Slashdot Mirror
The Woman Who's Making Your Privacy Her Business
davecb writes "The woman who faced down Facebook and was dissed by Silicon Valley business boys as 'an old-fashioned scold' is really one of the early advocates for using the internet for access to information, and to open up government. The Globe and Mail has an interview with Jennifer Stoddart, the privacy commissioner of Canada, who went up against Facebook for all of us, and made them back down."
My mom?
All of us in Canada at least. She seems to take her mandate seriously.
They start out looking good, until some entity comes along and starts wringing profit or control (one & the same?) out of a new 'utopian innovation'.
That is what happened for a long time with Windows where Microsoft essentially dictated a lot of what and how things were done in personal computing or how FAST they progressed.
Level playing fields are hard to maintain in anarchistic society. The same can be said for all powerful central government or dictators.
Competition on a 'level playing field' seems to be one of the best antidotes to monopolies. But is isn't easy to decide what is fair. Luckily we have some solid heads in government that realize they have the responsibility to do the right thing for the average citizen rather than the labor unions and powerful corp. lobbies.
I'm starting to hate the internet. More and more it seems like the internet is turning into one big bug in the ass. I have to specifically opt out of fucking invasive bullshit toolbars that I didn't ask for, had no interest in, and no desire to have corrupting my machine. I got an idea for all you assholes who think that is the way to make money....HOWS ABOUT YOU WORK ON PROJECTS THAT MAKE US FREER RATHER THAN FURTHER CONFINE OR TRACK US??? Is it really so much to ask to be able to scan, upload, download, chat, skype, mud, "be on the web" without fear of being constantly surveiled? I'm not a tree. My psychological profile, shopping habits, surfing habits, political interests, are not "fruit" to be picked and sold on the market, and as such ARE NONE OF YOUR FUCKING BUSINESS!!! If I want your shit, I will use the most powerful investigatory tool humankind has ever invented, find it myself, and possibly even buy it! If what you had to offer was worth having I might even buy it again. But, until that point, LEAVE ME THE FUCK ALONE!
-Oz
She's done more than just the Facebook thing. That's really just the most prominent example. And yes, for all of us. She's not concerned with just protecting a certain segment of the population, or even "just Canadians." If she sees an issue that she can try and do something about, she actually tries to do something, and that something is usually in the interests of "the little guy," rather than corporations.
Canada: The US's more awesome sibling.
I've always thought that our privacy commisioner's identity should be unknown. Maybe he/she could appear on TV in a hood, speaking through a voice scrambler.
Except she doesn't want the government to have the power, she wants the people to have the power, since the government is supposed to receive power from the people. And this is Canada, we go for security through co-operation and support, rather than intimidation and manipulation.
Canada: The US's more awesome sibling.
Eh-men my fellow Canadian!
(couldn't resist)
I say don't drink and drive, you might spill your drink. Before you get behind the wheel just stop and think.
Honestly? For a privacy commissioner she's done a hell of a job. Taking her mandate seriously? I'd say so. Conservative, Liberal, NDP, Green, Bloc, small business, big business, internet related. NGO's, and so on. If you break the privacy act, you'll have her breathing down your neck fast. She's about as non-partisan, and pro-privacy as you can get.
Om, nomnomnom...
rather than intimidation and manipulation.
But how do the big multinational arms conglomerates make money off co-operation? Where are the backscatter-xray machine sales in that?
"I'm starting to hate the internet. More and more it seems like the internet is turning into one big bug in the ass. I have to specifically opt out of fucking invasive bullshit toolbars that I didn't ask for, had no interest in, and no desire to have corrupting my machine. I got an idea for all you assholes who think that is the way to make money....HOWS ABOUT YOU WORK ON PROJECTS THAT MAKE US FREER RATHER THAN FURTHER CONFINE OR TRACK US??? Is it really so much to ask to be able to scan, upload, download, chat, skype, mud, "be on the web" without fear of being constantly surveiled? I'm not a tree. My psychological profile, shopping habits, surfing habits, political interests, are not "fruit" to be picked and sold on the market, and as such ARE NONE OF YOUR FUCKING BUSINESS!!! If I want your shit, I will use the most powerful investigatory tool humankind has ever invented, find it myself, and possibly even buy it! If what you had to offer was worth having I might even buy it again. But, until that point, LEAVE ME THE FUCK ALONE!
-Oz" -
Ok, then YOU of all people, want to read this (not selling anything here, HOSTS files free & you already have one (you just have to fill your OS' copy of your HOSTS file w/ the right data to stop a lot of the problems you complain of online, & reputable + reliable sources for currently updated HOSTS files are below)):
16++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
governments should hoard information, at least in the traditional sense, to keep it hidden from other national governments. Unless you think every nation in the word should have the same information as every other
Nah, Governments shouldn't hoard information at all.
They should only keep "vital" information under wraps for at most 2 years, then make it all public (not hording, hording = "never gonna give you up")
The only exception I can see is for long term military planning. Do we really need to use deceit in our diplomatic affairs? What's wrong with stating our goals and working to those ends? (It's not like we're really confounding our "enemies" by keeping diplomatic secrets).
Unfortunately, under such an "idealist" information policy, everything will just get categorized as "military planning."
You know... Just like nearly everything currently finds its way under the "national security" umbrella, even though most info is not. Hint: ACTA was held under the "national security" umbrella, now it's not; Guess it wasn't a matter of "national security" was it?
Corrupt governments will always hide under the "national security" blanket, even if you rename it to "military planning" or "diplomatic privacy".
Regardless of the coaching Zuck has received recently on how to act in an interview, based on his actions in public he is most definitely a "boy" even if his age is over 18.
They're in all the Java update wizards for one.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
What's with the poor reading comprehension?
Paragraph 9, words 20 through 23.
Do daemons dream of electric sleep()?
No, according to a eHow guide. They let you enter any text as your friend's name, and even ask you his/her email address: http://i.ehow.com/images/a05/l6/7p/add-tags-facebook-photos-1.5-800X800.jpg
Dilbert RSS feed
For the same reason you block Doubleclick and Google Analytics traffic, even though these sites don't (necessarily) know your real-world name either.
You need to block Facebook widgets because they track even without your being signed in (or even a member):
Facebook's 'Like This' button is tracking you (Whether you click it or not)
which is derived from this paper:
Facebook Tracks and Traces Everyone: Like This! (Social Science Research Network)
Assuming you are not a member of facebook and have no need of the "Share" and "Like" buttons, the hosts file is your friend. Just enter 127.0.0.1 for facebook.net, facebook.com, facebookcdn.com (there may be others but I can't be bothered to look for them right now)
With companies maintaining and sharing huge databases they can build a profile of you quite easily.
Consider the following situation, which parallels in in a way.
A friend's girlfriend loved to hang out in an IRC channel. She thought she was "stranger proof" because she limited the amount of information she shared in any one conversation. Some of the items she revealed were public, while others were revealed in "private" conversations. She (erroneously) assumed that some of the private conversations were with individuals sharing no connection with each other.
After hanging out in the channel for a couple of weeks she got a phone call -- from Australia. One of the channel members created profiles of other users and data mined their conversations in order to identify them. Coupled with the ability to search the net for the consistent use of handles that many become attached to, he was able to track down people rather easily.
For him it was a game. For others it's business.
We don't always know who owns the services we use, and rarely have any idea of who the data is shared with. If company A owns sites B and C, they have the data on you that both sites generate.
While he was working with a small group of people who were likely to share information with people they interacted with regularly, having a huge dataset encompassing thousands of your interactions with other sites is just as useful to a company with the means to examine the data.
And privacy policies don't mean squat without someone keeping them honest. Imagine how many sites out there use them as honey traps.
You certainly have something to say... with all respect, why don't you login? I post AC sometimes when it's best for me but I find its best to attach an account to my statements. IMHO.
You first have to pass some privacy laws with teeth before someone like Ms. Stoddart can do her job.
Atlas stands on the earth and carries the celestial sphere on his shoulders.
Yes, your mom. :)
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
I didn't even notice it until someone called attention to it. Even before reading your reply I just figured it for a little alliteration and not some sexist attack. Hell, there are plenty of other colloquialisms such as "boys' night out" or "boy toy" that aren't considered offensive for their use of the word boy. The second might offend a person, but not for the reason's SuperBanana pointed out.
There's malicious intent and there's loose English. Unless there's some reason to suspect that the wording is intentional, let's leave the political correctness in a box.
Too bad, I really love using analytics. It lets me know where people are going on my site and for how long so I know what they like and don't like. This method is more accurate and less time consuming than bothering people about what they want to see next... I don't see IP addresses inside analytics so there is absolutely no personal information relating to this data. Has she ever used this app before? My ToS discusses about usage of anonymous data with Google Analytics so if someone didn't like it, they could not use the service. Additionally, analytic information provides good scoops on how to advertise to your visitors and if you can't find out information about your visitors in some way, then the age of "free internet" will be gone. I wouldn't mind if websites captured data about my gender, age, and even my favorite food so long as I can keep browsing websites for free. *puts on tinfoil hat* These suggestions about blocking Doubleclick, Analytics and so forth sounds more like people are trying to build a tiered internet system. What a shame.
But how about a nice game of Chess?
soylentnews.org Go there to enjoy the people!
Darn right all of us!
An older example of transitive trust causing problems to innocent bystanders was a library system and a drugstore system running on the same time-shared mainframe.
The drugstore system had security up the wazoo, the library did not.
An evil operator did the equivalent of a join on names between the two systems, and selected female persons with prescriptions for birth control pills from one and for addresses from the other, then started stalking.
Neither system alone would have yielded the information, but the combination of the two did, and the results were as startling then as the first cross-site scripting attacks were more recently.
So she's looking out for all of us, even those that don't know the degree to which they're vulnerable.
--dave (I'm genuinely impressed by her) c-b
davecb@spamcop.net
Wow. Touchy touchy. I didn't put AC down, or insult AC; I just asked why not login? Easy question. A good answer would be "too lazy", and I would certainly think that was valid. Another great answer would be "I just like posting AC". Of course, frothing and ranting is always an excellent response that is readily accepted for entertainment value if nothing else.
Logging in doesn't prove anything. It's just a community thing and helps to put into context what you say by indexing other comments.
No need for home address, real name, financials etc unless you feel a desire to provide those details.
I wouldn't recommend it though.
Cheers, and have a better day tomorrow!
Nope, according to the paper, even if you don't USE Facebook, even if you have never visited Facebook, the like button appearing on other sites can gather data about your visit.
Really, even those of us who don't use Facebook and block its little widgets?
Good fucking luck. Even if you don't have a Facebook account, you'll find your friends uploading your photo to their accounts to cover every party or night out you all share and tagging your image in there. I've always avoided Facebook, only to find that friends have taken pity on me and created a profile for me so that I can log in and check out photos of who they're dating, etc. You can't even buy a modern smartphone without finding Facebook as an uninstallable app built into it (at least the HTC Desire which I bought SIM free, and all the WP7 phones I checked out seen to have it integrated in a non-removable way with access rights given to all your contacts, txts, etc. You'd think that MS at least would make a business-market targeted phone).
Staying off Facebook is a full time job.
Aide-toi, le Ciel t'aidera - Jeanne D'Arc.
Nope, according to the paper, even if you don't USE Facebook, even if you have never visited Facebook, the like button appearing on other sites can gather data about your visit.
I'm probably getting the exact technical details wrong, but if Facebook can't find a match for you, it creates a "temporary account" for you and tracks you using that number. (So while it might not know your exact details, it can track which sites you've been to.) The punchline is that if you ever create a Facebook account, the system automatically merges your temporary account into your Facebook account (retroactively adding all your previously anonymous details).
It's a pretty interesting system, in a privacy-stomping sort of way.