Tag Archives: Identity management

The Gist of Things

(This is a copy of my Loose Wire Sevice column, produced for newspapers and other print publications. Hence the lack of links.)

By Jeremy Wagstaff

It’s interesting to see how we’ve changed in the past few years.

If you had predicted that we could follow someone’s activities by accessing a single page, right down to where they were, what restaurant they’d visited, where they’d been on holiday, what they were reading, what they were listening to, their employment history, what had made them laugh or cry, the reaction would probably have been somewhat negative.

Back then we had a different idea of privacy.

We basically saw privacy as a garden fence. Only neighbors could look in—unless they’ve got telescopes and twitching curtains. Our privacy wasn’t exactly a massive wall, but a shared understanding that there was a kind of wicker fence, or hedge, between us and the outside world.

Nowadays—maybe five years on—our views have changed. Well, they haven’t really changed, because I don’t think we really ponder it too much. Perhaps we’ve just tacitly accepted that the garden fence no longer exists.

This is probably because the benefits of accepting this outweigh the disadvantages.

Let’s look at the first bit again. If we befriend people on Facebook, we share with them tonnes of personal information, from our birthdays to our kids’ photos to our views and thoughts on the world, revealing either directly or indirectly all sorts of things about our lives.

Two friends died recently and Facebook was the vector for not only that information but for the grieving process of all their friends and relatives.

What was private or intimate is now public or semi-public.

LinkedIn blasts our CVs out there for everyone to see. What we once treated as confidential is now public—including our yearnings for another job. If you doubt me, scroll down to the bottom of a LinkedIn page and you’ll see how many people have opted to include the line “interested in career opportunities”. I’m surprised this doesn’t put more bosses’ noses out of joint.

Then there’s twitter: Every thing we feel, think, or get irked by is out there for everyone to see.

Music sites like Last.fm and Pandora share what you’re listening to, while Google Latitude and foursquare share your location.

You can get a sense of how all this fits together—and why, perhaps, it’s not such a bad thing—when you try out services like Gist. Gist assembles all the people in your address book and creates sort of virtual pages for them, populating each with whatever it can find on the Internet about them.

So, their LinkedIn page, their twitter feed, their MySpace page, their blog, any mentions of them in the media, are all collected together, alongside your email exchanges with them and other people involved in those email exchanges. Calendar entries, and email attachments, are all there easily found and reconciled.

The result is a somewhat disconcerting, but very useful, page which tells you everything you need to know about that person in order to remain in contact.

Indeed, that’s the purpose of Gist: to turn business networking into more of a science and less an art. You can see when you last communicated with them—and whether you should ping them to keep things bubbling.

Gist has even bought a service that flashes photos of your contacts at you to help you remember who they are.

From a privacy point of view, it’s unnerving to see your details so readily collated in someone else’s address book. And from a human point of view, it’s scary to see the personal reduced to a few algorithms and search spiders.

But it’s actually very useful, and turns our familiar tools of email and contact books into something more dynamic.

I don’t care so much about staying in touch with business contacts; I do, however, like to be able to see what my friends and colleagues have been talking about. And to be able to see all that on one page is a boon.

It bypasses both my address book and my email service. Gist finds pictures of the people I’m corresponding with before I’ve even met them. (Some surprises are in store: Not everyone is the gender you think they are.)

This, in short, is what has happened to our notions of privacy. What once would have been considered somewhat creepy stalking is now considered a valid means of staying on top of all the people and bits and pieces in your professional life.

No more garden fences. Now it’s more like a permanent open house cum garage sale, where anyone can poke around as much as they like.

And maybe offer you a job.

Art, the Internet and the Rise of Symbiosis

Great piece from the NYT on the decline of mystery and the rise of symbiosis for artists, who find there’s a living of sorts to be made by engaging with fans online and allowing the community that emerges to choose the direction their musical careers take — even to the point of how much to charge for their creations. But it leaves some doubts:

clipped from www.nytimes.com

“I vacillate so much on this,” Tad Kubler told me one evening in March. “I’m like, I want to keep some privacy, some sense of mystery. But I also want to have this intimacy with our fans. And I’m not sure you can have both.”

The Privacy Myth

If there’s one myth that endures in this age of online participation, blogs, shared photo albums and Web 2.0, it’s that we’ve overcome our concerns about privacy. It sounds on the surface, logical: We must have gotten over this weird paranoia, or else why would we share so much online? Why would we bother about privacy issues when there’s no real evidence that people, companies, governments and the NSA are out to get us? This, for example, from Web 2.0 blog TechCrunch guest contributor Steve Poland:

I’m sure there’s data to back me up on this, but today compared to 10 years ago — people are way more comfortable with the Internet and have less privacy concerns. Or at least the younger generations that have grown up with the Internet aren’t as concerned with privacy — and spew what’s on their mind to the entire world via the web.

I can’t speak for the younger generation, having been kicked out of it some years ago. But if we’re talking more generally about folk who have embraced the Net in the past 10 years, I’d have to say I don’t think it’s that we don’t care about privacy. We just don’t understand it. In that sense nothing has changed. I think what is happening is the same as before: People don’t really understand the privacy issues of what they’re doing, because the technology, and its liberating sensuality, are moving faster than we can assimilate to our culture. This is not new: Technology has always outpaced our intellectual grasp. If you don’t believe me think radio, TV, cars and cellphones. We were lousy at predicting the impact of any of these technologies on our environment. Lousy.

Usually, it’s because we just don’t stop to think about the privacy implications, or we don’t stop to ask deeper questions about the sacrifices we may be making when we buy something, give information to a stranger, register for something, accept something, invite someone in to our digital lives, install software, sign up for a service, or simply accept an email or click on a link. The speed of communication – click here! register here! — makes all this easier. But I don’t really blame the reader. Often it’s us journalists who are to blame for not digging enough.

Take, for example, a new service called reQall from QTech Inc in India. On the surface, it sounds like a great service: phone in a message to yourself and it will appear in your email inbox transcribed with 100% accuracy. Great if you’re on the road, on the john or at a party and don’t want to start jabbing away or scrawling the note on the back of your spouse’s neck.

Rafe Needham of Webware initially enthuses about it on his blog. But then he later finds out that

Update: I’m told that ReQall’s speech-to-text engine isn’t wholly automated. “We use a combination of automated speech recognition technology and human transcription,” a company co-founder told me. Which means there may be someone listening to your notes and to-do items. Yikes!

Yikes indeed. Who would record a message knowing that a stranger is going to be transcribing it, and a company storing it on their servers? To be fair to Rafe he’s not the only one not to initially notice this privacy angle. And at least he bothers to write it up. Dean Takahashi didn’t mention it in his (admittedly) brief Mercury News piece, for example. The company’s press release makes no mention of it either, saying only that

reQall is patent-pending software technology that uses a combination of voice interface and speech-recognition technology to record, log and retrieve your tasks, meetings and voice notes.

(The same press release appears on Forbes’ own website, which I always think looks a bit odd, as if there’s no real difference between a story and a press release. But that’s another rant for another day.) That, frankly, would leave me thinking there was no human interaction either.

But then again, there are clues here and if we (by which I mean us hacks) were doing our job we should probably follow them. Any Google search for reqall and privacy throws up an interesting trail. A CNN report on memory quoted Sunil Vemuri talking about reQall but says issues about privacy and keeping such records free from subpoena have yet to be worked out. When a blogger called Nikhil Pahwa quoted CNN on ContentSutra someone from QTech wrote in:

Please note that there is an inaccuracy in the post. QTech is not “currently working on sorting out issues related to privacy laws, and how to prevent these recordings from being subpoenaed.” Can you correct this?

The text was duly crossed out, so now it reads:

According to the report, they’re currently working on sorting out issues related to privacy laws, and how to prevent these recordings from being subpoenaed are still to be worked out.

So we’re none the wiser. Are there issues? Are QTech working on those issues? Or are there issues that other people are working on, not QTech? Their website sheds little light. There’s nothing about human transcription on any of the pages I could find, nor in the site search. Their privacy policy (like all privacy policies) doesn’t really reassure us, but neither does it explicitly scare our pants off. A brief jaunt through it (I’m not a lawyer, although I sometimes wish I was, and I think John Travolta in “A Civil Action” makes a good one) raises these yellow flags:

  • QTech can use your location, contact details etc to “send you information related to your account or other QTech Service offerings and other promotional offerings.” I.e. the company knows where you are, your phone number and home address and could spam you.
  • QTech may “include relevant advertising and related links based on Your location, Your call history and other information related to Your use of the Services.” I.e. The company could send you stuff based on what information you’ve given in your messages, and any other information you carelessly handed over during the course of using the service.
  • QTech can use the content of your audio messages (and your contact information) for, among other things, “providing our products and services to other users, including the display of customized content and advertising,  auditing, research and analysis in order to maintain, protect and improve our services … [and] developing new services.” I.e. the company can mine the contents of your messages and other stuff and spam other customers. Somehow this seems more scary than actually spamming you.
  • QTech will hold onto those messages “for as long as it is necessary to perform the Services, carry out marketing activities or comply with applicable legislation.” I.e. don’t think your messages are going to be deleted just because you don’t need them anymore.

Privacy documents are written by lawyers, so they’re about as weaselly as they can be. And QTech’s is no different. But there is some cause for concern here, and we journalists should at least try to explore some of these issues. I looked for any acknowledgement that there’s a human involved in the transcription, and some reassurance that the content of those messages is not going to be mined for advertising purposes, and that it would be possible for customers to insist their messages are deleted. I couldn’t find anything, although to their credit QTech do say they won’t “sell, rent or otherwise share Your Contact Information or Audio Communications with any third parties except in the limited circumstance of when we are compelled to do so by a valid, binding court order or subpoena”. But if QTech are doing their own advertising then does that really make any difference?

I’m seeking comment from QTech on this and will update the post when I hear it. And this isn’t really about QTech; it’s about us — citizens, readers, bloggers, journalists — thinking a little harder about our privacy before we throw it away for a great sounding service. Do you want, for example, your personal memos (“Calling from the pub. God I really need a holiday. I think I’m cracking up”) mined for advertising (“Hi! Can I interest you in Caribbean cruise? I hear you’re cracking up!” “Hi, need psychological counselling? I’m told you do” “Hi! Need Viagra? I hear from that last message you left you probably do”)?

Airports And The Privacy Of The Humiliated

I couldn’t help wondering about the privacy implications of airlines calling out people’s names over the airport PA system.

In Sydney and Melbourne airports recently I lost count of announcements along the lines of ‘Would Mr and Mrs X of flight X to X please go to gate X where their plane, and hundreds of their fellow passengers, are waiting patiently for them to board’, usually along with some humorous and belittling remark or two, which I have to say I found hugely amusing initially.

But then I got to thinking: What if it was me? What if it was someone who was having serious medical problems in the washroom? What if it was someone travelling incognito with someone who wasn’t their wife, or on some sensitive errand? What if someone already on the plane decided they’d be inconvenienced enough and jotted down the tardy passengers’ name to wreak revenge later?

Maybe it’s paranoia and an overworked privacy gland, but I’m not sure that, in this present version of the world, airlines and airports should be quite so fast and loose with announcements that identify individuals, their flight numbers and their embarrassment.

Anti Phishing Tools And The Lull Of False Security

From Buzz Bruggeman, here’s another tool that may help fend off phishing attacks (here’s an earlier post on similar software): SpoofStick, a browser extension that sits in either IE or FireFox and tells you what website you’re really visiting.

It works like this: Many phishing scams conceal the real website in a link behind tricks such lots of prior gobbledegook preceded by a legitimate website. Others put in lots of white space so the real link falls off the edge of your screen. All rely on one weirdness in URLs: if there’s more than one website in the link, it’s the last one that counts. So when you see a link begining in ebay.com, you can’t be sure whether it’s really an eBay link until you get to the end of the link, and even legitimate links can sometimes be longer than the width of a screen. CoreStreet do a good job of explaining all this, and SpoofStick will tell you what site you’re really at.

Now, I’ve got nothing against CoreStreet offering these kind of tools; in fact I think it’s a good public service. But given the company is involved in ”massively scalable validation products for identity management and access control” I can’t help wondering whether there isn’t a better way to do this.

First off, with something like SpoofStick users would have to click on the link in their email program and visit the site in question before they know whether the email/website is genuine. Given many phishing emails now don’t bother trying to get the user to fill out a form but instead upload a keylogging trojan when they visit the scamming website, it’s going to be a bit late to find out whether the URL is legitimate or not. Better would be a tool that allow the user to copy the offending URL into a program which would then check its authenticity.

Secondly, what happens when the scammer uses a website name that sounds kosher? As mentioned in a previous posting, some scammers are smart enough to set up website names that may sound legitimate to some users (in that case updatesecuritycheck.com), so the approach adopted by SpoofStick is going to only help those who think that doesn’t sound like a legit site. To many it does.

Bottom line: SpoofStick and its ilk are good, but they don’t go far enough, and they may merely lull users into a false sense of security. It’s not that elegant, but I’d suggest concerned users go to something like Karen Kenworthy’s URL Discombobulator, freeware which will investigate any URL you paste into it and tell you what’s really behind it. Just remember to copy the link itself, not the text in front of it. Many scams will create what looks like a legitimate link but actually links to what, in a recent phish I received, the scammer charmingly admits is the ‘scampage’ (this is a real scam so I don’t advise clicking on it): https://www.paypal.com/fraudcheck/secure/bill.html?sl=070304=”/A”> 

Plaxo and Privacy — A Storm In A Teacup?

Plaxo, the besieged contact updating service, is pointing readers of its blog to an article that takes issue with the company’s critics.

The article, written by Jim Harper of PolicyCounsel.com, takes issue with privacy concerns, especially those aired by Australian academic Roger Clarke which I’ve tried to summarise in an earlier post. Jim’s language is quite robust, apparently a reaction to Roger’s own riposte to an earlier posting by Jim on RFID tags. Still, he makes an interesting point: Why all the fuss about handing over your contact data?

For just a moment, let me go into Clarke’s starting point a little further: the idea that contact information is sensitive. It’s not. In fact, contact information is created precisely for the purpose of sharing. People print contact information on cards and give it out. There are entire books – called “phone books” – designed to broadcast contact information far and wide. People put their contact information on letters and in e-mails. Contact information is about as private as the nose on your face.

So who is right? It’s true that contact information in itself is a more or less public commodity. I can decline to hand over my business card to someone I don’t like the look of, but once the card is handed over to anyone, I can no longer assume that information is secure. But my reading (and hey, I’m no expert) of Roger’s original piece is that there are two main outstanding problems:

  • It’s less about handing over one’s data about oneself, but about someone else handing over their data about you. The main objection people have about Plaxo is that, by uploading their address book to Plaxo’s servers, someone else is giving away information about you. As Roger points out: “Under the doctrine of privity, a contract creates rights and responsibilities for the parties to the contract, but for no-one else. Hence there are no rights whatsoever under the contract for the individuals to whom the data relates.”
  • The second issue is about the connections implied in such data — not just whether you’re in someone’s address book, and who else is there alongside you. If someone is arrested for fraud, does the fact that you’re in their address book make you a suspect? Roger writes: ”The threat involved in consolidations of address-books therefore has an important social dimension, and if it affects a person’s employability or career advancement, then an economic dimension as well.”

On the surface neither of these concerns may seem all that relevant. If you’re in a criminal’s address book/PDA/cellphone chances are you’re going to be interviewed by police, whether they got the information from Plaxo or from riffling through his dashboard glove compartment. And, in the first case, what’s the difference between someone storing your contact details in their PDA than online with Plaxo?

First off, I think Jim’s taking too much of an old world view of privacy. He writes that “there isn’t much difference between an online social network and the online or offline lists of club memberships, fraternities, churches, phone systems, magazine subscribers, buyers of goods, sellers of goods, transporters of goods, employees, employers: the list of lists goes on and on.” True, in terms of the nature of such data. But computers and the Internet make handling — and, potentially, mining — such lists much more efficient. In its first seven months Plaxo had more than a million members: Assume, each one has a contact list of 100 people. That’s 100 million names (lots of duplication, of course, but my figures are conservative.) Plaxo has promised not to do anything with this data, but Roger’s point is a fair one: Existing privacy laws don’t really deal with situations where users voluntarily surrender data about other people. So we’re already in new territory.

Internet users are already aware of this; just a year or so ago many of us wouldn’t have baulked at entering personal details into a website in return for access. Not any more. The Internet, once this great repository of information and a community of benign and helpful folk, has turned around and bit us on the collective behind. Spam is just the most visible aspect of it. We now see our lives visible online, so much so that prospective dates are ‘Googled’ to see whether their background is up to snuff. Privacy nowadays is not so much about keeping yourself to yourself, but in trying to reassert some sort of control over which specific data enters the public domain. A blogger is quite happy to spill their most intimate beans online, but that doesn’t mean they’re about to reveal their cellphone number to telemarketers, or become part of some large database that may end up being sold to SMS-Spammers-R-US.com a few years down the track. Personal contact data are, after medical and financial data, the most sensitive data one has.

Jim’s right to raise questions about the heat that Plaxo has been taking (and I readily confess some of the postings here have perhaps contributed to it, although I’ve tried to synthesize the arguments for and against, along with Plaxo’s responses). But it seems to me that if people feel uncomfortable with their data being held by a company that has not revealed how it is going to make its money (or even if it has) then their right to not have their data stored there must be respected, both in law and in the storers’ privacy policy.  

More On Plaxo And Privacy

An interesting academic piece on the privacy aspects of Plaxo (and other networking services), noticed by bagus.

Roger Clarke, who wears several hats as an academic and consultant in Australia and Hong Kong, focuses not on the privacy of those who sign up for such services but “on a matter that is new, and of great concern: the privacy of other individuals whose data is volunteered to such services by its users.”

The piece is worth reading. He makes some important points about how this is more than just an issue of some sleazy marketing guy making use of your data to sell you stuff, or build a profile of your shopping habits. He also points out that this kind of data — stored by individuals in a private capacity — is not covered by most data protection laws.

His conclusion:  “In general, people would be well-advised firstly to stay well clear of all address-book and ‘social networking systems’, and secondly to prevail upon their friends, colleagues and acquaintances that they should avoid making any data about them available to service-operators like Plaxo.”

News: RFID Notes

 A longish piece from Slate on our old friends RFIDs — Radio Frequency Identification Devices — which are feared and admired for their ability to hold all sorts of data about what you’re doing, buying, washing or eating. Earlier this month Hitachi announced the release of a tiny wireless ID chip that can be “easily embedded in bank notes.”
 
Although the story doesn’t focus on it, it makes a good point: Whereas privacy advocates — fearing these things may hold data about our purchases etc well after we left the shop — may be silenced by the idea of a ‘kill switch’ which disables the tag at checkout, presumably the same wouldn’t really be a good idea in currency. So why exactly should we have RFIDs in our currency, and what does it mean for us? More anon.