Online Privacy

Online Privacy

How a Company You’ve Never Heard of Sends You Letters about Your Medical Condition

This is the hidden underside of the browsing experience. When you’re surfing the web, sitting alone at your computer or with your smartphone clutched in your hand, it feels private and ephemeral. You feel freed to look for the things that you’re too embarrassed or ashamed to ask another person. But increasingly, there is digital machinery at work turning your fleeting search whims into hard data trails. The mining of secrets for profit is done invisibly, shrouded in the mystery of “confidential partnerships,” “big data,” and “proprietary technology.” People in databases don’t know that dossiers are being compiled on them, let alone have the chance to correct any mistakes in them.
From How a Company You’ve Never Heard of Sends You Letters about Your Medical Condition

Woman says Librarians Know Who Hit her Car but Can't Tell Her

The alleged perp checked out a book and thus the staff was unable to give her the name of the driver.

Here's the story from WSBTV in Atlanta. The woman whose car was hit feels as if she's being unfairly discriminated against.

Curriculum – Data Privacy Project

Welcome to the curriculum page for the Data Privacy Project. We are pleased to share a set of learning tools that was created with and for library professionals. The curriculum contains a facilitator’s guide, presentation slides, and handouts, and permits remix and reuse under a Share Alike 4.0 Creative Commons license.
From Curriculum – Data Privacy Project

Privacy and Academic Libraries Right Now

Beyond reading this report and preprint, what can we do to learn more and help protect our patrons’ privacy (and our own)? Keeping up with these issues is a good first step.... We can also work to audit our own internal library systems and practices, and to push the vendors we work with to protect patron privacy. Further, we can increase digital privacy awareness among ourselves, our coworkers, and our patrons.
From Privacy and Academic Libraries Right Now | ACRLog

Why We’re So Hypocritical About Online Privacy

To address this question, a recent meta-analysis of 166 studies, including 75,269 participants of 34 countries, explored the so-called “privacy paradox,” that is, the puzzling fact that people’s concerns about privacy rarely appear to translate into protective behaviors. Contrary to previous studies, the findings of the meta-analysis revealed that individuals who are more concerned with and informed about privacy tend to use fewer online services, set stronger security settings, and disclose less personal information. However, when it comes to social media use, there is indeed a privacy paradox, as even individuals who express concerns behave quite carelessly, engaging in uncensored or inappropriate self-disclosure, making a great deal of their digital footprint public, and allowing a wide range of external apps to access their data. It has been estimated that nearly 40% of Facebook content is shared according to the (rather unsafe) default settings, and that privacy settings match users’ expectations only 37% of the time. Thus, it appears that no amount of privacy concerns will make social media users more cautious.
From Why We’re So Hypocritical About Online Privacy

Privacy is still alive and kicking in the digital age

Privacy is a democratic value. It is free thought and independence. Studies show that people change their behavior when they feel watched. They seek information less freely, act and express themselves less freely, are afraid to stand out and go against the flow. Trevor Hughes, CEO of the International Association of Privacy Professionals, IAPP, has a good explanation of the importance of privacy: “As humans, we seek solitude when we feel vulnerable. Sometimes, this is related to physical vulnerability. We seek to exclude ourselves from our societies when we are sick, or in moments of particular risk (think: sleeping, toileting, sex, etc.). But we also seek to exclude ourselves when we feel emotionally vulnerable. We seek private space to explore new identities or ideas.” Privacy and the space to think and act without feeling watched is a prerequisite for individuals’ ability to act independently and freely. A private life ensures that each person can create his or her own unique identity and determine his or her life’s direction — the right to fail along the way or to go against the tide. The right to privacy is thus a prerequisite for active democracy. https://techcrunch.com/2016/12/25/privacy-is-still-alive-and-kicking-in-the-digital-age/

The Strange Way People Perceive Privacy Online

The reason, Mamonov thinks, has a lot to do with people’s perceptions of surveillance. He guessed study participants would have wanted to protect themselves against it; instead, he says, the magnitude of the threat seems to have instilled a sense of helplessness that made them less likely to put an effort into securing themselves.
From The Strange Way People Perceive Privacy Online - Nextgov.com

The Privacy Wars Are About to Get A Whole Lot Worse

The best way to secure data is never to collect it in the first place. Data that is collected is likely to leak. Data that is collected and retained is certain to leak. A house that can be controlled by voice and gesture is a house with a camera and a microphone covering every inch of its floorplan. The IoT will rupture notice-and-consent, but without some other legal framework to replace it, it’ll be a free-for-all that ends in catastrophe. I’m frankly very scared of this outcome and have a hard time imagining many ways in which we can avert it, but I do have one scenario that’s plausible: class action lawsuits.
From Locus Online Perspectives » Cory Doctorow:The Privacy Wars Are About to Get A Whole Lot Worse

What are you revealing online? Much more than you think

The best indicator of high intelligence on Facebook is apparently liking a page for curly fries. At least, that’s according to computer scientist Jennifer Golbeck (TED Talk: The curly fry conundrum), whose job is to figure out what we reveal about ourselves through what we say — and don’t say — online. Of course, the lines between online and “real” are increasingly blurred, but as Golbeck and privacy economist Alessandro Acquisti (TED Talk: Why privacy matters) both agree, that’s no reason to stop paying attention. TED got the two together to discuss what the web knows about you, and what we can do about the things we’d rather it forgot. An edited version of the conversation follows.
From What are you revealing online? Much more than you think |

Facebook begins tracking non-users around the internet

Facebook will now display ads to web users who are not members of its social network, the company announced Thursday, in a bid to significantly expand its online ad network. As The Wall Street Journal reports, Facebook will use cookies, "like" buttons, and other plug-ins embedded on third-party sites to track members and non-members alike. The company says it will be able to better target non-Facebook users and serve relevant ads to them, though its practices have come under criticism from regulators in Europe over privacy concerns. Facebook began displaying a banner notification at the top of its News Feed for users in Europe today, alerting them to its use of cookies as mandated under an EU directive. "Publishers and app developers have some users who aren’t Facebook users," Andrew Bosworth, vice president of Facebook’s ads and business platform, tells the Journal. "We think we can do a better job powering those ads."
From Facebook begins tracking non-users around the internet | The Verge

The OKCupid data release fiasco: It’s time to rethink ethics education

In mid 2016, we confront another ethical crisis related to personal data, social media, the public internet, and social research. This time, it’s a release of some 70,0000 OKCupid users’ data, including some very intimate details about individuals. Responses from several communities of practice highlight the complications of using outdated modes of thinking about ethics and human subjects when considering new opportunities for research through publicly accessible or otherwise easily obtained data sets (e.g., Michael Zimmer produced a thoughtful response in Wired and Kate Crawford pointed us to her recent work with Jacob Metcalf on this topic). There are so many things to talk about in this case, but here, I’d like to weigh in on conversations about how we might respond to this issue as university educators.
From The OKCupid data release fiasco: It’s time to rethink ethics education | Social Media Collective

97% of Research Library Searches Leak Privacy... and Other Disappointing Statistics.

Over the weekend, I decided to try to quantify the extent of privacy leakage in public-facing library services by studying the search services of the 123 ARL libraries. These are the best funded and most prestigious libraries in North America, and we should expect them to positively represent libraries. I went to each library's on-line search facility and did a search for a book whose title might suggest to an advertiser that I might be pregnant. (I'm not!) I checked to see whether the default search linked to by the library's home page (as listed on the ARL website) was delivered over a secure connection (HTTPS). I checked for privacy leakage of referer headers from cover images by using Chrome developer tools (the sources tab). I used Ghostery to see if the library's online search used Google Analytics or not. I also noted whether advertising network "web beacons" were placed by the search session.
From Go To Hellman: 97% of Research Library Searches Leak Privacy... and Other Disappointing Statistics.

The importance of teaching online privacy at the college

I really like the closing paragraph here! I might replace "The College" with "The College Library" :-) http://flathatnews.com/2016/04/04/the-importance-of-teaching-online-privacy-at-the-college/
If the College’s mission truly is to mold us into informed citizens and consumers, an excellent place for it to start would be with this issue of data security and online privacy. Even a brief session during orientation would be an improvement; if not to teach us how to be fully secure in our data, then simply to let us know that it is not, by itself, fully secure. An even better option, as suggested by Tracy Mitrano — an academic dean at the University of Massachusetts Cybersecurity Certificate Programs — would be a GER course in information literacy. Only then could the College say it produces truly informed citizens.
From The importance of teaching online privacy at the college | Flat Hat News

Thinking Out Loud About Patron Privacy and Libraries #nisoprivacy | Librarian by Day

There are many reasons people relinquish person information, perhaps they don’t know how it will be used or they don’t have a choice or they do it willingly, none of this is an indication that expectations about privacy have changed. The argument that this behavior is an indication that people no longer expect privacy and therefore it is acceptable to collect and use data is deeply problematic. The idea of reasonable expectation of privacy reinforces the status quo and ignores the needs of minorities. It benefits large corporations and an elite few. Instead we should endeavor that policies, rules, and guidelines reflect what we want, not what we have come to expect.
From Thinking Out Loud About Patron Privacy and Libraries #nisoprivacy | Librarian by Day

NYCLU: City’s Public Wi-Fi Raises Privacy Concerns

“Internet access is not a choice, it’s a modern-life necessity,” said Mariko Hirose, senior staff attorney at the NYCLU. “The city’s public Wi-Fi network should set the bar for privacy and security to help ensure that New Yorkers do not have to sacrifice their rights and freedoms to sign online.”

In order to register for LinkNYC, users must submit their e-mail addresses and agree to allow CityBridge to collect information about what websites they visit on their devices, where and how long they linger on certain information on a webpage, and what links they click on. CityBridge’s privacy policy only offers to make “reasonable efforts” to clear out this massive amount of personally identifiable user information, and even then, only if there have been 12 months of user inactivity. New Yorkers who use LinkNYC regularly will have their personally identifiable information stored for a lifetime and beyond.

From NYCLU: City’s Public Wi-Fi Raises Privacy Concerns | New York Civil Liberties Union (NYCLU) - American Civil Liberties Union of New York State

Company Tracks Iowa Caucusgoers by their Cell Phones

So on the night of the Iowa caucus, Dstillery flagged all the auctions that took place on phones in latitudes and longitudes near caucus locations. It wound up spotting 16,000 devices on caucus night, as those people had granted location privileges to the apps or devices that served them ads. It captured those mobile ID's and then looked up the characteristics associated with those IDs in order to make observations about the kind of people that went to Republican caucus locations (young parents) versus Democrat caucus locations. It drilled down farther (e.g., 'people who like NASCAR voted for Trump and Clinton') by looking at which candidate won at a particular caucus location.

From Company Tracks Iowa Caucusgoers by their Cell Phones - Schneier on Security

Online Privacy and the Invisible Market for Our Data.

Abstract: Consumers constantly enter into blind bargains online. We trade our personal information for free websites and apps, without knowing exactly what will be done with our data. There is nominally a notice and choice regime in place via lengthy privacy policies. However, virtually no one reads them. In this ill-informed environment, companies can gather and exploit as much data as technologically possible, with very few legal boundaries. The consequences for consumers are often far-removed from their actions, or entirely invisible to them. Americans deserve a rigorous notice and choice regime. Such a regime would allow consumers to make informed decisions and regain some measure of control over their personal information. This article explores the problems with the current marketplace for our digital data, and explains how we can make a robust notice and choice regime work for consumers.

From Notice and Consent - Schneier on Security You can read the Paper Here.

IFLA issues Statement on Right to be Forgotten

IFLA urges library professionals to participate in policy discussions about the right to be forgotten, while both supporting the right to privacy for individual citizens and assisting individuals in their searches for information.  To this effect, library professionals should:

Raise awareness among policy makers to ensure that the right to be forgotten does not apply where retaining links in search engine results is necessary for historical, statistical and research purposes; for reasons of public interest; or for the exercise of the right of freedom of expression.

From IFLA issues Statement on Right to be Forgotten

Don't Panic Making Progress On The "Going Dark" Debate

We’re not being asked to choose between security and privacy. We’re being asked to choose between less security and more security.

This trade-off isn’t new. In the mid-1990s, cryptographers argued that escrowing encryption keys with central authorities would weaken security. In 2011, cybersecurity researcher Susan Landau published her excellent book Surveillance or Security?, which deftly parsed the details of this trade-off and concluded that security is far more important. Ubiquitous encryption protects us much more from bulk surveillance than from targeted surveillance. For a variety of technical reasons, computer security is extraordinarily weak.

If a sufficiently skilled, funded, and motivated attacker wants in to your computer, they’re in. If they’re not, it’s because you’re not high enough on their priority list to bother with. Widespread encryption forces the listener – whether a foreign government, criminal, or terrorist – to target. And this hurts repressive governments much more than it hurts terrorists and criminals.

From Don't Panic Making Progress On The "Going Dark" Debate [PDF]

Georgia Tech Discovers How Mobile Ads Leak Personal Data

Researchers found that 73 percent of ad impressions for 92 percent of users are correctly aligned with their demographic profiles. Researchers also found that, based on ads shown, a mobile app developer could learn a user’s:

gender with 75 percent accuracy,
parental status with 66 percent accuracy,
age group with 54 percent accuracy, and
could also predict income, political affiliation, marital status, with higher accuracy than random guesses.

From Georgia Tech Discovers How Mobile Ads Leak Personal Data

Pages

Subscribe to RSS - Online Privacy