Posts filed under ‘personal_info’

Street View is here

Thank you, oh Google God, for giving us our Street View. We have been waiting for your bounty and you’ve delivered.

Om Tat Sat Paravastu. This is a Hindu prayer that, back in my boarding school days, we were required to say before every meal. On the rare occasion that there was a special spread of good stuff, the boys would say the prayer with some real feeling before jumping in.

And Street View has a spread of good stuff.

Like many others, first thing to look at was our house. No laundry; grass cut; nothing special. Check. Next, the office. Nothing to embarrass me. Check. Onto the goodies. So many things to look at, so little time. A good one is Lake Wakatipu in Queenstown, one of the best holiday places ever.

The Street View of our house has our car prominently featured. Zooming in, I couldn’t make out the numbers on the licence plate. So I “drove” through the Mount Vic tunnel. The angle for looking at licence plates is perfect. But, true to their word, it isn’t possible to make out the licence plates.

Indeed, Google has handled the privacy angle really well. They seem to have learned from previous experiences of privacy concerns with Street View in other countries.

Google got the basics right, such as blurring faces and providing an easy tool for people to report inappropriate images. For good measure, they also got an endorsement from the Privacy Commissioner. And the media help set expectations by quoting John Edwards as saying, “under New Zealand law, people did not have a reasonable expectation of privacy while in public.”

The enormity of photographing an entire country and making it freely available is staggering. Stuff on this scale, and that too with enormous public good benefits, is associated with governments, not ten year old companies.

So I thought the kids would be blown away. Nah, they were disappointed that the images weren’t real-time. God, are you listening?

December 2, 2008 at 10:25 pm 7 comments

UK: Raising the breach barrier, again

When HMRC (Her Majesty’s Revenue and Customs) lost personal information of nearly half the UK population, I called it “mind boggling”. I also thought that it would be the last time I’d write about data breaches. What could top that?

Never underestimate the Brits. They’ve now pushed the bar even higher.

All it took was a flash drive found in the car park of a pub, The Orbital. It had user names and the hashed passwords of Government Gateway accounts, which provides centralised authentication to important online services such as tax returns. Worse, the flash drive had the source code, security software, and a step-by-step guide to how the Government Gateway works. And, the fact that it belonged to Daniel Harrington, an IT analyst at Atos Origin, the company which manages the Government Gateway.

The flash drive was lost about two weeks ago. Daniel must have just started to believe that his prayers had been answered with the flash drive forever lost. No such luck. Tellingly, it was turned into a newspaper (The Mail on Sunday) rather than given back to the government.

The point isn’t that the flash drive was lost. What was all that data doing on it in the first place? The Prime Minister is pointing the finger at Atos Origin which is fingering Daniel for breaching operating procedures. Really? Sounds exactly like Chancellor Alistair Darling pointing to a junior official in the HMRC case. It really shouldn’t be so easy to evade accountability.

Why was the flash drive unencrypted? The passwords were encrypted but, throw enough resources at it, and it shouldn’t be that hard to break. It’s impossible to say how many copies of the flash drive may be in circulation.

Some will use this to question the UK’s plan for a National Identity Card. Others will again proclaim the death of passwords. Yet others will cry that it’s the tip of the iceberg- who knows how many other unreported breaches of this magnitude are happening around the world? I’m sure at least a few will wonder what if it had been biometric templates.

Me, I mourn the blows to trust in government and online services all over the world. And the frightening reality that past lessons are simply being ignored, taking us ever closer to a tipping point.

November 3, 2008 at 11:17 pm 1 comment

How much do you earn?

Looking at India becoming the sixth nation to launch a rocket to the moon got me thinking at a more global level. Such as, how would people in different countries respond if they’re asked “how much do you earn?”

In New Zealand, the answer is quite likely a flippant “not enough” or “I can get more in Australia.”

Salaries of chief executives and some other top execs can often be deduced. But, you won’t get an answer from the tax authorities if you ask. Secrecy is enshrined in law and is a key plank for voluntary tax compliance.

Ask a person in India and the answer is quite likely to be “officially or actually?” The ‘parallel economy’ is huge and cash is king.

Ask a person in Scandinavia and it’s no secret. In fact, in Sweden, Finland and Norway it’s public information. Published by the government for anyone who wants to have a look.

Magnus Graner of Sweden’s Justice Ministry says, “If it’s what you want to do, you can see what your brother-in-law made, your neighbour made. Not everybody does it, although we joke about it and say, ‘Have you checked on your future in-laws?’ No one in my family has done it — I don’t think.”

Perhaps it’s no wonder marriage is dying in Scandinavia. Also, divorce settlements are probably based on facts, not wild conjectures of what the other partner is or is not making!

October 22, 2008 at 11:09 pm 1 comment

Esther Dyson on privacy

With so much happening around the world- the financial markets, politics, rugby (Union and League) – it seems terribly mundane to be writing about identity and privacy issues. C’est la vie!

It’s interesting to see that a leading magazine such as Scientific American focus on The Future of Privacy as the theme for its September issue. Another sign of privacy becoming a mainstream issue.

There seems to be a lot of interesting articles but the one that I picked first was How Loss of Privacy May Mean Loss of Security. Besides the title, what drew me was that the author is Esther Dyson. What’s so special about her? Lots of stuff that you can Google but the one fascinating fact is that, for the Personal Genome Project, she and nine other people will post their full genome sequences and accompanying health information online.

She remarked that “I was recently in the market for health insurance. I asked my insurance broker if he would like a copy of my genome, and he politely declined.”

Undoubtedly a person who’s going to have some radical views about privacy…and the article has some gems.

For example, perhaps linked to the above, her view is that “the coming flood of medical and genetic information is likely to change the very nature of health insurance.” She doesn’t see this as requiring a privacy trade-off. Instead, she believes the problem is making cheap and plentiful health insurance available balanced by “mandating subsidies paid by society to provide affordable insurance to those whose high health risks would otherwise make their insurance premiums or treatment prohibitively expensive.”

Hmmm…so how is cheap and plentiful health insurance actually going to be made available in the first place?

She asks the question “What is the best way to limit government power?” The answer seems hard to swallow, “Not so much by rules that protect the privacy of individuals, which the government may decline to observe or enforce, but by rules that limit the privacy of the government and of government officials.”

Another suggestion seems better, “We should be able to monitor what the government does with our personal data and to audit (through representatives) the processes for managing the data and keeping them secure.”

On information privacy in general, while not new, she puts it elegantly, “Much of the privacy that people took for granted in the past was a by-product of friction in finding and assembling information. That friction is mostly gone.”

She goes on to say that, “Rather than attempting to define privacy for all, society should give individuals the tools to control the use and spread of their data.” Disappointingly, the tools she praises are the very limited access controls that Facebook and Flickr provide.

If that’s the best tools we’re going to get, I think we’ve got a long, long way to go before loss of privacy isn’t a mainstream issue any longer!

September 17, 2008 at 11:01 pm Leave a comment

Semantic Web & OAuth

I must confess that for a long time I never got this semantic web thing. Now, with the zeal of the recently converted, I see possibilities everywhere.

Part of the reason it took time was an automatic reaction against something being called Web 3.0 (or is it 4.0?). I’m still trying to really understand Web 2.0. Learning about the next big thing could always wait.

Another reason was how early enthusiasts described the semantic web. Calling it the machine readable web doesn’t even begin to make sense.

As far back as 1999, Tim Berners-Lee in Weaving the Web said, “I have a dream for the Web [in which computers] become capable of analyzing all the data on the Web – the content, links, and transactions between people and computers. A ‘Semantic Web’, which should make this possible, has yet to emerge, but when it does, the day-to-day mechanisms of trade, bureaucracy and our daily lives will be handled by machines talking to machines. The ‘intelligent agents’ people have touted for ages will finally materialize.”

Now that’s visionary. Even today, I’m barely beginning to understand that vision.

Thankfully, and perhaps ironically, the very Web 2.0 service Slideshare has some presentations that explain things in a way that we mere mortals can understand. My first pick are the two presentations from Freek Bijl- the first one covers the basics and the second one the technologies. Another one is from Marta Strikland called The Evolution of Web 3.0. This has a great Web 3.0 Meme Map on slide 15 and a comparative list of Web 2.0 and 3.0 on slide 27.

Being more of a graphics person, the final aha came from the one below, thanks to Project 10x (also worth looking at is the original Semantic Social Computing presentation from Mills Davis).

With the semantic web also comes a whole new set of acronyms. A starter list is RDF, SPARQL, SWRL, XFN, OWL, and OAuth. In particular, OAuth being the authentication one is interesting.

OAuth is described as “An open protocol to allow secure API authentication in a simple and standard method from desktop and web applications.” The basic promise is attractive- access to data while still protecting the account credentials. That has the advantage of not requiring people to give up their usernames and passwords to get access to their data. OAuth is a much-improved version of closed proprietary protocols such as Flickr’s API. Importantly, it has support for non-browser access such as desktop applications and mobile services.

So, what are the practical applications of the semantic web? Within the government space, a clear winner is being able to automate the collection of data from multiple government websites and search, filter, or otherwise manipulate the result.

As a simple example, if all government websites had the contact details of their media contact using hCard, it would be easy to have an always up-to-date list that can be displayed, indexed, searched, loaded into an address book, mapped, etc. Even as a relatively simple first step, this would be a big step forward for government.

September 3, 2008 at 11:43 pm Leave a comment

Notes from the Privacy Issues Forum

I spent the day at the privacy forum “Privacy is your business” today in Wellington and wanted to put down some notes while things are still fresh.

I haven’t seen any media coverage yet but understand there will be some. As usual, I expect to see the stories and wonder if they are reporting about the same event that I attended.

In any case, I missed the highlight of the day as I was at a parallel stream- of the usually mild-mannered John Edwards in full flight, taking on the reps from the Office of the Ombudsmen and Office of the Privacy Commissioner. Pity that (missing it, not the taking on bit). Other than that and a small jibe about direct marketing at the end, there was just too much agreement on how great privacy is so that discussions were somewhat uni-dimensional.

Things got off to a good start. I was intrigued by one concept in Minister Lianne Dalziel’s speech, “… trusting interpersonal relationships are no longer the primary enabler of personal information transfer; technology is. Modern privacy law either ensures the individual retains some degree of control over the transfer or approximates a trusting interpersonal relationship – an honest broker as it were.” The notion of an “honest broker” to build trust in an information age is worth thinking about.

The next interesting point came from an insight into the Law Commission’s thinking about its Review Of Privacy. Sir Geoffrey Palmer and Professor John Burrows made it clear that wholesale restructuring of the Privacy Act was not on the agenda. The principles-based approach will be retained and only holes- surveillance, the tort of privacy, and sentencing anomalies- will be filled.

At a later stage, Privacy Commissioner Marie Shroff repeatedly referred to the Privacy Act as a modern piece of legislation. I think the sub-text was that the Act didn’t need major restructuring but the message was delivered in a classically indirect manner.

The next nugget was a point made by TradeMe’s Mike O’Donnell. In his usual straightforward manner, he squarely took on the issue of TradeMe requiring to release customer information to the authorities.

He talked about their disappointment that personal details of 10,000 customers was handed over to the police who then passed it on to defence lawyers and, from there, a person in jail. TradeMe has a stringent requirement that information requests “must specify enabling legislation, be specific and limited- no fishing trips.” But, once these criteria were met, they will and do hand over customer information. Whether it’s Google or TradeMe or any other firm dependent upon maintaining peoples’ trust, handing over their customers’ information is painful.

One other thing I missed out on was asking Inspector John Walker of NZ Police why people “volunteer” to give their DNA samples. This was something that the 2007 Privacy & Human Rights Report issued by Privacy International highlighted as worrying.

Finally, two more interesting things. First, the very sensible perspective of local government (from Laurie Gabites of Wellington City Council) that CCTVs have a very limited role in public spaces. They look at them as a way of pro-actively avoiding incidents escalating but that requires active monitoring and big resources- money and people- that are better spent on more effective things.

Secondly, from Barbara Craig of Victoria University, the notion of mediated public spaces as the new commons for teenagers. Another concept worthy of further thought as we struggle to understand the “third space” (after home and school) of today’s kids.

Overall, the forum today had some interesting moments. If only they had some mavericks to stir things up…

August 27, 2008 at 11:08 pm 3 comments

Snapping at privacy

There have been some negative reports around Snapper and its approach to privacy so I decided to take a look.

Snapper is a stored-value contactless smartcard that can be used in Wellington’s buses and as an alternative to cash/EFTPOS for low value purchases. It’s similar to Oyster, Octopus, etc. but with a more secure chip.

Losing a Snapper card is like losing cash. So people will soon be able to register their cards online. If a registered card is lost, the person can transfer the balance to a new card.

That’s a good feature but the personal information Snapper collects has reportedly got the Privacy Commissioner “concerned” and “is asking the company to rewrite its privacy policy.” The concerns are around “the potential for the Snapper card to track an individual’s movements and spending, and the indefinite retention of this information.”

Next stop then, a look at its privacy policy.

As expected, Snapper’s privacy policy declares that “We are committed to protecting your privacy” which is a good start. One would hardly have expected them to say anything else.

After that, it’s all downhill. A very slippery, steep decline at that.

Part 4 of the privacy policy provides details of what and when personal information is collected. Over twelve sections, it then lays out the absolutely amazing jaw-dropping amount of personal information it will collect. For a company that has pretty slick marketing and advertising, it’s as if they’ve given Mr Hyde (the evil side of Dr Jekyll) the job of developing the most privacy-invasive approach possible.

For example, to set up an online account, Snapper says “we will collect personal information from you, including your name, title, email address, password, gender, date of birth, telephone numbers, postal or physical addresses, preferences, demographic information, and other personal information.”

Why? What possible justification can they have to collect this information? Incidentally, this probably makes it downright illegal.

Not being satisfied with that, they go on to say that “the information we collect when that Card is used will be associated with any personal information about the card holder that you supply.” So, they want both personal information plus profiling information. Wow! Considering the range of uses for the Snapper card outlined- everyday purchases, loyalty card, building access control, ticketing and event access- they seem more intent on being a datamart than a smartcard company.

Still not satisfied with that, they go on further to envisage Snapper being used as an identity card. They will then “collect additional information about you, which may include:

  • your date of birth
  • any relevant licences or endorsements that you hold
  • other attributes relevant for identification purposes (for example, which school or university you attend)”

I’m left shaking my head in wonder. Did a dinosaur somehow survive the Ice Age?

I can’t see how they can verify the information people give. So, despite their warnings of giving incorrect personal information, I’m willing to bet that a lot of people will do just that.

And yet, the solution for the most part is actually quite simple. Snapper could use pseudonymous identity rather than real identity. Leaving aside tracking usage or their notion of becoming an identity card (which I can’t even begin to imagine as even remotely realistic), using pseudonymous identity could keep everyone happy.

Otherwise, I’ll just stick to good old anonymous cash, thank you.

August 20, 2008 at 12:33 am 2 comments

Older Posts


This blog is no longer updated. See the About page for more info. I'm currently active on Twitter.

Follow me on twitter

Feeds


Follow

Get every new post delivered to your Inbox.