The specific rule I'm talking about was laid out in Katz v. United Sates. I'm not sure how much more specific I can be. The court found that when the defendant closed the phone booth, he had a reasonable expectation that no one would hear his conversation. In an open public space, where you don't take any precautions from being seen or heard, you have no such expectation.
Bush losing the popular vote isn't the point. As the previous poster mentioned, Obama signed the warrentless wiretap pardon. And I seem to recall that Obama did win the popular vote.
Why do we have a reasonable belief that we don't have any "unwanted spectators" to a phone conversation?
We have that reasonable belief because the only way you're going to hear a phone conversation (assuming you're not physically in earshot) is to tap the line. It's obviously assumed that the line isn't tapped. That expectation could be wrong, but the system is set up for you to specifically talk to the person you're calling. If you hold the same conversation in an open space, you have zero expectation that no one else is hearing it, because you're not taking even the minimal precautions.
Now, granted, there are situations that are a bit more gray than that (e.g., you'd expect privacy in a public bathroom), but in general, if it's a public space, you don't really have any reason to expect privacy.
Admittedly, my viewpoint is U.S.-centric, because I live in the U.S. But I'd also point out that the article itself is referring to U.S. authorities. The EU is a whole other ball of wax, so to speak.
To be honest, I can't conceptualize how that would work in practice. If your transaction is owned jointly, does that mean you could demand that the vendor destroy the data the next day? Does it prevent vendors from compiling data for data mining purposes (e.g., to determine who would be interested in various promotions?).
It's not your data. It's not my data. It's our data.
If I recorded it, and I use it for my business purposes, in what sense is it our data? You didn't create the data. You didn't store the data. All you did was make a purchase. The data was created from your purchase, with your signed consent. It's your credit card >i>information that's being used, but that information is being used with the consent of the credit card company, and you agreed to its collection as the terms of use of the card.
And to borrow a phrase, with great data should come great responsibility.
I certainly agree that credit card companies need to be careful who they give your information to, but that's limited to the information you gave them when you signed up for the card (which is obviously really sensitive). They can't just give out your Social Security number or income, for example. But the records they generate for their business are theirs, not yours.
Because they change the nature of events in public from what was local and ephemeral to world-wide and permanent.
Current laws were written under the expectation of the former, not the later.
Local vs. non-local isn't the issue. Either an action is taken in public, or it's not. How far the knowledge of the action spreads makes it more or less embarrassing, not more or less public.
The laws of physics don't change because of the Internet. If you do something in public, you don't have any expectation that people can't see or record you. If you're in public, they can see and record you -- often incidentally, rather than purposefully. If you run laps naked in Times Square, you're going to be recorded, whether you like it or not. If you put yourself out in public, why should (indeed, how can) the law protect you from your own idiocy?
Actions being ephemeral has everything to do with it. Arguing that basic assumptions about mass surveillance in public haven't changed because we had photographic capabilities during the civil war is like arguing that we don't need speed limits on roads because the Benz Motorwagon had a top speed of 10mph.
I think you're missing a key difference: We have speed limits now because we have more people driving, and cars can go faster. That's a fundamental shift. Surveillance hasn't changed in such a way as to redefine "public" and "private". All that's changed is the level to which someone can embarrass or incriminate themselves in public. The nature of public or private space hasn't changed. The fact that your drunken antics in a bar can now be broadcast worldwide doesn't mean that you suddenly have an expectation of privacy when you're in a bar.
If you want to have a private conversation, don't use the telephone.
If you can't be bothered to take that minimum precaution, whose fault is it?
You're missing a key point: Phone conversations have been declared private.
"Private" means you have a reasonable belief that you won't have any unwanted spectators. "In public" means out in the open. If you do something out in the open, where everyone can see you, you have no expectation of privacy. It doesn't matter how they record you. It doesn't matter where they put the recording. What matters is that you were in a space where you had no reasonable expectation that no one could see you. That's it. The fact that you may find being seen embarrassing has absolutely no bearing on whether or not you're in a public or private space. It's the configuration of the space that determines how private it is, not your attitude toward being recorded.
How do databases, CCTV systems, or facial recognition software in any way impact whether what you do in public is subject to privacy? What you do in public is public, by definition. It would be absurd to expect privacy when you go out in public.
Actions being ephemeral has nothing to do with it. Photography has been around since at least the Civil War, and sound recordings since the early part of the 20th century, far before databases, CCTVs, or facial recognition.
If you don't want someone to see you doing something, do it privately, where you have some expectation that people aren't able to see it. If you can't be bothered to take that minimum precaution, whose fault is it?
Not sure I follow you. If the authorities contact a credit card company, then obviously they know the subject has a card with the company. If they're seeking the records of a John Smith, then obviously they need to be more specific, but they're not asking for everyone's records. Only for the subject's.
If your actions are in public, they're in public. You might be able to claim the police are harassing you by following you around, but they wouldn't be violating your privacy rights.
If you videotaped me and my hypothetical wife out in public, it is your data. No argument there. The violation would come if you videotaped us in private. If you did that, you'd be recording our actions, which by definition, aren't yours. That's why there are laws against surreptitious video recording. The credit card companies aren't surreptitiously recording your purchases. They're doing it as part of the business practice you agreed to when you signed up for the card. Moreover, they're doing it as a necessary part of doing business. Without recording your transactions, they wouldn't know how much you owed them.
As far as your body scanner goes, was I forced to walk through it? If not, then I walked through it voluntarily, knowing that my nude image would be recorded. I'm honestly not sure what recourse there would be. Are you familiar with Facebook? I'm fairly certain not everyone in every picture on Facebook gave their permission for their image to be on there.
Certainly, we have to guard every privacy right we have. I just think it's important to make the distinction between legitimate privacy rights and misunderstandings of what constitutes a private action.
If you use a data service to backup your files, they're still your files -- your data. They're just being held by another company. That other company didn't generate the data. They're just storing it. (Indeed, most companies I know of that have backup services allow you to encrypt the data so they can't even get to it.)
If you wanted to challenge the court about access to your data, you certainly could. You'd have standing in that case, because it is your data. They'd probably (although I'm not a lawyer) also need a search warrant, because they wouldn't be asking for a specific document, but would be poring through data.
You can assert anything you like. That doesn't make it so. The record of your credit card purchases is kept by your credit card company to do business. It's theirs. Medical records are protected by doctor-patient privilege, and by other privacy regulations (e.g., HIPAA). You can read more about that here.
Life is a little bit more complicated than you seem to believe.
A subpoena isn't a search. It's an order to produce documents. No searching is involved. A search warrant would be inappropriate in this situation, because there isn't any doubt that the credit card companies have kept this information.
And has been pointed out elsewhere in this discussion, the card holder's rights to privacy aren't being violated any way you slice it, because it's not the card holder's records that are being examined. It's the credit card company's.
Zuckerberg and co. can't seem to manage a website properly. Are we really supposed to take (self-serving) privacy advice from them?
I like to think of myself as a reasonable person, and as such, I try not to put anything on the Internet that might embarrass me (now or later on). Having said that, accepting the premise that your actions on the Internet are inevitably going to be seen by other people doesn't mean it's okay for just anyone to see them. To put it bluntly, I see no reason to lube up and hand to them the anal probe they want to use on me.
I wouldn't call the ALH84001 announcement a dud. The announcement itself was pretty spectacular, actually. The discovery only turned into a dud afterward, when they couldn't get confirmation that the objects found were bacterial fossils. Actual, verified, honest-to-gods bacterial fossils would've been revolutionary.
Roughly translated, isn't that the equivalent of, "Move along. Nothing to see here. Check back with us again in 30 years."?
I do database searches for a living. "I thought of this new way to search" may be interesting to the searcher, but the client doesn't want or need to hear about it. The client is interested in the search results. The same thing applies here, I think. Calling a press conference to announce that you've discovered a new way to search for something borders on the narcissistic.
I don't think we're jaded, really. I just think that the (at least perceived) magnitude of this announcement justifies expecting it to be something more than we've heard before. I don't think anyone (who isn't psychotic) expects them to come to the podium with a little green man in tow, but I would think it should be something more than a slight variation on what we've already heard before. In a best case scenario (in my mind), it might be something like, "We have evidence of a biological process going on on (insert planet or non-Earth moon here). Announcing they found amino acids on a meteorite or comet would be extremely anticlimactic, in my opinion.
Wave is (since it's still operable until the end of the year) a real-time collaboration tool. It has elements of wikis, e-mail, and even chat capabilities that hearkened back to Unix talk. It's got about as much in common with Facebook as Gmail does.
Buzz is probably a closer fit to Facebook than it is to Twitter. Twitter is kind of limited (e.g., to 140 characters), and Buzz is a good deal richer.
It seems like everyone calls everything Google has done recently their "version of Facebook."
This has become a tech media plague, really. Just because Facebook is wildly popular doesn't mean that any site that aspires to have more than 2 members that can talk to each other is a "version of Facebook".
I don't think there was much similar to Facebook in Google Wave.
Wave was interesting (to me, at least) because it offered collaboration and sharing in real-time, in a way that would've been much more powerful than what I've seen in current collaboration tools (e.g., SharePoint) -- if it had worked well as advertised. The problem I always saw with Wave was that the damn thing was slow. I mean, dear God was it slow, sometimes! If you can type faster than the text can be rendered in an application (by several seconds), there's a serious problem.
I'm sort of surprised the summary leads with Google Wave as Rasmussen's claim to fame. Maps was less ambitious, perhaps, but it was much more successful.
My point wasn't that hijacking someone's Slashdot account was harmless. Certainly, if someone can identify you on Slashdot, and see what you're posting, that's potentially damaging. My point was that Facebook is more sensitive, because many people have all kinds of personal information in their Facebook accounts, all in one nice little package. To (sort of) use your analogy, it's the difference between a mugging and a bank heist.
If your Slashdot account is compromised, someone can make you look undatable/unhirable, etc. If they hijack your Facebook account, they can potentially steal your actual identity (not just your Facebook identity). And this is made even more serious by the fact that there are plans in the works to allow a person to buy things through Facebook.
Granted, there's that. But the damage, I think, at least, is limited to/.. If your Facebook account is compromised, that puts a lot more information at the intruder's disposal.
Slashdot Mirror
The specific rule I'm talking about was laid out in Katz v. United Sates. I'm not sure how much more specific I can be. The court found that when the defendant closed the phone booth, he had a reasonable expectation that no one would hear his conversation. In an open public space, where you don't take any precautions from being seen or heard, you have no such expectation.
Bush losing the popular vote isn't the point. As the previous poster mentioned, Obama signed the warrentless wiretap pardon. And I seem to recall that Obama did win the popular vote.
Why do we have a reasonable belief that we don't have any "unwanted spectators" to a phone conversation?
We have that reasonable belief because the only way you're going to hear a phone conversation (assuming you're not physically in earshot) is to tap the line. It's obviously assumed that the line isn't tapped. That expectation could be wrong, but the system is set up for you to specifically talk to the person you're calling. If you hold the same conversation in an open space, you have zero expectation that no one else is hearing it, because you're not taking even the minimal precautions.
Now, granted, there are situations that are a bit more gray than that (e.g., you'd expect privacy in a public bathroom), but in general, if it's a public space, you don't really have any reason to expect privacy.
Admittedly, my viewpoint is U.S.-centric, because I live in the U.S. But I'd also point out that the article itself is referring to U.S. authorities. The EU is a whole other ball of wax, so to speak.
To be honest, I can't conceptualize how that would work in practice. If your transaction is owned jointly, does that mean you could demand that the vendor destroy the data the next day? Does it prevent vendors from compiling data for data mining purposes (e.g., to determine who would be interested in various promotions?).
It's not your data. It's not my data. It's our data.
If I recorded it, and I use it for my business purposes, in what sense is it our data? You didn't create the data. You didn't store the data. All you did was make a purchase. The data was created from your purchase, with your signed consent. It's your credit card >i>information that's being used, but that information is being used with the consent of the credit card company, and you agreed to its collection as the terms of use of the card.
And to borrow a phrase, with great data should come great responsibility.
I certainly agree that credit card companies need to be careful who they give your information to, but that's limited to the information you gave them when you signed up for the card (which is obviously really sensitive). They can't just give out your Social Security number or income, for example. But the records they generate for their business are theirs, not yours.
Because they change the nature of events in public from what was local and ephemeral to world-wide and permanent.
Current laws were written under the expectation of the former, not the later.
Local vs. non-local isn't the issue. Either an action is taken in public, or it's not. How far the knowledge of the action spreads makes it more or less embarrassing, not more or less public.
The laws of physics don't change because of the Internet. If you do something in public, you don't have any expectation that people can't see or record you. If you're in public, they can see and record you -- often incidentally, rather than purposefully. If you run laps naked in Times Square, you're going to be recorded, whether you like it or not. If you put yourself out in public, why should (indeed, how can) the law protect you from your own idiocy?
Actions being ephemeral has everything to do with it. Arguing that basic assumptions about mass surveillance in public haven't changed because we had photographic capabilities during the civil war is like arguing that we don't need speed limits on roads because the Benz Motorwagon had a top speed of 10mph.
I think you're missing a key difference: We have speed limits now because we have more people driving, and cars can go faster. That's a fundamental shift. Surveillance hasn't changed in such a way as to redefine "public" and "private". All that's changed is the level to which someone can embarrass or incriminate themselves in public. The nature of public or private space hasn't changed. The fact that your drunken antics in a bar can now be broadcast worldwide doesn't mean that you suddenly have an expectation of privacy when you're in a bar.
If you want to have a private conversation, don't use the telephone.
If you can't be bothered to take that minimum precaution, whose fault is it?
You're missing a key point: Phone conversations have been declared private.
"Private" means you have a reasonable belief that you won't have any unwanted spectators. "In public" means out in the open. If you do something out in the open, where everyone can see you, you have no expectation of privacy. It doesn't matter how they record you. It doesn't matter where they put the recording. What matters is that you were in a space where you had no reasonable expectation that no one could see you. That's it. The fact that you may find being seen embarrassing has absolutely no bearing on whether or not you're in a public or private space. It's the configuration of the space that determines how private it is, not your attitude toward being recorded.
How do databases, CCTV systems, or facial recognition software in any way impact whether what you do in public is subject to privacy? What you do in public is public, by definition. It would be absurd to expect privacy when you go out in public.
Actions being ephemeral has nothing to do with it. Photography has been around since at least the Civil War, and sound recordings since the early part of the 20th century, far before databases, CCTVs, or facial recognition.
If you don't want someone to see you doing something, do it privately, where you have some expectation that people aren't able to see it. If you can't be bothered to take that minimum precaution, whose fault is it?
Not sure I follow you. If the authorities contact a credit card company, then obviously they know the subject has a card with the company. If they're seeking the records of a John Smith, then obviously they need to be more specific, but they're not asking for everyone's records. Only for the subject's.
If your actions are in public, they're in public. You might be able to claim the police are harassing you by following you around, but they wouldn't be violating your privacy rights.
If you videotaped me and my hypothetical wife out in public, it is your data. No argument there. The violation would come if you videotaped us in private. If you did that, you'd be recording our actions, which by definition, aren't yours. That's why there are laws against surreptitious video recording. The credit card companies aren't surreptitiously recording your purchases. They're doing it as part of the business practice you agreed to when you signed up for the card. Moreover, they're doing it as a necessary part of doing business. Without recording your transactions, they wouldn't know how much you owed them.
As far as your body scanner goes, was I forced to walk through it? If not, then I walked through it voluntarily, knowing that my nude image would be recorded. I'm honestly not sure what recourse there would be. Are you familiar with Facebook? I'm fairly certain not everyone in every picture on Facebook gave their permission for their image to be on there.
Certainly, we have to guard every privacy right we have. I just think it's important to make the distinction between legitimate privacy rights and misunderstandings of what constitutes a private action.
If you use a data service to backup your files, they're still your files -- your data. They're just being held by another company. That other company didn't generate the data. They're just storing it. (Indeed, most companies I know of that have backup services allow you to encrypt the data so they can't even get to it.)
If you wanted to challenge the court about access to your data, you certainly could. You'd have standing in that case, because it is your data. They'd probably (although I'm not a lawyer) also need a search warrant, because they wouldn't be asking for a specific document, but would be poring through data.
You can assert anything you like. That doesn't make it so. The record of your credit card purchases is kept by your credit card company to do business. It's theirs. Medical records are protected by doctor-patient privilege, and by other privacy regulations (e.g., HIPAA). You can read more about that here.
Life is a little bit more complicated than you seem to believe.
A subpoena isn't a search. It's an order to produce documents. No searching is involved. A search warrant would be inappropriate in this situation, because there isn't any doubt that the credit card companies have kept this information.
And has been pointed out elsewhere in this discussion, the card holder's rights to privacy aren't being violated any way you slice it, because it's not the card holder's records that are being examined. It's the credit card company's.
Zuckerberg and co. can't seem to manage a website properly. Are we really supposed to take (self-serving) privacy advice from them?
I like to think of myself as a reasonable person, and as such, I try not to put anything on the Internet that might embarrass me (now or later on). Having said that, accepting the premise that your actions on the Internet are inevitably going to be seen by other people doesn't mean it's okay for just anyone to see them. To put it bluntly, I see no reason to lube up and hand to them the anal probe they want to use on me.
Thank you. I was waiting for someone to inject some sanity into the conversation. +1, if I had it to give. :)
I wouldn't call the ALH84001 announcement a dud. The announcement itself was pretty spectacular, actually. The discovery only turned into a dud afterward, when they couldn't get confirmation that the objects found were bacterial fossils. Actual, verified, honest-to-gods bacterial fossils would've been revolutionary.
Roughly translated, isn't that the equivalent of, "Move along. Nothing to see here. Check back with us again in 30 years."?
I do database searches for a living. "I thought of this new way to search" may be interesting to the searcher, but the client doesn't want or need to hear about it. The client is interested in the search results. The same thing applies here, I think. Calling a press conference to announce that you've discovered a new way to search for something borders on the narcissistic.
I don't think we're jaded, really. I just think that the (at least perceived) magnitude of this announcement justifies expecting it to be something more than we've heard before. I don't think anyone (who isn't psychotic) expects them to come to the podium with a little green man in tow, but I would think it should be something more than a slight variation on what we've already heard before. In a best case scenario (in my mind), it might be something like, "We have evidence of a biological process going on on (insert planet or non-Earth moon here). Announcing they found amino acids on a meteorite or comet would be extremely anticlimactic, in my opinion.
Wave is (since it's still operable until the end of the year) a real-time collaboration tool. It has elements of wikis, e-mail, and even chat capabilities that hearkened back to Unix talk. It's got about as much in common with Facebook as Gmail does.
Buzz is probably a closer fit to Facebook than it is to Twitter. Twitter is kind of limited (e.g., to 140 characters), and Buzz is a good deal richer.
It seems like everyone calls everything Google has done recently their "version of Facebook."
This has become a tech media plague, really. Just because Facebook is wildly popular doesn't mean that any site that aspires to have more than 2 members that can talk to each other is a "version of Facebook".
I don't think there was much similar to Facebook in Google Wave.
Wave was interesting (to me, at least) because it offered collaboration and sharing in real-time, in a way that would've been much more powerful than what I've seen in current collaboration tools (e.g., SharePoint) -- if it had worked well as advertised. The problem I always saw with Wave was that the damn thing was slow. I mean, dear God was it slow, sometimes! If you can type faster than the text can be rendered in an application (by several seconds), there's a serious problem.
I'm sort of surprised the summary leads with Google Wave as Rasmussen's claim to fame. Maps was less ambitious, perhaps, but it was much more successful.
My point wasn't that hijacking someone's Slashdot account was harmless. Certainly, if someone can identify you on Slashdot, and see what you're posting, that's potentially damaging. My point was that Facebook is more sensitive, because many people have all kinds of personal information in their Facebook accounts, all in one nice little package. To (sort of) use your analogy, it's the difference between a mugging and a bank heist.
If your Slashdot account is compromised, someone can make you look undatable/unhirable, etc. If they hijack your Facebook account, they can potentially steal your actual identity (not just your Facebook identity). And this is made even more serious by the fact that there are plans in the works to allow a person to buy things through Facebook.
Well, okay. Most people on /. don't have anything on there that merits privacy. :D
Granted, there's that. But the damage, I think, at least, is limited to /.. If your Facebook account is compromised, that puts a lot more information at the intruder's disposal.