Well it is more than an Internet Service Provider, but Cable One, the 10th largest cable operator, has recently admitted to conducted a six-month study on their Internet users’ surfing habits. Cable One joins Charter Communications (as reported in a previous post) and a slew of other MSOs (multiple service operators) who spy on their customers for behavioral targeting purposes, and ultimately sell that information for big bucks to advertising companies.

Cable One revealed the information on August 8 to the House Energy and Commerce Committee, which had previously expressed their concerns on cable operators using advanced technology to invade privacy. So if I decipher this correctly: Cable One tried to defend themselves against these allegations by providing information and stating they invaded their customers’ privacy. Cable One stated that spying on 14,000 of their 700,000 customers was a better way to provide “more relevant advertising” to their customers.

Bresnan Communications and Knology also came out of the woodwork to say they spied on customers throughout a similar time frame. WideOpenWest admitted to doing this, in cooperation with NebuAd’s service. WideOpenWest stopped the program after five months because of the privacy concerns. All efforts to surf anonymously have become null and void for many Internet users, and for no apparent reason other than having better online advertisements. Shouldn’t these companies help protect personal information, not jeopardize it?

Cable One argues that they were not breaking any laws by conducting this research, and had made the information available to their users via the acceptable use policy they read when signing up for services. The information was also found in Cable One’s yearly privacy notice, which is sent to all customers. They provided users with appropriate notice, BUT did not allow them to opt out of the research, “because doing so would stifle our ability to test new technologies that have the potential to offer significant benefits to our customers.” Wow…

In essence the companies are arguing that because they put it in writing it is alright to spy on users and completely ignore any type of Internet privacy laws. It seems a bit ridiculous that my privacy rights are in jeopardy and I have no way of opting out. I can’t even choose to say “No.” In other words, even if I know it is happening I have no say in the outcome. The companies are not just able to record information for advertising purposes, but can use this technology to track and record ALL information being transmitted and received through their network. Hopefully when the Committee drafts a new law they remember to add the clause that we, as paying customers who want to feel safe, should have to opt-IN to this research–not be forced into whatever absurd money-making scheme the companies are up to.

Tweet This Post

Recently reported by the New York Times and the Herald Tribune (Sarasota’s local newspaper), a little bit more than 88% of the 38,500 students in the Sarasota school district had personal information posted on the Internet for nearly two months.

The school district has a contract (for now) with Princeton Review to maintain a database of Sarasota County Planning Tools, to help teachers develop tests and keep track of students’ grades. The information, which contained students’ names and school ID numbers (which in some cases were Social Security numbers) from this database was accidentally posted on the Internet for two months before it was finally removed this past Monday. Along with names and ID numbers the information also included students’: birth dates, sex, ethnicity, disabilities, and standardized test scores. The files were able to be found by using a search engine and Princeton Review claims the files were released when the company recently switched ISPs.

Sarasota students were not the only ones affected by this mistake, Fairfax, VA. students (nearly 74,000 of them) had their information posted on the Internet as well. The company was hired to measure student performance and nearly got 74,000 students’ identities stolen. Hackers could have had a field day with this information–but if we recall correctly from a previous Identity Theft post, it usually takes the Identity Theft victim three months to realize something is wrong. In the case of a young student that has no need to check their credit ratings; it could be even longer.

The article hints around as to who is to blame here. Of course Princeton Review is at fault because the security of their system and website has been compromised and over 100,000 students had their personal information sitting on the Internet for two months. Not to mention that with the world wide web, nothing that has been posted can truly be deleted–some cached record may be sitting on a server with the information.

Is the school board to blame as well? Would they need to compile this massive database of personal information if standardized tests weren’t stressed as the focal point of a student’s education? While I am not trying to start a debate as to the validity of standardized tests, it is just an interesting subject to touch on. What happened to the days where teachers logged the information in their grade books? Is it necessary to have a massive database with every bit of information about a student? These are all questions that the school board will be answering when deciding whether or not to keep Princeton Review’s contract.

In this case I would say protecting personal information trumps the ease of sticking everything on some site to analyze the students performance. It is great for parents, students and teachers to have access to this information so they can all keep track of performance and make sure nothing is wrong. Is the risk of having this happen again worth it? Do students even get and interim reports and report cards anymore? I remember that being a pretty good gauge as to what I needed work on.

Tweet This Post

GovGab is an important tool for staying up to date on government legislation and resources. The blog posts vary by many different topics, with some of the newer ones focusing on keeping your food from spoiling during a power outage or discovering disabilityinfo.gov. The blog also breaks down into different categories so you can search for the things you are interested in.

The part of the blog I would like to focus on is one of their more recent posts. It is focused on privacy protection. The most important part of the posts points us to a list of privacy resources aimed at helping us maintain privacy. The resource page is set up with government and non-government sponsored websites that are all focused on helping us keep our privacy.

The resource page has just about any topic you could need to know about. It does have a lot of articles and resources for protecting children online, which is always a major concern. Other areas include financial information, identity theft protection, medical records privacy and Internet privacy. The resources site has a lot to offer and can keep you busy for a long time. Along with privacy resources, the resources site allows you to locate local officials, find information on a business, and get resources for teachers and consumers.

Ultimately the blog is a great source of information from our government. It does a great job of keeping the postings entertaining and not just focused on politics and policies.

Tweet This Post

Blogger News Network is reporting on a 20-year old Rhode Island native who has been sentenced to two years in prison for a drunk driving accident that left another driver seriously injured. Now you are probably asking, “What does this have to do with an Internet privacy blog?” The answer: Two weeks after he was charged, Joshua Lipton attended a Halloween party dressed as a “jail bird.” The photos of him partying were posted on Facebook, which ended up being very useful to the prosecution.

The prosecution found these photos and used them as evidence in court. They said Joshua was an “unrepentant partier” who “lived” it up, even though the victim of the crash was in the hospital. The judge agreed and before giving out his sentence deemed Justin to be “depraved.”

Prosecutors are not the only ones who are using social networking sites to make important professional decisions. Many employers are looking up their candidates on these sites to see what kind of life they lead and if they would like to employ them, or not.

It is probably a good idea to completely delete your profiles when you are looking for a job…or when you are on trial. Better yet, think twice before you post anything.

Tweet This Post

Sometimes it seems like writing blog posts and doing research is just about data and these huge companies possibly gaining too much information about you or an ISP tracking you. So I decided to put things into perspective and describe a scenario that doesn’t involve two massive companies or some obscure government body.

A recent interview with a private investigator presented by Yahoo! News and cnet News discusses just how easy it is for him to gather information for his clients in this modern era. With the increased use of the Internet, his preferred tool, and social networking sites, Steven Rambam is able to learn everything possible about a person without ever having to meet them.

Privacy decreases with every blog post, every MySpace bulletin, and every photo posted. Mr. Rambam states, “Anything you put on the Internet will be grabbed, indexed, cataloged, and out of your control before you know it…The genie is out of the bottle. Data doesn’t stay in one location. It migrates to hundreds of places.” This has helped his job, basically by making it easier to find out anything he needs while building a case for a client.

He starts off by using social networking sites to find out what the person looks like. From there he can also gather other information such as: occupation, hometown, age, etc. He evens compiles a list of friends and family to interview. He says that he used to have to pay the police to get a driver’s license photo…now all he has to do is find their MySpace page. He also uses job search engines to find resumes with personal information, and even uses the dreaded marketing companies that compile our data on us.

He also discusses the various ways technology has benefited his business, while hurting our privacy. Cell phones, referred to as the 24/7 “snitch,” since data can be cross-referenced to see who you talked to and where you were. This along with the increased use of cameras, such as in New York City subways, to monitor and control the population.

Mr. Rambam conducted an experiment…he had someone agree to go into hiding for a year and see how many times he could be found. The answer: 9. Nine times the person who was attempting and trying to hide their identity was found. Through various methods, mostly Internet-based, he was able to track down his target.

Tweet This Post

Unlike the footprints we leave as we walk along the beach, electronic footprints don’t wash away so easily. Most human activity leaves an electronic footprint that will last until we have an apocalyptic event. To put this into perspective, unless we are plunged into another dark age by a meteor, traces of our existence will last well beyond our lifetime. This leaves us with two choices, accept the inevitable or pay attention to the traces we leave.

Let’s focus on the some of the traces we leave and the choices we have. From driving to surfing the Internet, we leave a huge volume of traces that we usually don’t think about. Even if we have nothing to hide, maybe we should still know what traces we leave behind. I’ve chosen to accept some loss of privacy for the sake of convenience.

My car is equipped with OnStar. This is a great tool in case of an accident. It also helps when I’m lost or want to find the nearest gas station. But what traces does it leave? First off we know there is a GPS system that tracks the cars movement. This is how you get directions and how emergency personnel are notified in case of an accident. Should I worry about this? I don’t, but what if I don’t want people to know where I’ve been. Well I suppose I could decide not to take my car.

But wait, if I don’t take my car I can still be tracked by my cell phone. It too sends out a signal that let’s the phone company know where I am. It needs to send the signal so I can receive calls. I suppose that I could turn off my cell phone so that it’s not sending out signals.

But wait, what car am I using? If it’s a rental car, I had to pay for it with a credit card and show identification. That almost defeats the whole purpose of not using my car. And what if the rental car company has installed a tracker just in case their car was stolen. Hmmmmm.

Maybe I could borrow a friends car. If the friend picked me up, I could drop my friend off and drive to where ever I was going. Of course if I borrowed a car I’d have to make sure it did not have an electronic toll payment system like SunPass or EasyPass. And I’d probably want to return the car with gas. Hmmmm. I guess I would have to pay cash for the gas if I wanted to make sure I did not leave a trail.

But wait, where did I get the cash? If I went to an ATM then I left a trace at that machine. Worse yet, where did I go? Almost anything we do involves spending money. Having lunch, flying on an airplane, parking at the airport, renting a hotel room, buying clothes and well, just about anything. That’s an awful lot of cash.

But maybe I don’t go far or maybe I don’t spend a lot of money. However, if I used the Internet to research a local park and the park hours, my ISP at home has a log of my activity. My PC also has the history of the browsing and maybe even a cookie.

Maybe this all seems a little over the top. The point is that in the world today we leave an electronic footprint. Someone can create a very detailed picture of our existence using that footprint. Should we worry about it, yes and no. Yes because with evil intent that information can be used against us in ways I don’t even want to think about. And no, because there is very little we can do about it.

While I don’t worry about it, I do recognize the footprints I leave behind. And when I am concerned about people with evil intentions, I try to minimize that footprint as much as possible.

Tweet This Post

A recent article by the McClatchy Washington Bureau reported that the Federal Trade Commission (FTC) will not intervene in the battle between data-miners and Internet marketers–ultimately allowing them to figure out for themselves how to protect the Internet privacy of its users. So much for the FTC’s catchy slogan of “protecting America’s consumers.”

The FTC’s official statement on the subject is, “Self-regulation may be the preferable approach for this dynamic marketplace.” With this being the way it is, new legislation won’t even be considered until the new President takes charge next January.

This battle has been raging, and now it may be at its all-time worst. With more consumers worrying about their privacy and more companies using behavioral targeting to advertise to potential customers, Internet privacy is a volatile and touchy subject. Without help from the FTC, this problem will not figure itself out. Limits will be tested and boundaries pushed by companies to see how far they can take the tracking and recording of private information without getting in trouble for it.

While self-regulation is a start, governments needs to step in and do something. Self-regulating is not the final solution, especially when the two sides are on completely different ends of the spectrum…it will be difficult to self-regulate when the corporations want more information and the consumers don’t want their privacy invaded. FTC regulations would make everything uniform and consistent.

One of the comments to the article stated it in the best words possible when considering using only self-regulation: It’s like letting the fox guard then hen house…

Tweet This Post

Telegraph UK reported that search-engine giant Google, the proud owners of YouTube, were demanded to give up ALL of their users’ information…that is correct. This started mainly because of a suit brought on by media juggernaut Viacom, who accuses Google/YouTube of hosting copyrighted information on the site. Google will have to hand information over to Viacom such your log-in details, viewing history, and the IP address from which you surf. I hope either A.) you didn’t view any copyrighted movies or B.) you are using a proxy server to mask your IP and surf anonymously.

The EFF website also has some information on this subject, which it is calling a “setback to privacy rights.” Viacom owns MTV and Paramount Pictures (among others) and is demanding this information because copyrighted programs have been appearing on YouTube and has led to an “explosion of copyright infringement.” Googling is countering the $1 billion lawsuit by saying it already goes above and beyond any legal expectations to remove copyrighted materials…a strategy which hopefully works out, especially since I don’t think I know a single person who doesn’t go on YouTube.

Viacom has stated they want the user details so they can statistically compare original videos with copyrighted videos to show “the attractiveness of allegedly infringing video with that of non-infringing video” (I smell something…it smells a lot like b.s.).

I am just glad that Google does have the firepower to fight back against Viacom and that the EFF has also made their stance clear. I do not need my log-in details and IP address taken hostage so that a “statistical analysis” can be done. How does my personal information help Viacom conduct these studies? IT DOESN’T. Viacom promises not to pursue legal action against people who watch copyrighted content…so I guess we can trust them since they said they wouldn’t do it. That has never happened before, why would a huge company like Viacom lie?

While Google has been involved in some privacy rights issues recently I am glad to see they are stepping up and fighting back. They are requesting to encrypt and anonymize the logs before sending them over to Viacom so that individual users are not prosecuted, but so that a statistical analysis can be done anonymously.

Tweet This Post

Everyday millions Internet users make purchases online. Most people do not realize the dangers lurking behind recommendations that websites make based on your purchases. In theory it seems like a great idea…I purchased the latest Stephen King book and here is a list of other books I may like based on my previous purchase. What’s not to like about that? That is great customer service…or is it? A recent article published by the Wharton School of Business shows the underlying dangers of behavioral targeting.

The article starts off by turning the tables…what if you buy your favorite movie and then see recommendations for other movies you may like? That is something we all appreciate. But what if the next time you visit the site you see an ad that has nothing to do with your movie choices? Instead the advertisement is for debt consolidation or treatment for a medical problem…this is what the article describes as the “creepiness factor,” the private part of your life that is somehow not private anymore.

The way the creepiness factor comes from marketing companies tracking your surfing habits and building up a profile about you based on the sites you visit, e-mails you write, etc…. The companies argue that focusing advertisements based on your needs is beneficial to you as a consumer, and that the trade-off between better advertisements and your personal privacy and Internet anonymity is worth it. I disagree…and so do most people. A recent research study, presented in the article, showed that 91% of adult Internet users would use some sort of tool to surf anonymously and avoid having their information tracked and stored.

The article continues to discuss how technology has evolved over the years, but the policy for protecting us while using the Internet has not. There is no barrier. Any law that is intended to help us has a loophole. For example, the government can’t collect certain information from us without a warrant, so they buy it from a company’s marketing department that collects the information legally without us knowing it.

I would like to know when my information is being stored in some database and how it will be used by the company. Protecting your privacy needs to be proactive. The use of proxy servers and other privacy tools can help hide your IP address and keep you from having your identity stolen.

Tweet This Post

A recent report by Freedom Works discussed one of the newest privacy threats we should know about. Congress has sketched a new proposal that would require all merchants’ payment systems to be tracked, recorded, and reported to the federal government.

This legislation will affect any credit card transaction made. Businesses will be required to give up that information once they swipe a card. The hopes of Internet privacy or being able to surf anonymously may be nonexistent if you use Amazon, PayPal, or any other online merchant. The online vendors are also required to divulge the information and report transactions to the government.

Many questions are raised throughout this article such as:

• What is the federal government’s purpose with this kind of detailed data?
• How will this database be secured, and who will have access?
• Many small proprietors use their Social Security number as their tax ID. How will their privacy be protected?
• What compliance costs will this impose on businesses?

These important questions need to be answered before the legislation continues. With the rise of ID Theft and American citizens’ worries about government spying, this legislation seems to completely forgo privacy protection.

Tweet This Post