Weebly, Analytics, and Privacy Violations (Updated II)

Failing StreetThose who create and author technical systems can and do impose their politics, beliefs, and inclinations onto how technology is perceived, used, and understood. On the Internet, this unfortunately means that the technically savvy often recommend choices to users who are less knowledgeable. A number of these recommendations are tainted by existing biases, legal (mis)understandings, or stakeholder gamesmanship. In the case of website development firms, such as Weebly, recommendations can lead users to violate terms of service and legal provisions to the detriment of those users. In essence, bad advice from firms like Weebly can lead to harms befalling their blissfully ignorant users.

In this short post, I talk about how Weebly blatantly encourages its customers to conduct surveillance on websites without telling them of their obligations to notify website visitors that surveillance is being conducted. I also note how the company deceives those visiting Weebly’s own properties by obfuscating whether information is collected and who is involved in the collection of visitors’ data. I conclude by briefly noting that Google ought to behave responsibly and publicly call out, and lean on, the company to ensure that Google’s Analytics product is used responsibly and in concordance with its terms of service.

Continue reading

References for Traffic Analysis, Privacy, and Social Media

the-droids-youre-searching-forIn my presentation at Social Media Camp Victoria (abstract available!), I drew heavily from various academic literatures and public sources. Given the nature of talks, it’s nearly impossible to cite as you’re talking without entirely disrupting the flow of the presentation. This post is an attempted end-run/compromise to that problem: you get references and (what was, I hope) a presentation that flowed nicely!

There is a full list of references below, as well as a downloadable version of my keynote presentation (sorry powerpoint users!). As you’ll see, some references are behind closed academic paywalls: this really, really, really sucks, and is an endemic problem plaguing academia. Believe me when I say that I’m as annoyed as you are that the academic publishing system locks up the research that the public is paying for (actually, I probably hate it even more than you do!), but unfortunately I can’t do much to make it more available without running afoul of copyright trolls myself. As for books that I’ve drawn from, there are links to chapter selections or book reviews where possible.

Keynote presentation [4.7MB; made in Keynote ’09]


Breyer, P. (2005). ’Telecommunications Data Retention and Human Rights: The Compatibility of Blanket Traffic Data Retention with the ECHR‘. European Law Journal 11: 365-375.

Chew, M., Balfanz, D., Laurie, B. (2008). ‘(Under)mining Privacy in Social Networks’, Proceedings of W2SP Web 20 Security and Privacy: 1-5.

Danezis, G. and Clayton, R. (2008). ‘Introducing Traffic Analysis‘, in A. Acquisti, S. Gritzalis, C. Lambrinoudakis, and S. D. C. di Vimercati (eds.). Digital Privacy: Theory, Technologies, and Practices. New York: Auerback Publications. 95-116.

Elmer, G. (2004). Profiling Machines: Mapping the Personal Information Economy. Cambridge, Mass.: The MIT Press.

Friedman, L. M. (2007). Guarding Life’s Dark Secrets: Legal and Social Controls over Reputation, Propriety, and Privacy. Stanford: Stanford University Press. [Excellent book review of text]

Gandy Jr., O. H. (2006). ‘Data Mining, Surveillance, and Discrimination in the Post-9/11 Environment‘, in K. D. Haggerty and R. V. Ericson (eds.). The New Politics of Surveillance and Visibility. Toronto: University of Toronto Press, 79-110. [Early draft presented to the Political Economy Section, IAMCR, July 2002]

Kerr, I. (2002). ‘Online Service Providers, Fidelity, and the Duty of Loyalty‘, in T. Mendina and B. Rockenback (eds). Ethics and Electronic Information. Jefferson, North Carolina: McFarland Press.

Mitrou, L. (2008). ’Communications Data Retention: A Pandora’s Box for Rights and Liberties‘, in A. Acquisti, S. Gritzalis, C. Lambrinoudakis, and S. D. C. di Vimercati (eds.). Digital Privacy: Theory, Technologies, and Practices. New York: Auerbach Publications, 409-434.

Rubinstein, I., Lee, R. D., Schwartz, P. M. (2008). ‘Data Mining and Internet Profiling: Emerging Regulatory and Technological Approaches‘. University of Chicago Law Review 75 261.

Saco, D. (1999). ‘Colonizing Cyberspace: National Security and the Internet’, in J. Weldes, M. Laffey, H. Gusterson, and R. Duvall (eds). Cultures of Insecurity: States, Communities, and the Production of Danger. Minneapolis: University of Minnesota Press, 261-292. [Selection from Google Books]

Simmons, J. L. (2009). “Buying You: The Government’s Use of Forth-Parties to Launder Data about ‘The People’,” in Columbia Business Law Review 2009/3: 950-1012.

Strandburg, K. J. (2008). ’Surveillance of Emergent Associations: Freedom of Associations in a Network Society‘, in A. Acquisti, S. Gritzalis, C. Lambrinoudakis, and S. D. C. di Vimercati (eds.). Digital Privacy: Theory, Technologies, and Practices. New York: Auerbach Publications. 435-458.

Winner, L. (1986). The Whale and the Reactor. Chicago: University of Chicago Press. [Book Review]

Zittrain, J. (2008). The Future of the Internet: And How to Stop It. New Haven: Yale University Press. [Book Homepage]

Social Networking – Why We Need to Educate Youth

This is a short post, but gives three definitive examples of why we need to develop and instill norms in youth concerning how to use digital resources.

Let’s help this woman find her camera!

Here’s the story (remember that…story).

In Britain a young woman (unfortunately) lost her camera. Some delightful chap decided that, rather than keeping the camera to himself, he’d try to get it back to her. Problem: he didn’t have her name, address, or anything that identified her beyond the pictures on the camera. Solution: post all of the pictures from the camera on Facebook and encourage tons of people to join the group the hopes that someone recognizes her. Problem: the embarrassment of having adult and non-adult pictures of yourself posted on the net.

Now, it turns out that this whole thing was viral marketing – the woman is an adult model and this was intended to promote a particular adult website. Nevertheless, based on the posts in the group that was set up, people saw this as a legitimate way to deliver missing property – many didn’t see anything wrong with deliberately posting pictures of a woman in various states of dress without first receiving her willful consent.

Continue reading

Education, Social Networks, and Privacy

In this post I want to consider privacy from a bit of a ‘weird’ point of view: What information do you want students to reveal to each other and yourself, and what do you want to reveal to them? What ethical responsibilities do educators have to their students concerning their disclosure of information to one another?

In many classrooms, instructors and their students develop bonds by becoming vulnerable to one another by sharing personal stories with one another. ‘Vulnerability’ should be understood as developing a rapport of trust that could be strategically or maliciously exploited, though there is not an implicit suggestion that vulnerability will necessarily lead to exploitation. Some of the best teachers and professors that I have ‘revealed’ themselves as human beings – once I saw that they were like me I felt more comfortable participating in the classroom environment. With this comfort and increased participation, I developed more mature understandings of subject material and my personal stances regarding it. The rapports of trust that I developed with faculty led to the best learning environments I have ever experienced.

Continue reading

Education, Web 2.0, and Privacy

I have a lot that I could talk about here, but rather than working through philosophical arguments for the value of privacy in education, I want to constrain myself to establishing some key points that educators should be mindful of when using Web 2.0 applications in the classroom. I begin by listing a series of factors that organizations should consult to determine if they are collecting personal information, and then follow by talking about the value and importance of privacy statements. I will conclude by providing a brief (and non-comprehensive) list of personal information that educators probably want to keep offline, unless their University can provide granular access to the information.

Is this information personal information?

Pretty well all Web 2.0 tools gather some kinds of data from individuals that use them, be it in the form of email addresses, Internet Protocol (IP) addresses, telephone numbers, messenger names, or social networking information. Before deploying any Web 2.0 technology it is important for organizations to determine whether they are capturing what is identified as ‘personal’ data, and can do so by reflecting on the following factors:

Continue reading

Wikis and Education

Wiki means ‘quick’ in Hawaiian and is commonly used to refer to relational databases that allow for collaborative content creation and revision. These databases have some similarities to blog structures, insofar as they allow a group of people to comment on content, but are distinct from blogs insofar as they upset blogging’s authorial structure by letting readers make modifications to articles’ content. Whereas in blogs, readers can comment on content, in a wiki the readers can modify and come to ‘own’ the content. Wikis have been called the simplest kind of database, and this is (in part) due to ease of inserting and modifying content. All wiki’s use the following process for content generation: Edit >> Write >> Save. That’s it!

In situations where students are increasingly learning online, wikis can provide a space for them to work with one another to address/confront common problems and challenges. This can mean that a group of students use a wiki to write an essay so that they can all contribute to the project (and track each others’ modifications) without needing to find a time and space to sit down and talk with one another at length, to creating a set of class notes that reflect what occurs in lectures, to establishing a coherent content management system that lets students track how the courses they take throughout their academic degree interrelate with one another. In transitioning from analogue technologies and environments to digital wikis, students can (at least partially) overcome the challenges of space, scheduling, particular content retention, and tedious subject cross-references.

Continue reading