Google CEO’s latest privacy quote
I was reading the web article Google CEO Schmidt: No Anonymity Is The Future Of Web this morning where Eric Schmidt is quoted as saying:
Privacy is incredibly important. Privacy is not the same thing as anonymity. It’s very important that Google and everyone else respects people’s privacy. People have a right to privacy; it’s natural; it’s normal. It’s the right way to do things. But if you are trying to commit a terrible, evil crime, it’s not obvious that you should be able to do so with complete anonymity. There are no systems in our society which allow you to do that. Judges insist on unmasking who the perpetrator was. So absolute anonymity could lead to some very difficult decisions for our governments and our society as a whole.
Some espouse that the loss of anonymity will endanger privacy. I can see both sides of the argument and again, as I stated in my post on March 2nd – Do I want to be anonymous? Yes! Do I want to be authenticated? Yes! that it is all about balance. Can I, or should I, be anonymous when I want to perform on-line banking? No. Is it anyone’s business what I look at, or when, or why, when I surf the net? No.
So again, it’s not either-or, but a balance. Sometimes anonymity is desired, and sometime non-repudiation.
NYPD Crimefighting database to be deleted
An NYPD database known as the “250 database” would be deleted under a state bill scheduled to be signed today by the Governor of New York State.
The database contains the names and associated personal information for 2.9 million people since 2004 who were stopped and frisked, but never arrested.
In 2009 alone more than 500,000 people were stopped and frisked, but only 12% were arrested or issued summons, with 88% released.
Posted from my iPhone
Innocent until proven Guilty ( or probable cause)
I read in The New York Post an article about a new portable fingerprint scanning system the NYPD is testing that allows NYPD officers to scan the fingerprints of persons detained on the street.
The new system checks the prints of detainees not yet charged with a crime to determine if there are outstanding warrants, provides any previous criminal history, and even informs officers if there is DNA available for the detainee.
So, is it morally right or even legal to perform these checks on citizens who have not yet been charged with a crime?
The NYPD says they are still studying the legal implications of this technology. In the meantime it is still being field tested (aka utilized).
Posted from my iPhone
Identity Theft and You
I was standing in the checkout line today at Whole Foods, Union Square in NYC. There was an athletic type in front of me, dressed in runners garb, with an armband wallet with a clear see-through pocket for carrying credit cards, ID, etc pushed to face behind him.
So, what does this brainiac choose to put on the very top in the clear see-through pocket? His Citibank credit card. Not only could I easily read the numbers and expiration date, it would have been trivial to snap a picture with my phone camera.
Sometimes we can’t help identity theft despite our best efforts, but why make it easy for them? Do your part to protect your private information.
Posted from my iPhone
Geotagging
As I take vacation photos here in NYC I am pondering the privacy implications of geotagging photos, even if intentional, not withstanding the unintentional act of recording your location on a certain date and time.
Posted from my iPhone
Privacy and InfoSec in the Big Apple
I have been heads-down for the last 6 months traveling heavily and working on one high-priority client project after another. Needless to say, with today finally here I am really looking forward to my annual two-week vacation trek to NYC (for pleasure, as I pass through the city several times a year for business).
Traveling while not on business offers the opportunity to examine things from a different perspective, and I look forward over the next several weeks to doing just that. I will have some time to slow down, do some pleasure reading (non-fiction only for me I’m afraid), gather my latest thoughts on privacy and infosec, and if things go really well – even blog a few of them.
A city of 8 million people offers plenty of opportunity to witness breakdowns in privacy and security. It will be interesting to see what I can find.
In the meantime …
Business travel is keeping me from posting my extended privacy thoughts at the moment, but hopefully that will ease soon. I am busy having my privacy rights violated by the TSA. ;-)
In the meantime, please follow my quick twitter posts: @privacyresearch or in the twitter widget in the right sidebar column.
Thanks!
Those of us who want to see more protections created for individual’s privacy rights are sometimes characterized as either troublemakers, nuts, or perhaps participating in some nefarious activity. As someone to whom privacy is important, I don’t fall into any of those categories.
As I write this, I am attending the 2010 RSA Security Conference in San Francisco. In his keynote address this morning Scott Charney, Corporate Vice President Trustworthy Computing (TwC), for Microsoft pointed out that there are times when we just want to be anonymous, such as for the purpose of encouraging free speech and the exchange of ideas. However, there are other times when we truly want to be authenticated, such as when we do online banking. When I am banking online I want to know it is truly my bank with whom I am interacting, and I want my bank to make sure they know who I am.
Privacy doesn’t have to be an all or nothing affair. In its simplest form, privacy is about balance.
U.S. House overwhelmingly passes cybersecurity research bill
The Cyber Security Research and Development Act of 2009, which passed by a vote of 422 to 5, authorizes the National Institute of Standards and Technology (NIST) to develop a cybersecurity education program that can help consumers, businesses, and government workers keep their computers secure.
“This bill will help improve the security of cyberspace by ensuring federal investments in cybersecurity are better focused, more effective, and that research into innovative, transformative security technologies is fully supported,” said Symantec CTO Mark Bregman. “HR 4061 represents a major step forward towards defining a clear research agenda that is necessary to stimulate investment in both the private and academic worlds, resulting in the creation of jobs in a badly understaffed industry.”
Article here
Search Giants Google & Microsoft Bing Compete on Privacy
In August 2008, Google cut the retention period of user search data to 9 months, down from 18 months. After 9 months it no longer retains the IP addresses that can be used to link a user search to an individual.
Recently Microsoft, not to be outdone, reduced the retention period of its users search data to a mere 6 months. Microsoft has accused Google of retaining a portion of the user’s IP address after it’s self-imposed 9 month retention period, while Microsoft claims it will remove the entire IP address.
“Quality of search won’t be reduced but privacy will be enhanced”
Brendon Lynch, Microsoft’s director of privacy policy
Microsoft’s actions appear to be in response to European Union data protection officials request that leading search engine makers respond to their privacy concerns by the end of this month over retaining IP address data.
I commend Microsoft for this move. We can only hope that increased competition will lead to improved privacy and data security by industry leaders, setting a course for others to follow.
Article here
USA Privacy Research 