] Ms. Konz and a reporter for The Associated Press, Denise
] Grones, were seated in the front row. They began to take
] notes. And when Justice Scalia began speaking, they
] clicked on their tape recorders.

The irony here is the kind that makes you feel sick inside.

] But this is the United States in the 21st century where
] the power brokers have gone mad. They've deluded
] themselves into thinking they're royalty, not public
] servants charged with protecting the rights and interests
] of the people. Both recordings were erased. Only then was
] the reporters' property returned.

This was a public speaking engagement. It was at a High School. Its not like this was someone recording a gathering among friends, or some clear gray area where there might have been some ability to exercise "privacy rights".

] When agents acting on behalf of a Supreme Court justice
] can just snatch and destroy information collected by
] reporters, we haven't just thumbed our nose at the
] Constitution, we've taken a very dangerous step in a very
] ugly direction. The depot at the end of that dark road is
] totalitarianism.

The above quote saves me having to come up with and type something to express similar sentiment. It makes me feel all warm and fuzzy inside to know if Justice Scalia does the same, he would prefer I not pass it along..

] "It protects journalists not just from newsroom searches,"
] she said, "but from the seizure of their work product
] material, things like notes and drafts, and also what's
] called documentary materials, which are things like these
] tapes, or digital recordings."

I guess the lesson here is that if you have a recording device on site, make sure its storage is located in a place fully within your control, several blocks away. The lesson is noted, the spectrum and services are there to do it several ways "legally". In that shitty future we keep hearing bits and pieces about, when public officials engage in public speaking engagements, will we have to square off SIGINT and IA chops with the Senior Services on hand?

] Ms. Konz told me: "All I was doing with that tape recorder
] was making sure that I was not going to misquote the
] justice. My only intention was to report his words accurately."

I'd really like to hear Scalia's justification for not allowing people to record him at large gatherings.

NYT Op-Ed: A Justice's Sense of Privilege

This webpage run by the California Highway Patrol has realtime information available for traffic incidents they have responded to. Most of what I've seen so far have been traffic stops, disabled vehicles, traffic hazards, etc. The type of stuff you'd expect. At the time of posting, there were a few funny things occurring in the Bay Area. Something about a bunch of chickens that escaped from a truck and were running around the road.

Map views are still under construction.

This is a very different type of police surveillance. Not the type we are used to. Its a nice change, watching them. So much for police blotters and radio scanners. This is realtime and less work.

CHP Traffic Incident Information Page

Decius wrote:
] Should the government force me to be private even if I don't
] want to be? I don't think so. The government should create a
] framework in which we can make choices.

They can force you to keep certain (or better) records, and have been doing so in various industries such as healthcare and accounting. If that's happening, rules that say what information can't be kept (or used in certain ways) could be crafted as well. I could envision laws that either have something to do with protections or disclosure.

The disclosure angle is both tricky and interesting. Think about your average online transaction, and the various parties your information passes to/from. Might be a group like Amazon, Visa, your bank, and UPS. There are also a few additional parties in there, such as companies contracted to handle transactions, accounting, etc. Its probably complex as hell..

Picture a requirement, in lets say 5 years, that every company you deal with online has to be able to present you with a detailed individualized privacy report. That type of empowering of the consumer would result in an interesting form of distributed oversight, not to mention education and awareness.. That's the type of thing I'd like to see.

] The system is not responding to your interests.

The number of people concerned about these issues is growing, as we said it would. I am still confident that will change.

] We ought to curtain the data the government shares.

I am of the opinion that some top down clue is necessary. Most of the real problems occur at the "DMV level". Note I said top down clue, not top down control. I think these ID systems should all remain state level concerns, but a shared strategy or set of guidelines for protection of privacy seems like a good idea. The national ID doesn't.

] 3. The most important thing that we need is awareness and
] sophistication about this issue with the general populace.
] Levels of understanding have improved a great deal in the last
] 20 years, but there is still a lot of road to cover.

This is one of the reasons I think strategies that push for more disclosure are good ideas. As you indicated earlier, the absolutist approach to privacy can't work. The best way to teach someone is to throw information at them, in context. People don't spend much time reading privacy policies, but they do go over whatever "my account" information the site provides them. That is where the consumer needs to be provided with more information.

] There is no reason why Google can't discard the last two
] octets of your IP address. It will not impact their
] demographics at all, but it would provide enough protection
] against turning their database into a thought crime monitor.
] And they'll do it, but only if we demand it.

Google might disagree with you. That may cause more problems for them then it solves for anyone. Given cookies and ways to cross-reference them with things like Orkut, it really wouldn't matter either.

The weak part in the chain, at least as far as the Patriot Act angle goes, is the removal of judicial protections. Not the information or the ability to relate it. With most ID concerns, the problem is parties releasing information without permission, or failing to protect information.

Companies addressing these issues will become in vogue at some point. Just mark my words. It will be used to build trust with their customer base. In terms of long term trust, many of the companies in the position to be a "leader" in the space have only been around for a few years. Google should care right now about how I'm going to feel about them in 4 more years. Same for Amazon, B&N, etc..

RE: Wired News: Great Taste, Less Privacy

] A patron walks into a bar and orders a drink. The
] bartender asks to see some ID. Without asking permission,
] the barkeep swipes the driver's license through a card
] reader and the device flashes a green light approving the
] order.
]
] The bartender is just verifying the card isn't a fake,
] right? Yes, and perhaps more.

[ Best freak-out tone ] Now the FBI is going to know everywhere I ever go!! Is no place save anymore!? [ / ]

Seriously though.. Just last night, out with ballsdeep, he had a problem with the way this girl ID'd him, making it necessary for us to flee the bar.. That didn't even involve a scanner. I think she was hitting on him. She asked me my sign. Usually, my Jersey license just gets a kinda sneer.. Something you have and something you know? That's a better way of validating the ID then asking my birthday. This night, the bar got a lot of information. However, I feel bd misinterpreted the situation.

Vegas for instance.

What can you say after that?

Anyway.. After a few very high profile shit storms come down on venues that misuse collected information, it should become apparent that if you screw your customer base, they will find out, and not be happy about it. People still do need to be more aware of when their information is collected and how it is used. Entities who collect information also need to be aware that it is their responsibility to protect the information they collect from being compromised and misused.

Oh yeah. I am a big fan of "opt-out".. As I was reading this article, I found myself contemplating a "the ID doesn't leave my site" policy. The situations I really don't like, are the ones when someone takes your ID away from you and checks it. Like restaurants where the bartender has to check the card, so the waitress takes it. Its not like my credit card, it doesn't need to be verified against something external. That shouldn't be necessary. Everytime that happens, I feel like they take the thing somewhere, photo copy it, it gets entered in some database, images of old punchcard computers fly through my head and morph into things spitting out junk-mail envelopes, etc.. I don't mind when the person I'm interfacing with needs to know who I am, and authenticate my age. That's ok. Its when the information spreads outside that transaction space, it becomes a problem. I feel like I should ask for a printed privacy policy.

This whole situation is one of the reasons I love my Jersey ID. No barcodes. No chips. No mag strips. Its laminated even! Very low tech. However, a skilled eye can tell a fake. I'm going to miss it when I switch over to Cali.

Here is a question for the MemeStreams community.. If you were proposing legislation for laws governing how venues can collect and use information from IDs, what would you propose?

Wired News: Great Taste, Less Privacy

] Profiling has two very dangerous failure modes. The first
] one is obvious. Profiling's intent is to divide people
] into two categories: people who may be evildoers and need
] to be screened more carefully, and people who are less
] likely to be evildoers and can be screened less
] carefully.
]
] But any such system will create a third, and very
] dangerous, category: evildoers who don't fit the profile.
] Oklahoma City bomber Timothy McVeigh, Washington-area
] sniper John Allen Muhammed and many of the Sept. 11
] terrorists had no previous links to terrorism. The
] Unabomber taught mathematics at UC Berkeley. The
] Palestinians have demonstrated that they can recruit
] suicide bombers with no previous record of anti-Israeli
] activities. Even the Sept. 11 hijackers went out of their
] way to establish a normal-looking profile; frequent-flier
] numbers, a history of first-class travel and so on.
] Evildoers can also engage in identity theft, and steal
] the identity -- and profile -- of an honest person.
] Profiling can result in less security by giving certain
] people an easy way to skirt security.

Bruce Schneier, trying to spread the clue around.

How We Are Fighting the War on Terrorism / IDs and the illusion of security

Decius wrote:
] While everyone is freaking out about their Tivos, Jeremy
] mentioned a much more serious issue. The fact is that TV only
] shows you popular culture. There are limited circumstances
] where surveillance of TV watching habits would really be
] problematic politically. TV is the soma. The Internet, on the
] other hand, makes your local library look tame. Google knows
] everything that you've thought about seriously in past 5
] years. And what Google knows, the police know.
]
] If they don't need permission or notification to pull your
] records from the library, how long before they can do the same
] with your Google records?

The linking of records cannot be prevented. The development of IT, if let run unrestrained, allows for total tracking of everything. Nanotech can turn us all into grey goo. At points fire probably caused a few people to get seriously hurt.. People will tell you its bad to play with all of the aforementioned.

I'm taking the same line as I did in the Patriot Act renewal thread. The powers of being able to link together certain records will exist, if by the capabilities of technology alone, and our challenge is figure out how we want this to work. That includes where we enforce certain "firewalls" and limitations.

There is much missing policy. This is because we have just as much missing philosophy. The technology is warping our ideas on privacy, its mutating our threats, and its giving us new capabilities. The only thing I am sure of, is that the only way to do good is to lead in the right direction.

Your TiVo tracks you, Google tracks you, your Easypass tracks you, your mass transit card(s) track you, your grocery card tracks you, your credit card tracks you, your atm card tracks you, and your computer owns you. Everything tracks you. You help it just by using it. Given a desire or requirement, it could all be linked.

If anyone still has ideas that its even possible to maintain some kind of "total privacy", they are living in a dreamland. Your various tokens and connections will compromise themselves, without you realizing it. If you have a Safeway card you went out of the way to register as "Customer" (as I have), its got compromised the first time you used your atm/credit card to buy something with it (as I most certainly have). If you sit on Friendster/Orkut/etc and just respond to requests, at least a chunk of your social network will come to you all by itself. Just wait till bill scanners can track serial numbers.. Look at your blog, and embrace the grey goo that is your privacy. There is no escape!

This must be embraced, there is no turning back. It can be used to empower or oppress. I vote for empower, and that's why I work on systems like MemeStreams and get so concerned about Patriot Act like issues. I think that just like every other advance that has been disruptive, this one just ne... [ Read More (0.3k in body) ]

RE: Google Privacy Policy

] TiVo boxes download scheduling information over phone
] lines each night. They also upload a record of what was
] watched, recorded and skipped.
]
] TiVo says it does not identify individual viewers but
] will customize the report to track, for example, viewing
] habits of Silicon Valley subscribers during the Super
] Bowl, the finale of American Idol or the Academy Awards.

This makes me slightly uncomfortable.. Mostly, because they said for the longest time that the TiVo did not upload _any_ information about what a customer views. I don't think my TiVo ever told me it was doing different. I wonder when this changed, or will change, and if I wasn't paying attention to the news would I have known about it.

] ``Privacy is an addressable concern,'' he said. ``Theoretically,
] TiVo knows a huge amount of information about an individual.
] But they've sworn not to use it except in aggregate and are
] adamant about sticking to that pledge,'' said Bernoff, who
] does not have a business relationship with TiVo. ``As long
] as TiVo stays and business and maintains that pledge, I don't
] think it's a problem.''

This particular issue has come up before in relation to MemeStreams.. At what point does data which is private, become data which is statistical? A few individuals data collected, in my opinion, does not go over the threshold enough. A TiVo in a shared household for instance.. All the TiVo's in a region, I don't see a problem with. All the TiVo's total, I don't see a problem with. That is very useful information.

I agree with TiVo that this is a addressable situation. There _is_ a middle ground. We collect a fair amount of information about the surfing habits of users on MemeStreams. However, this data is either used directly by the users (it powers the Reputation Agent), or we boil it down for the purposes of statistical info. Our privacy policy explicitly says we keep that information as private as we are capable of keeping it, and we do. We don't peek around people's private data. We view ourselves as entrusted to protect it. We don't sell people's private data, nor would we ever.

Currently, our statistical info is only used for the graphing stuff. That will change, but we are committed to protecting users privacy rights, and giving them access to information that is theirs.

Personally, I don't like the idea of selling the aggregate information, specifically selling exclusive access to the information. Its the users' information, it was collected and derived from them, so they should be able to see/use it. Otherwise, they should be reimbursed.

That leaves room for different service levels, and a business model to wrap it in. Advertisers are going to want the data faster, easier to access, and in close to real-time as possible so they can adjust their schedules and strategies. Personally, I just be interested in the "Google Zeitgeist"/"Billboard" style monthly view.

Mercury News | TiVo to sell data on viewing habits of subscribers

] The FBI demanded Las Vegas hotels turn over their guest
] lists leading up to New Year's Eve to check against a
] U.S. master list of suspected terrorists, a law
] enforcement official said on Sunday.
]
] The demand for "patron information" went to all major
] hotels in the Nevada casino and entertainment city, said
] the official who declined to be named.

What was the money line in all the recent Vegas advertising? "What happens here, stays here." Well, not this New Years..

] A second U.S. government official said to his knowledge
] only one hotel had balked at providing its bookings list.
] Newsweek, the first to report the FBI demand, said one
] big hotel had refused and was "slapped with a subpoena."

I would really like to know what the hotel was that required the subpoena.

Wired News - FBI obtains ALL Las Vegas Jan 1 room lists with no court auth.

... Congress has taken action that really is worth worrying about.

I'm not sure this was "Patriot II", but I think it reveals what the strategy is for "Patriot II" is.. Do it slowly, redefine one thing at a time, and we will not notice or think it is significant.

Too Much Power

Chock full o' good "insider" informtion on the miltary and intelligence communities internationally.

Cryptome