Online Privacy

What a librarian can teach you about privacy

Over On Computer World Mark Hall Writes: Let's face it: When it comes to keeping data secure, there's plenty that IT can learn from librarians. Just as ALA members ensure that their patrons' reading habits remain strictly private by establishing privacy audits, so, too, can CIOs audit their systems to ensure that customer and employee data is protected, says Caldwell-Stone. Privacy audits keep customer and employee content under wraps and can protect companies from embarrassing revelations. Librarians have been trained to consider privacy ramifications surrounding access to content. They guard those rights vigorously and are a great example for CIOs designing secure systems. Just ask them. Quietly, of course.

Bill Would Outlaw Targeted Web Ads

Gary Price pointed the way to This One on a recently drafted bill in NY that would require Web advertising companies, such as AOL, Google, Microsoft, and Yahoo, to get a Web surfer's permission before tracking Web movements and displaying ads based on those movements.

WorldCat.org and User Privacy?

While browsing blogs during the NCAA Tourney today, I came across a reference to a book that I thought would be good for my library (academic business school), so I hopped over to WorldCat.org after not seeing it in our online catalog.

I started to register and save the page, but saw this in the abbreviated Terms of Service dialog:

A. You grant to OCLC unlimited and unrestricted use of all data submitted by you to this site.

That's pretty sweeping. But surely, they won't sell my email to marketers, right. I mean, this is OCLC, yes -- founded by librarians, for librarians -- zealous defenders of personal privacy?

I searched the full TOS for references to the uses of gathered data and user privacy -- no explicit prohibition of sharing. I also searched the full "Privacy Policy" for anything that might indicate that my email was not for sale -- nothing there either.

Now I'm willing to admit that my focus on the legalese may not be the best today due to March Madness; but its a little troubling to me to read "A." above and then find nothing to convince me that my email won't be re-sold.

This may also be of more concern if your library, like mine, seems to be in a headlong rush to buy WorldCat Local.

Did I miss something in the policies? Is this FUD? More eyes on the policies would be appreciated.

The Privacy Toolbox: 100 Guides and Resources for Keeping Your Personal Information Safe

Today’s online culture of banking, blogging, social networking and shopping makes it easier than ever for those with nefarious intentions to steal your personal information. Social Security numbers, credit cards and online passwords are all at risk if you don’t keep your personal information secure both online and off. While there is no way to make identity theft a non-issue, there are a number of things that you can do to help ensure that your data is as secure as it possibly can be. Here are 100 places to start researching how to keep your information away from prying eyes.

Gossip web site on college campuses

This is an interesting article on what is basically a gossip site geared toward college students. It's also kinda of scary at whats being posted on there and the owners response from requests by his alma mater. I am impressed with the actions of the students in taking a stand.

Google Health is coming

Google Health is coming soon. Phil Bradley posts this screenshot of the page. Kinda of creepy that Google (sorry, the all knowing one) is moving in this direction. It's still about making information accessible , as outlined in this post, but I'm not sure I'd want Google to be the one doing this.

Anonymity and the Netflix Dataset

Very intersting post by Bruce Schneier on anonymous data.

Like everything else in security, anonymity systems shouldn't be fielded before being subjected to adversarial attacks. We all know that it's folly to implement a cryptographic system before it's rigorously attacked; why should we expect anonymity systems to be any different? And, like everything else in security, anonymity is a trade-off. There are benefits, and there are corresponding risks.

Kindling

Amazon Kindle - Will Your Library Buy it for Patrons?

You know in a month some library will publish how their Kindle program is a great success, and all you other libraries suck because you don't have one. So the libraries that purchase and loan to patrons will do what with their privacy policies? Libraries delete patron borrowing records when books are returned and borrowing records are private and often protected by State statutes. And the Kindle libraries will turn those privacy policies over to Amazon. Why don't you just burn down your libraries right now because "freedom to read" and "access to all" mean nothing. If the federal government wanted this kind of access to patron reading habits, we would fight all the way to the Supreme Court, but if a public company wants the same access, we say, "wow. that's really convenient." We need to draw the line somewhere: if you buy this for your library, you suck.

The Future of Internet Immune Systems

madcow sent over a link to Cory Doctorow's "The Future of Internet Immune Systems:

We're designing more and more automated defenses for the Internet, systems that shut you down or block you if you appear to be doing something naughty, but the problem is that while the defenses are automatic, the appeals process is decidedly manual.

Wholesale Surveillance Predates 9/11

A November 2, 2007 National Journal article titled, "NSA Sought Data Before 9/11" details the efforts of the Bush Administration to get pretty much all communications traffic back in February 2001. At least one telephone company, Qwest, refused:

Another source said that the NSA wanted to analyze the calls, e-mails, and other transmissions crossing Qwest's lines, to detect patterns of suspicious activity. Telecom carriers routinely monitor their networks for fraudulent activity, the former White House official noted, and so the companies "have an enormous amount of intelligence-gathering" capability. They don't have to target individual customers to "look for wacky behavior," or "groups communicating with each other in strange patterns." That information could augment intelligence that the NSA and other agencies were gathering from other sources, the former official said.

Qwest's then-chief executive officer, Joseph Nacchio, rejected the NSA's request. "He didn't want to go along with that," and his refusal was not greeted warmly in the intelligence community, the former White House official said. Another source, a former high-ranking intelligence official, said that other companies, both before and after 9/11, had less of a problem complying with government requests if they were accompanied by a legal order. The ex-official added that some companies were willing to offer data and to assist the government "as necessary" on a voluntary basis, without a court order. -- Read More

Syndicate content