Slashdot Mirror

← Back to Stories (view on slashdot.org)

Obama Faces Major Online Privacy Test

Posted by kdawson on from the holding-him-to-it dept.

CNET has a piece on the prospects for an initiative to revamp privacy law for the digital age being put forward by an unlikely coalition that includes Microsoft, Google, privacy advocates, and conservative and libertarian organizations. "When Barack Obama was campaigning for the presidency in 2008, he promised that as president, he would 'strengthen privacy protections for the digital age.' That pledge will be put to the test as the Obama administration considers whether to support a new privacy proposal released by a coalition including Google, eBay, Microsoft, AT&T, the ACLU, and Americans for Tax Reform... The [so-called] Digital Due Process coalition already has met with attorneys from the Justice Department's computer crime unit, White House attorneys, FBI representatives, and Commerce Department officials... the law enforcement meetings were 'respectful' and 'substantive.'"

21 of 72 comments (clear)

  1. Double Speak by Monkeedude1212 · · Score: 2, Insightful

    "'strengthen privacy protections for the digital age"

    In other words, watch your every online movement?

    1. Re:Double Speak by Runaway1956 · · Score: 4, Interesting

      I really don't understand your point. Wallowing in paranoia? Dude - it's NOT paranoia, when every lackwit in the world is TRYING to pry into your computer via malware, cookies, supercookies, etc ect ad nauseum. Wallowing in paranoia? You think that citizens should eliminate antivirus, antispam, malware scanners, and all the rest, open all their ports, and accept all incoming requests on all ports?

      Personally, I don't think it's paranoid to close the drapes when I'm getting laid, nor do I think it's paranoid to close ports, and refuse unsolicited connections from Liberia, Surinam, Nigeria, Latvia, and China.

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    2. Re:Double Speak by jhoegl · · Score: 2, Informative

      Strawman argument is strawman....

    3. Re:Double Speak by joocemann · · Score: 3, Insightful

      Under bush the liberals/dems wallowed in paranoia.

      Under obama the conservatives/repubs wallow in paranoia.

      This country is hardly enough of a bother to induce real action. Its hard to get people to actually do something when what they really care about is the next episode of Lost and their acceptance of the generally unimpeded path between work and the couch.

  2. Define rules by fermion · · Score: 2, Insightful

    Like the no-call lists, I am sure companies would like this to get a formal definition of what is allowed and what is not. OTOH, it is unclear to me that any of the companies are concerned about privacy. Maybe the ACLU might be able to get some protective language in there. With online privacy, though, if the EFF does not support I have to assume it is astroturf, especially with Google supporting it.

    --
    "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
    1. Re:Define rules by slashqwerty · · Score: 2, Informative

      With online privacy, though, if the EFF does not support I have to assume it is astroturf, especially with Google supporting it.

      The EFF is a member. With that said, take a look at the URL. That giant code raises all kinds of red flags about tracking who posted the link.

  3. Their priciples by beakerMeep · · Score: 5, Informative
    From the coalition's website:

    ----

    1. The government should obtain a search warrant based on probable cause before it can compel a service provider to disclose a user’s private communications or documents stored online.
    • This principle applies the safeguards that the law has traditionally provided for the privacy of our phone calls or the physical files we store in our homes to private communications, documents and other private user content stored in or transmitted through the Internet "cloud"-- private emails, instant messages, text messages, word processing documents and spreadsheets, photos, Internet search queries and private posts made over social networks.
    • This change was first proposed in bi-partisan legislation introduced in 1998 by Senators John Ashcroft and Patrick Leahy. It is consistent with recent appeals court decisions holding that emails and SMS text messages stored by communications providers are protected by the Fourth Amendment, and is also consistent with the latest legal scholarship on the issue.

    2. The government should obtain a search warrant based on probable cause before it can track, prospectively or retrospectively, the location of a cell phone or other mobile communications device.

    • This principle addresses the treatment of the growing quantity and quality of data based on the location of cell phones, laptops and other mobile devices, which is currently the subject of conflicting court decisions; it proposes the conclusion reached by a majority of the courts that a search warrant is required for real-time cell phone tracking, and would apply the same standard to access to stored location data.
    • A warrant for mobile location information was first proposed in 1998 as part of the bipartisan Ashcroft-Leahy bill. It was approved 20 to 1 by the House Judiciary Committee in 2000.

    3.Before obtaining transactional data in real time about when and with whom an individual communicates using email, instant messaging, text messaging, the telephone or any other communications technology, the government should demonstrate to a court that such data is relevant to an authorized criminal investigation.

    • In 2001, the law governing "pen registers and trap & trace devices" - technologies used to obtain transactional data in real time about when and with whom individuals communicate over the phone - was expanded to also allow monitoring of communications made over the Internet. In particular, the data at issue includes information on who individuals email with, who individuals IM with, who individuals send text messages to, and the Internet Protocol addresses of the Internet sites individuals visit.
    • This principle would update the law to reflect modern technology by establishing judicial review of surveillance requests for this data based on a factual showing of reasonable grounds to believe that the information sought is relevant to a crime being investigated.

    4.Before obtaining transactional data about multiple unidentified users of communications or other online services when trying to track down a suspect, the government should first demonstrate to a court that the data is needed for its criminal investigation.

    • This principle addresses the circumstance when the government uses subpoenas to get information in bulk about broad categories of telephone or Internet users, rather than seeking the records of specific individuals that are relevant to an investigation. For example, there have been reported cases of bulk requests for information about everyone that visited a particular web site on a particular day, or everyone that used the Internet to sell products in a particular jurisdiction.
    • Because such bulk requests for information on c
    --
    meep
    1. Re:Their priciples by zoloto · · Score: 2, Interesting

      There is no need to keep the data of where your cell phone has gone or connected. There simply is no reason to store this information at all.

  4. A good step forward, but... by sloanesky · · Score: 5, Interesting
    The fact that a handful of these corporations are anywhere near privacy reform legislation makes me nervous. I think a quote from a NY Times article explains why.

    ...AT&T, Google and Microsoft, and advocacy groups from across the political spectrum said Tuesday that it would push Congress to strengthen online privacy laws to protect private digital information from government access.

    They want to protect our information from the government, but what about themselves? Some of their very business models depends on people giving their information to the company (Google). Such a coalition is not likely to recommend privacy laws that also apply to their own corporations, so any privacy reform spearheaded by these members will be incomplete and potentially damaging.

    On their principles page they only make mention of limiting the government's access to information, and don't even reference anything about corporations. While I applaud their attempt to limit government access to our private information, their (understandable) bias in favor of their corporate needs kind of limits this effort in my opinion. I am more concerned about the amount of data that google and other such companies have about me at this point.

    Any privacy legislation needs to restrict the amount and kinds of information these companies can collect about us in order to really protect privacy on the internet, since the internet is really more the domain of corporations than the federal government.

    1. Re:A good step forward, but... by pin0chet · · Score: 3, Informative

      Unlike government, not one of the firms in the coalition has the power to force you to hand information over to them. If you don't want Google or Microsoft or AT&T to have your information, don't use their services. Also, if a firm fails to adequately protect your data and you suffer harm as a result, depending on the terms of service you may be able to sue the firm. But if government wrongfully seizes your data, you generally cannot sue (absent acts of blatant bad faith.) And government has no financial incentive to safeguard your data, while companies like Google have a LOT to lose if their privacy reputation is damaged due to a data breach or other unscrupulous practice.

    2. Re:A good step forward, but... by sloanesky · · Score: 5, Insightful

      Here on slashdot most of us are aware of the information that the corporations are collecting on us (to some degree) and we have the means to limit this through our internet experience. Most of the people who are new to the internet don't know know about google's extensive data collection, they have no idea how much of their information is being collected by marketing companies, they don't know that it is being indexed by other sites and that even if they delete it there is a good chance it is stored somewhere. They are simply incapable of the informed consent required to "volunteer" such information.

      The companies who are collecting data aren't informing you that they are doing it, they aren't telling you what it will be used for, and you rarely have a chance to challenge it. It might be hidden in their EULA or Terms of Service, but those are often written in legalese and in such length that a vast majority of people just check the box and accept it. I do it myself, and I do care about what information is being collected about me. I personally know what is going on behind the scenes, but how can one expect the grandmother who logs into facebook to play farmville and interact with her family to?

      The government can compel you to give up information sure, but at least you are aware of what information is being collected and why you are being compelled to furnish it. Your point about the government being able to compel others to give up your information against your will is spot on, and I feel that a lot of the ideas proposed by this coalition are actually good in protecting us from the government. Just incomplete since we also need to have tougher privacy laws in regard to corporations too.

      And sadly you are correct about the difficulty in getting such legislation passed. The lack of knowledge about how much data is really being collected about people online among the general public is one of the root causes of this whole mess. If people knew about what was going on, and what they could do to prevent it, such legislation would probably be pointless. Unfortunately that is just a dream at this point, as people who don't know enough about computers and the internet to protect themselves keep flooding onto the internet.

    3. Re:A good step forward, but... by sloanesky · · Score: 4, Insightful

      I am aware of this, and never said that I was against the reforms they suggested. In fact I think a lot of them are desperately needed. The problem I see though, is that no attention is given to the non-government entities that are amassing information on us. If some of these same entities are the ones pushing legislation for privacy reform, they are of course going to keep their corporate self-interest in mind. If the privacy reforms regarding the government are passed, who is going to go back and say that we need to limit what corporations themselves can collect? By getting involved they can work to protect their interests in any potential privacy reforms.

      And like I said in another post, a lot of people lack awareness of how much information is being collected. How is a typical technologically-ignorant grandmother to know about tracking cookies, google analytics and other such things? How would they even know if their information was not being adequately protected? They probably wouldn't.

    4. Re:A good step forward, but... by Trepidity · · Score: 3, Insightful

      I think it's a bit more gray-area than "volunteer to give your information to a corporation". Most sites from which Google collects data don't even inform the user that Google is collecting statistical data on their browsing of the site, much less ask their permission.

      --
      10 PRINT CHR$(205.5+RND(1)); : GOTO 10
    5. Re:A good step forward, but... by shutdown+-p+now · · Score: 2, Insightful

      The fact that a handful of these corporations are anywhere near privacy reform legislation makes me nervous.

      There is one simple reason why the corps want strengthening of privacy laws: they have a weak spot with those that are standing when they preach cloud computing/storage today. A keen customer would immediately ask, "but how safe is my data with you?". And they can write privacy policies etc, and compete on those (like MS recently tries to positively spin its relatively lax retention policies vs Google ones), but they cannot ignore the law.

  5. End-to-end encryption. by DrYak · · Score: 4, Interesting

    Once more proof that end-to-end encryption(*) should be the norm to guarantee someone's privacy.

    ---

    (*) as provided out-of-the box by several chat programs supporting Off-The-Record [cypherpunks.ca] such as Adium on Mac [adium.im]. Or Pidgin on Linux [pidgin.im] if you take into account the plug-in [cypherpunks.ca] that most Linux distribution are offering into their base repository, and is available through an installer on Windows.

    It's not some complex arcane setup that only a couple of criminals bother to use to hide the evil doing. It's a pretty much standard and freely available technology that everyone can use, just because you shouldn't help anyone spying on you.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
    1. Re:End-to-end encryption. by maxume · · Score: 2, Insightful

      That only assures your privacy to the extent that the person on the other end is trustworthy.

      --
      Nerd rage is the funniest rage.
  6. DISCLAIMER: IANAL by waspleg · · Score: 3, Insightful

    I'm the son of one. That word "Should" is pesky. Usually law enforcement will just ask the 3rd party for the information and it's handed over without question (I know this first hand). Just because they Should ask for a warrant just means that unless it's written as Shall, it won't happen. I didn't read the article. If Obama is going to use this as the basis for the law I hope it's carefully edited; the saddest part being that one is needed at all.

  7. Looking at Senator Obama's record... by PinchDuck · · Score: 3, Interesting

    Particularly at his FISA vote, I'm guessing he will go with guidelines that strengthen privacy of individuals wrt companies, but will go for even more of a Federal power grab. Governments hate privacy and love power. Given any opportunity, they will weaken one and strengthen the other.

  8. Dear Mr. Obama by Yvan256 · · Score: 3, Informative

    Here are the answers for your Major Online Privacy Test:
    1) A
    2) D
    3) B
    4) F
    5) B
    6) C
    7) D
    8) A
    9) B
    10) A
    11) D
    12) E
    13) B
    14) A
    15) C

  9. Bad move - missing URLS by DrYak · · Score: 4, Informative

    It was mine to begin with.
    I just happened to hit "Reply" in the wrong thread and wanted to move where appropriate. I fucked up the copy-paste. And of course it does look the same in the preview pane, which didn't help.

    Here are the missing links :
    - Adium : http://adium.im/
    - Pidgin : http://pidgin.im/
    - OTR: http://www.cypherpunks.ca/otr/
    - plugins downloads : http://www.cypherpunks.ca/otr/index.php#downloads middle column. It offers a Windows installer. For Linux there's source code (I use it), but it should be much simpler to use the package provided by your distribution's repository (it's in OpenSUSE, Ubuntu, Debian and Gentoo. Don't know about the others)

    (Checking in preview pane : Yup this time I didn't fuck up the URLs ;-) )

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  10. Fingerpoint-o-rama by Bob9113 · · Score: 4, Insightful

    I love how all the oligarchs are snooping on our communications and pointing the fingers at everyone else.

    Google & Microsoft accuse the Federal Gov't:
    http://yro.slashdot.org/article.pl?sid=10/04/03/1728214

    Microsoft accuses Google:
    http://yro.slashdot.org/article.pl?sid=10/03/31/2223228

    The Federal Gov't accuses Google:
    http://yro.slashdot.org/article.pl?sid=10/03/31/1428244

    Hey, here's an idea: What say we actually consider the spirit of the 4th amendment, eh? We need an example though... Some form of remote communication that existed back in the day when people had more recent knowledge of the importance of the Bill of Rights. Ideally something that could regularly fall into the hands of both the government and third parties. Something like United States Postal Service mail.

    See, USPS mail is pretty much the earliest significant form of remote communications in the United States. It goes all the way back to 1775. The policies regarding the privacy of postal mail are pretty much exactly what the founding fathers intended, so we can be pretty sure they are what a bunch of smart, argumentative guys would come up with when seriously considering -- from up close and personal -- the dangers of invasion of privacy.

    Now what are those standards? Well, if you tamper with the mail, you go to jail. If you open someone else's mail, you go to jail. If the government wants to open your mail, they need a warrant. They need a real warrant, from a judge and supported by oath or affirmation, not a flunky clerk with a rubber stamp and a pen register.

    That is what the 4th amendment is about: You have a right to be secure in your papers. Genuinely secure. Not "the government won't look unless they feel like it", but genuinely secure that it won't happen for light or transient reasons. Even if those papers are not in your home or your possession. Even if they are in an envelope that can be seen through. Even if that envelope could be opened and resealed without anyone knowing. You mess with the mail, you go to jail.

    That is the standard of the people who actually faced, fought, and defeated oligarchy. It is a good one. It is fundamental to true liberty -- the liberty of having a truly free mind. It is the standard we should apply to all private communications. Google, Microsoft, FBI, everybody -- keep your cotton picking noses out of my private communications unless you have a real warrant or my express written permission (notarized, of course).

    --
    Stop-Prism.org: Opt Out of Surveillance