Technology

This is a general catch-all category for all topics that relate to technology.

Thoughts: P2P, PET+, and Privacy Literature

/ Christopher Parsons

p2pwindowPeer-to-peer (P2P) technologies are not new and are unlikely to disappear anytime soon. While I’m tempted to talk about the Pirate’s Bay, or ‘the Pirate Google‘ in the context of P2P and privacy, other people have discussed these topics exceptionally well, and at length. No, I want to talk (in a limited sense) about the code of P2P and how these technologies are (accidentally) used to reflect on what privacy literature might offer to the debate concerning the regulation of P2P programs.

I’ll begin with code and P2P. In the US there have been sporadic discussions in Congress that P2P companies need to alter their UIs and make it more evident what individuals are, and are not, sharing on the ‘net when they run these programs. Mathew Lasar at Ars Technica has noted that Congress is interested in cutting down on what is termed ‘inadvertent sharing’ – effectively, members of Congress recognize that individuals have accidentally shared sensitive information using P2P applications, and want P2P vendors to design their programs in a way that will limit accidental sharing of personal/private information. Somewhat damningly, the United States Patent and Trademark Office declared in 2006 that P2P applications were “uniquely dangerous,” and capable of causing users “to share inadvertently not only infringing files, but also sensitive personal files like tax returns, financial records, and documents containing private or even classified data” (Source).

Continue reading

Update: EDLs in New Brunswick

/ Christopher Parsons

200904021515.jpgA few days ago I posted that Nova Scotia and New Brunswick both might be moving away from EDLs because of their costs and/or privacy issues. While the article discussed the issue was problematic (because of persistent factual errors), it appears as though the author was on target concerning New Brunswick’s concerns with the technology: EDLs will not be coming to my birthplace .

This means that both New Brunswick and Saskatchewan will not be going forward with EDLs, though Alberta. Quebec, Manitoba, Ontario, and B.C. are all going ahead with EDLs. I’ll be curious to see if the rest of the Atlantic provinces follow New Brunswick’s lead, and how this might shape the national discourse on EDLs.

Note: EDLs in New Brunswick and Nova Scotia?

/ Christopher Parsons

200903230015.jpgThere is a fairly confusing article on EDLs that was published by the Times & Transcript’s Alan Cochrane. It’s absolutely rife with inaccuracies about the technologies about EDLs, which contributes to the rampant misinformation about these identification pieces. Before I get to that, I want to note pieces of information that look interesting, though their accuracy has to be taken as questionable given the sloppy work done throughout the article.

Of interest:

  1. Apparently the New Brunswick government’s support of EDLs has ‘waned’ after receiving some report or another. While the reporter doesn’t mention the report by name, I have a suspicion that it’s the report commissioned by the Atlantic registrars of motor vehicles that was referenced in the May 9, 2008 press release of the Council of Atlantic Premiers. That report has not been disclosed to the public. (I lack anything that would substantiate or disprove the claim that New Brunswick’s interest has waned; I also don’t know what the report stated and so can’t know if it would influence the government’s position.)
  2. Service Nova Scotia has stated that the province is looking into EDLs, but as of yet does not have a deployment timeline. (I lack information that would substantiate or disprove this claim.)
  3. Manitoba is taking applications for EDLs right now, and will begin shipping them in 2 weeks. (This definitely seems on the money, and we can presume that it is accurate.)
  4. Continue reading

Ontario Information and Privacy Commissioner, and DRM

/ Christopher Parsons

200903201224.jpgIn his recent discussion with Ann Cauvoukian, Jesse Brown seems to have touched on a nerve. In the interview, the Commissioner discusses the use of self-encrypting/decrypting security systems that are meant to meet her ‘PET Plus’ program; she wants to ensure that measures are embedded in surveillance technologies that secure individuals’ privacy while at the same time enabling police to perform their duties. In the case of cameras, this will mean that all bodies on the screen are barely visible – not blurred, but almost erased from a non-decrypted viewing. Individuals are only revealed on film when a decryption algorithm is applied; until then, those individuals hold a spectre-like existence.

Russell McOrmond has taken a strong stance against this, arguing that the Commissioner’s efforts would make first-party/content owners subservient to third party agents who hold decryption keys. It is important to note that, as the Commissioner has presented her ideas, the police, or some other authority, would be the only group who would have access to these keys. This would limit the use of CCTV by employees to illegitimately survey clients/patrons/etc. Surprisingly quickly, Ken Anderson (Assistant Commissioner, Privacy, Ontario) has jumped into the discussion.

Continue reading

Update: EDLs in Saskatchewan and Quebec

/ Christopher Parsons

200903161147.jpgAs I noted a few days ago, the Saskatchewan government is debating whether or not they want to implement EDLs given the privacy and financial risks that accompany the licenses. It seems as though the Office of the Privacy Commissioner of Canada is supporting this hesitancy, with the assistant privacy commissioner;

. . . is applauding the province’s decision to back away from the enhanced licences until legislation addresses concerns about how personal information is used and how vulnerable it is to hackers.

“It’s highly significant,” Bernier said in an interview with The Canadian Press. “The province seems to come to the conclusion … that the cost-benefit analysis is not convincing.” (Source)

It will be interesting to see whether or not Saskatchewan reintroduces EDL legislation after Ontario’s information and privacy commissioner manages to implement an ‘on/off’ switch that she has been talking about with Jesse Brown for the past few weeks. My suspicion is that they will, but that they will let Ontario do the heavy lifting in this area (I expect that Ontario’s influence with DHS will be more substantial than Saskatchewan, but maybe that isn’t/won’t be the case).

Continue reading

Thoughts: Google and ‘Interest Based’ Advertising

/ Christopher Parsons

200903121245.jpgPrivacy. Privacy, Privacy, Privacy.

Google is persistently in the limelight for it’s ‘invasions’ of personal privacy. I’ve made references to Google and privacy in a variety of blog posts, but whenever I think about Google my mind returns to a comment from Peter Fleischer, the chief privacy officer for Google. In a post in 2007, he wrote (in his personal blog) that:

. . . privacy is about more than legal compliance, it’s fundamentally about user trust. Be transparent with your users about your privacy practices. If your users don’t trust you, you’re out of business (Source)

Perhaps naively, I think that this statement is accurate – look at the nightmares that Facebook, NebuAd, and Phorm (to name a few) all have when they ‘invade’ customers’ privacy without being fully transparent about what, and why, they are engaging in their practices. What’s more, as soon as you establish an ‘it’s our way, or no way’ approach, you immediate establish a hostile environment between you and your users. In business, your users are your lifeblood; alienate them only if you really like polishing your resume.

Continue reading