Online Privacy

Anonymity and the Netflix Dataset

Very intersting post by Bruce Schneier on anonymous data.

Like everything else in security, anonymity systems shouldn't be fielded before being subjected to adversarial attacks. We all know that it's folly to implement a cryptographic system before it's rigorously attacked; why should we expect anonymity systems to be any different? And, like everything else in security, anonymity is a trade-off. There are benefits, and there are corresponding risks.


Amazon Kindle - Will Your Library Buy it for Patrons?

Taxonomy upgrade extras: 

The Future of Internet Immune Systems

madcow sent over a link to Cory Doctorow's "The Future of Internet Immune Systems:

We're designing more and more automated defenses for the Internet, systems that shut you down or block you if you appear to be doing something naughty, but the problem is that while the defenses are automatic, the appeals process is decidedly manual.

Wholesale Surveillance Predates 9/11

A November 2, 2007 National Journal article titled, "NSA Sought Data Before 9/11" details the efforts of the Bush Administration to get pretty much all communications traffic back in February 2001. At least one telephone company, Qwest, refused:

Another source said that the NSA wanted to analyze the calls, e-mails, and other transmissions crossing Qwest's lines, to detect patterns of suspicious activity. Telecom carriers routinely monitor their networks for fraudulent activity, the former White House official noted, and so the companies "have an enormous amount of intelligence-gathering" capability. They don't have to target individual customers to "look for wacky behavior," or "groups communicating with each other in strange patterns." That information could augment intelligence that the NSA and other agencies were gathering from other sources, the former official said.

Qwest's then-chief executive officer, Joseph Nacchio, rejected the NSA's request. "He didn't want to go along with that," and his refusal was not greeted warmly in the intelligence community, the former White House official said. Another source, a former high-ranking intelligence official, said that other companies, both before and after 9/11, had less of a problem complying with government requests if they were accompanied by a legal order. The ex-official added that some companies were willing to offer data and to assist the government "as necessary" on a voluntary basis, without a court order.

Your First Girlfriend and Other Things Search Engines Store about You

Computer World reports on what user data is saved by the major search engines, and the possibility of personally-identifying information being discovered.

Google to cut back on how long it keeps search history

On Tuesday, Google announced that it would reduce the length of time it saves users' search history, from 24 months to 18 months. This is in response to recent criticism about its privacy practices, including the recent study by Privacy International. The International Herald Tribune has the story.

Google: The Search Engine that Knew Too Much

Forbes reports that a study by Privacy International ranked Google last among online companies in user information protection. Google issued a statement in response saying that the study was based on "numerous inaccuracies and misunderstandings about Google's products and services."

Anti-War Activists Tracked in Libraries by DOD

Kelly writes "The IHT headline says: 'Newly disclosed documents show U.S. Defense Department tracked anti-Iraq war activities.' According to this article, 'An anti-terrorist database used by the Defense Department in an effort to prevent attacks on military installations included intelligence tips about antiwar planning meetings held at churches, libraries, college campuses and other locations, newly disclosed documents show.'"

She's Dunn

mdoneil writes "Patricia Dunn the Chairman of HP who orchestrated the spying mission on Board members to uncover a leak of company information to the media is on her way out.
Dunn, who hired private dicks to obtain phone records of Directors ostensibly through pretexting — lying to the telcos — will be replaced by the non-executive president (whatever the heck that means) of HP in January.
So don't worry about your government spying on you, be wary of employers hiring professional liars to get your personal information by lying to the phone company, a practice that they seem to think is legal.
There is no fine line between legal, ethical, moral, and OK in my book. If it does not seem fair don't do it. Dunn is a fine example of corporate morality. She and Ken Lay should have hooked up before he died, they would make quite the couple."

AOL Fires Data Leak Project Managers

Search Engines WEB writes "AOL announced the resignation of its chief technology officer today, following two weeks of intense criticism from privacy advocates after members of its research staff released hundreds of thousands of its customers' personal Web search queries. The researcher and a manager overseeing the project were dismissed, according to an AOL employee who did not want to be identified because the company does not comment publicly on personnel matters.
AOL also said it planned to beef up data privacy protections, reconsider the length of time that it holds onto the millions of search queries that customers make every day, and re-educate its own employees about the sensitivity of personal data.


Subscribe to Online Privacy