Tag Archives: privacy

Would You Like Your Private Information to be Available on a VHS or Betamax Tape?

When I was a young child growing up in the late 1980s, my parents were lucky enough to be able to afford to have both a VHS-tape video-recorder in the living room and a Betamax tape recorder in their bedroom. This effectively meant that to me, the great video format wars weren’t a decade-defining clash of technologies, but rather they consisted mainly of answering the question “in which room can I watch my favorite cartoons?”. It is only now with the perspective of time that I realize that my small dilemma was the result of two distinct groups with contradictory interests bidding for control of a massive market of home video users.

I was reminded of this piece of digital archeology with the recent news regarding the repeal of the FCC rules regarding internet privacy, partly because I’m starting to recognize similar patterns to the video wars in the field of digital privacy, the kind of patterns that should give business leaders and stakeholders in privacy-sensitive business pause as to a potentially strategic business consideration that lies in the immediate future.

It comes as no news to privacy practitioners that there is a long-existing schism between the European approach to digital privacy and the American approach to the subject: The US legislative and administrative bodies generally tend to adopt more business-friendly regulations prohibiting the abuse of information but permitting its commodification and trade, while the European stance is to consider digital privacy as a human rights issue (in some European-influenced jurisdictions, such as Israel, the concept of privacy is even explicitly designated as a basic human right and afforded constitutional protection).

The European legal institutions have consistently shown that they are not deterred by the international implications of their rulings (as demonstrated recently by the repeal of the Safe Harbour program that took place following the October 2015 decision in Schrems v. DPC, necessitating the expedited negotiations of the Privacy Shield agreement) — which is why I believe we’re on the verge of a major event, one in which the distance between the two legal perceptions of privacy systems becomes impossible to bridge.

When one takes into account the EU’s General Data Protection Regulation (set to enter into effect in spring of 2018) and contrasts it with the recent repeal of the FCC’s rules, it is impossible not to notice that battle lines are being drawn. This is particularly true given the fact that the GDPR applies not only to data processed or located inside the scope of the EU itself — but also applies personally to the citizens of the EU nations themselves, even if they are not physically currently in the EU.

Under this principle, the latest move by American authorities not to prohibit ISPs from selling information that was until now accepted as private poses therefore an interesting challenge: if a German citizen purchases the services of an American VPN provider to mask her IP address, and said VPN provider routinely sells the information of its clients — would it be allowed to sell the sensitive information it gathers regarding the browsing habits of its German customer? Alternatively, if an American citizen purchases the services of an Estonian VPN — would the information gathered by the Estonian ISP be eligible for sale under the FCC’s new, slimmer rules? Furthermore – suppose a more remote but still possible case in which an ISP with multiple local subsidiaries or partnerships wishes to balance the load on its network by routing some of its Icelandic or Irish traffic through its New York sister-company. Would the information of the Irish users be available for sale under the laws of the United States, and if so, to what extent would the sale be permissible?

It will be interesting to see if these trends will fully materialize into radically distinct views of the concept of digital privacy. The ever-growing distance between the two views is slowly but surely leading to a situation in which Europe’s stance on digital security and privacy is not only noticeably stricter than the American interpretation, but it is also becoming effectively incompatible with it. This may eventually force all of us to choose whether to comply with either the American rules or the European rules, as we will be unable to conform to both at the same time.

Both sides have strong arguments, and both can make compelling cases for their position, but both sides also have weaknesses in their positions and neither are immune from criticism. But more interestingly, both sides also have significant economic advantages and disadvantages that can quickly turn the debate from a principled discussion on what privacy means and how it’s enforced, into a stand-off between two of the world’s largest economies.

If the debate between the two approaches eventually evolves into a business decision at the level of independent corporations and people, then much like the video format wars of old, it is only a matter of time until eventually one set of rules triumphs over the other, as markets are wont to do. But unlike the question of where a young boy in Mexico will spend the early hours of a lazy weekend in front of the television, the decision as to who can access our browsing habits and for what purpose can have far more comprehensive ramifications. Which approach will ultimately triumph remains to be seen.

Written by Jonathan Braverman, Legal and Operations Officer at Cymmetria

Follow CircleID on Twitter

More under: Internet Governance, Policy & Regulation, Privacy, Security

Continue reading

Posted in circleid | Tagged , , , | Comments Off on Would You Like Your Private Information to be Available on a VHS or Betamax Tape?

Seattle Restores ISP Privacy Rules. Could be First of Many Cities to Defeat FCC’s Privacy Roll Back

The city of Seattle this week will move forward with its own plan to restore broadband user privacy rules despite the recent law passed by U.S. Congress, signed by President Trump in April, which gave ISPs the green light to collect customer data. Brandon Macz reporting in the Capital Hill Times: “The Federal Communications Commission in October passed rules that would have required explicit consent from consumers for ISPs to share the data they collect, such as financial, health and browsing history details. Congress passed a law, signed by President Donald Trump on April 3, that overturned those FCC rules before they were set to take effect. Seattle Chief Technology Officer Michael Matt Miller said Mayor Ed Murray asked what power the city has to restore those privacy rules at the city level, which turns out to be allowed under municipal code. … [Miller says:] ‘We have talked to a number of cities that are exploring how they implement protections for their consumers.'”

Follow CircleID on Twitter

More under: Access Providers, Broadband, Policy & Regulation, Privacy

Continue reading

Posted in circleid | Tagged , , , | Comments Off on Seattle Restores ISP Privacy Rules. Could be First of Many Cities to Defeat FCC’s Privacy Roll Back

The Economist: Data, the Oil of the Digital Era

In its latest print edition, The Economist calls the world’s most valuable resource to be no longer oil, but data. The article argues that today’s titans — Alphabet (Google’s parent company), Amazon, Apple, Facebook and Microsoft — are the giants that deal in data, the oil of the digital era and they seem unstoppable. “Internet companies’ control of data gives them enormous power. Old ways of thinking about competition, devised in the era of oil, look outdated in what has come to be called the ‘data economy’ … A new approach is needed. … Rebooting antitrust for the information age will not be easy. It will entail new risks: more data sharing, for instance, could threaten privacy. But if governments don’t want a data economy dominated by a few giants, they will need to act soon.”

Follow CircleID on Twitter

More under: Data Center, Policy & Regulation, Privacy

Continue reading

Posted in circleid | Tagged , , | Comments Off on The Economist: Data, the Oil of the Digital Era

Jakarta Declaration Calls on Governments to Recognize Legitimacy of Encryption

Today in Indonesia, media leaders gathered at UNESCO’s World Press Freedom Day event issued the “Jakarta Declaration” calling on governments of the world to recognize the importance of a free and independent media in creating “peaceful, just and inclusive societies”. The declaration calls on governments to take steps to support the freedom of the press, and, in the midst of the many actions was this statement:

34. Recognise the legitimacy of the use of encryption and anonymisation technologies;

As a long-time advocate for the widespread usage of encryption to protect our personal communication, I was extremely pleased to see this statement included in the declaration.

My colleague Constance Bommelaer wrote in detail yesterday about WHY encryption is so critical for journalists:

The future of the free press is at risk: encryption is part of the solution

She ends the piece with this call to action:

Governments have a role too. We invite them to adopt the SecureTheInternet principles and to support strong encryption, not only to ensure the safety of journalists, but also as a technology that already allows us to do our banking, conduct local and global business, run our power grids, operate communications networks, and do almost everything else.

As we celebrate World Press Freedom Day, we must remember that journalists and their sources are taking enormous risks right now in making sure crucial stories get told.

In today’s environment, where trust in online information is at an all-time low, we need free, safe and independent journalists more than ever. We all have a role to play, and encryption is one step to take us there.

We all DO have a role. And encryption is part of how we get there.

I encourage you all to share this news about the Jakarta Declaration; to share the Jakarta Declaration document itself; to learn more about encryption; and to help people understand why encryption is critical for securing our digital economy!

Written by Dan York, Author and Speaker on Internet technologies – and on staff of Internet Society

Follow CircleID on Twitter

More under: Policy & Regulation, Privacy, Security

Continue reading

Posted in circleid | Tagged , , | Comments Off on Jakarta Declaration Calls on Governments to Recognize Legitimacy of Encryption

New Chapter Working Groups Open Closed Doors

One thing was clear from a recent presentation by the new leaders of the SF-Bay Internet Society (ISOC) Chapter Working Groups: inclusion and collaboration will be the key to these groups’ success.

As Dr. Brandie Nonnecke, the Internet Governance Working Group (WG) Chair said, “We haven’t yet cracked the code on what ‘multistakeholder’ means.” But that won’t stop her and Dr. Jaclyn Kerr, the Data Protection, Privacy, and Security WG Chair, from trying. At a recent Chapter Event held on April 10th, 2017, these two innovative leaders laid out an ambitious plan to bridge silos and foster open dialogue in order to work towards the Internet Society’s mission that the Internet is for Everyone.

Focus Areas

These newly-launched Working Groups will focus on the interest areas of the SF Bay Area Chapter members, as determined by their responses to a recent survey. There are three in total: Internet Governance; Data Protection, Privacy & Security; and Internet of Things (IoT), Internet Technologies & Access.

Internet Governance

For the Internet Governance Working Group, Chair Brandie Nonnecke laid out a plan that includes supporting interdisciplinary research, publishing position papers and policy briefs, organizing workshops, symposia, and activities, and supporting a fellowship programme. The goal is to educate and engage stakeholders not traditionally involved in Internet governance. Brandie is well-suited to achieve this goal: she is a PhD whose research focuses on multistakeholderism in internet governance and information and communication technology (ICT) policymaking at the Center of Information Technology Research in the Interest of Society (CITRIS) and the Banatao Institute, UC Berkeley. The WG group is now accepting members; help drive the agenda by applying to join the WG.

Data, Privacy, Security

For the Data Protection, Privacy, and Security Working Group, Chair Jaclyn Kerr discussed the urgency of this issue: due to government surveillance and data breaches, there are serious threats to our online security and privacy. Even at the top level of government, there have been security breaches. Jaclyn discussed working in collaboration with the other WGs and fostering discussion between those involved in tech, civil society, civil liberties, security and academia. Jaclyn is as a Postdoctoral Research Fellow at the Center for Global Security Research (CGSR), Lawrence Livermore National Laboratory, where her research focuses on cybersecurity and information security strategy, Internet governance, and the Internet policies of non-democratic regimes. Apply to join this WG.

IoT

And last but not least, in the IoT, Internet Technologies & Access Working Group, the focus will be on the IoT ecosystem, issues around access, critical Internet infrastructure, innovation and open standards. As more and more devices connect to the Internet, we need to ensure that security concerns, critical resources like IPv4 and IPv6 address space, and technology standards are addressed. Mischa Spiegelmock, who unfortunately could not attend the Chapter Event due to travel, chairs this WG. Mischa is software engineer who currently leads an engineering team at MVS Technical Group Inc., and specializes in information security, database-driven applications, systems programming, UNIX and C. To get involved, apply to join this working group.

Opening Doors

So many decisions about Internet governance, security, and infrastructure happen behind closed doors. The more technical the topic is, the more difficult it is for everyday citizens to get involved, which is a vulnerability for all of us. These Working Groups, the SF-Bay Area Chapter and the Internet Society exist to change that. “The Internet touches every part of our lives and everyone should be equipped with enough knowledge to enable them to have a say in how it is run,” says SF-Bay Area Chapter President and Chair, Susannah Gray. “The SF-Bay Area Chapter provides a neutral platform for you to advocate, learn, educate, and work on these key issues. It was amazing to see so many people come together on April 10 to express their interest, their own areas of focus and their concerns for the future of the Internet: we look forward to working with you all as we continue to build up our Working Groups.”

Get Involved

Get involved today by joining us and almost 2,000 other members (it’s free!), emailing us with your thoughts, applying for open board seats, volunteering, donating, sponsoring the Chapter, or joining one of these powerful Working Groups. There is a reason Board Treasurer Ken Krechmer, one of the Chapter founders, called ISOC the “Continental congress of the Internet.” This is the basis for an open Internet.

You can find the agenda from the April 10 Chapter Event and recording here.

This blog post was written by Jenna Spagnolo on behalf of the San Francisco-Bay Area Internet Society chapter.

Written by Jenna Spagnolo

Follow CircleID on Twitter

More under: Access Providers, Broadband, Censorship, Internet Governance, Internet of Things, Malware, Net Neutrality, Policy & Regulation, Privacy, Security, Web

Continue reading

Posted in circleid | Tagged , , , , , , , , , , | Comments Off on New Chapter Working Groups Open Closed Doors