Today we reexamine and update a previous blog posting concerned with you privacy while travelling. A recent article presented by istockanalyst.com discusses how laptop searches cross the line between privacy and security.

Jawad Khaki was returning home from a business trip when he was stopped by customs. Khaki, a corporate executive, told customs everything he had done and everywhere he went. He was then asked to turn on his cellphone, which customs took from him and searched. Customs checked his to-do list and his calender.

This is just one story of the line between privacy and security that is being crossed by customs agents. Does the search and seizure of laptops, cellphones, and PDAs cross the line?

The main question being presented, in both this article and my previous blog post, “What if a traveler’s laptop includes corporate secrets, a lawyer’s confidential documents, a journalist’s notes from a protected source, or personal financial and medical information?” Advocacy groups are concerned with the misuse of information and say they have not gotten any clear answers when posing these questions to the Department of Homeland Security. Two groups have actually filed a lawsuit so they can get that information from Homeland Security.

I understand that sometimes it is necessary to conduct these searches to protect our national security…I am not referring to the time where it does compromise national security, but instead the times where a businessman is travelling and is extensively searched above and beyond what is reasonable. Customs and Border Patrol spokeswoman said that, “The department doesn’t keep seized electronics unless it suspects wrongdoing, and any U.S. citizen’s information that’s copied is kept only if it’s relevant for criminal or national-security investigations.” I do appreciate that, but it needs to be made into official policy.

CBP is using the same reasoning behind checking luggage to check laptops. No reason or probable cause is needed to be searched by customs. There needs to be a distinction between the two. Laptops carry sensitive and personal information, especially if it being used for business travel. The data found on there is an “extension of a person’s professional and personal identity.” The main difference between the search of luggage and the search of a computer, which is also pointed out in the article, is that the luggage can be returned easily…but do you know what has been downloaded and copied off your laptop?

Tough situation…

Tweet This Post

It seems that angry YouTube users are showing their discontent through the use of their freedom of speech…and by making videos aimed at telling Viacom exactly how they feel. A few days ago the Viacom/Google battle was in full swing (read the blog about YouTube user losing their Internet privacy), now Newsfactor is reporting on the backlash against Viacom’s legal win over Google, forcing Google to give up all sorts of information about their YouTube users.

The copyright infringement lawsuit (for $1 billion) has angered users since now all of their information is being given up to Viacom so that the company can analyze the way viral videos vs copyrighted videos are viewed. While one good thing is that Viacom was not given YouTube’s source code, user information was not safe from Viacom.

Angry users have been making videos urging the boycott of Viacom.

While the gigantic corporation is busy picking on YouTube users, they can’t take a moment to comment on the subject. Instead they released a comment on the company’s website stating, “A recent discovery order by the federal court hearing the case of Viacom v. YouTube has triggered concern about what information will be disclosed by Google and YouTube and how it will be used. Viacom has not asked for and will not be obtaining any personally identifiable information of any YouTube user.” Well, I feel safe now…I am definitely positive that my information is safe and that Viacom will be responsible with it. Besides, if I can’t trust a large corporation with very large financial incentives that go against my best interests, who can I trust?

Tweet This Post

Telegraph UK reported that search-engine giant Google, the proud owners of YouTube, were demanded to give up ALL of their users’ information…that is correct. This started mainly because of a suit brought on by media juggernaut Viacom, who accuses Google/YouTube of hosting copyrighted information on the site. Google will have to hand information over to Viacom such your log-in details, viewing history, and the IP address from which you surf. I hope either A.) you didn’t view any copyrighted movies or B.) you are using a proxy server to mask your IP and surf anonymously.

The EFF website also has some information on this subject, which it is calling a “setback to privacy rights.” Viacom owns MTV and Paramount Pictures (among others) and is demanding this information because copyrighted programs have been appearing on YouTube and has led to an “explosion of copyright infringement.” Googling is countering the $1 billion lawsuit by saying it already goes above and beyond any legal expectations to remove copyrighted materials…a strategy which hopefully works out, especially since I don’t think I know a single person who doesn’t go on YouTube.

Viacom has stated they want the user details so they can statistically compare original videos with copyrighted videos to show “the attractiveness of allegedly infringing video with that of non-infringing video” (I smell something…it smells a lot like b.s.).

I am just glad that Google does have the firepower to fight back against Viacom and that the EFF has also made their stance clear. I do not need my log-in details and IP address taken hostage so that a “statistical analysis” can be done. How does my personal information help Viacom conduct these studies? IT DOESN’T. Viacom promises not to pursue legal action against people who watch copyrighted content…so I guess we can trust them since they said they wouldn’t do it. That has never happened before, why would a huge company like Viacom lie?

While Google has been involved in some privacy rights issues recently I am glad to see they are stepping up and fighting back. They are requesting to encrypt and anonymize the logs before sending them over to Viacom so that individual users are not prosecuted, but so that a statistical analysis can be done anonymously.

Tweet This Post

Hotels could possibly be breaking data protection laws and illegally storing information about guests. A recent article by TimesOnline (UK) discussed the privacy risks that hotels are subjecting guests to. The hotels claim that by keeping the information they are able to improve service, even though collecting the information without the guests’ knowledge or consent is against the Data Protection Act.

Information being stored includes credit card numbers, family-life information, occupation, nationalities, and even some other activities including consumption of alcohol and names of overnight visitors with the guest. Don’t order an adult film or be rude to someone at the front desk, because that goes into your “permanent record.” It’s like middle school all over again.

Other information, which is not as sensitive, is also recorded. Employees use Internet searches to find information about the guests, ranging from the books or movies they like to a favorite sport. The file is then given out to the hotel employees, because this “systematic approach” to invasion of privacy seems to be the best method of customer service.

I can see the logic behind this method…but I also remember someone telling me “The road to hell is paved with good intentions.” How does this massive invasion of privacy help out that much? I understand keeping a profile of hotel-related activities such as if a smoking room is preferred. But knowing my favorite channels and the type of alcohol I drink at the hotel bar seem to be details that do not help the hotel…and make me feel uncomfortable. The hotel employees do not need to know that much personal information. I especially do not need a manager Googling me or looking at a MySpace page to get personal information.

Tweet This Post

Everyday millions Internet users make purchases online. Most people do not realize the dangers lurking behind recommendations that websites make based on your purchases. In theory it seems like a great idea…I purchased the latest Stephen King book and here is a list of other books I may like based on my previous purchase. What’s not to like about that? That is great customer service…or is it? A recent article published by the Wharton School of Business shows the underlying dangers of behavioral targeting.

The article starts off by turning the tables…what if you buy your favorite movie and then see recommendations for other movies you may like? That is something we all appreciate. But what if the next time you visit the site you see an ad that has nothing to do with your movie choices? Instead the advertisement is for debt consolidation or treatment for a medical problem…this is what the article describes as the “creepiness factor,” the private part of your life that is somehow not private anymore.

The way the creepiness factor comes from marketing companies tracking your surfing habits and building up a profile about you based on the sites you visit, e-mails you write, etc…. The companies argue that focusing advertisements based on your needs is beneficial to you as a consumer, and that the trade-off between better advertisements and your personal privacy and Internet anonymity is worth it. I disagree…and so do most people. A recent research study, presented in the article, showed that 91% of adult Internet users would use some sort of tool to surf anonymously and avoid having their information tracked and stored.

The article continues to discuss how technology has evolved over the years, but the policy for protecting us while using the Internet has not. There is no barrier. Any law that is intended to help us has a loophole. For example, the government can’t collect certain information from us without a warrant, so they buy it from a company’s marketing department that collects the information legally without us knowing it.

I would like to know when my information is being stored in some database and how it will be used by the company. Protecting your privacy needs to be proactive. The use of proxy servers and other privacy tools can help hide your IP address and keep you from having your identity stolen.

Tweet This Post

Remember when you were younger and wanted x-ray glasses? Well now all you have to do is get a job with the Transportation Security Administration. This recent article from The Dallas Morning News (dallasnews.com) reports on the newest invasion of privacy when traveling.

The TSA is using a new scanning method which has many people baffled and shocked. The new millimeter wave whole body image device shows what’s going on under a traveler’s clothes. The TSA argues that this will speed up the screening process…at the expense of someone seeing a 3-D image of what is under your clothes. This will increase security measures since only metal objects are detected via a magnetometer.

Privacy advocates are saying that these images are too revealing. This is the equivalent of being strip searched. The TSA and privacy advocates do not agree on the potential uses for this. Ultimately privacy advocates are saying, “American passengers should not have to parade naked in front of security screeners in order to board the plane.”

The TSA has a modesty filter on the machines so that images are not too revealing…how does this help either way? So if I am hiding something it can potentially be blurred…but if I’m not then, I still have a machine basically taking naked photos of me. The screening is completely optional…but the TSA doesn’t promote that fact. A passenger can skip the screening and be patted down by security. People are being put through this screening process without even being made aware that it is happening. Is it their fault for not questioning airport security? I would say no…it is the TSA’s fault for not letting passengers know what they are being subjected to.

Tweet This Post

A recent USA Today tech article focused on the invasion of privacy many will face when traveling to the Olympics in China this summer. The warnings, aimed mostly at federal officials and business people, are telling travellers that the Chinese government will most likely attempt to penetrate the electronic devices (cell phones, PDAs, and laptops) being brought into the country. The Chinese government intends to steal information and plant bugs to gain access to U.S. networks. Just about anyone that has political influence, a government position, or works for a large company is at risk to have their privacy completely compromised.

The Overseas Security Advisory Council states that Chinese government frequently uses these tactics to gain access to personal and official computers. China’s Internet and wireless networks are run by the government, which has access to any bit of data being transferred. A laptop being searched by airport security or left in the hotel while attending the day’s games are vulnerable to attack. The control that the government has over the Internet allows them to invade any one’s privacy since they have to surf the web through their network.

This is a major privacy threat for anyone travelling abroad for the Olympics. Any information you have on you is subject to Chinese inspection. Further, travelers coming home. should have their systems checked before connecting their network.

So now where does it go from here? Consider travelling without any of these electronics. If you have to bring them with you, make sure no personal or official information (of a sensitive nature) is stored on them. And if none of those precautions can be taken, then make sure a good proxy server is used while in China, and have everything on the computer’s drive encrypted.

Tweet This Post

MSNBC reported yesterday that Northeastern University conducted a study in which 100,000 users outside the U.S. were tracked by their cell phones. Did I mention the users were not told about this or consented to this. It was done in secret and concluded that most people stay relatively close to their homes.

Well, I am glad they know that information. It was worth spying on 100,000 people through calls and text messages to find out that people tend to stay close to home. I can live a much happier life now that I know this. This method of collection is illegal in the United States since it was non consensual. The researchers would not comment on which people were used, which country, or the service provider. Over a six month period outgoing and inbound calls and text messages were taken and analyzed.

The authors of the study said that the numbers were anonymous because they were scrambled into a 26 figure code. This would raise almost no ethical or privacy flags if the cell phone users consented to this. Some phone companies actually market tracking abilities to parents and employers. The fact of the matter is not how the information was used, but that the information was taken. So now I am a guinea pig just because? I don’t buy it at all. Just because the researchers don’t have the numbers I have to assume I’m safe. I think I know better than that. Someone out there has a list of all 100,000 people and their calls.

The scientists feel that since they are using it for research purposes it is alright. The data that could be misused is being handled properly so everything is fine…no need to worry, a scientist said so. The line between public research and personal privacy has surely been crossed here.

Tweet This Post

Two recent articles about Charter Communications, recently reported that the company will monitor customers’ web surfing habits. The second article discusses the two congressmen who are trying to stop Charter from tracking the surfing habits of their customers.

Charter is the third-largest publicly traded cable operator in the U.S., operating in 29 states. Charter wanted to test this concept in four market areas: Fort Worth, TX; San Luis Obispo, CA; Oxford, MA.; and Newtown, CT. and sent out letters to hundresds of thousands of customers telling them this program will begin in 30 days….before a final desicion is made about using this on all 2.8 million Internet customers.

This data will be sent to NebuAd, which will then cross-reference the surfing habits and send advertisements that would be of interest to the user. This term is called “behavioral targeting,” and it is a major privacy threat. I suppose the letters that the customers received made it alright to pry in on their personal lives and invade their internet privacy. Of course, the users can opt out but they have to go out of their way and manually do it…which takes us back to a previous blog post from Friday regarding who you can trust with your Internet privacy. Shouldn’t it be the other way around? Users should manually choose to accept this test program…

Charter will need to follow their users around somehow, and it will have to be with an IP address. Is it really enhancing my Internet experience to be tracked all over the Internet, and then having it pushed back in my face in the form of Internet advertising? I don’t see it that way. I see it as having to go out and find a good proxy server to protect myself while surfing the internet.

Tweet This Post

Two recent articles published by Computerworld discuss the Electronic Privacy you have, or in this case don’t have, while travelling across U.S. borders. The second article is more of an update so that you can travel and know how Customs agents can invade your privacy. Customs does not need any form of reasonable doubt or suspicion to search a person’s electronic devices, especially laptops and PDAs. Any type of device that can, “store large amounts of data, ideas, e-mail, chats and Web-surfing habits,” is fair game. The Ninth Circuit ruled that these devices can be searched and seized without a warrant or probable cause, and the Customs Department went on to say that anyone travelling can, and most likely will, be searched for having these devices. The main focus was centered on traveling with laptops. Not that this automatically makes you a criminal, but it is putting your personal privacy in jeopardy. Searches made at the border are “reasonable simply by virtue of the fact that they occur at the border.” Searches are not limited to hard-drives, meaning any internet usage is also subject to being searched, including internet history, e-mails, cookies, etc.

This brings about some questions…

• What is the extent of the search and seizure of laptops?
• Will they take my laptop and when can I get it back?
• Will my company information be subject to the search? This violates many company’s privacy policies, especially when dealing with personal information or financial information (such as credit cards and bank accounts).
• Where is the information that Customs copies kept?
• How long is this information kept?
• How is it disposed of? Or is it disposed of at all?

Do Customs agents have any protocol to follow at all, or are these questions something of little importance? Depending on the amount of information being stored on a hard-drive, many people can lose their anonymity and privacy. The Association of Corporate Travel Executives (ACTE) is warning travelers to keep limited amounts of information while traveling, and to keep your computer protected from privacy threats. The ACTE is concerned that corporate data could be copied and lead to security breaches and numerous other privacy risks. This means a database of customers’ names and information, which at one point was completely confidential, can be seen by anyone who works for Customs…

Tweet This Post