Interesting article from microsoft with views from three past CPOs.
I am attending the IAPP Global Privacy Summit, the biggest privacy industry conference. Google has sponsored the networking happy hour and has bought me a drink. Do I thank Google or thank myself for using Google's services?
The Institute of Electrical and Electronics Engineers' (IEEE) Spectrum magazine recently ran a fantastic article about the history of the UNIX operating system, "The Strange Birth and Long Life of UNIX". The article can be found here: http://spectrum.ieee.org/computing/software/the-strange-birth-and-long-life-of-unix/0. The article walks you through the unusual circumstances that happened at AT&T during the late 60s and early 70s, how UNIX was almost killed by company policy, and how it was nurtured into its current form.
A great article for anyone who knows/uses UNIX based systems.
A great article for anyone who knows/uses UNIX based systems.
On Thursday, March 1st, Google's new unified privacy policy goes into effect. Previously, all Google services maintained separate silos of data operating under separate privacy policies. This is no longer the case. Google is now unifying it's data and, ultimately, building rich stores of data about you. Below are a few actions you can take to mitigate the amount and type of data Google will have access to after the policy change goes into effect.
1. Do not perform Google Searches while signed into your account.
This is the simplest way to ensure Google does not capture search history associated with your user ID/profile. As an alternative, keep your Google account signed in on one browser (e.g. Firefox) and use another browser operating under privacy protection mode (e.g. Chrome's Incognito Mode) to conduct searches. This is not fool proof -- google can certainly be smart enough to identify signed in sessions and non-signed in sessions originating from the same IP address...but it's a start.
Please note all steps below assume you are signed into your Google account
2. Remove your Google History
If web history is enabled:
Doing this automatically stops the future collection of web history. If you ever wish to resume history collection, simply click the "Resume" button.
3. Remove your YouTube History
To remove these e-mails from Google Servers:
Security Best Practices for your Google Account
1. Do not perform Google Searches while signed into your account.
This is the simplest way to ensure Google does not capture search history associated with your user ID/profile. As an alternative, keep your Google account signed in on one browser (e.g. Firefox) and use another browser operating under privacy protection mode (e.g. Chrome's Incognito Mode) to conduct searches. This is not fool proof -- google can certainly be smart enough to identify signed in sessions and non-signed in sessions originating from the same IP address...but it's a start.
Please note all steps below assume you are signed into your Google account
2. Remove your Google History
- Navigate to http://www.google.com/history
If web history is enabled:
- Click the button says "View History"
- Click "Remove All Web History"
Doing this automatically stops the future collection of web history. If you ever wish to resume history collection, simply click the "Resume" button.
3. Remove your YouTube History
- Click on "YouTube" in the toolbar at the top of the page
- On the right of the page, click your username and select "Video Manager"
- On the left side of the page, click the "History" button
- Click the "Clear Viewing History" button, confirm your choice when the pop-up displays
- Refresh the page/click the "History" button again
- Finally, click "Pause Viewing History"
- In Gmail, click on the cog/wheel in the upper right corner
- Click Mail Settings
- Click Chat
- Ensure "Never save chat" history is enabled
5. Remove old e-mail from Google
Navigate to https://mail.google.com/mail/u/0/?tab=wm#all/p99999 and look at the date on the e-mails, these are the oldest e-mails stored in your Google Account.Take a walk through memory lane...Scary, huh?To remove these e-mails from Google Servers:
- Click the cog/wheel in the upper right corner of Gmail
- Select "Mail Settings"
- Select "Forwarding and POP/IMAP"
- Click "Enable IMAP"
- Download a mail client such as Thunderbird, Outlook, Apple Mail, etc
- Follow directions to setup mail client: http://support.google.com/mail/bin/answer.py?hl=en&ctx=mail&answer=75726
- Using the mail client, create a local email storage file= such as an outlook PST or a Thunderbird local folder
- Download all e-mails from Google to your local storage
- Delete all e-mails from Google
- Repeat this every month, ensuring only the last six months of e-mail stay on Google's Servers
6. Android Phone - Web Browser
- Open your Web Browser
- Click the Menu Key on your phone
- Select "More"
- Select "Settings"
- Clear your history, cache, and location access.
- Suggest disabling "Enabled location" to prevent future websites from accessing your location.
Security Best Practices for your Google Account
While not related to the impending privacy changes, the follow steps are two important functions to enable on your Google account.
7. Google Mail Connection
- In the Gmail settings, click on the "General" settings tab
- Ensure "Browser Connection" has "Always use https" enabled
8. 2-Step verification
2-Step verification is similar to what major banking websites are now using. This service provides stronger security protection on your account. The process is very simple: Once activated, you will need to verify the device(s) you frequently sign into your google account from. Your home computer, your work computer, your iPad, etc. To do this, Google will send you an SMS text message with a unique code. You will be required to enter both your password and this code to verify the device you are signing into Google with. This will prevent people from accessing your account from unauthorized devices/computers.
To enable:
- Navigate to https://www.google.com/settings/
- Under "Security" find the 2-step verification item
- Click "Edit" -- walk through the sign up process.
"In the pre-computer age, the greatest protections of privacy were
neither constitutional nor statutory, but practical. ... The
surveillance at issue in the case -- constant monitoring of the location
of a vehicle for four weeks -- would have required a large team of
agents, multiple vehicles, and perhaps aerial assistance. Only an
investigation of unusual importance could have justified such an
expenditure of law enforcement resources." ~ Justice Alito, paraphrased from the GPS v. Jones (PDF) of decision by Rebecca J. Rosen for The Atlantic,
It appears the anti-SOPA/PROTECTIP grassroots movement and lobbyists have struck a blow to the forward progress of the two bills. Over the weekend many Senators, Congressman, and the White House publicly announced their opposition to the bills or the DNS provisions.
Ars has a great write up by Timothy Lee: http://arstechnica.com/tech-policy/news/2012/01/under-voter-pressure-members-of-congress-backpedal-on-sopa.ars
MSNBC's "Up with Chris Hayes" hosted a debate about SOPA with NBCUniversal Executive Vice President and General Counsel Richard Cotton and Reddit.com co-founder Alexis Ohanian, as well as former Rep. Joe Sestak (D-PA) and former lobbyist Jack Abramoff. Rick Cotton and Alexis Ohanian dominated most of debate.
I found Richard Cotton's tactic in this debate to be hysterical and typical of the debate thus far: state your position loudly, frequently, and do not yield any ground to other arguments. Cotton spent the entire debate vehemently insisting that SOPA will not effect any U.S. websites/companies and frequently trying to talk over Alexis and Chris. He said some variation of "wholesale devoted to theft/illegal activity/thievery" 10 times, "devoted to foreign sites only" 6 times, and told someone their interpretation of the bill was flat out wrong twice within the roughly 18-minute long debate. Alexis and Chris made some good points.
Interesting debate -- especially seeing an NBC show host challenge and spar with an NBC VP over the stance the company has taken. Kudos to NBC for their openness...now just stop supporting this bill.
Ars has a great write up by Timothy Lee: http://arstechnica.com/tech-policy/news/2012/01/under-voter-pressure-members-of-congress-backpedal-on-sopa.ars
MSNBC's "Up with Chris Hayes" hosted a debate about SOPA with NBCUniversal Executive Vice President and General Counsel Richard Cotton and Reddit.com co-founder Alexis Ohanian, as well as former Rep. Joe Sestak (D-PA) and former lobbyist Jack Abramoff. Rick Cotton and Alexis Ohanian dominated most of debate.
I found Richard Cotton's tactic in this debate to be hysterical and typical of the debate thus far: state your position loudly, frequently, and do not yield any ground to other arguments. Cotton spent the entire debate vehemently insisting that SOPA will not effect any U.S. websites/companies and frequently trying to talk over Alexis and Chris. He said some variation of "wholesale devoted to theft/illegal activity/thievery" 10 times, "devoted to foreign sites only" 6 times, and told someone their interpretation of the bill was flat out wrong twice within the roughly 18-minute long debate. Alexis and Chris made some good points.
Interesting debate -- especially seeing an NBC show host challenge and spar with an NBC VP over the stance the company has taken. Kudos to NBC for their openness...now just stop supporting this bill.
The transcript (PDF) from the December 15, 2011 House Judiciary Committee markup of H.R. 3261, Stop Online Piracy Act (SOPA). This was one of the most infuriating sessions to watch live and reviewing the testimony and comments, in writing, a month later still boils my blood. There is a PrivacyWonk hosted copy available (PDF) in case the House moves the copy that is hosted there.
The markup session produced 495 pages of text, including the following gems:
Mr. Watt. I thank the gentleman for yielding, and I just want to make a couple of points. First of all, I want to go back to what my friend, Ms. Lofgren's comments she made and discourage any of us from talking about who has been bought off or even experts. There has been a lot of money floating around in a lot of different places on this issue, and I just don't think it is worthy of us to be talking about who got bought off and who got hired by whom, especially when we start identifying the people.
Mr. Chaffetz. Thank you, Mr. Chairman. I have the greatest respect for you and for Ranking Member Conyers. I do appreciate the manager's amendment. I do think it is certainly better. There is clearly a problem. I understand that there is a problem, but I worry that this is the wrong remedy. I was trying to think of a way to try to describe my concerns with this bill, but basically we are going to do surgery on the Internet, and we haven't had a doctor in the room tell us how we going to change these organs. We are basically going to reconfigure the Internet and how it is going to work without bringing in the nerds, without bringing in the doctors.
Ms. Jackson Lee. ... And then, Mr. Chairman, if I might have a moment of personal privilege and just cite for my colleagues, because I do think that we should be respectful of each other, I am reading a tweet that has gone out from "GOP Rep King, Bored by the dialogue of Representative Jackson Lee." I have no reason to think that anybody cares about my words, but I would offer to say that Mr. King owes the committee an apology, said that we are debating the Stop Online Piracy Act and that he is killing time by surfing the Internet. I have never known Mr. King to have a multi-task capacity, but if that is his ability, I do think it is inappropriate while we are talking about serious issues, to have a member of the Judiciary Committee be so offensive. So I am putting on the record, he is not here -- I --
Mr. Sensenbrenner. Chairman, I demand the gentlewoman's words be taken down.
Ms. Jackson Lee. Well, I am not taking them down, so you can break this hearing because I am not. I would ask Mr. -- ...
There is much more contained within the transcript. It is an almost 500 page demonstration of special interest lobbying, willful ignorance of the outside-the-beltway world and the internet.
For more on SOPA, please see the opposition letter. Please use this letter and send to your representatives to add your voice to the debate.
The markup session produced 495 pages of text, including the following gems:
Mr. Watt. I thank the gentleman for yielding, and I just want to make a couple of points. First of all, I want to go back to what my friend, Ms. Lofgren's comments she made and discourage any of us from talking about who has been bought off or even experts. There has been a lot of money floating around in a lot of different places on this issue, and I just don't think it is worthy of us to be talking about who got bought off and who got hired by whom, especially when we start identifying the people.
Mr. Chaffetz. Thank you, Mr. Chairman. I have the greatest respect for you and for Ranking Member Conyers. I do appreciate the manager's amendment. I do think it is certainly better. There is clearly a problem. I understand that there is a problem, but I worry that this is the wrong remedy. I was trying to think of a way to try to describe my concerns with this bill, but basically we are going to do surgery on the Internet, and we haven't had a doctor in the room tell us how we going to change these organs. We are basically going to reconfigure the Internet and how it is going to work without bringing in the nerds, without bringing in the doctors.
Ms. Jackson Lee. ... And then, Mr. Chairman, if I might have a moment of personal privilege and just cite for my colleagues, because I do think that we should be respectful of each other, I am reading a tweet that has gone out from "GOP Rep King, Bored by the dialogue of Representative Jackson Lee." I have no reason to think that anybody cares about my words, but I would offer to say that Mr. King owes the committee an apology, said that we are debating the Stop Online Piracy Act and that he is killing time by surfing the Internet. I have never known Mr. King to have a multi-task capacity, but if that is his ability, I do think it is inappropriate while we are talking about serious issues, to have a member of the Judiciary Committee be so offensive. So I am putting on the record, he is not here -- I --
Mr. Sensenbrenner. Chairman, I demand the gentlewoman's words be taken down.
Ms. Jackson Lee. Well, I am not taking them down, so you can break this hearing because I am not. I would ask Mr. -- ...
There is much more contained within the transcript. It is an almost 500 page demonstration of special interest lobbying, willful ignorance of the outside-the-beltway world and the internet.
For more on SOPA, please see the opposition letter. Please use this letter and send to your representatives to add your voice to the debate.
I like participating and love what the Center for Democracy and Technology and others are doing at the American Censorship Project. However, this is an issue I feel very strongly about and decided to sit down and compose my own letter & e-mail to my representative. There are two versions of the letter -- one for you to read and interact with on this blog and one for you to copy and paste and send to your representative. The second version removes formatting to ensure sources (URLs) transition through the "Write your Representative" pages.
To the Honorable <<Representative>>,
I am writing to express my staunch disapproval to H.R. 3261: Stop Online Piracy Act (SOPA) and S. 968: Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011 (PROTECTIP). There is no substantial disagreement with the goal of combating the online infringement of copyrights and trademarks; that is a valid and important aim. However, these bills are incredibly dangerous to the country. Some of the specific provisions are far more controversial and would do far more damage than the authors (the MPAA and other lobbying arms of the entertainment industry) of the bill or the "expert" testimony would suggest. A Politico article by Jennifer Martinez titled "Shootout at the digital corral" published on November 16, 2011, provides excellent detail on the bills and the simple fact that the entertainment lobby has outspent the technology lobby for the past two years. The entertainment lobby has bought and paid for these bills, spending over $200M in 2010 and 2011, that will substantially harm the still growing and increasingly important digital economy: making it impossible to innovate, killing start-ups, and any jobs associated with them.
The public reaction to these bills in the United States has been visceral. Opponents of the bill include: Google, Yahoo!, Facebook, Twitter, AOL, LinkedIn, eBay, Mozilla Corporation, the Brookings Institution and human rights organizations such as Reporters Without Borders, the Electronic Frontier Foundation, the ACLU, Human Rights Watch, and the Center for Democracy and Technology.
Sandia National Laboratories, a part of the U.S. Department of Energy, concluded that the SOPA legislation would "negatively impact U.S. and global cybersecurity and Internet functionality." Sandia joins Republican Representative Dan Lungren, who also worried that SOPA would undercut efforts to secure the internet with DNSSEC.
Harvard Business Review blogger James Allworth wrote, "Is this really what we want to do to the internet? Shut it down every time it doesn't fit someone's business model?" concluding that the bill would "give America its very own version of the Great Firewall of China." I do not believe this quote is hyperbole. The bill will significantly impair the freedom of the internet that we as a country have advocated very publicly. See Hillary Clinton's speech on Internet Freedom at GW University.
There has also been international outcry to the bills. The European Parliament passed (by a large majority) a resolution criticizing SOPA. The resolution emphasizes "the need to protect the integrity of the global Internet and freedom of communication by refraining from unilateral measures to revoke IP addresses or domain names." The United States has great allies in Europe and we would not be doing ourselves any favors by passing a bill that does *nothing* to protect us and everything to antagonize Europeans.
We cannot legislate an internet that protects everyone, everywhere, at every second. But we also cannot take the interests of a few companies' antiquated business models over the interest and rights of our citizens. SOPA and PROTECTIP are bad pieces of legislation. This fact is highlighted in the poor grasp of internet technology the bills put forward; the entertainment industry spent millions of dollars to produce pieces of legislation that *break* the internet. These bills represent the last throes of an industry failing to adapt to a new marketplace. These companies would have done better to take their $200M+ of lobbying and invest it in innovation, research and development, and job creation around that R&D.
Please help stop this bill.
Thank you,
<<Name>>
To the Honorable <<Representative>>,
I am writing to express my staunch disapproval to H.R. 3261: Stop Online Piracy Act (SOPA) and S. 968: Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011 (PROTECTIP). There is no substantial disagreement with the goal of combating the online infringement of copyrights and trademarks; that is a valid and important aim. However, these bills are incredibly dangerous to the country. Some of the specific provisions are far more controversial and would do far more damage than the authors (the MPAA and other lobbying arms of the entertainment industry) of the bill or the "expert" testimony would suggest. A Politico article by Jennifer Martinez titled "Shootout at the digital corral" published on November 16, 2011, provides excellent detail on the bills and the simple fact that the entertainment lobby has outspent the technology lobby for the past two years. The entertainment lobby has bought and paid for these bills, spending over $200M in 2010 and 2011, that will substantially harm the still growing and increasingly important digital economy: making it impossible to innovate, killing start-ups, and any jobs associated with them.
The public reaction to these bills in the United States has been visceral. Opponents of the bill include: Google, Yahoo!, Facebook, Twitter, AOL, LinkedIn, eBay, Mozilla Corporation, the Brookings Institution and human rights organizations such as Reporters Without Borders, the Electronic Frontier Foundation, the ACLU, Human Rights Watch, and the Center for Democracy and Technology.
Sandia National Laboratories, a part of the U.S. Department of Energy, concluded that the SOPA legislation would "negatively impact U.S. and global cybersecurity and Internet functionality." Sandia joins Republican Representative Dan Lungren, who also worried that SOPA would undercut efforts to secure the internet with DNSSEC.
Harvard Business Review blogger James Allworth wrote, "Is this really what we want to do to the internet? Shut it down every time it doesn't fit someone's business model?" concluding that the bill would "give America its very own version of the Great Firewall of China." I do not believe this quote is hyperbole. The bill will significantly impair the freedom of the internet that we as a country have advocated very publicly. See Hillary Clinton's speech on Internet Freedom at GW University.
There has also been international outcry to the bills. The European Parliament passed (by a large majority) a resolution criticizing SOPA. The resolution emphasizes "the need to protect the integrity of the global Internet and freedom of communication by refraining from unilateral measures to revoke IP addresses or domain names." The United States has great allies in Europe and we would not be doing ourselves any favors by passing a bill that does *nothing* to protect us and everything to antagonize Europeans.
We cannot legislate an internet that protects everyone, everywhere, at every second. But we also cannot take the interests of a few companies' antiquated business models over the interest and rights of our citizens. SOPA and PROTECTIP are bad pieces of legislation. This fact is highlighted in the poor grasp of internet technology the bills put forward; the entertainment industry spent millions of dollars to produce pieces of legislation that *break* the internet. These bills represent the last throes of an industry failing to adapt to a new marketplace. These companies would have done better to take their $200M+ of lobbying and invest it in innovation, research and development, and job creation around that R&D.
Please help stop this bill.
Thank you,
<<Name>>
Continue reading My SOPA Opposition Letter.
I love anecdotal data, especially when it "proves my point".
Yesterday on the weekly #privchat a few folks were discussing opt-in vs. opt-out and throwing around hypothetical arguments. For example, Berin Szoka (@BerinSzoka) put forward that if you made web analytics opt-in it would kill the statistical validity. Others were saying opt-in is 100% the way to go, all the time. Jim Adler (@jim_adler) provided, what I think, is the best point of the conversation, "Opt-in or opt-out absolutism seems to deny the use-case nuance."
I support an opt-in position for most use-cases; however, I agree with Jim that there are nuances that may make opt-out the better solution. While wandering the wilds of the internet, I found a great piece of anecdotal data supporting my positive view of opt-in:
Yesterday -- probably while #privchat was happening -- comedian Louis CK participated in an "Ask me Anything" event on http://www.reddit.com. In it, a user asks what Louis CK is current learning. As part of his response, Louis CK details how offering something as tiny as an opt-in mailing list has generated a lot of positive feelings. Other reddit users respond in with similar sentiments. The last line in the image below is very telling: "I checked opt-in just because I appreciate it was defaulted opt-out."
I would love for Louis CK to publish the numbers of those who opted-in to the mailing list vs. the total number purchases. Perhaps I will send him an e-mail...
The image below is a capture of the relevant section of the larger AMA, which can be found here: http://www.reddit.com/r/IAmA/comments/n9tef/hi_im_louis_ck_and_this_is_a_thing/.
If your unfamiliar with reddit or Louis CK, I should probably give a warning that the image below contains not safe for work language.
Yesterday on the weekly #privchat a few folks were discussing opt-in vs. opt-out and throwing around hypothetical arguments. For example, Berin Szoka (@BerinSzoka) put forward that if you made web analytics opt-in it would kill the statistical validity. Others were saying opt-in is 100% the way to go, all the time. Jim Adler (@jim_adler) provided, what I think, is the best point of the conversation, "Opt-in or opt-out absolutism seems to deny the use-case nuance."
I support an opt-in position for most use-cases; however, I agree with Jim that there are nuances that may make opt-out the better solution. While wandering the wilds of the internet, I found a great piece of anecdotal data supporting my positive view of opt-in:
Yesterday -- probably while #privchat was happening -- comedian Louis CK participated in an "Ask me Anything" event on http://www.reddit.com. In it, a user asks what Louis CK is current learning. As part of his response, Louis CK details how offering something as tiny as an opt-in mailing list has generated a lot of positive feelings. Other reddit users respond in with similar sentiments. The last line in the image below is very telling: "I checked opt-in just because I appreciate it was defaulted opt-out."
I would love for Louis CK to publish the numbers of those who opted-in to the mailing list vs. the total number purchases. Perhaps I will send him an e-mail...
The image below is a capture of the relevant section of the larger AMA, which can be found here: http://www.reddit.com/r/IAmA/comments/n9tef/hi_im_louis_ck_and_this_is_a_thing/.
If your unfamiliar with reddit or Louis CK, I should probably give a warning that the image below contains not safe for work language.
Continue reading Opt-in Ancedata!.
Recent Comments