• Home
  • About
  • Blog
  • News
  • Events
  • Media
  • Video
  • Glossary
  • Contact
  • Download
  • RSS

Modernizing Privacy in the Internet Age

April 8th, 2010  |  by Jennifer  |  Published in Future of the Internet  |  3 Comments

A coalition of prominent netizens and watchdogs released its wishlist this week for Digital Due Process.  Google, Microsoft, AT&T, the ACLU, and EFF, among others, are advocating for an update of the 1986 Electronic Communications Privacy Act.  The statute, which includes the current regulations government agencies follow to access an individual’s electronic data and communications, was passed the year after Windows 1.0 was released and five years before the World Wide Web was publicly introduced.  Attempts to shoehorn unexpected emerging technologies into the Act’s framework has led to inconsistent application to the same type of communication across jurisdictions and within the life cycle of the communication (for example, depending on the length of time since a stored email was first read), confusing all parties—government officials seeking information, service providers receiving such requests, and users wanting to know the extent to which their data is protected—and arguably providing insufficient protection. Therefore, the coalition is lobbying Congress to amend the law to reflect modern developments of widespread reliance on email, cloud computing, social networking, and location technologies.  Their list of principles would require warrants—with an exception for emergencies—for disclosure of a communication without regard for where or how it is stored, its age, or whether the service provider itself has access to the information for business purposes.  Location information would also require a warrant.  And the government must have a court order to obtain aggregate information (e.g., data from a non-particularized set of subscribers to a social networking site).

While legislation embodying these principles would clarify limits and valid procedure for U.S. government agents seeking information, it does not ultimately secure user data.  Companies that request or record personal information can sell it or otherwise use it without user authorization.  Hackers can surreptitiously acquire information from sites where it has been collected or archived.  In addition, because the Internet extends across jurisdictions, foreign states have their own rules governing data seizure which may be broader or less certain than U.S. standards.  Finally, the personal information of one person is often disclosed by others, for example on blogs or in online photo repositories.

One way a user can address the first three of these risks and assert a measure of control how his or her data is used or disseminated is to understand what information is being collected, why it is needed, and how security measures are implemented to safeguard it.  Unfortunately, this is often difficult for the average user to assess, especially considering the plethora of apps requesting access and their technical nature.  A new online resource recently launched that harnesses the power of the community to provide this information.  WhatApp compiles a database of apps, mining both the knowledge of technical experts and the experience of users.  Experts rate the apps along dimensions of privacy, security, and openness, based on a specific set of criteria.  Users review the apps on how they work in practice.  Should WhatApp be successful, it may serve not just as a tool to comment on apps, but itself affect change within the app ecosystem.  If a user has a choice of several apps to perform a specific task and makes a decision based on WhatApp’s assessment of their relative privacy and security, app developers will have to take these concerns into account to be competitive.

Both Digital Due Process and WhatApp still have to gain a critical mass to sustain the movements to their completion, whether that be legislation or a comprehensive and useful database of app privacy and security.  But at least initially, they seem to be growing steadily—another promising sign that institutional and individual members of the online community are taking initiative to maintain the Internet as a safe and open environment.  However risks to Privacy 2.0 remain, in particular how to control personal information disseminated broadly by others.  These concerns will require implementing additional ameliorative mechanisms online; JZ suggests data genealogy, reputation bankruptcy, and contextualization of information.

–by Jennifer Halbleib

Responses

Feed
  1. links for 2010-04-09 | Don't mind Rick says:

    April 9th, 2010 at 9:07 am (#)

    [...] Modernizing Privacy in the Internet Age [...]

  2. Saqib Ali says:

    April 10th, 2010 at 4:43 pm (#)

    What are the long term plans for WhatApp.org? It is definitely a interesting idea, but will need to gain a lot of traction before it becomes useful.

    Preliminary feedback:

    1) WhatApp.org should use OpenID + OpenSocial. This will help in determining the credibility of the commenters, and build trust among the wiki contributors. Otherwise there is a lot of self-promotion type of comments on this site.

    2) There needs to be RSS for newly added Apps

    3) Integration with Twitter (and others), such that the commenters can choose to tweet their comments.

  3. Ryan Calo says:

    April 10th, 2010 at 6:48 pm (#)

    @Jennifer (and JZ) Thanks very much for the write up. We’ve seen a lot of interest in the website, suggesting at a minimum that many users care about these values and perceive a need for more and better information.

    @Saqib Thanks for the (very good) feedback. WhatApp.org is a true beta—and just a couple of weeks old. Long terms plans are to build a community, absorb good feedback like yours, and eventually scale up. Please be in touch if you want to get involved (whatapp@law.stanford.edu).

Blog

  • Controlling Cyberspace

    • This semester, we’re starting an exciting new class, aimed not at lawyers, but undergraduate CS students here at Harvard. It’s called CS42: Controlling Cyberspace – and we’re sharing the syllabus online.  Anything big we’re missing? Read more »

  • Computers Going Wild?

    • Computers Gone Wild: Impact and Implications of Developments in Artificial Intelligence on Society was an informal discussion that took place at Harvard Law School on December 8th, 2011. Hosted by Jonathan Zittrain, Marin Soljačić and the Berkman Center for Internet & Society, we brought together eighteen mostly local guests to discuss the ways that AI is changing society. Unlike futuristic predictions involving the Singularity or the underlying technology, this workshop explored current technology. Sessions included discussions on warfare, finance, education, and labor. Below is a list of attendees and a summary of the discussion.

    Read more »

  • Ideas for a Better Internet
    • Ideas for a Better Internet, or i4bi, is an interdisciplinary course at Harvard and Stanford that challenges students from law, computer science, and public policy to come up with novel and plausible ways to improve the Internet and its use. i4bi centers on immersing participants in Internet history, technologies, and politics, so that students can come up with ideas that help to build a better Internet — however they define “better.” Read more »
  • Microsoft Echoes Apple App Store Requirements

    • Here at Future of the Internet, we’ve already talked a little bit about Apple’s content requirements for both the iOS and Mac App Stores in JZ’s The PC is Dead post. As JZ said,

    “Pulitzer Prize-winning editorial cartoonist Mark Fiore found his iPhone app rejected because it contained “content that ridicules public figures.” Fiore was well-known enough that the rejection raised eyebrows, and Apple later reversed its decision. But the fact that apps must routinely face approval masks how extraordinary the situation is: tech companies are in the business of approving, one by one, the text, images, and sounds that we are permitted to find and experience on our most common portals to the networked world. Why would we possibly want this to be how the world of ideas works, and why would we think that merely having competing tech companies—each of which is empowered to censor—solves the problem?”

    Apple’s approach is an example of a larger phenomenon. Read more »

  • A SOPA compromise is floated
    • Last week several members of Congress — Senators Wyden, Cantwell, Moran, and Paul, and Reps. Issa, Lofgren and Chaffetz — floated a proposal to substitute for the contentious proposed Stop Online Piracy Act, previously discussed here.  Sen. Wyden’s office has commented on the compromise, and TechDirt has a writeup and a copy of the document here. The proposal omits the elements of SOPA that had run into the most resistance. Gone is tinkering with fundamental Internet architecture such as the use of the domain name system. Gone is the involvement of the Attorney General. Gone is the criminal copyright streaming provision that could, theoretically, make a teenage Justin Bieber a felon for streaming amateur videos featuring his renditions of songs by his favorite artists.In all these ways, the Wyden compromise is significantly better than SOPA. So what’s left? Read more »
About Jonathan Zittrain

jonathan zittrain

Jonathan Zittrain is Professor of Law at Harvard Law School and co-founder of the Berkman Center for Internet and Society at Harvard Law School

RSS Tweets from Z

  • An error has occurred; the feed is probably down. Try again later.

Blog Archives

Creative Commons BY-NC-SA Jonathan Zittrain unless otherwise noted.
Powered by WordPress using Gridline Lite.