Subsequent judgments follow the mistaken belief that Gobind recognises a right to privacy

Gobind traces privacy to ordered liberty in 21

Gobind did not expressly recognize the right to privacy

dimensions of privacy inclusively enumerated in Gobind

Gobind decided in the post Griswold, post Roe v Wade world. Penumbral rights created by specific rights

This is gnarly stuff though and deserves its own deep dive/bullet point.

How does this get balanced with privacy concerns? I have yet to see an argument or practice that successfully navigates this tension?

Nice succinct statement on the issue.

The request from the DOJ demands that DreamHost hand over 1.3 million visitor IP addresses — in addition to contact information, email content, and photos of thousands of people — in an effort to determine who simply visited the website. (Our customer has also been notified of the pending warrant on the account.)

That information could be used to identify any individuals who used this site to exercise and express political speech protected under the Constitution’s First Amendment. That should be enough to set alarm bells off in anyone’s mind.

Researcher in security and privacy technology.

Interesting document about Privacy

https://www.youtube.com/watch?v=CINVwWHlzTY

Why The Government Shouldn't Break WhatsApp

In January 2018, the World Press Photo Foundation, in association with Newcastle University’s Open Lab, University of California Irvine and ArtEZ in the Netherlands will launch Talking Pictures, an open course in critical visual storytelling.

Lobbyists try to kill "opt-in" privacy standard before it can be implemented.

I refer to this sentence in my annotation above, as it seems at odds with Mike's earlier statement that this is a tools debate, not a legal one.

Not trying to nitpick, but I'm a bit confused between this statement and the one below where Mike says "We're vulnerable to state-sponsored attacks, he says, because we are too narrowly technological in our solutions."

So far in this debate I've been thinking that we are too quick to jump to technical solutions (as Mike's latter point would suggest) when I don't think the issues online are categorically different than they are offline. While certainly tools can help shape social relations and culture, we also have social/cultural mechanisms to deal with situations generated via online tools.

Abuse is not limited to online activity and remedies for abuse are not purely technological. If a person abuses another offline, we have (imperfect) mechanisms to address that abuse. Are we considering those offline mechanisms in our confrontation with online abuse?

Important to remember. Amazon shares very little about what it collects and what it does with what it collects.

Trop gros, les GAFAM ne se sentent plus soumis aux lois. Ils s'arrangent entre eux.

Voilà pourquoi les GAFAM sont aussi puissants (voire plus) que des États.

Qui a dit que Google répond à vos questions ? Depuis longtemps, Google fait les questions et les réponses (à vos dépens).

Nowadays, to protect your privacy you need to:

have the law on your side + trust service providers + use privacy tech

Details about the personal data ISPs are now permitted to sell, and what you can do about it.

Thanks to Republicans, ISPs may soon be free to sell your personal data to anyone they please. Here's info about using HTTPS and VPNs to protect your privacy.

Amazon doesn't provide information about a murder to protect users from the government. This must be a joke!

Like so.

The first three of these can be tough for the individual faculty member to accomplish, but informing students and raising awareness around these issues can be done and is essential.

Official FERPA text

on data compliance, privacy and security in EDU

Lots of mention of engaging in real world issues/solutions/etc. Is this at odds with the mandates of FERPA and privacy/security in general that govern ed-tech integration in education?

You do what you have to do...

When the VPN client you intend to use is in fact the one that will leak your personal data!

What a shame!

Open, decentralised and not meant to know what is transmitted: that's how the Internet has been created. Perfect to protect privacy!

Sad there are so many people who fight against the Internet today...

Lesson learned: not chain different accounts by "logging in with" (most of the time Google, Facebook, Twitter)

Security considered from different perspectives leads to security flaws!

Former members of the Senate Church Committee write to President Obama and Attorney General Loretta Lynch requesting leniency for Edward Snowden.

https://www.brennancenter.org/sites/default/files/news/Snowden_memo.pdf

Mike Pompeo is Trump's pick for CIA director. In January 2016, Pompeo advocated "re-establishing collection of all metadata, and combining it with publicly available financial and lifestyle information into a comprehensive, searchable database. Legal and bureaucratic impediments to surveillance should be removed" (At least they acknowledge that backdoors in US hardware and software would do little good.)

Oh, cute. Pompeo made a name for himself during the Benghazi investigation.<br> http://www.nytimes.com/2016/11/19/us/politics/donald-trump-mike-pompeo-cia.html

EFF guide to attending protests, especially how to handle smartphones. (Part of the guide to surveillance self-defense.)

I'm curious to know if the answer to this question would differ from Generation Y to Generation Z.

Hemisphere isn’t a “partnership” but rather a product AT&T developed, marketed, and sold at a cost of millions of dollars per year to taxpayers. No warrant is required to make use of the company’s massive trove of data, according to AT&T documents, only a promise from law enforcement to not disclose Hemisphere if an investigation using it becomes public.

...

Once AT&T provides a lead through Hemisphere, then investigators use routine police work, like getting a court order for a wiretap or following a suspect around, to provide the same evidence for the purpose of prosecution. This is known as “parallel construction.”

In other words, Google does use everyone’s information (Data as New Oil) and can use such things to target ads in Higher Education.

Proposed changes to "Rule 41" will make it too easy for government agents to get permission to hack remote computers. Petition Congress to prevent this.

Sounds like we're good here.

Here we are good and much better than, say, Genius:

When you post User Content to the Service or otherwise submit it to us, you hereby grant, and you represent and warrant that you have the right to grant, to Genius an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense through multiple tiers) to use, reproduce, publicly perform, publicly display, modify, translate, excerpt (in whole or in part), create derivative works of, distribute and otherwise fully exploit all Intellectual Property Rights in and to such User Content for purposes of providing, operating and promoting the Service or otherwise conducting the business of Genius.

This is definitely not the case. Even in private groups would it ever make sense to say this?

This really just extends the issue of "transfer" mentioned in 9.

This is the first line item I don't feel like we have a proper contingency for or understand exactly how we would handle it.

It seems important to address not just due to FERPA but to contracts/collaborations like that we have with eLife:

What if eLife decides to drop h. Would we, could we delete all data/content related to their work with h? Even outside of contract termination, would we/could we transfer all their data back to them?

The problems for our current relationship with schools is that we don't have institutional accounts whereby we might at least technically be able to collect all related data.

Students could be signing up for h with personal email addresses.

They could be using their h account outside of school so that their data isn't fully in the purview of the school.

Question: if AISD starts using h on a big scale, 1) would we delete all AISD related data if they asked--say everything related to a certain email domain? 2) would we share all that data with them if they asked?

Something like this should probably be added to our PP.

I'm really pleased with how hypothes.is addresses the issues on this page in our Privacy Policy.

Key point.

We cover this in the TOS but not the Privacy Policy.

Again, this is probably a more felicitous wording than “privacy protection”. Sure, it takes as a given that some use of data is desirable. And the preceding section makes it sound like Learning Analytics advocates mostly need ammun… arguments to push their agenda. Still, the notion that we want to advocate for responsible use is more likely to find common ground than this notion that there’s a “data faucet” that should be switched on or off depending on certain stakeholders’ needs. After all, there exists a set of data use practices which are either uncontroversial or, at least, accepted as “par for the course” (no pun intended). For instance, we probably all assume that a registrar should receive the grade data needed to grant degrees and we understand that such data would come from other sources (say, a learning management system or a student information system).

Indeed. “Privacy” makes it sound like a single factor, hiding the complexity of the matter and the importance of learners’ agency.

Even the NYT got interested, however briefly.

The Others.

So what data does h retain?

• username
• email address

Do annotations count as data?

makes the important distinction between the widely acknowledged categories of visibility - public and private - and equally important, but less widely recognized points on the spectrum of visibility - more and less visible, digitized and searchable versus digitized and not searchable, among others

Protecting yourself with do-not-track requests doesn't matter - it isn't listened to.

What happens to the data already shared if permission is revoked?

"Deletion" is a term used loosely in this case.

Is there a clear distinction in the flow of the app for the common user that there is a significant difference between the methods of sharing images or video?

Another identifier that the data collected by Snapchat is an asset, not used for the benefit of the users.

What is the "Snapchat family of companies?"

The value proposition tries to hide the functioning of the organization. Note that the real reason (ads, data collection, and tracking) are buried in the list below.

Collecting more information about users makes the service less secure. A breach, however small, can release PII because of the variety of metrics collected. Less data = more security.

I may choose not to allow my phone number to be shared, but a friend allows Snapchat to access their phonebook. My once-private information is now shared with a company without my consent.

It's important to remember that all of the following falls under "data which is necessary to provide a service."

The quantity of information gathered here is enormous. Most of it seems innocuous, but it's all very personal and, implicit in their use of data for advertising, stored on Snapchat's servers with no time for deletion noted.

This section outlines how Snapchat will continue to stay in business - by farming the information of its users and selling it for advertising.

How many people forget that Snapchat actually sees everything sent? Is this explicitly shared with students when we're teaching?

We cannot assume they're aware of the transfer of data that takes place when that data is sent through an app or website.

Group privacy is much more infrequently discussed than individual privacy. At least in Euro-American contexts. Quite likely a very important bias.

Or Google.

A study of online tracking through cookies and browser fingerprinting.

Why is this noteworthy?

A. merger voids any privacy pledges. The new owner has no requirement to follow these policys.

B. The information is kept for an extended period of time. Once a teacher leaves a school district, their email will be invalid. It's a vacuous promise to say that they'll be contacted.

what??? The following personal information is anything else too.

Why is this noteworthy?

"TRUSTe-certified sites are more than twice as likely to be untrustworthy." http://www.benedelman.org/news/092506-1.html

Short URLs can be brute forced. They should not be used for pages that contain personal information, or pages that allow anyone with the URL to upload files.

Explanation of blockchains by Jeni Tennison.<br> https://twitter.com/JeniT

http://theodi.org/blog/impact-of-blockchains-on-privacy<br> Potential privacy issues of blockchain applications.

Anonymity is not a binary, it is the limit of dissolution into a coherent plural subject.

https://twitter.com/RepTedLieu<br> https://twitter.com/farenthold

Vigilant Solutions, a surveillance technology company, is making shady deals with police departments in Texas. They lend the police equipment and database access. The police use it to spot people with outstanding warrants, whom they can stop and take payments from by credit card -- with a 25% processing fee tacked on for the tech company. The company also intends to keep all the license plate data collected by the police.

One of the drawbacks of anonymity on the Web is romance scams. Scammers set up fake personas on social media. They often use photos stolen from a real person's accounts

When the same person has their photos stolen repeatedly, Facebook could prevent this easily. But they don't.

The strategy seems to be archive everything in case traffic analysis finds something worth going back and reading.

Defense against traffic analysis:

Messages from users must be padded to be uniform in size and combined into relatively large “batches,” then shuffled by some trustworthy means, with the resulting items of the randomly ordered output batch then distributed to their respective destinations. (Technically, decryption needs to be included in the shuffling.) Mix network

He then talks about limited anonymity and pairwise pseudonyms as ways of solving problems with complete anonymity versus public identification. There is an article in Wired about his proposed system.

State legislators in New York and California have introduced bills that would require smartphone vendors to be able to decrypt users' phones.

Finding [Silk Road founder Ross] Ulbricht really boiled down to this: a bunch of Google searches done by an investigator for the Internal Revenue Service (IRS).<br> . . .<br> His preferred tool: Google. Particularly the advanced search option that lets you focus in on a date range.<br> . . .<br> Alford couldn’t be at Ulbricht’s arrest, but he did receive a plaque. The NYT reports that Alford’s superiors had it inscribed with this quote from Sherlock Holmes: "The world is full of obvious things which nobody by chance ever observes."

So you think mass surveillance isn't a problem, since you have nothing to hide? There are so many federal crimes that it is impossible to count them. If the government decides to focus on you, they can probably find a crime that fits your actions.

Long summary of events and legislation related to mass surveillance in 2015, plus some history. Lots of links.

As usual, @AudreyWatters puts things in proper perspective.

House 316-113<br> Senate 65-33

The Verge "This morning, Congress passed the Cybersecurity Information Sharing Act of 2015, attached as the 14th rider to an omnibus budget bill. The bill is expected to be signed into law by the president later today."

Techdirt 15 Dec

1. Allows data to be shared directly with the NSA and DOD, rather than first having to go through DHS.
2. Removes restrictions on using the data for surveillance activities.
3. Removes limitation on using the data for cybersecurity purposes, and allows it to be used for investigating other crimes -- making it likely that the DEA and others will abuse CISA.
4. Removes the requirement to "scrub" the data of personal information unrelated to a cybersecurity threat before sharing the data.

ACLU

Manhattan district attorney Cyrus R. Vance Jr. says that law enforcement agencies want Google and Apple to return to systems without full-disk encryption -- those before iOS 8 and Android Lollipop -- which they could unlock in compliance with a warrant.

He says that's all they're asking. If that's true, they should be speaking out loudly against mass surveillance and FBI demands for backdoors.

It seems necessary to encourage -- or force -- industrial and financial firms to share information with the government about hacks and attempted hacks. But that should not be used as license to transfer and collect customer metadata,

Yes....in an age of networks, the private and public spheres give way to the private and public sectors where the latter of which (public sector) is increasing encroached upon by the former (private sector networks, infrastructures, data, etc).

And with it, issues of what counts as private and public.

This is an idea that me and Rob Gehl wrote about a little concerning the shifting natures of terms of service agreements as/as contracts, but I LOVE how Brown is setting it up here as perhaps the grounding for a networked ethics. I'll be tagging such references as I go along.

http://thenewinquiry.com/essays/cookie-cutters/

Reminds me about THX 1138.

Referring to the notion of abandoning all hope to preserve privacy and instead of protesting about governments gathering intelligence without our permission, design a society were people simply confess what's in their minds in huge specially designated centres.

Internet Commons

European Parliament conference on “Internet as a Commons: Public Space in the Digital Age”, organised in cooperation with Commons Network and Heinrich Böll Foundation. Discussing how to re-decentralize and reclaim the Internet for all.

[ Prologue ]

The Internet as a whole has become an important part of our global public sphere. Internet provides access to a wealth of information and knowledge, and the possibility to participate, create and communicate. This public space made up of internet infrastructures is increasingly threatened from two sides; by the centralization and commercialization through the dominant positions held by giant telecom and Internet companies, as well as by an increasing trend in state regulation and censorship of the net. This poses important questions about how we choose to organize and regulate our digital societies, and how Internet governance models can be developed and implemented to ensure fair and democratic participation.

When it comes to the future of the Internet, a key discussion is one of infrastructures; who owns, runs and controls them. The question of regulation, and who oversees the regulators, is made complicated by the transnational nature of the net.

As much as people expect a broadly and equitably accessible Internet open to diversity, we are, slowly but surely, moving away from it. Monopolization of Internet infrastructures and services by companies such as Facebook and Google has gone hand in hand with privacy intrusions, surveillance and the unbounded use of personal data for commercial gain. As we all interact in these centralized commercial platforms that monetize our actions we see an effective enclosure and manipulation of our public spaces. Decentralization and democratization of the Internet infrastructure and activities is essential to keep a free, open and democratic Internet for all to enjoy equitably. But can the “small is beautiful”-idea be compatible with the building of state-of-the-art successful infrastructure in the future?

The debates around net neutrality, infrastructure neutrality and Internet monopolies reflect the important choices that are to be made. It is essential the EU formulates a comprehensive vision on the internet that addresses the protection of civil liberties such as free speech and privacy, but also the growing commercialization of our digital public spaces and the commodification of personal data with the effect of the market encroaching on all aspects of our daily lives. Only then can it make relevant interventions regarding the Internet and its governance.

Let´s discuss how to re-decentralize and reclaim the Internet for all.

[ Introduction ]

Opening remarks from Benkler & Bloemen:

2:16 Yochai Benkler (Harvard Professor)

The two major challenges of 21st Century Capitalism are the result of the impact of increasing well-being and welfare throughout the globe. The impact on the natural environment and the social environment.

And while the last forty years has seen a steady struggle to increase understanding of the threat to the natural environment. We've actually seen over the last forty years a retreat in the understanding of the impact on the social environment.

Throughout the industrialised world in particular, we've seen increased inequality and a series of ideas around Neoliberalism, initially finding root in the United States and the United Kingdom, then expanding to liberalisation in Europe and ultimately translating into the Washington consensus as a core development policy.

These were anchored in a set of ideas, we largely think of as Neoliberalism, that argued that uncertainty and complexity makes centralised economic planning impossible, and so prices and decentralised decisions in markets by individuals will produce good information.

They modelled universal rationality as self-interested, self-maximising human behaviour. They understood collective behaviour as always failing, always corrupting into illegitimate power. And that then meant that deregulation and freeing of markets from social and legal controls were the way to increase both welfare and liberty.

What we've seen in the last twenty-five years is that the idea of the Commons is beginning to offer a framework, to respond to these deeply corrosive ideas, and begin to allow us to create frameworks that teach us how we can increase human welfare, improve the human condition, but without undermining the social relations in the way that has been so corrosive for the last forty years.

Three schools of the Commons: The work that came out Elinor Ostrom's work and the Ostrom School, the Global Commons work coming out of the environmental movement, and what's most relevant to us here in today's meeting, is the Internet Commons.

The thing that became clear with the Internet Commons, is that even at the heart of the most advanced economies, at the cutting edge of technology and in the areas of greatest economic growth and innovation, commons are at the very heart.

From the very Internet engineering task force that created the internet protocols, through the World Wide Web, to core infrastructure like spectrum commons like WiFi or software, all the way to this great knowledge facility of Wikipedia.

We've seen commons work, we've seen how they work, we've seen their limitations, we've been able to learn how to make them operate and we continue to learn about them. But from the mentally, they offer existence proof that there is another way.

The past quarter century of commons, both on and offline, has taught us that people can affectively act collectively to govern their own utilisation of resources. They've taught us with many details that people respond to diverse motivations and that economic utility is valuable, but it's only part of a range of social emotional and rational ethical commitments.

Property and markets vs State planning and ownership, don't exhaust the capabilities, we live with a much more diverse set of ways of organising economic production, and in particular voluntaristic actions in commons, can support growth, can support innovation, can be more efficient, while at the same time being sustainable and socially more integrated.

At a higher level of abstraction we have come to understand that production and resource management are socially embedded activities, social embededness is not something from which we need to free markets, it instead something we need to achieve.

Freedom is self-governance, individual and collective, not free choice in the market, and property based market as we saw in copyright and patents, as we saw in a variety of our other areas, can actually undermine freedom in both of these senses.

So what are we to do?

Our experience of Internet Commons tells us, that three major shifts needs to happen before the 21st century capitalism challenge can be answered in a socially sustainable way.

We need to increase our use of peer cooperativism. Taking the experience we've garnered over the last fifteen years with commons based peer production and translating into a way that expanded to ever larger propositions of provisioning, so that it can provide a practical anchor and a normative anchor to material production in the market.

We also cannot give up on socially embedded market production, there is no one right path to market production, there is genuine room for ethical choice, not only on the environmental side, not only on the rights side in terms of human rights, but also on the side of economic equality and social sustainability.

And finally, we need to turn our political understanding to one that has peer pragmatism, that understands the limitations of the traditional State, while it also understands the limitations of the Market. That builds on our experience in self-governing communities like Wikipedia, with the overlapping and nested relationship, with the distinct continued ethical commitment of Citizens to their practices. With continuous challenging, but also with distribution of power to much more local bases, to form a new political theory- based in our commons based practices, of our relations as Citizens and the State.

So however important a particular part of the Internet Commons may be from a practical level, at the level of ideas, our experience in Internet Commons over the last quarter of the century, is beginning to teach us how to shape Capitalism for the 21st Century, so that is not only sustainable from the natural environment perspective, but that it is also embedded and supportive of it's social environment.

9:25 Sophie Bloemen (Commons Network)

The Commons is a perspective that looks at stewardship, equitable access and sustainability, and it looks at the collective good beyond individual rights exclusively. So instead of conceiving of Society as a collection of atomised individuals, principally living as consumers, Commons points to the reality of people's lives being deeply embedded in social relationships- communities, histories, traditions.

So this perspective is very helpful when conceiving of the Internet as a public space, as a common good, and how we might want to organise this public space. What kind of infrastructure is provided and who controls the infrastructure. This is what it insists on, on the protection of the Internet as a public space, accessible to everyone. So just like a bridge or street, it's an infrastructure, and it must be controlled and managed in the interests of Citizens.

The central issue of the debate on net neutrality, has also been will it be continue to be managed as a mixed use of commons, or will discriminatory tiers of service transform the internet to a predominately commercial system, for production and distribution.

So the key questions are: Who controls the infrastructure? What are the terms and conditions under which the public gets access? and this has far reaching implications for our society.

The domination of the Internet by several large actors raises important policy questions, about how to manage it. The thwarting of net neutrality rules in Europe just suggests just how vulnerable the open internet really is and it's therefore necessary for policy makers to have a real vision that acknowledges the gravity of these issues.

It was reading professor Benkler's book 'Wealth of Networks' years ago, that give me enlightened research, key insights, why we are and how we are living in a time of deep economic change, change of the modes of production, due to digital technologies, and what the role of social peer production can be, might be.

But also, that it's not a given in which direction we will go. It's not pre-determined, we have to give it a certain shape.

What he also alluded to now is that, our institutional frameworks to a certain extent, reflect outdated conceptions of human agency. The idea of the rational individual who is just out there to increase his material gain through rational calculation. We create and we share because of curiosity, because of social connectedness, because of psychological well-being, there is an element of cooperation and human reciprocity there as well.

So this human capability has really been shown or has really been brought out by the Internet, by digital technology, but it's also taking place, these forms of cooperation and collective action, are also taking shape offline; lots of commoning initiatives, community gardening, co-housing, ethical financing.

So to go back to these institutional frameworks, how can we as professor Benkler said, he named these three things, how can we increase the use of peer cooperativism, and how can we make sure there's a shift towards socially embedded market productions where there's self-governance as well, which is community based. The third point he made is to enhance the political understanding of these commons based practices that are beyond the Market and beyond the State, and I guess that's partly what we're doing here, enhancing this political understanding.

So how do we need to tweak the institutional frameworks, what do we have to take away, what do we have to add? and that's also why in the analysis in our paper 'A Commons Perspective on European Knowledge Policy' we discuss this and we talk about copyright legislation and net neutrality and european positions at the world intellectual property organisation, which are all relevant to this.

What kind of sharing economy do we want, do we want a democratised one where we empower everyone to be a producer, or are most of us still consumers in this economy. Are we producers just in the sense that we share our data, and all our actions online and offline are commodified, we pay with our privacy to be part of it.

So in order to get a good grip on where we should go, how to go ahead, we should take a step back. Take a step back and see what kind of society we would like.

And a key question is: How can we create a structural environment that enables society to fully reap the benefits of knowledge sharing and collaborative production, in a way that's also socially sustainable?

And what could the role of EU be? At this moment, the European parliament is considering a new copyright framework, there's a digital single market strategy, there's the data regulations, lots of things going on. So the next panels will set out some big ideas, and will also give some very practical examples of people engaging with building these peer to peer networks or other initiatives, that will make more concrete what we are talking about.

Free as in “tracked”. Sure, Google signed the privacy pledged and they don’t use data to advertise directly to students. But there are many loopholes. As rms makes very clear, GAfE is the exact opposite of Free Software. It’s “not having to pay for your own enslavement”.

Maybe instead of actually building things that provide privacy, creating a societal structure that respects the need for privacy..?

That seems pretty dead.

Yeah... 'cause apparently no one actually cares...