Tag Archives: Privacy

Driving / Riding Will Soon Be A Privilege

mercedes-benz-f015_luxury_in_motion_concept_2015_articulo-4_0

Watching my young daughters play act driving a car the other day got me thinking and realizing that they are liking going to be among the last generation to be driving their own vehicle.

Word of the driverless cars (aka ‘autonomous vehicles’ as it is known within the car industry) has long been around, and what was once a concept is soon developing into reality. Some reasons (as stated by Chairman of the Board for Nissan/ Renault, Carlos Ghosn), point to “electric car sales (are) not driven by consumer demand but by regulation of emissions which in turn encourage(d) consumers to buy electric cars.” Despite what Trump and his confederates may say or believe, the support for climate control and developing ‘greener’ alternatives has become big business, with profit to be made in the ‘green energy realm’ which, a mere 20 years ago, was idly dismissed as science fiction largely held up by government subsidiaries.

No more: there’s money to be made in ‘green energy’ products and services.

But before we break out the champagne and celebrate, we need to differentiate between electric vehicles and driverless vehicles: not all vehicles are electric, but driverless cars are primarily electric (and for purposes of this discussion, we’re focusing on driverless cars).

Driverless vehicles are primarily ‘green’ and electric in nature because, well, that’s where things are going. And driverless cars are gaining greater legal acceptance, with such states as Nevada accepting applications for driverless vehicles (but not authorizing their full usage). Still, it’s a major development, especially as insurance companies see this as a boon.

‘Wait a minute’, you ask: ‘aren’t insurance companies going to lose out when cars are computer driven with no driver involvement?’

Yes – and no.

There’s going to be an initial push back as folks will find it hard to surrender control to a computer, but let’s be honest: who doesn’t want to go out and not worry about being the designated driver, sit back and watch a video instead, or catch up on Facebook as you commute to work, avoiding the stress and rage of traffic jams?

Driverless vehicles are more than just new technology: they’re a paradigm shift. For generations, we’ve been enthralled by the notion of freedom associated with owning and driving a car. Hop in and go, with notions of Jack Kerouac ‘On The Road’ in our heads. But now, with rising costs of gas, the difficulties of taking time off from work (for those of us who are still working) it’s remarkable to note the generational shift of twenty somethings who are not only not using cars, but are foregoing getting their driver’s license altogether:

Young people are not getting driver’s licenses so much anymore. In fact, no one is. According to a new study by Michael Sivak and Brandon Schoettle at the University of Michigan Transportation Research Institute, the percentage of people with a driver’s license decreased between 2011 and 2014, across all age groups. For people aged 16 to 44, that percentage has been decreasing steadily  since 1983.

It’s especially pronounced for the teens—in 2014, just 24.5 percent of 16-year-olds had a license, a 47-percent decrease from 1983, when 46.2 percent did. And at the tail end of the teen years, 69 percent of 19-year-olds had licenses in 2014, compared to 87.3 percent in 1983, a 21-percent decrease. (https://www.theatlantic.com/technology/archive/2016/01/the-decline-of-the-drivers-license/425169/)

Cars no longer represent freedom; they now represent a hassle.

But with the growth of driverless cars, the social divide is only to grow ever wider.

Entities such as Zip Cars, CarShare and others are ever more popular, especially in urban / suburban regions, with subscribers signing up for an annual membership, reserving a car online and then simply using the vehicle and returning it back to the parking lot / ‘pod’ from whence it was parked. No need for insurance, parking fees or car maintenance.

So getting back to that insurance point,…

The older generation is going to push back against the driverless car concept (the idea of not having control of one’s driving directly challenges some folks notions of control within their lives).  And with that, insurance companies are likely to raise rates for the ‘privilege’ of driving your own vehicle. Going forward, in time however, car insurance will gradually disappear as folks will opt out for ‘regular’ cars and take the driverless car option, leaving the traditional cars as mementos found in museums or driven by selective ‘driving club’ members.

Driverless cars do indeed offer advantages after all.

But not having your own car (as insurance and registration will, over time, make it more costly to drive the ‘traditional’ car) and becoming dependent on vehicles that are ‘collectively controlled’ comes with other costs – such as subscription services to the entities driving / controlling your vehicle; maintenance will still be an issue and above all, your credit rating will have a direct impact on vehicle availability and access.

Credit rating?

Think about it: if you can’t get a credit card, how are you expected to pay for your driverless vehicle?

True, one could ‘buy’ their driverless vehicle, but it, like other regular recurring costs – cable TV, your phone, electric bill, etc. – will evolve a reoccurring cost and likely driverless cars will become something focusing primarily on folks who reside within a certain socio-economic classification. People who are engaged in ‘alternative’ lifestyles are not likely to secure driverless cars unless they can ensure that nobody can monitor their movements. Meanwhile, the age-old practice of paying for a months car insurance in advance just to get the insurance card, and then forego paying the reminder will not be possible with a driverless car. Similarly, it’s arguable if driverless vehicle manufacturers are going to rush into the weak credit market (although it could be possible that we’ll see those used driverless vehicles parked in the used car lots found along side of the strip malls and created highways). Likely though, driving soon be even more limited to those able to afford the costs, while other locations will be ‘redlined’ from vehicle access.

Meanwhile, your movements will be readily accessible to court requests and subpoenas. Employers will likely be able to readily view your driving history, focusing on where you frequent, how often and how long. Spouses seeking alimony and/or opposing counsel seeking support for their legal arguments against you will be able to view your history and find ways to use it against you. Think your privacy will be protected? In this day and age, you’d better think again. With a private vehicle, you can do and go as you wish, but with the growth of driverless vehicles, this will become all part of the new paradigm.

Time will only tell, but in a couple of decades, stories like ‘Blue Highways’ and ‘On The Road’ will harkened back to the bygone, romanticized notions of freedom attained through driving. And outlaws – along with folks possessing notions of privacy – are going to find it even harder to drive with security knowing they’re not being tracked and/or monitored.

But hey: you’ll be able to keep up on your email and Facebook as you ride along.

 

Advertisements

So You Think It Doesn’t Matter if Your Browser History is Made Readily Available? Better Seriously Think Again.

computermonitoring

By now the word is getting around how House and Senate Republicans voted and approved the removal of privacy regulations regarding consumer / citizen browsing history. Now that your privacy has been removed, folks are asking ‘what does this mean?’ or simply remixing indifferent, saying ‘so what?’ while others say; ‘they already can get this information.’

No, they couldn’t.

Prior to this regulation being removed you possessed a far greater degree of privacy. Police could, by way of a court order or proper legal process, access your browser history but now that private corporations can access your history directly without your approval, its open season (and btw: police likely will no longer need to have a court order to access your private browsing history now that regulations have been removed – just saying).

Here are just SOME of the likely immediate impacts:

  • Accessing your history means for better marketing and targeting on the part of private companies. Folks seeing that you’re researching for specific items or services will create targeted online ads far better (Facebook, or social media sites aside) then before. Think it’s unsettling now that those Facebook ads keep popping up regarding those websites you’ve just visited? You ain’t seen nothing yet!
  • Insurance companies and your employers can view your history without your knowledge, seeing how you’re looking at sites regarding certain diseases and act on the assumption that you have such a disease – and either deny you insurance courage or simply fire you from your job without telling you why.
  • Looking for a new job? Your employer can now access your browsing history and likewise fire you from your job – and again, without really telling you why you were fired.
  • Looking at ‘naughty’ sites? If you’re closeted sexually, this could be the ‘kiss of death’ for your career.
  • Doing some reading or study about banned countries? Government officials could place you on a watch list, monitoring your movements without your realization, perhaps even denying you your passport application if you wished to travel abroad.
  • Involved in a court / legal action? Better watch where you go and what your browser has: it could come up against you in your court action, with opposing counsel using this information against you in your legal action.
  • Are you an attorney? There’s nothing preventing your opponents from seeking what kind defense or offense you’re formulating in the course of trying a case.
  • It wouldn’t be too much of a reach to state that with growing governmental sentiment, folks involved with certain public groups, reading publications and websites deemed as anti-governmental could also be targeted. Think this is paranoid thinking? Know your history; this wouldn’t be the first time this kind of thing happened – and now with the removal of your browser search privacy, it’s made all the more easier.
  • And if this isn’t bad enough, this also includes where you are. Geocoding – mapping the location of where you post / conduct your Internet accessing – is also a growing issue as pricing for items and/or services can vary based upon where you are accessing the Internet. Some folks in certain zip codes pay more for products and services then others; now that your privacy protections have been removed, some can expect to pay more depending on where they are.

In the long run, privacy within an open society is not a contradiction: it is a necessity. Without certain safeguards and practices, we won’t have the confidence we feel to express our opinions without having to be defensive and fearful. The removal of privacy only encourages fear and intimidation within a Democracy, while enabling private entities to pocket ever more profit at your cost.

And by the way: this includes your iPhones / Androids / Tablets as well.

It’s now all totally open.

You are now naked on the Internet.

There are, however, viable cost-effective steps you can take to better protect yourself while continuing to live your life and remain confident in being who you are without having some nosy nitwit looking over your shoulder; we’ll discuss those shortly in the next round here at Shockwaverider.

 

The Party’s Over: It’s A New Generation Now

policeraid

And so the fallout from Edward Snowden continues. As the saga draws on (is he about to become a Russian citizen or not?) we overlook the bigger story: the Internet, as we know it, is dead.

As reported in The Guardian, the Internet is facing several inexorable trends: balkanization along nationalistic lines, the outreach of governments and outright commercial control.

When first instituted, the Internet was regarded as an open, totally free place of informational exchange: an ‘Interzone’ of sorts (to coin William Gibson) but now as time marches on, this is no longer accurate. Now, China and other nations routinely censor and control input and output of Internet access: Twitter is throttled, Google is curbed along with a host of other outlets. In some nations, the notion of a free and open Internet is practically banned outright, while in the so-called bastions of freedom (United States, Great Britain and Western Europe as a whole) internet surveillance is now the norm.

In the meantime, we’re starting to see pricing schemes reflective of the (overlooked) class system: if you want more Internet access (or more speed / faster access) you can expect to pay more for it. Libraries both domestically and internationally are facing cutbacks and thus limiting even more access for those who do not possess a computer, while premiums are being put in place on those who wish to participate on the so-called medium of ‘free exchange’.

In John Naughton’s excellent article, “Edward Snowden’s Not the Story. The Fate of the Internet Is” (http://www.theguardian.com/technology/2013/jul/28/edward-snowden-death-of-internet) these issues were illustrated with a striking clarity.

And if you think you’re safe reading this article, better start changing the way you think. Of course, there’s the old chestnut: if you’re doing nothing wrong, then there’s nothing to worry about.

Wrong.

People make mistakes, especially in government, law enforcement and the military. It’s not too uncommon for wrongful arrests to take place; false accusations to spread or outright misunderstandings to take place leaving in the wake of ruined lives, reputations and personal financial disasters.

And now, as recently reported by Glenn Greenwald, low-level NSA (National Security Agency) employees can readily access emails, phone records and other information. (Really? No kidding!) So if you’re a file clerk who happens to be working for the NSA, you can review your family, friends or neighbors phone records, internet trolling history or other information (such as keeping tabs on that girl who dumped you last month).

If you just happen to be involved in a domestic dispute or a lawsuit with a government or corporate entity, expect to see your records accessed and reviewed as a matter of course.

It’s obvious ‘file access’ of these and other types routinely take place in various levels of government within the United States beyond just the federal levels. Sometimes, data accessed is utilized for political purposes: somebody running for office seeking out information about their worthy adversary. Other times, it’s for personal reason: divorce, outright personal hostility and an agenda of revenge. Don’t think it can’t happen: it does – and it happens more often than folks care to admit, taking place beyond just the federal level as well. Local governments and their officials have increasingly been caught reviewing private citizen records, through such supposedly secure information bases as NCIC (National Crime Information Center), credit history lookups, billing histories along with a host of other sources.

But what is remarkable is the lack of public response. You’d think with Glenn Greenwald’s recent expose, they’d be a bigger outcry. In fact, just the opposite: we’re witnessing a generational change. What was once a sacred domain – privacy – is now becoming a thing of the past. Younger generations are surrendering their privacy in a multitude of ways – putting up pictures of their ‘lost’ weekend  on Facebook; running commentary and personal attacks on social boards; personal commentary depicting their sexual activity or other ‘personal ‘ issues on their Twitter accounts – the list goes on.

Although privacy is still a sore point with a number of folks, the younger generation coming up are akin to those old timers who lived during the atomic age: expecting a blow up to happen, the atomic age generation held a diffident viewpoint of life with an expectation of being blown up at some point. Now, in the age of Big Brother, the younger generation is becoming inured to the notion of being watched 24 x 7, going about their business and even posting some of their more intimate scenes in public settings because, well, that’s what a lot of people do.

This one of the fallout of living in the Age of Surveillance: one becomes used to being watched and, in fact, embraces it to the point where they simply let it all hang out. Expecting our records to be reviewed and exposed is something many now expect. Sure, folks aren’t thrilled by it, but what are you gonna do about it? – so goes the argument.

All of this is bad enough, but add into the mix the notion of AI (Artificial Intelligence) and bizarre (disturbing) alliances – such as the CIA (Central Intelligence Agency) and Amazon coming together (see my prior post on this development), along with Google’s all-out effort’s to develop AI (likewise posting earlier), things are taking on a darker trend: it will soon be more than just being able to read your information, but actually read who you are – and what you’re really about, even if you don’t know yourself.

Prediction: expect to see Internet profiling to become the new norm. Just as we’ve witnessed the distasteful practice of racial profiling undertaking by State law enforcement officials on the national highways, we can expect to see something similar taking place in the coming years via our records, our book and music purchases along with any other activity we undertake.

So next time, if you can, remember to bend over and give the camera a moon; we all could use a laugh.

Let’s all give the AI’s something to mull over.

“Don’t Fire Until You See The Bits of Their Data!”

patriots_at_breeds_hill_1775

(Well, maybe General Putnam didn’t say that at Bunker Hill, but if he were around today, he’d probably would,…!)

Happy July 4th and smile for the camera – or at the folks who are busy watching you, courtesy of your tax dollars – or at the potential hackers who want to take you for all that you’re worth (kind of wish that the folks at the NSA would spend more time going after those guys, instead of watching us, but I digress,…).

Regardless of how you may or may not feel, privacy is a resource that is quickly becoming rare – like that of an old Armagnac or fine scotch – leaving those of the older, more refined generation to sit back and reminisce more and more about the good ol’ days when one didn’t have to worry about somebody looking over their shoulders – unlike say, the newer generation who’s not afraid to let it all hang out and put those pic’s of doing themselves in during yet another ‘unofficial’ office party on their Facebook page.

Regardless if you’re the old person who hollers at the kids sticking their nosy access points on your PCS bill or somebody who’s cutting edge and isn’t afraid to let it all hang out, privacy is a resource everyone has to seriously consider – particularly when you’re doing any kind of business transactions – and for good reason. It’s bad enough to worry if somebody has your credit card and goes out purchasing a pile of items using your funds, but what happens when a competitor ‘borrows’ one of your ideas from your Dropbox account – and all because you thought that it was safe from outside eyes?

And so, in keeping with the good old American value of TANSTAAFL – “There’s No Such Thing As A Free Lunch” we of Shockwaveriderblog stand up and raise the flag proudly and stick it up the nose of those who are busy trying to get our homework answers when they should be doing it on their own anyhow! With this in mindlisted below are some useful, easy and effective tools for your home / personal use as well as for some businesses to consider employing.

But first we raise these important caveats:

1. Use at your own risk. Don’t blame us if you didn’t follow the instructions or things didn’t come out as expected. Read and follow carefully, using these tools as you would a gun: always assume it’s loaded – and they are: with your information and data.

2. Software alone is never an answer: it’s how you mange your staff, inclusive of training, employee awareness and effective IT policy.  One good example is banning the usage of USB thumb drives in an office setting to prevent the spread of viruses as well as preventing any installation of trojans or bots, along with keeping any documents managed with a controlled setting, to name a few policy points worth enforcing.

3. Always read the fine print and know exactly what your needs are before you go and get something. Often, people buy the biggest and the baddest for the simple reason they feel it is the biggest and the baddest they want – when, in fact if they did their homework, they would’ve saved both time and money if they did just a little more homework and gotten something that works just as well – if not better – for a lot less time, trouble and money.

It’s not about being paranoid: it’s just about being cautious and using common sense: besides, do you want to wind up in a lawsuit arguing about why your lack of security awareness lead to a major loss in revenue, loss of stockholder confidence – or your job?

It’s a competitive world out here – but that doesn’t mean you have to lose sleep over it.

Here are some tools worth serous consideration:

The Taskboard (www.taskboard.co). The Taskboard is an inexpensive app which puts all of your financials (college savings, mortgage, car payments, checking account, utilities, 401K’s, etc.) under one simple, easy to use app. With the Taskboard, the authorized user enters their information; once entered only the authorized user can view the accounts, pay their bills / deposit money and monitor their activities. Also, since the data entered stays with the user (i.e, it doesn’t go through a website or an online service) nobody but the user can see / access their accounts. The Taskboard is designed only as an account manager: it cannot hold any real-time information regarding user account activity. Just make sure you don’t lose your password as only you, the user, will have access to any information: your password is not kept with the folks at Taskboard Enterprises…!

Digital Quick (www.digitalquick.com) DigitalQuick makes it easy to protect your personal and business files in the cloud and desktop. With Digital Quick, you protect, control, and audit your files by knowing who and when your files were accessed, along with a wide range of other actions which make this a rather kick-ass piece of work that any home or small to mid-size business employing Dropbox should really consider. Best of all, Digital Quick’s encryption is strong, making it a tough little nut for ay hacker to crack – that is, unless they happen to have a Big Blue supercomputer or so laying around,…!

Titan File (www.titanfile.com) A relatively new company, Titan File is for larger entities, and offers some serious legs to anyone who wants to manage their information at an enterprise-wise level as arguably Titan File is a full-blown ECM solution.  As Titan File puts it:

Titan File lets you organize information around people and context instead of files and folders, making it easy for you to find what you need – whenever you need it. We also let you drag and drop files from various sources into communication channels to make sure that you always have your projects, colleagues and clients with you, everywhere you go.

Your information is stored encrypted in the same secure facility where the government stores health records. We do it in a way that separates logical and physical storage so that no one can get an unauthorized access to your files or files of your clients and colleagues. 

Know who, where, how and when had access to the shared information. You get the benefits of a true real-time and cross platform application. You will be immediately notified whenever a new activity (such as a client uploading a new file or a colleague leaving a message for you) happens. We support access from majority of modern mobile devices, allowing you to remain connected.

Need we say more?

DocStar (www.docstar.com) is a full blown / bona fide ECM solution that’s being used by major entities such as the FBI (Federal Bureau of Investigations) along with a host of other entities, both big and small.  Speaking as a records manager, DocStar is a serious solution. With DocStar, your files are encrypted, secured, and you can program your DocStar software set to do a wide range of services and file management, even to the point of creating your own workflow solutions (i.e, how you want your documents / files to be seen and managed by whom for what purpose, etc.) – and BTW: DocStar also offers a cloud solution worth checking out. DocStar’s audit trail is strong and also has a unique feature in that DocStar links with the U.S. Postal Service to confirm any and all documents being stored on the DocStar system is indeed, a bona fide copy of that document; this comes in VERY handy when/if you or your company have a court appearance and need to show actual documentation: with DocStar the documents stored on the system are indeed the real thing.

Wickr (www.mywickr.com) As the folks at Wickr put it, “The Internet is forever. Your private communications don´t need to be.” So true that,…. WIckr is an app (Apple and soon Android) that works when you and those whom you’re communicating with also has Wickr. Wickr is essentially a ‘read once’ message that self-destructs on your pre-set timeframe (Mission Impossible, anyone?). Send a message to another Wickr user that you have in your Wickr directory, they read the message and after the pre-approved timeframe, the message self destructs: completely gone.  At the Wickr website:

Only the receiver is able to decrypt the message once it was sent. Wickr does not have the decryption keys. Send and receive text, photos, videos, voice and pdfs,… Wickr uses AES256 to protect data and ECDH521 for the key exchange. RSA4096 is also used as a backup and for legacy app versions. Wickr also uses SHA256 for hashing and Transport Layer Security (TLS). Encryption keys are used only once then destroyed by the sender’s phone. Each message is encrypted with its own unique key and no two users can have the same AES256 or ECDH521 keys ever. Our servers do not have the decryption keys, only the intended recipient(s) on the intended devices can decrypt the messages. Wickr has hundreds of thousands of downloads in over 113 countries. Celebrities, royalty, reporters, feds, lawyers, doctors, investors and teens are the early adopters.

BTW: it’s worth noting that Wickr’s encryption exceeds NSA Suite B Compliancy (Compliance for Top Secret communication).

Burner App (http://burnerapp.com) is a cool app (iPhone; Android version out soon) that’s useful in several ways, not the least of which you can use your existing regular phone and have a / or a series of private lines that act as though they’re also your own number (note: when using the app, you’re still using your regular phone plans’ airtime). This is very handy when you’re signing up for services and programs and don’t want to give away your regular number to potential marketeers.  With the Burner App, whenever you receive an incoming call from a ‘burn’ number that you’ve assigned for a specific purpose, you can answer it accordingly – and do so knowing that your actual phone number won’t be compromised. Bear in mind, though, as the folks at Burner App point out:

We do keep backups of our data and should the records be subpoenaed, we will cooperate with law enforcement. Remember these records are all tied to your primary phone number. Burner is great if you are trying to protect your phone number from other people. If you are trying to protect your phone number or conversations from the police or equivalent, it’s probably best to seek another solution. 

Evoice (www.evoice.com) is not a software package or app, but rather a service that you pay to have a / or a series of toll free numbers. A handy feature for small business seeking to have a good toll free phone service without the costs or hassle of managing answering service staff. What make Evoice stand out though, is it’s price tag, ease of use and the ability to forward your phone messages to an assigned email account that converts your voice messages into texts that you can read. Thus, wherever you are, you’ll be able to receive phone calls, read them in a text format knowing that you have a degree of separation from the caller(s).

Burner phone (https://www.burnerphone.us) Wish I had this back in the days when I was managing political / election campaigns in New Jersey; would’ve made those clandestine payoffs and midnight meetings at the local diners a lot easier (just kidding) (well, kind of anyhow)…! It’s a simple, thirty (30) day kit that gives you a disposable phone with a charger, 16 hours of talk time, nationwide coverage (more or less) along with the promise that any and all personal information involved with the phone that you use destroyed completely after thirty days. And what’s most interesting is that they accept Bitcoin as a means of payment (somehow, I keep hearing the old Judas Priest refrain, “Breaking the law! Breaking the law!“) but seriously, if you want to make sure that the private business you’re conducting really stays private (welcome to Las Vegas!) then maybe this is something that you need to consider.

To learn more how you can take advantage of these and other tools, let us know; there’s a lot out there and these are only the surface of the tools / services available to you and yours.

Contact us if you want to learn more; love to hear and learn as well as teach.

Happy July 4th!

A Little Bit of Snowden In All Of Us

da-vinci-profile

Man is not what he thinks he is; he is what he hides.

– André Malraux

By now word has reached many regarding one Edward Snowden and the exposure of the NSA’s (National Security Agency) PRISM program and how the agency has literally taken to storing records of our phone calls, emails and other communiques – and more importantly, how this is all done indiscriminately with little or no control parameters from the legal system. Indeed, it’s probably not surprising that George’ Orwell’s 1984 is now selling like never before.

But the remarkable thing about all of this is how many of us accept surveillance by the state as part of our lives – just as my generation learned to live with the notion of imminent nuclear annihilation. Now, our children are growing up with the idea of cameras watching their every moves, emails and text messages being accessed at will while through the powers of analytics, our thoughts, desires and attitudes expressed through our various accounts on Facebook, PinInterest, etc.

As I’ve said before in my early work, privacy is dead; get used to it.

But I also recall earlier conversations with professionals on this very topic of privacy.

Some years ago, I befriended former neighbors of ours – a remarkable couple who shared a commonality with having some distant shared family relations: the woman and her live-in boyfriend who rarely spoke about his work, save for one evening while dining, I mentioned my interest and knowledge of arabic history. During the course of the coming weeks, the gentleman and I would speak at length about the various works of Farid ud-Din Attar (“The Conference of the Birds”), the point of the view of the arabs in regards to the various crusades along with a host of other fascinating discussions.

It was during the course of these dinner discussions that I learned from the nice gentleman how he casually happened to be in Damascus during the Lighting (Arab / Israeli) War of 1967.  I later on brought up this point when it was quiet and it was then he realized his faux pas – to which I assured him that it was a point I had already forgotten; some things are just best left unsaid.

Later on that week, I was given a small token – a 5 inch diskette. When I examined the diskette, I learned that it was an encryption software package, designed to encrypt your files on your computer.

Understand, this was not for general distribution and was well before the days of PGP or otherwise.

During the course of time, I learned a number of skills and notions, one of which is a basic axiom of intelligence: never use any obvious ‘hiding’ tools for you’ll only draw attention to yourself and to your colleagues. The purpose of the encryption package, I learned, was to take a message, recast it into another message – but in english and not encrypted gibberish – so as to make it appeal as a normal communique.

Which leads us to another vital point: some messages are best sent by way of reference only.  As an example: speak as if you’re talking about a book you’ve read and wish to share with another; make references in a manner that the outside observer wouldn’t fully appreciate the nature of your conversation. For example: you tell another about a great scene from the classic novel, “The Three Musketeers” – more specifically, the scene where Aramis and the others hold off the Cardinal’s forces enabling D’Artangnon to escape. What this scene is about is sacrifice by a handful against a larger force – a holding action. In effect, by relating this scene you are telling your colleagues that you’re seeking a rear guard action, whilst to an outside observer they only see you speak about a scene from book.

Privacy has always been a concern; note how during the Italian renaissance – when competition was fierce and the living bloody – the notion of communicating with another without having their thoughts shared except to those intended for was uppermost on many’s minds. Many devised complicated algorithms and encryptions (such as those created by the legendary master, DaVinci) while others used references to the Roman poet Catullus, passing messages with deeper meaning amongst each other while seemingly speaking about literary verses,….

Who says the humanities are dead?

As to our family friend,… one cold, windy evening I came home to see him standing in the parking lot, furiously speaking with another gentlemen: I glanced over, but sensed that something was amiss: he appeared harried and wary, looking all around. I made it a point to avoid speaking with him, walking by him as though I didn’t know him, pretending that I did not also notice the gentlemen with whom he was speaking with.

Later that week, our neighbor came over, distraught and upset, telling us how she came home, only to find everything of her boyfriend – and she did mean everything – was gone. “It was as if he never existed!” The books he had, the computer, his clothing – everything – gone.

We never saw him again, but I remember his lessons well, for what he shared goes beyond just simple citizen paranoia about one’s own government: it’s also about how one should conduct business – period.

Amongst my other lines of work – specifically with regard to records management –  I often tell people to be careful what and how they things away; how emails are to be distributed and read by whom and how information management is truly about having an attitude of caution and a realization that somebody’s always looking over your shoulder – and if you’re not careful, is also likely to eat your lunch.

Monitoring Your Movements

differnce-engine

From the “I-Told-You-So!” Files

Back in the heady days of the 1990’s (ah, when life was so much different than it is now, what with the economy strong, the job opportunities available,…), a former colleague of mine (Dr. Barbara Flood) and I did a series of colloquia trying to raise awareness about the growing assault on privacy, resulting in the ASIS (American Society of Information Scientists) 1997 Washington D.C. meeting. As part of that meeting, we submitted a paper (“Creeping Peoplebases”) and I, in turn, submitted this paper.

Written in 1997, much of the technological specifics are a little out of date, but this article did (in large part) lend to the creation of Lutz’s Law of Privacy: “There is an inverse relationship between privacy and convenience: the more you have of one, the less of the other.”

But the approach hasn’t changed – and, in fact, it’s only gotten worse. With the recent news of Verizon releasing user’s call logs to the U.S. Government, along with the growing list of other privacy ‘breeches’, it leaves one to wonder where all of this going?

Breaking open a time capsule, read this blast from the past of over sixteen – 16! years ago; see for yourself where we stand,…

1997 ASIS Mid-Year Meeting Preview

“Monitoring Your Movements”
by W.E. Lutz© 1997 ASIS

“Suppose I had a good friend here in the Bureau,” Mallory said.”Someone who admired me for my generous ways.” Tobias looked reluctant and a bit coy. “It ain’t a simple matter, sir. Every spinning-run is registered, and each request must have a sponsor. What we did today is done in Mr. Wakefield’s name, so there’ll be no trouble in that. But your friend would have to forge some sponsor’s name, and run the risk of that imposture. It is fraud, sir. An Engine-fraud, like credit-theft or stock-fraud, and punished just the same, when it’s found out.” “Very enlightening,” Mallory said. “I’ve found that one always profits by talking to a technical man who truly knows his business. Let me give you my card.”

(From the book, “The Difference Engine” by William Gibson and Bruce Sterling)

We understand the many means by which our daily activities are accessed and used for specific purposes via transactional databases. We are also aware how databases from credit cards track our activities and movements and how magazine subscription listings betray our wants and desires. What we overlook, however, is how our image — our physical appearance — is accessed and employed without our consent or knowledge. Image processing, combined with routine databasing and commercially advanced tracking devices, add a new dimension to the erosion of our privacy. The routine access of personal information combined with the physical monitoring of movements creates a growing,dangerous threat to personal privacy.

The Power of Imaging Systems

Imaging systems are high-speed multi-processing portrait storage and retrieval systems. Portraits or images of individuals are taken via electronically scanning cameras, with any accompanying data files automatically linked to any computer-generated portrait. This combination of data file acquisition (fingerprint, background information, prior history) with electronic mug-shot imaging offers a powerful tool for law enforcement agencies. The power of imaging systems cannot be underestimated. It is an uncomfortable fact that many police background checks for newly arrested suspects often take 24 hours. Suspects arrested for minor offenses often are released without the arresting law enforcement agency’s knowledge of the suspects prior criminal record, owing to delays associated with standard file checks (i.e., non-imaged police data systems). An average arrest takes approximately 60 to 90 minutes to process — fingerprinting, mug shot, file processing and statement preparation. Cross referencing with state and federal databanks often requires a delay up to 24 hours. But, according to the Camden Police Department, the use of imaging systems can cut back the average arrest time to approximately 15 to 30 minutes. Imaging systems offer unprecedented portrait manipulation and rapid data retrieval of all associated file information for law enforcement. For a growing number of agencies, gone are the days of ink fingerprints and the piles of tiresome mug shots. Imaging systems allow agencies to simply type in a rough description of a perpetrator based upon eyewitness account. In some imaging systems, simultaneous access to SCIC (State Crime Information Computers) and the FBI’s NCIC (National Crime Information Computer) is enabled, allowing direct link-up with any known federal or state suspect list within a matter of minutes.Imaging systems are becoming more prevalent outside of law enforcement. ATMs (Automatic Teller Machines) and surveillance cameras in convenience stores are another form of imaging documentation. Although a far cry from the imaging technology used in law enforcement, the potential is still present.

For example, in the Pepsi/hypodermic needle scare of 1993, the culprit was captured on a video camera in a Colorado convenience store. The public hears this and breathes a sigh of relief, knowing that yet another evil perpetrator has been captured. Note, however, that the capture was made after an intensive search through millions of video images taken from thousands of convenience stores nationwide. Out of all those thousands of convenience stores and from those million or so video shots, the single incriminating video still-shot of the crime was found! Based upon the single freeze-frame image, the perpetrator was caught and prosecuted.

The wonder of modern technology is renewed when one appreciates the amount of time and human resources such actions would have taken but five years ago. As video cameras are often used to monitor employees (casinos, high-security locales such as computer chip factories or other such industries), surveillance cameras are increasingly employed as a panacea for dealing with crime. Recent federal grant awards illustrate a growing trend of public housing authorities using video cameras to monitor and prevent illegal activities. DEA (Drug Enforcement Agency), FBI or the ATF (Alcohol, Tobacco and Firearms) account for a number of video cameras within high-crime locales, with criminal activity dramatically evaporating for fear of being captured on record. Local police agencies are not loath to spread rumors and gossip regarding potential locales as a means to further deter illegal activity — often when no such cameras or agencies are actually intended or involved.

Beyond Surveillance Cameras: Automobile Tracking Systems

Video cameras are not alone in tracking one’s physical movements. In New Jersey, a proposal for automatic toll collection by several previously non-linked authorities would allow motorists to open and maintain a common account with agencies participating in the automatic toll collection service (author’s note: this has long since been approved and is now active). Using strategically placed magnetic stickers, motorists could drive past automatic scanners without stopping to pay a toll collector or a cash receiving machine. The flip side to this convenience is that the participating motorist could be readily tracked while driving through toll booths across the state. Other new vehicle tracking technology has also recently appeared. LoJacks, installed in standard passenger vehicles, are gaining in popular usage, particularly in New York, Boston, Newark and Los Angeles. LoJacked vehicles possess a specific signature signal identifying the vehicle identification number (VIN). Each vehicle is thus uniquely identified so as to prevent confusion with other LoJack beacons. Upon the report of a stolen vehicle, police cars equipped with LoJack scanners cruise their assigned areas, literally homing in on the specific signal emitter (which flashes a signal every fifteen seconds) of the stolen car. In some areas, the installation of LoJacks is credited with a drop of up to 50% in vehicle thefts. The combination of imaging/picture tracking systems and powerful database sort/retrieval presents a new breach in the wall of privacy. It is no longer just a question of personal information being accessed by the varieties of databases, but rather how the average citizen is increasingly tracked in relation to this personal information. We know who you are, where you’ve been and what you’ve been doing. Soon, we will know specifically where you are at any given time.

Addressing Our Perceived Need for Security

As Pogo said, “We have met the enemy, and they is us.” Breaches of privacy are actively encouraged. Federal monies are offered to housing authorities for surveillance systems. We think nothing of cameras which record our every move in stores, shopping malls or at ATMs. Insurance companies offer discounts of up to 25% of annual rates for those who install LoJacks, while commuters welcome the convenience of rushing past time-consuming toll plazas. Privacy protection efforts are few and presently hold little promise. Many county sheriffs encourage families to image their children – that is, to store the personal characteristics, background information and images of children within law enforcement databanks to allow for ready and rapid retrieval if the children are kidnapped. Although one cannot argue against the safety of children, one should question the underlying premise of fear. Committing oneself and one’s children to any information system is an act fraught with long-term consequences and should be considered carefully.

Cable Television: Who Is Watching Whom?

Another vivid example of overlooking how convenience creates privacy invasion involves recent advances in cable television technology. Many cable companies employ a standard cable TV box manufactured by General Instrument (Jerrold boxes). The latest General Instrument development is the CFT2200, which, unlike most cable TV boxes, can both send and receive signals, thus facilitating pay-per-view without having to employ the telephone line or answering TV polls. Upon review, it would appear that the CFT2200 can employ home telephone lines for operation and would eventually allow for full usage of ISDN lines. Potentially, these boxes could allow for direct informational access

(i.e., Internet service providing Web TV) and may very well serve for the next wave of data access. What is disturbing about this development is the ability of cable companies to conduct real-time monitoring of viewer’s preference in TV entertainment and information access, offering simultaneous send/receive signals while the viewer is watching their shows. A detailed record of what, when and how long a viewer watched any particular show at any given moment is enhanced through new cable television technology. If the average consumer were aware of this fact prior to purchase, would so many readily accept? The difficulty lies in the average lay person understanding the power and extent of the technologies arrayed against the common person; it is this knowledge gap which makes resolving the issues surrounding the protection of privacy a formidable challenge. Many cannot readily appreciate the subtleties surrounding esoteric cable television services or imaging/monitoring technologies. As information professionals, we can share the vitality of an Internet search engine or personal communication system for common household usage while seeking out protection against privacy abuse. The question remains: where do we draw the line between the sublime and the extreme?

Options and Considerations

We are witness to the demise of our notions of privacy; this trend is congruent with rapid technological development. Luddites could argue that as technology grows, privacy dissipates; thus, technology must be curbed (so the argument goes). The genie is, however, well out of the bottle. Modern conveniences and economic advantages far outweigh any notions of denying the benefits and comforts which we amply enjoy. The approach we must now initiate rests upon legislation and education.

Education and awareness on the part of those who know and understand the reality of their surroundings remains the key to ensuring privacy. Proprietary information will remain such, but the key to economic success will be that of creative dissemination of the uses of proprietary data and/or developments. If the general public is aggressively enlightened in the ways and means of information technology, then it follows that perhaps we can expect the general population to be more discriminating when it comes to privacy protection. Just as we speak of a green consumer culture, so too we might encourage the beginning of a privacy culture. True privacy could be an emerging marketing approach given the right impetus. Effective legislation must come into play if we are to prevent further erosion of privacy. Perhaps we should consider employing European laws as models for the control of personal information and the protection of privacy. Database access or use of one’s name or other personal information could be subject to the individuals’ prior approval and/or payment — similar to royalties — with violations subject to substantial monetary penalties. The logic is inescapable: if private/public entities gain a profit from the sale and/or use of our personal information, then we should receive royalties, if we choose to participate. Those who seek not to participate in the sale and dissemination of their information should be permitted, under strict legislation, to opt out with strengthened privacy guarantees.

The time has come to reach out and enlighten legislators about the issues surrounding privacy. Some cultures hold that taking pictures of individuals and/or places robs the soul or essence of the place or person; arguably, this is now taking place. The act of taking pictures — regardless of public safety or security — constitutes an act of capturing our image without our permission. Similarly, when information is accessed — habits, purchases, profiles — could it not be argued that this is the theft of our truest proprietary data — our identities?

In the coming century, our identities will be how we appear on innumerable databases; our visage reflected in the hidden cameras and how we stand within society’s walls defined in the roll calls of databases. The time is right, therefore, to educate both the public and legislators about the relationship between ourselves and the tools which gather information about us and our fellows. Given the prevalence of modern technology, it is time to recognize that our tools are but an extension of ourselves, the surveillance cameras reflecting back our images. How we view ourselves ultimately determines how we view and shape our future. How better than to smile into the camera with a confident cheer?

The original copy can be also found here: http://www.scribd.com/welutz

William E. Lutz is a professional consultant involved with matters pertaining to security, privacy as well a records management. More about his work can be found via his LinkedIn profile of http:// http://www.linkedin.com/in/williamelutz as well as via his website of http:// http://www.welassociates.co.

Privacy is Dead; Get Used To It

From the Overlooked News Department,…. At a recently held (November 9th) congressional hearing regarding privacy, nine (9) major data mining sites testified and answered a number of rather startling and revealing questions (as reported in http://www.propublica.org/article/yes-companies-are-harvesting-and-selling-your-social-media-profiles) – among them:

Their responses, released Thursday, show that some companies record — and then resell — your screen names, web site addresses, interests, hometown and professional history, and how many friends or followers you have.

* Some companies also collect and analyze information about users’ “tweets, posts, comments, likes, shares, and recommendations,” according to Epsilon, a consumer data company. 

* Acxiom, one of the nation’s largest consumer data companies, said in its letter to lawmakers that it collects information about which social media sites individual people use, and “whether they are a heavy or a light user.” The letter also says Acxiom tracks whether individuals “engage in social media activities such as signing onto fan pages or posting or viewing YouTube videos.”

* Epsilon, a consumer data company that works with catalog and retail companies, said that it may use information about social media users’ “names, ages, genders, hometown locations, languages, and a numbers of social connections (e.g., friends or followers).” It also works with information about “user interactions,” like what people tweet, post, share, recommend, or “like.”

* Data companies of course, do not stop with the information on Twitter, Facebook, and LinkedIn. Intelius, which offers everything from a reverse phone number look up to an employee screening service, said it also collects information from Blogspot, WordPress, MySpace, and YouTube. This information includes individual email addresses and screen names, web site addresses, interests, and professional history, Intelius said. It offers a “Social Network Search” on its website that allows you to enter someone’s name and see a record of social media URLs for that person.

In the words of Captain Renault (from the movie ‘Casablanca’) “shocking to see gambling taking place in this establishment!”

Everyone knows this is taking place – and so what?

Actually, it is getting to be a rather big deal. One of the key factors which lead to the re-election of President Obama (http://swampland.time.com/2012/11/07/inside-the-secret-world-of-quants-and-data-crunchers-who-helped-obama-win/print/) it was the very use of this data which lead to extremely well-targeted listings and action items:

…campaign manager Jim Messina had promised a totally different, metric-driven kind of campaign in which politics was the goal but political instincts might not be the means. “We are going to measure every single thing in this campaign,” he said after taking the job. He hired an analytics department five times as large as that of the 2008 operation, with an official “chief scientist” for the Chicago headquarters named Rayid Ghani, who in a previous life crunched huge data sets to, among other things, maximize the efficiency of supermarket sales promotions.

None of this should come as any surprise. As far back as 1997, my colleagues and I had written a number of articles and reports on this trend. As noted in an article for ASIS (American Society for Information Science) presented during the 1997 Washington, DC conference (http://www.asis.org/Bulletin/Feb-97/lutz.html), I noted that:

We are witness to the demise of our notions of privacy; this trend is congruent with rapid technological development. Luddites could argue that as technology grows, privacy dissipates; thus, technology must be curbed (so the argument goes). The genie is, however, well out of the bottle. Modern conveniences and economic advantages far outweigh any notions of denying the benefits and comforts which we amply enjoy. … In the coming century, our identities will be how we appear on innumerable databases; our visage reflected in the hidden cameras and how we stand within society’s walls defined in the roll calls of databases. The time is right, therefore, to educate both the public and legislators about the relationship between ourselves and the tools which gather information about us and our fellows.

And this was back in 1997.

We’ve well surpassed the point of no return: as Lutz’s Law of Privacy states, there is an inverse relationship between privacy and convenience: the more of one, the less of the other. Add into the mix wireless / handheld communications devices and now, more than ever before, you are who and how you appear within the electronic realm. Arguably, you and how you appear electronically is more important than how you appear in person as job recruiters, credit agencies, services or strangers who wish to meet and greet you will judge you more by how you exist online than how you are in person.

Competition is everywhere: whether be it for those seeking elected office or businesses seeking an edge and expanding their costumer base. Now, more than ever before, how and who you present yourself as is more important than ever before. Increasingly, you will find others – employers, potential clients, contacts – determining and deciding whether or not to work with you / hire you on the basis of what you post or whom you associate with – and as the evidence suggests, this is going beyond just your posting the photos of that ‘lost weekend’ on your Facebook page that you and your fraternity buddies did.

Wondering why you didn’t get that job or obtain that contract? Think  about it.

But before you let your paranoia get the best of you, just remember: it can work both ways. Given the increasing reliance folks have in using online services, who’s to say that you couldn’t beef up your profile more and gain the edge you need?

So the next time you consider LinkedIn, consider also MyBrand as well as revisiting your Facebook page. Add more appropriate pictures and keep your personal commentary through more secure means. Be careful with whom you associate with and who you link up to.

You never know who’s watching – or who would be interested in tapping you for opportunities you didn’t know existed,…