How do we build an Internet we're not ashamed of?

May 29th, 2014

Having finally got round to reading the transcript of Maciej Cegłowski's Beyond Tellerrand 2014 Conference Talk , I can but report that – as usual – he talked a lot of sense:

One reason there's a backlash against Google glasses is that they try to bring the online rules into the offline world. Suddenly, anything can be recorded, and there's the expectation (if the product succeeds) that everything will be recorded. The product is called 'glass' instead of 'glasses' because Google imagines a world where every flat surface behaves by the online rules. [The day after this talk, it was revealed Google is seeking patents on showing ads on your thermostat, refrigerator, etc.]

Well, people hate the online rules!

Google's answer is, wake up, grandpa, this is the new normal. But all they're doing is trying to port a bug in the Internet over to the real world, and calling it progress.

You can dress up a bug and call it a feature. You can also put dog crap in the freezer and call it ice cream. But people can taste the difference.

Comments Off on How do we build an Internet we're not ashamed of?

Data mining as a security measure?

January 5th, 2014

Los Angeles Times reporter David Lazarus, prompted by a tip-off from a reader, tried registering with a UPS service that offered more control over parcel delivery schedules and found that UPS already knew quite a bit about him and his family:

In my case, UPS wanted me to name the city I'd formerly lived in. San Francisco, where I resided before moving back to Los Angeles, was on the list.

The next one was a trick question. It asked me to name the street I'd once lived on or "none of the above." The answer was "none of the above."

The third question asked me to name the city I'd never lived in. The list included three Connecticut cities I'd never visited and the one where I was born. Since you could pick only one answer, I picked "all of the above."

The UPS site then said it would need more information to verify my identity and asked for my birth date. Maybe this was just a glitch. Or maybe it was a sneaky way to get me to cough up this most important of data points.

I provided my birth date and was presented with a trio of much more specific questions. The first asked the month that my wife was born, and it included both the correct month and her full name.

The second one again identified San Francisco as my former home. The third question included the street in San Francisco that I lived on.

Like Miller, I was completely creeped out.

I'm not sure what's creepier about this: the notion that data mining lets companies know this much about potential customers, or the idea that they might have gathered incorrect information and there's no practical way for me to correct it because I don't know where they got it from.

[Via RISKS Digest Vol. 27, Iss. 65]

Comments Off on Data mining as a security measure?

The Architecture of Visual Information

September 28th, 2013

Alexander Baxevanis thinks that in the face of the vast number of photos being uploaded every day we need to think harder about why and where people take photographs, what they're trying to accomplish when they share them online.

[Via Martin Belam]

Comments Off on The Architecture of Visual Information

The spy in your pocket

June 9th, 2013

The most interesting thing about this exploration of how much a German phone company knew about the movements of one particular politician is that it's really just scratching the surface:

Green party politician Malte Spitz sued to have German telecoms giant Deutsche Telekom hand over six months of his phone data that he then made available to ZEIT ONLINE. We combined this geolocation data with information relating to his life as a politician, such as Twitter feeds, blog entries and websites, all of which is all freely available on the internet. […]

Don't get me wrong: the animated map and correlation of the location data with blog entries and tweets to account for what Spitz was up to on a given day in a given place is neatly done, but it's hardly news that having your mobile phone on you allows the phone company to know roughly where your phone is.

The fun bit is the data mining and cross-matching of data. Throw in the sort of information every self-respecting law enforcement agency is itching to get access to, about what phone numbers you called, who you emailed and what web sites you accessed and it's relatively straightforward to build up a picture of what you're doing, where you're doing it and1, who you're doing it with and – crucially – whether you're deviating from your normal pattern of activity.

Imagine a world where we didn't have the internet and mobile phones to make collecting all this data easy and painless. Now imagine the government in that wireless-free world announcing that it would start gathering this sort of information by having a civil servant follow you around, listening to your conversations with people and monitoring what books and magazines you read and taking notes as you go. I think it's fair to say that there would be hell to pay.

Why should governments have an easier time of it just because they can have Internet Service Providers and telecoms companies do the surveillance for them?

[Via MetaFilter]

  1. Given enough data to establish a pattern of behaviour over time.

Comments Off on The spy in your pocket

'Our moral character dwindles as our instruments get smaller.'

April 14th, 2013

Jan Chipchase's You Lookin' At Me? Reflections on Google Glass. urges us to take advantage of the opportunity we have now that Google Glass is on the verge of escaping into the wild to think about how Glass (or something like it) is going to transform privacy expectations over the next decade or two:

One could argue that the form taken by Glass offers up a lazy futurist's vision of what might be – take the trajectory of one product (displays becoming smaller/cheaper/more efficient over time) and integrate it with another (eyeglasses), sprinkle in connectivity and real-time access to content and big-data-analytics. Our expectations of what it could be are raised in part because this join-the-dots vision of the future fits neatly into Western un/popular young-male culture, from "The Terminator" through to Halo. Glass has a certain inevitability about it, like the weight of expectation on of child born to a great composer or, if you will, to a middle-aged suicide. As any visitor to Yodobashi camera over the past decade will tell you, the hardware technologies that make Glass hardly feel novel (and for recent competitors, see Sony, Golden-i, or this Telepathy device prototype) but neither do they need to be, because this is all about how they are brought together into a holistic experience.

I have a feeling that the prospect of walking round wearing a device that requires an eyeglass-mounted interface is going to be a lot less popular among the ordinary, smartphone-carrying public than Google hope. I can't help but think that if Google/Apple/whoever just pushes speech-driven interfaces a bit further along1 then a fair number of ordinary people will find that the ability to tell their phone to show them maps and directions, pull up details of the person they're speaking to and so on will suffice for now.

Still, even in that scenario we'll have people walking round our towns and cities and homes and workplaces carrying permanently-on devices that default to capturing and storing sound and video2, so almost all the issues Chipchase raises will still apply.

[Via The Browser]

  1. Both in terms of reliability and the ease with which third party applications can use the speech recognition system.
  2. Via a camera mounted on your Bluetooth earpiece?

Comments Off on 'Our moral character dwindles as our instruments get smaller.'

OAuth is your future

May 14th, 2012

OAuth is your future. What a cheerful thought.

Comments Off on OAuth is your future

Oh, Barcelona…

February 2nd, 2012

The very definition of irony.

[Via Memex 1.1]

Comments Off on Oh, Barcelona…

'We are dealing with a certain element of human nature that is unknown how to deal with.'

January 31st, 2012

Aaron Skirboll writes in praise of an invention whose time has come (again):

Thomas Watson was a respectful man. He was working as an assistant to Alexander Graham Bell in 1876 when his name became the first to be uttered into Bell's new invention, the telephone. "Mr. Watson, come here," Bell famously said. "I want to see you." Even before this monumental moment, however, Watson had proved his worth – and his neighborliness. While working out the telephone's kinks with Bell from his apartment, Watson initially had to shout to be heard over the early equipment, prompting complaints from the neighbors. So Watson, ever the courteous gent, wrapped himself inside blanket during these initial telephone trials, creating a tunnel, and, thus, the world's first phone booth: society's great unused invention. […]

Comments Off on 'We are dealing with a certain element of human nature that is unknown how to deal with.'

We're all nude and available

October 15th, 2011

Evgeny Morozov finds Jeff Jarvis' latest paean to the wonders of the internet deeply flawed, and rather unserious:

Why are we so obsessed with privacy? Jarvis blames rapacious privacy advocates – "there is money to be made in privacy" – who are paid to mislead the "netizens," that amorphous elite of cosmopolitan Internet users whom Jarvis regularly volunteers to represent in Davos. On Jarvis's scale of evil, privacy advocates fall between Qaddafi's African mercenaries and greedy investment bankers. All they do is "howl, cry foul, sharpen arrows, get angry, get rankled, are incredulous, are concerned, watch, and fret." Reading Jarvis, you would think that Privacy International (full-time staff: three) is a terrifying behemoth next to Google (lobbying expenses in 2010: $5.2 million).

"Privacy should not be our only concern," Jarvis declares. "Privacy has its advocates. So must publicness." He compiles a long and somewhat tedious list of the many benefits of "publicness": "builds relationships," "disarms strangers," "enables collaboration," "unleashes the wisdom (and generosity) of the crowd," "defuses the myth of perfection," "neutralizes stigmas," "grants immortality … or at least credit," "organizes us," and even "protects us." Much of this is self-evident. Do we really need to peek inside the world of Internet commerce to grasp that anyone entering into the simplest of human relationships surrenders a modicum of privacy? But Jarvis has mastered the art of transforming the most trivial observations into empty business maxims.

Contrary to Jarvis' protestations, Morozov's review doesn't read to me as a personal attack – more a clinical, brutal dismantling of a collection of shallow cliches in support of the argument that we shouldn't worry about the way pretty much every commercial entity we deal with online seeks to hoover up as much personal information about our use of the internet as it can because the (somewhat nebulous) benefits outweigh the potential problems. So long as you respect your cultural norms, you'll be fine.

[Via The Awl]

Comments Off on We're all nude and available


August 13th, 2011

Noted for future use:

[Context: a comment thread inspired by David Cameron's argument in favour of controlling the type of discussions taking place via social media.]

12 August 2011 4:14PM

12 August 2011 2:51PM

"If you've got nothing to hide then you have nothing to fear"

So glad to hear that, now I'd like your full name, address, date of birth, make and model of car you drive, all telephone numbers mobile and landline, name of employer, email address, annual income (gross and net), and of course I'd also like to know what your daily schedule is and what times you estimate being out of the house this weekend. Come on now, if you've nothing to hide then you've nothing to fear. Please post this information publicly, or are you up to something?

Oh and please post your internet history too, I'd like to check what sites you browse, just to make sure you aren't fapping to something nasty. By your own statement if you are reluctant to do so then you must be up to something criminal. Or you could admit your over simplistic statement was absurd.

[Via Memex 1.1]

Comments Off on Trust

Google Takeout

June 28th, 2011

Is it just me, or is Google Takeout a nice idea with a funny promotional video but not much substance?

In fairness, as I don't use Gmail or Picasa Web Albums and have a pretty minimalist Profile they just don't have all that much data to include in my takeout right now.1 I'll get interested when they expand the service to include my Google Documents, an OPML file containing my Google Reader subscriptions, and a KML file containing details of my various Google Maps overlays.

[Via Smarterware]

  1. Not unless you include all the 'anonymised' data they've no doubt amassed over the years by tracking cookies and logging my search requests – you know, the data they use to target ads.

Comments Off on Google Takeout


March 17th, 2011

If you browse the web using Safari, Firefox, Internet Explorer or Google Chrome and you dislike the idea of advertisers using tracking cookies and other such hidden methods to build a profile of your web browsing, you might want to install Ghostery. Quoth their FAQ:

[Ghostery] scans the page for scripts, pixels, and other elements and notifies the user of the companies whose code is present on the page. These page elements aren't otherwise visible to the user, and often not detailed in the page source code. Ghostery allows users to learn more about these companies and their practices, and block the page elements from loading if the user chooses.

I've relied on Privoxy as my first line of defence against intrusive web advertising and tracking for years, but I'd never pretend it was the ideal program for non-techie users. Ghostery isn't going to make me abandon Privoxy, but on the basis of my having played with Ghostery for a little while this evening it looks to be a much more user-friendly solution: a toolbar icon indicates how many tracking services it has detected when you load a page, and from there you can view information about the company trying to track your usage (complete with a link to their privacy policy) and can opt to block or allow that service on the site you're looking at – or across all sites, if you'd prefer. There is an option to send your 'Ghostrank' data back to Ghostery for research purposes, but even if you don't enable that option Ghostery continues to work.

Ghostery is free, easy to use and 100% a good thing, as far as I can see. It doesn't default to blocking all advertising, it just gives the end user a decent amount of control over what advertising and tracking they'll permit without overwhelming them with options they may not even understand. Who could object to such a thing?

[Via One Thing Well]

Comments Off on Ghostery

The SpyTunes Saga

February 21st, 2011

Andrew McAfee has found a hole in the iTunes Store privacy model: if you try to gift music (or an App, or a Tv programme or film) to an iTunes Store user, iTunes warns you if the user already has that item.

This snooping process is iterative and cumbersome, but I'm pretty sure it could be at least somewhat automated. It's also a little fluky; to learn what I have, [the snooper] has to gift media to me in the same form I bought it. For example, if he sent me only a single episode of "Breaking Bad" season 3 iTunes wouldn't send him a message like the one above. This is because I bought the whole season at once, so [the snooper] has to gift me the whole season to learn about my purchase. Similar rules appear to hold for music.

Even though [the snooper] has to work a bit, I'm not thrilled that he (or anyone else) can so easily learn about my media purchases and tastes. If I want to share my iTunes holdings with my friends or broadcast them to the world Apple gives me tools to do so, but if I want to keep them private I can't.

McAfee says that Amazon handles this sort of problem differently; it simply converts duplicate items to store credit, informing the recipient of the duplicate items but not the gift-giver, and suggests that Apple would do well to adopt this approach. My online gift-giving is usually selected from users' wishlists so I've never encountered this problem in the wild, but if I were giving a gift I think I'd prefer to be given the chance to choose a different item rather than have my gift silently converted to an impersonal store credit: if I'd wanted to give an iTunes Store credit I'd have chosen that option. However, I can see that both approaches have their merits.1

My feeling about this is that whilst it's technically a privacy breach, it's not a terribly scary one. The would-be snooper needs to:

  1. Guess the email address I use with my iTunes Store account.2
  2. Guess what music/apps/ebooks etc I might own and whether I bought them as individual items or as part of an album/season purchase.3
  3. Automate this process so that Apple won't notice that some rabid fan of mine has made X attempts to gift me Y different tracks/apps/ebooks without ever going through with a purchase and throttle or block their access.

Having successfully negotiated those hurdles, the snoop is now in possession of … a listing of a small portion of the contents of my iTunes Library. Given that I display ample evidence of my taste in music on the internet for the whole world to see as a matter of course, you'll understand if I'm not terribly worried by this potential attack vector.

That being said, I do take the point that users who wish to keep their music choices to themselves should have the ability to do just that: Apple should probably get right on it.4

[Via Risks Digest]

  1. Perhaps iTunes Store users should be allowed to specify in their account settings whether gift-givers should be warned of duplicates.
  2. Admittedly not everyone sets up a distinct email address to use just for iTunes, so this could be straightforward in some cases where the snooper already has your email address.
  3. Which raises another question: what if I have a track that I ripped from a CD in MP3 format and the potential snooper tries to gift me the iTunes Store version of that track in AAC/m4a format. Does iTunes recognise that it's the same track despite the format difference?
  4. Interestingly, McAfee points out that in the US it an offence to give out details of an individual's video rental/purchase history and suggests that if the iTunes Store makes it possible to find out what films a user has purchased this might leave the firm open to legal action. That sounds more like the sort of motivation Apple will need to close this hole.

Comments Off on The SpyTunes Saga

The first truly honest privacy policy

December 27th, 2010

The first truly honest privacy policy:

At COMPANY _______ we value your privacy a great deal. Almost as much as we value the ability to take the data you give us and slice, dice, julienne, mash, puree and serve it to our business partners, which may include third-party advertising networks, data brokers, networks of affiliate sites, parent companies, subsidiaries, and other entities, none of which we'll bother to list here because they can change from week to week and, besides, we know you're not really paying attention.

We'll also share all of this information with the government. We're just suckers for guys with crew cuts carrying subpoenas.

Remember, when you visit our Web site, our Web site is also visiting you. And we've brought a dozen or more friends with us, depending on how many ad networks and third-party data services we use. We're not going to tell which ones, though you could probably figure this out by carefully watching the different URLs that flash across the bottom of your browser as each page loads or when you mouse over various bits. It's not like you've got better things to do.


This privacy policy may change at any time. In fact, it's changed three times since we first started typing this. Good luck figuring out how, because we're sure as hell not going to tell you. But then, you probably stopped reading after paragraph three.

[Via Bruce Schneier]

Comments Off on The first truly honest privacy policy

The Id of the internet

August 25th, 2010

Julian Dibbell has produced a readable, insightful profile of 4chan's founder:

Christopher Poole is 22 years old, and as is often true for men his age, his mental life has been punctuated by a series of passing enthusiasms: video games, online chat rooms, Japanese animation. Currently he seems to be going through a Robert Moses phase. On the nightstand in his New York City apartment is a copy of The Power Broker: Robert Moses and the Fall of New York, a 1,300-page biography of the mid-20th-century urban planner who, in pursuing his vision of a modernized New York, destroyed one neighborhood after another. […] On a recent Thursday afternoon, as he walked to work past Washington Square Park and observed the sweeping renovations under way there – a controversial relandscaping imposed by current city planners in the face of heavy local opposition – he saw parallels with the old autocrat's imperious approach to such projects. "Robert Moses is probably smiling," he said. "Like, 'Fuck the people – what do they know!'?"

Like many people, Poole thinks there are better ways than Moses's to manage the tangled social, cultural, and infrastructural needs of a community of millions. But unlike most people – let alone most 22-year-olds – he actually has some experience doing just that. Seven years ago, Poole created the website 4chan […]

Comments Off on The Id of the internet


May 8th, 2010

The Evolution of Privacy on Facebook charts the speed with which Facebook has loosened your grip on your personal information.

At one level, this isn't a problem. If you're happy for Facebook to allow your Extended Profile Data to be shared with the entire internet then clearly Facebook is the social networking site for you. The problem is that Facebook makes it ridiculously complicated to undo all the changes they make in users' default privacy settings. If I actively used Facebook1 I'd be extremely nervous about the possibility of missing – or, more likely, misunderstanding the implications of – a policy change and discovering too late that the entire internet now not only knew about my [REDACTED] habit but had the pictures to prove it.

I'm not sure how best you could do it without making that chart too complicated, but it'd be interesting to see a version of that graph with another layer showing what percentage of users bothered to alter their various privacy-related settings from their new defaults after each change in policy. Not many, I'd guess.

[Evolution of Privacy on Facebook chart via]

  1. I do have an account, but as more of an 'antisocial networking' guy so I don't feel the need to do anything with it.

Comments Off on Zuckerberg!!!

Blip off

April 25th, 2010

Last December I posted the following description of Blippy, a new social networking site:

Blippy is a fun and easy way to see and discuss the things people are buying.

Automatically share your favorite purchases from iTunes, Amazon, Zappos, Visa, MasterCard, and more.

In the light of this week's news they should probably amend that to:

Blippy is a fun and easy way to see and discuss the things people are buying.

Automatically share your favorite purchases from iTunes, Amazon, Zappos, Visa, MasterCard, and your credit card details.

The word 'Oops!' doesn't really cut it.

[Via MetaFilter]

Comments Off on Blip off

On privacy

January 17th, 2010

A couple of thoughtful reactions to recent comments from Facebook and Google bosses about privacy.

Nicholas Carr on Other people's privacy:

Reading through these wealthy, powerful people's glib statements on privacy, one begins to suspect that what they're really talking about is other people's privacy, not their own. If you exist within a personal Green Zone of private jets, fenced off hideaways, and firewalls maintained by the country's best law firms and PR agencies, it's hardly a surprise that you'd eventually come to see privacy more as a privilege than a right. And if your company happens to make its money by mining personal data, well, that's all the more reason to convince yourself that other people's privacy may not be so important.

danah boyd on privacy norms:

Public-ness has always been a privilege. For a long time, only a few chosen few got to be public figures. Now we've changed the equation and anyone can theoretically be public, can theoretically be seen by millions. So it mustn't be a privilege anymore, eh? Not quite. There are still huge social costs to being public, social costs that geeks in Silicon Valley don't have to account for. Not everyone gets to show up to work whenever they feel like it wearing whatever they'd like and expect a phatty paycheck. Not everyone has the opportunity to be whoever they want in public and demand that everyone else just cope. I know there are lots of folks out there who think that we should force everyone into the public so that we can create a culture where that IS the norm. Not only do I think that this is unreasonable, but I don't think that this is truly what we want. The same Silicon Valley tycoons who want to push everyone into the public don't want their kids to know that their teachers are sexual beings, even when their sexuality is as vanilla as it gets. Should we even begin to talk about the marginalized populations out there?

The comment thread on the latter post is excellent, with Ed Borasky making the key point, addressing the notion that we're being invited to pay for these 'free' services with information about ourselves:

It's up to us as consumers to actively examine the "value" we are getting in every such transaction, regardless of how difficult the "services" make that and how tempting their offers of "free" stuff and "discounts" are.

Easier said than done, to be sure, but essential if we're not to sleepwalk into a 'semi-transparent society'.

1 Comment »

At last, a social networking site that cuts to the chase

December 14th, 2009

Blippy demonstrates that for some people, we really are what we buy:

Blippy is a fun and easy way to see and discuss the things people are buying.

Automatically share your favorite purchases from iTunes, Amazon, Zappos, Visa, MasterCard, and more.

Just so we're all clear about this, the idea isn't just that Blippy will post details of what users have bought: it'll display where they bought it and how much they paid for it.

Please, $DEITY, let this be a satire on social networking.

[Via MetaFilter]

Comments Off on At last, a social networking site that cuts to the chase

Tax Online

May 2nd, 2008

The outgoing Italian government's parting shot was to publish details of every Italian's tax declaration on the web. Obviously I'm horrified that such a huge quantity of confidential information was released by a government in such a cavalier fashion,1 but I can't help but think that there must be more to the story than we're seeing in the BBC's report.

I'm quite prepared to believe that the outgoing government might want to make a point by rolling out the site before it left office, but the government surely couldn't have put together a site on that scale from scratch in the fortnight since it lost the election. Was the surprise at the notion of putting the information out there, or at the fact that the site had been rolled out early? Or was the real surprise how interested the Italian public apparently was in this information?

[Via Qwghlm]

  1. That said, there's a small part of me that is amazed that people get so up in arms about the possibility that other people will find out how much they earn. I've never understood why this is seen as such a sensitive issue. For the record, my gross salary last month was £1,359.25.

Comments Off on Tax Online