Policy wonk. Torontonian. Photographer. Not necessarily in that order.
Signs point to fallout from NSA spying that lead to “multi-stakeholder” model.
This is incredibly huge news. However, given the incredible influence of the Government Advisor Council and relative denigration of the Non-Commercial Users Constituency the shift to multistakeholder governance is going to be fraught with sweet words to distract people from the real politik that has largely consumed Internet governance.
The book that was waiting in my mailbox when I got home!
At its core, respecting the user means that, when designing or deploying an information system, the individual’s privacy rights and interests are accommodated right from the outset. User-centricity means putting the interests, needs, and expectations of people first, not those of the organization or its staff. This is key to delivering the next generation of retail experience because empowering people to play active roles in the management of their personal data helps to mitigate abuses and misuses. To this end, Aislelabs provides an opt out site that allows individuals to choose not to have their retail traffic data included in any anonymous analytics.
Quotation from “Building Privacy into Mobile Location Analytics (MLS) Through Privacy by Design” (.pdf)
It’s incredible that any company – let alone a Canadian Privacy Commissioner – would claim that an opt-out mechanism for hidden and secretive tracking technologies (i.e. monitoring your mobile devices as you walk through the world so retailers can better sell you things) constitutes “putting the interests, needs, and expectations of people first, not those of the organization or its staff.” For such an assertion to be valid the ‘people’ should be given the opportunity to opt-in, not out, of a surveillance system that few will know about and fewer will understand. There are vast bodies of academic and industry literatures which show opt-out mechanisms generally do not work; they’re not effectively centralized and they add considerable levels of friction that hinder consumers’ abilities to express their actual interests. And that’s just fine for many retailers and analytics companies because they’re concerned with turning people into walking piggy banks, not with thinking of individuals as deserving any semblance of a reasonable expectation of privacy.
Now with two tickets to see this Munk Debate on May 2, 2014!
The term “identifiers” is NSA jargon for information relating to an individual, such as telephone number, email address, IP address and username as well as their name.
The document – which is undated, though metadata suggests this version was last updated in June 2012 – does not say whether the oversight process it mentions has been established or whether any searches against US person names have taken place.
James Ball and Spencer Ackerman, “NSA loophole allows warrantless search for US citizens’ emails and phone calls”
Perhaps foolishly, but I find it amusing that metadata is being used to evaluate how/when other metadata identifiers were being used to track the world’s populations…
David Eby, formerly with the British Columbia Civil Liberties Association and now a MLA with the NDP, has written a brief piece about forthcoming BC provincial legislation. The Missing Persons Act would let provincial authorities:
issue emergency orders to telephone companies and internet service providers to get access to your browsing history, text messages, e-mail, voice mail, banking records, you name it. If the companies or individuals don’t consent to the access, police can go to court without notice to you to get your records ordered to be handed over. Any record you can think of is covered by the new law.
However, there would be no notice to the individual(s) affected that such a request had been made, regardless of whether it was appropriate.
This kind of concern over finding missing people before they’re formally missing is something that the federal government of Canada has previously used to justify its lawful access legislation. Access to subscriber data (though less expansively than envisioned under the BC legislation) was presented as useful in missing persons’ cases, to return stolen property, and more. To date, the federal government has failed to push through its lawful access legislation, though the recent version (C-13) is scheduled for second reading in the coming weeks.
Of note, the BC Liberal party has a substantial number of past-lieutenants from the Prime Minister’s Office that have passed through. Also, the Chief Constable of Vancouver has been amongst the most fervent advocates for the federal lawful access legislation. As such, I have to wonder how much the proposed BC Act is an attempt to address genuine provincial issues and how much it is meant to quietly start introducing or laundering a flavour of the federal lawful access legislation. I also have to wonder if, after this legislation is passed, the Chief Constable of Vancouver will back off of his federal advocacy: was he trying to solve a particular provincial issue by way of lobbying for changes to federal laws?
It’s quite sad, though, that the meagre consensus that was achieved in the federal lawful access fights – that there would be some reporting system, however sad – was excised by the BC Liberals. It’s hard to claim transparency as a political party when you actively undermine attempts to inject it into new (to say nothing of previously past) legislation.
The Citizen Lab at the Munk School of Global Affairs, University of Toronto is one of ten non-profits to receive the New Digital Age Grants.
Some terrific news! Awesome to see Eric Schmidt support the work that we’re doing at the Citizen Lab
Via the Ottawa Citizen:
Internet companies have hung up on a call by privacy advocates to reveal the extent to which they share subscriber information with police, security services and government.
Excited Pixels