Next Friday!
MOBILE
“APP” PRIVACY
A seminar presented by the Privacy
Foundation.
REGISTRATION:
Contact Privacy Foundation Administrator Cindy Goldberg at
cgoldberg@law.du.edu
or call 303.871.6628
.Seminar
& lunch free for all DU Faculty, Alumni & Students. All
others: Seminar/CLE ($20) or Seminar/CLE/Lunch ($40)
Could
give us a look at Best(?) Practices in action.
Back in January, there were reports
that Genesco might sue
card issuers over their response to the firm’s malware breach
in 2010. Now dmarsteller reports that Genesco has, indeed, sued
VISA. The lawsuit was filed Thursday in Nashville. dmarsteller
explains:
VISA later fined
Fifth Third Bank and Wells Fargo $5,000 each and levied another $13.3
million in assessments, saying they were liable for the breach
because they did not comply with industry-wide security standards.
The banks paid, taking the money from Genesco’s accounts and
assigning any recovery efforts to Genesco.
Genesco contends
VISA overreacted because there was no evidence that the hackers stole
any cardholder information. The retailer said regular
rebooting of its computer servers erased any data before hackers
could retrieve it.
Genesco also
contends VISA violated its contracts with the banks by not following
the required procedure before issuing the fines and assessments. The
card company’s actions also are unfair business practices under
California law, the suit contends.
Read more on The
Tennessean.
So the court requires TSA to be
suspicious before a forensic search, even if those in dissent think
TSA won't know if they are suspicious or not... Note: DoJ won this
case, so they will have a hard time appealing it...
Orin Kerr on today’s Ninth Circuit en
banc opinion in United
States v. Cotterman, a case involving border searches of laptops.
Today the Ninth
Circuit announced a special rule for computer searches: Although a
“review of computer files” can occur without reasonable
suspicion, the “forensic examination” of a computer at the border
requires reasonable suspicion because it is “akin
to reading a diary line by line looking for mention of criminal
activity—plus looking at everything the writer may have
erased.” Here’s the key part of the analysis:
The relevant
inquiry, as always, is one of reasonableness. But that
reasonableness determination must account for differences in
property. Unlike searches involving a reassembled gas tank, or small
hole in the bed of a pickup truck, which have minimal or no impact
beyond the search itself—and little implication for an individual’s
dignity and privacy interests—the exposure of
confidential and personal information has permanence. It cannot be
undone. Accordingly, the uniquely sensitive nature of
data on electronic
devices carries with it a significant expectation of privacy
and thus renders an exhaustive exploratory search more intrusive than
with other forms of property.
After their
initial search at the border, customs agents made copies of the hard
drives and performed forensic evaluations of the computers that took
days to turn up contraband. It was essentially a computer strip
search. An exhaustive forensic search of a copied laptop hard drive
intrudes upon privacy and dignity interests to a far greater degree
than a cursory search at the border. It is little
comfort to assume that the government—for now—does not have the
time or resources to seize and search the millions of devices that
accompany the millions of travelers who cross our borders. It is the
potential unfettered dragnet effect that is troublesome.
We have confidence
in the ability of law enforcement to distinguish a review of computer
files from a forensic examination. We do not share the alarm
expressed by the concurrence and the dissent that the standard we
announce will prove unmanageable or give border agents a “Sophie’s
choice” between thorough searches and Bivens actions.
In dissent, Judge
M. Smith responds:
While I share some
of the majority’s concerns about the steady erosion of our personal
privacy in this digital age, the majority’s decision to create a
reasonable suspicion requirement for some property searches at the
border so muddies current border search doctrine that border agents
will be left to divine on an ad hoc basis whether a property search
is sufficiently “comprehensive and intrusive” to require
reasonable suspicion, or sufficiently “unintrusive” to come
within the traditional border search exception. Requiring border
patrol agents to determine that reasonable suspicion exists prior to
performing a basic forensic examination of a laptop or other
electronic devices discourages such searches, leaving our borders
open to electronicallysavvyterrorists and criminals who may hereafter
carry their equipment and data across our borders with little fear of
detection. In fact, the majority opinion makes such a legal
bouillabaisse out of the previously unambiguous border search
doctrine, that I sincerely hope the Supreme Court will grant
certiorari, and reverse the holding in this case regarding the level
of suspicion necessary to search electronic devices at the border,
for the sake of our national security, and the consistency of our
national border search law.
And Judge Callahan
adds:
Regrettably the
majority, dispensing with these wellsettled, sensible, and binding
principles [from Supreme Court caselaw], lifts our anchor and
charts a course for muddy waters. Now border agents, instead of
knowing that they may search any and all property that crosses the
border for illegal articles, must ponder whether their searches are
sufficiently “comprehensive and intrusive,” to require reasonable
suspicion, and whether they have such suspicion. In most cases the
answer is going to be as clear as, well, mud. We’re due for
another course correction.
Read Orin’s commentary on The
Volokh Conspiracy.
Also interesting...
"Ars Technica reports that the
Obama Administration has filed
a brief in support of a Maryland photojournalist who says he was
arrested and beaten after he took photographs of the police arresting
two other men. The brief by the Justice Department argues that the
U.S. Constitution protects the right to photograph the actions of
police officers in public places and prohibits police officers
from arresting journalists for exercising those rights. [What
about us second class (non-journalist) citizens? Bob]
Context: 'Garcia says that when Officer Christopher Malouf
approached him, Garcia identified himself as a member of the press
and held up his hands to show he was only holding a camera. But
Malouf "placed Mr. Garcia in a choke hold and dragged him across
the street to his police cruiser," where he "subjected him
to verbal and physical abuse." According to Garcia's complaint,
Malouf "forcibly dragged Mr. Garcia across the street, throwing
him to the ground along the way, inflicting significant injuries."
Garcia says Malouf "kicked his right foot out from under him,
causing Mr. Garcia to hit his head on the police cruiser while
falling to the ground." Garcia claims that Malouf took the
video card from Garcia's camera and put it in his pocket. The card
was never returned. Garcia was charged with disorderly conduct. In
December 2011, a judge found Garcia not guilty.'"
Another resource...
Thanks to Danielle Citron, who reminds
us that the 2013 edition of Dan Solove and Paul Schwartz’s
Privacy
Law Fundamentals is out now.
Cheap.
Google will soon
settle with the attorneys general representing more than 30 U.S.
states over its Street View cars collecting data from unsecured Wi-Fi
networks, multiple sources said.
Google is to pay
$7 million, to be distributed among the attorneys general, according
to a person familiar with the matter. That person said the agreement
is close to being finalized, and should be announced early next week.
Read more on AllThingsD
If people are using unsecured WiFi, I’m
not sure Google should be paying anything at all. Don’t
users assume some risk or responsibility for the risk if they’re
using unsecured WiFi? [Not if it's election season... Bob]
(Related) Is
this court recognizing the “Streisand Effect?”
A Wisconsin woman
trying to protect her “wholesome” image failed to persuade a
federal appeals court to hold Google Inc liable because searches for
her name could lead people to advertisements for drugs to treat
sexual dysfunction.
The 7th U.S.
Circuit Court of Appeals in Chicago said on Wednesday Beverly Stayart
did not show that Google violated Wisconsin privacy laws by misusing
her name to generate advertising revenue.
Read more on Business
Insider.
[From the article:
Stayart claimed that a search for "bev
stayart" on the world's largest search engine generates a
recommended search for "bev stayart levitra," which can
direct users to websites that offer treatments for male erectile
dysfunction.
… Circuit Judge Ann Claire Williams
wrote that the
search "bev stayart levitra" was a matter of public
interest because Stayart had made it one
by suing Google, and by previously suing rival Yahoo
Inc over similar claims, which she lost.
The case is Stayart v. Google Inc, 7th
U.S. Circuit Court of Appeals, No. 11-03012
Raises a couple of questions.
Shouldn't the schools be thinking of this rather than Microsoft? How
expensive will Microsoft's Cloud be if they forgo advertising
revenue?
An anonymous reader points out a story
at The Register about a Microsoft-backed
bill proposed by Massachusetts state representative Carlo Basil
which seems aimed
directly at Google's cloud apps. The bill, if it should be
enacted, would require that
"[a]ny
person who provides a cloud computing service to an educational
institution operating within the State shall process data of a
student enrolled in kindergarten through twelfth grade for the sole
purpose of providing the cloud computing service to the educational
institution and shall not process such data for any commercial
purpose, including but not limited to advertising purposes that
benefit the cloud computing service provider."
This is why you only go to these sites
using your “.edu” accounts... (Why would they want all the IP
addresses?)
"Notorious copyright troll
Prenda Law has sent a subpoena to WordPress attempting
to force the disclosure of all IP addresses related to two
WordPress-hosted sites that specialize in monitoring and encouraging
action against copyright trolling. The sites in question are
fightcopyrighttrolls.com
and dietrolldie.com. These
sites state their aims as: 'To keep the public and fellow victims
informed and to ensure that through activism, trolls make as little
money as possible.' These are goals which almost anyone (bar a
copyright troll, or lawyer acting for one) might well applaud.
Prenda Law's demand is not for a subset of
addresses that might have posted in a manner that could be construed
as legally defamatory but for all IP addresses that have accessed
these sites, irrespective of the use made of them.
Prenda Law has filed three
defamation lawsuits already against the individuals who run
Fightcopyrighttrolls, and one has been dismissed
(PDF). Dietrolldie released the following warning: 'As there is a
possibility that a release could occur, the public IP address
(date/time stamp) could fall into the hands of Prenda. I would expect
that they would then try to cross-reference the IP address with their
list of alleged BitTorrent infringement IP addresses ... If you have
ever gone to this site or Fightcopyrighttrolls.com since 1 January
2011, you may want to contact WordPress. Tell them you want them to
refuse this overly broad request and at least wait until the issue of
the case being moved to the Federal court is answered before
releasing any information.'"
Another IP article... Looks like they
are assuming the right to resell does not exist!
"The New York Times reports
that Apple
and Amazon
are attempting to patent
methods of enabling the resale of digital items like e-books and
MP3s. Establishing a large marketplace for people to buy and
sell used digital items has the potential to benefit consumers
enormously, but copyright holders aren't happy. Scott Turow,
president of the Authors Guild, 'acknowledged it would be good for
consumers — "until there were no more authors anymore."'
But would the resale of digital items really be much different than
the resale of physical items? Or is the problem that copyright
holders just don't like resale?"
For my students, but I wonder what
percentage will actually protect themsleves...
March 08, 2013
EFF-
How To Opt Out of Receiving Facebook Ads Based on Your Real-Life
Shopping Activity
EFF:
"Facebook has announced
that it’s teaming up with four of the world’s largest corporate
data brokers to “enhance” the ad experience for users.
Datalogix, Epsilon, Acxiom, and BlueKai obtain information gathered
about users through online means (such as through cookies when users
surf the web) as well as through offline means (such as through
loyalty cards at supermarkets and product warranty cards). Through
the new relationship with Facebook, companies will be able to display
advertisements to Facebook users based on data that these data
brokers have on individuals... We recommend you use a tool such as
Ghostery (now available on
Firefox, Safari, Chrome, Opera and Internet Explorer) or Abine's
DoNotTrackMe
(available in Firefox, Safari, Chrome and Internet Explorer) or
AdBlockPlus
with EasyPrivacy Lists. See more comprehensive instructions in
our 4
Simple Changes to Stop Online Tracking."
The future of the “book”
Army’s
First Interactive iPad Book Lets You Finger-Swipe Through Afghanistan
The Army has no shortage of battlefield
maps. But until Friday, it didn’t have many that animate troop
movements or enemy positions at the touch of a fingertip. Now,
explains Command Sgt. Major Joe B. Parson, Jr., “if I flick a
finger, you don’t change the page, you change the picture.”
That’s the added value of Vanguard
of Valor, a platoon-level recent history of the Afghanistan war
published by the Army’s Combined Arms Center at Fort Leavenworth,
Kansas, part of the ground force’s brain trust. There’s a musty
paper edition. But the Army’s more excited about the iPad edition
that debuted on Friday in the iTunes store.
Vanguard of Valor is primarily
a teaching tool, meant to instruct the mid-career officers who pass
through the Center about the lessons learned from years
of grueling war in Afghanistan. The enhanced iPad edition is a
step up from previous Army digitized books: It’s the first
immersive, interactive Army e-book, replacing the simple PDF-style
scans with dynamic animations of the warzone. Maps shift, videos
load, audio plays and pictures scroll to complement the text.
I like lists, even those in slideshow
formats...
Friday, March 8, 2013
This morning at NCTIES
2013 I gave an updated version of my Best of the Web
presentation. As promised to everyone in the room, I've uploaded the
slides to Slideshare. You can view
them on Slideshare
This could be a useful tool in my
website class...
See a quick table of contents for any
page on the web. HTML5 Outliner is a simple Chrome extension you can
click anytime to see an outline for most pages. Using the document
outlining algorithm in HTML5, this plugin gives you a quick
outline for almost any page – even some that don’t use HTML5.
Check out HTML5 Outliner @
https://chrome.google.com/webstore/detail/html5-outliner/afoibpobokebhgfnknfndkgemglggomo
