• Home
  • About
  • Blog
  • News
  • Events
  • Media
  • Video
  • Glossary
  • Contact
  • Download
  • RSS

Modernizing Privacy in the Internet Age

April 8th, 2010  |  by Jennifer  |  Published in Future of the Internet  |  3 Comments

A coalition of prominent netizens and watchdogs released its wishlist this week for Digital Due Process.  Google, Microsoft, AT&T, the ACLU, and EFF, among others, are advocating for an update of the 1986 Electronic Communications Privacy Act.  The statute, which includes the current regulations government agencies follow to access an individual’s electronic data and communications, was passed the year after Windows 1.0 was released and five years before the World Wide Web was publicly introduced.  Attempts to shoehorn unexpected emerging technologies into the Act’s framework has led to inconsistent application to the same type of communication across jurisdictions and within the life cycle of the communication (for example, depending on the length of time since a stored email was first read), confusing all parties—government officials seeking information, service providers receiving such requests, and users wanting to know the extent to which their data is protected—and arguably providing insufficient protection. Therefore, the coalition is lobbying Congress to amend the law to reflect modern developments of widespread reliance on email, cloud computing, social networking, and location technologies.  Their list of principles would require warrants—with an exception for emergencies—for disclosure of a communication without regard for where or how it is stored, its age, or whether the service provider itself has access to the information for business purposes.  Location information would also require a warrant.  And the government must have a court order to obtain aggregate information (e.g., data from a non-particularized set of subscribers to a social networking site).

While legislation embodying these principles would clarify limits and valid procedure for U.S. government agents seeking information, it does not ultimately secure user data.  Companies that request or record personal information can sell it or otherwise use it without user authorization.  Hackers can surreptitiously acquire information from sites where it has been collected or archived.  In addition, because the Internet extends across jurisdictions, foreign states have their own rules governing data seizure which may be broader or less certain than U.S. standards.  Finally, the personal information of one person is often disclosed by others, for example on blogs or in online photo repositories.

One way a user can address the first three of these risks and assert a measure of control how his or her data is used or disseminated is to understand what information is being collected, why it is needed, and how security measures are implemented to safeguard it.  Unfortunately, this is often difficult for the average user to assess, especially considering the plethora of apps requesting access and their technical nature.  A new online resource recently launched that harnesses the power of the community to provide this information.  WhatApp compiles a database of apps, mining both the knowledge of technical experts and the experience of users.  Experts rate the apps along dimensions of privacy, security, and openness, based on a specific set of criteria.  Users review the apps on how they work in practice.  Should WhatApp be successful, it may serve not just as a tool to comment on apps, but itself affect change within the app ecosystem.  If a user has a choice of several apps to perform a specific task and makes a decision based on WhatApp’s assessment of their relative privacy and security, app developers will have to take these concerns into account to be competitive.

Both Digital Due Process and WhatApp still have to gain a critical mass to sustain the movements to their completion, whether that be legislation or a comprehensive and useful database of app privacy and security.  But at least initially, they seem to be growing steadily—another promising sign that institutional and individual members of the online community are taking initiative to maintain the Internet as a safe and open environment.  However risks to Privacy 2.0 remain, in particular how to control personal information disseminated broadly by others.  These concerns will require implementing additional ameliorative mechanisms online; JZ suggests data genealogy, reputation bankruptcy, and contextualization of information.

–by Jennifer Halbleib

Responses

Feed
  1. links for 2010-04-09 | Don't mind Rick says:

    April 9th, 2010 at 9:07 am (#)

    [...] Modernizing Privacy in the Internet Age [...]

  2. Saqib Ali says:

    April 10th, 2010 at 4:43 pm (#)

    What are the long term plans for WhatApp.org? It is definitely a interesting idea, but will need to gain a lot of traction before it becomes useful.

    Preliminary feedback:

    1) WhatApp.org should use OpenID + OpenSocial. This will help in determining the credibility of the commenters, and build trust among the wiki contributors. Otherwise there is a lot of self-promotion type of comments on this site.

    2) There needs to be RSS for newly added Apps

    3) Integration with Twitter (and others), such that the commenters can choose to tweet their comments.

  3. Ryan Calo says:

    April 10th, 2010 at 6:48 pm (#)

    @Jennifer (and JZ) Thanks very much for the write up. We’ve seen a lot of interest in the website, suggesting at a minimum that many users care about these values and perceive a need for more and better information.

    @Saqib Thanks for the (very good) feedback. WhatApp.org is a true beta—and just a couple of weeks old. Long terms plans are to build a community, absorb good feedback like yours, and eventually scale up. Please be in touch if you want to get involved (whatapp@law.stanford.edu).

Blog

  • Dropbox Ran Afoul of Apple’s App Store Review Guidelines: So What?

    • Last week, a number of developers reported that Apple was rejecting iOS applications that used Dropbox, a popular cloud file storage and backup system. An initial thread on the Dropbox developers’ forum has led to a outpouring of tech news full of hyperbolic claims. However, none of this reporting has covered the real problem – Apple is now more concerned about protecting its business model than serving its users or its developers.  Read more »

  • Help pioneer Casebook: The Next Generation

    • We at the H2O project are seeking a full-time Project Manager. H2O is an online platform for textbook development and distribution, currently in a pilot stage. H2O is based on the open source model – instead of locking down materials in formalized textbooks, we believe that course books can be free (as in free speech) for everyone to access and, equally important, build upon.

    Using H2O, professors can freely pull together materials for a course by selecting cases, editing those cases to the sections that are most relevant, and grouping them into readings. Once the materials are assembled, they can be copied in part or in whole by other interested faculty and then edited further.  H2O has been successfully piloted in JZ’s 1L Torts class, and will be rolling out further over the coming year.

    H2O’s project manager will play a leading role in shepherding H2O into its next phase, which will focus on developing new materials and incorporating additional features, in order to expand the platform beyond its law school roots.

    H2O is a  joint project of the Berkman Center for Internet & Society and the Harvard Law School library.  The Project Manager will be housed at the HLS Library and work in close collaboration with lead members of the Library Innovation Lab team; he/she will also work closely with the Berkman Center and current H2O teams. More info and job posting here.

  • Meme patrol: “When something online is free, you’re not the customer, you’re the product.”

    • I participated in the Berkman Center’s fascinating HyperPublic symposium in the summer of 2011.  When moderating a panel I invoked the aphorism that “When something online is free, you’re not the customer, you’re the product.”  It’s a way of encapsulating the idea that online free services usually make money by extracting lots of data from users — and then selling that data, or using it for targeted availability of those users for advertising, to advertisers.  In that sense, the advertisers are the clients, and the users enjoying free content are what’s being sold.  (Of course, sometimes that happens even when the user pays.)

    I didn’t coin the phrase, and since it was featured (and attributed to me!) in wordsmith.org’s wildly popular “word a day” as a thought for the day accompanying the word “enceinte” — I sought to nail down its provenance.

    The first use of the quote that we can find is as a comment within the famed MetaFilter community  in August 2010. The user’s name is blue_beetle, who might be someone named Andrew Lewis.  It’s entirely possible I saw it there, as MeFi is one of my five favorite sites on the Web.

    Similar sentiments (whether drawn from that source or independently invented) have been expressed by Bruce Schneier in October 2010 and by Douglas Rushkoff in September ’11.

    The phrase “you’re the product” also apparently appeared in a 1986 speech by President Reagan about the drug war.

    Just say know.

    –KA and JZ

  • OS X Mountain Lion and Gatekeeper

    • This week, Apple announced that it was moving to a new, faster OS X operating system development cycle, starting with the release of Mountain Lion next summer.  It previewed a number of features for the OS, and released some parts in beta.

    Mountain Lion is slated to include a feature called Gatekeeper as part of the security and privacy settings. Gatekeeper allows administrators (those with full privileges on a Mac) to limit the applications that can run on the Mac.  They can choose among allowing apps downloaded from the Mac App Store only, or apps from outside the Store so long as they are digitally signed to Apple’s satisfaction by their developers, or apps from anywhere.  (The latter has been the way both Mac and Windows PCs have worked, for better or worse, since the introduction of the Apple II in 1977.) Read more »

  • GPS-based Insurance Rates: The Devil is in the (Data) Details

    • A British insurance company called Motaquote has teamed up with TomTom, the GPS manufacturer to offer insurance prices based on data gathered by GPS. Fair Pay Insurance, Motaquote’s new program, is an opt-in insurance pricing scheme where drivers will get a free GPS unit in return for potentially lower (but possibly higher) premiums. The GPS unit will provide all the traditional navigational services as well as warn drivers when they corner too sharply or brake too hard. Read more »

About Jonathan Zittrain

jonathan zittrain

Jonathan Zittrain is Professor of Law at Harvard Law School and co-founder of the Berkman Center for Internet and Society at Harvard Law School

RSS Tweets from Z

  • An error has occurred; the feed is probably down. Try again later.

Blog Archives

Creative Commons BY-NC-SA Jonathan Zittrain unless otherwise noted.
Powered by WordPress using Gridline Lite.