a large extent regardless of whether or not I enable geotagging on Twitter. But for now, since I still have a choice, I will choose not to further allow my location to be specified without seeing a specific benefit. I don’t see the benefit of enabling other people to pinpoint my location.