(This quote is not directly from the source I'm linking, you'll have to click through.)

At the Open Data 2007 conference in New York today, David Cancel, the CEO of Compete Inc. revealed that ISPs happily sell clickstream data -- and that it's a big business. They don't sell your name -- just your clicks -- but the clicks are tied to you as a specific user (User 1, User 2, etc.).

Holy Fuck! This is a major, major privacy issue. Apparently there are some MemeStreams readers who either use the Compete toolbar (which is not a problem unless you are fooled into installing it) or have their ISPs quietly spying on them and selling the data to Compete (which IS a BIG problem). I expect that there is going to be some fallout from this announcement.

Boing Boing: Are some ISPs selling clickstream data?

Googleis reversing a long-standing policy to retain all the data on its users indefinitely, and by the end of the year will begin removing identifying data from its search logs after 18 months to two years, depending on the country the servers are located in.

Currently, Google retains indefinitely detailed server logs on its search engine users, including user's IP addresses – which can identify a user's computer, the query, any result that is clicked on, their browser and operating system, among other details. Even if a user never signs up for a Google account, those searches are all tied together through a cookie placed on the user's computer, which currently expires in 2038.

27B Stroke 6 | Google To Anonymize Data

Con artists and swindlers in China who try to use fake ID will have a tougher time trying to pass themselves off as someone else now that the public has access to the Ministry of Public Security's population database.

Anyone can now send a text message or visit the country's population information center's website, to check if the name and the ID number of a person's identity card match. If they do match the ID cardholder's picture also appears, said the Ministry, adding that no other
information is available to ensure a citizen's privacy is protected.

This is a novel approach.

Xinhua - China has an open ID database.

dc0de wrote:
And yet another loss of privacy, without so much as a whimper from anyone...

Well, technically they are arguing that they had the right to do this all along. In order to test their theory, you'd have to get standing in court, which would require demonstrating that they have done it, or demonstrating that the possibility that they might do it directly impacts you. The later is what they've tried to do with the telephone surveillance cases. What comes next is their claim that the lawsuit's result is a state secret...

Basically, whatever happens with the phone suits is likely to happen with this, and in the phone suits they are doing everything in their power to avoid having to actually argue, before a court, the points of law that they keep making in contexts like this (inherent power of the president, article II, etc...). In my estimation there is only one currently sitting Supreme Court justice who would accept their perspective on that if push finally came to shove, but they're not ever planning on push coming to shove. The recent change in Congress may have made it difficult for them to pull the issue out of the courts through legislative fiat, but I have been surprised that this thing has gone this far in court and I have a feeling they'll get it out of there through some other means eventually.

Also, suing specifically on this mail question won't get you anywhere, as they haven't actually publicly admitted that they do this, and so their state secrets claim would stick and it would get pulled.

RE: NPR : Federal Government Can Now Open Citizens' Mail

Amid the obituaries of former President Gerald Ford last month, you did not read about his intense involvement in privacy-protection policy. Privacy was the issue that most involved Ford in his nine months as vice president, and he maintained his interest when he brought decency and decisiveness into the presidency.

Gerald Ford: Privacy's Godfather - Forbes.com

Robert Popp and John Poindexter

Security and privacy aren’t dichotomous or conflicting concerns—the solution lies in developing and integrating advanced information technologies for counterterrorism along with privacy-protection technologies to safeguard civil liberties. Coordinated policies can help bind the two to their intended use.

TIA in this month's IEEE Security and Privacy.

Countering Terrorism through Information and Privacy Protection Technologies

Sen. Reid stated flatly and unequivocally -- and I'm paraphrasing -- that the Specter bill was not going anywhere, that it would not be enacted. I then asked him how he could be so certain about that --

In response, Sen. Reid explained that our system does not allow every bill to be enacted simply because a majority supports it, that Senate rules allow minority rights to be protected, clearly alluding to a filibuster.

Apparently Reid has told the blogosphere that the Dems are prepared to go nuclear on this. Or is it nucular?

Unclaimed Territory - by Glenn Greenwald: Sen. Reid: The Specter bill will NOT be enacted. Period.

On a scale of 1 to 10, in which 1 is the least important and least far-reaching and 10 is the most important and most far-reaching, the controversial parts of the Patriot Act renewal were about a 2. Nonetheless, the Bush Administration struggled for months to push through the legislation. Congress held hearings on almost every teeny tiny piece of text...

Compare that to the developing politics surrounding the Specter NSA bill, which was voted out of the Senate Judiciary Committee. On the same scale of 1 to 10, in which 1 is the least important and 10 is the most important, the Specter bill is somewhere around an 8. The Specter bill would reorient the basic role of the legislative branch in national security surveillance. In terms of importance, its provisions dwarf the provisions in the Patriot Act renewal by orders of magnitude.

The Volokh Conspiracy - The Politics of Surveillance and the Specter NSA Bill:

noteworthy wrote:
My chief complaint was that NYT was making an apples-oranges comparison; there are legal precedents regarding the caller's expectation of privacy with regard to a common carrier, but those precedents do not apply to enhanced services.

What precedents draw a distinction with regard to basic vs. enhanced services?

With respect to the 4th Amendment, in the beginning there was mail. You had an expectation of privacy for the contents of envelopes, but not for the things written on them, nor for the contents of post cards. The court extended this framework to telephone services by drawing the peculiar conclusion that dialed number information is not enveloped because the phone company must process it to route your call, but call content is enveloped. This is convenient, but somewhat disingenuous.

Unfortunately, Internet packets are a lot more like postcards than envelopes. As far as I know, no court has ever decided whether the 4th amendment applies to Internet communications. Chances are it probably doesn't. The reason its never come up is that Congress created a statutory framework for dealing with these things that few have challenged: The Electronic Communications Privacy Act. The ECPA is weaker then the 4th amendment would be. Its really concerned with protecting information in transit, but once that communication is received, and stored, it becomes very weakly protected. The routing information is, also, very weakly protected.

In the past, our most private articles were in our homes, where they were strongly protected by the 4th amendment. Increasingly, our most private articles are stored on website and ISP servers, where they are almost totally unprotected, or they are kept on our laptops, which we carry through international border checkpoints on a regular basis.

This is how the idea of personal privacy dies.... The court system is either unwilling or unable to adapt their protections as technology advances, holding on to an anachronistic idea of how privacy is defined that ignores the complexities of the modern world, and allowing Congress to insert statutes into the vaccum that are written by law enforcement and fueled by the fear of terrorism.

Cryptography will become the new 4th amendment, and ironically the only people who'll really be hurt by it in the long run are the Law Enforcement interests who claimed the need to access this information in the first place!

Decius wrote:

As time goes on from the search, the risks associated with holding on to that information far exceed the value of storing it.

Is that really true? Or is it the time-series compilation of queries that increases the risk?

Obviously the more data you have the greater the impact of a disclosure, but the longer you hold onto the data the more likely a disclosure is to occur, and the lower the value of the data in terms of system management, prediction of interests for marketing reasons, etc...

I'd be concerned that too much government intervention could stifle innovation.

Requirements that street worthy automobiles be a certain size and have certain safety characteristics also stifle innovation. There is a balance here as in all things. As the idea of personal privacy is a core tenent of our social contact I think it ought to weigh heavily in the innovation versus regulation question.

RE: Enter Search Term Here, Forever

noteworthy wrote:
NYT says Google et al are wrong to store usage data.

The storing and sharing of [search] data is a violation of users’ privacy rights.

OK, so what's their reasoning?

When people talk on the phone, they assume that the words they utter will disappear when the call is over. They certainly do not expect that their phone company is recording and storing the words, to mine for commercial purposes or to sell to other companies. People have the same expectation about the Internet searches they do: when the search is over, the words they used will disappear.

They confuse the telecom provider's role as a common carrier and basic service provider with Google's role as an information service and enhanced service provider.

Don't you agree with them? I don't think search engines should store usage data indefinately. As time goes on from the search, the risks associated with holding on to that information far exceed the value of storing it. Unfortunately, all of the risk is bourne by the searcher and all of the value is borne by the holder. This sort of imbalance is an area where it makes sense for the government to intervene.

I'm not sure I folllow how your distinction between a common carrier and an enhanced service provider is relevent to this discussion. I would say that the phone numbers you dial have approximately the same privacy implications as search terms. Search terms are a bit worse but its the same ball park. Telephone users do not expect their dialed numbers to be stored indefinately, and yet federal data retention laws already require phone companies to keep some of that data around for a longer period of time then they naturally would. I wasn't aware of this until they present data retention drama started. Perhaps this fact could support more data retention by search engines. I think its an example of how far down the slope we're already slid.

Edward Markey, Democrat of Massachusetts, has introduced a bill to prohibit Internet companies from warehousing personal data, including search queries. It is a good start, but it still gives companies too much leeway to keep data. The bill should be strengthened and passed.

This seems rather heavy handed and ill-conceived. Obviously you'd need a user-consent exception to such a rule. Then search providers would force you to log in and accept a terms of service agreement. And then your semi-anonymous cookie is replaced with a login ID; is that better?

Take a look at the bill. I could drive a truck through the "any legitimate business purpose" loophole. This would, as a matter of fact, have no impact on search engine data retention. This is an anti data retention proposal, meant as an answer to some of Congress's attempt to turn the Internet into a surveillance system by requiring ISPs to retain data long after they would have usually thrown it away. The question of whether web sites should be included in that requirement has been raised. Passing this law would be a hard no, but I expect its purpose is really more symbolic then serious.

A solution to this problem is, however, desparately needed. People simply don't understand the risks. Their understanding will get better and better as time goes on, and search engines will find themselves addressing it eventually. Unforutnately, all that risk exists today and will exist until enough people understand it that they react.

Privoxy and Tor are not the right answer. Legislation would be preferable to arms. Crafting an appropriate law would be easy. Maybe the search engines could offer an alternative to stave off the need for this.

RE: Enter Search Term Here, Forever