Read about it on BoingBoing here.
Download your privacy pack here.
Today is the day we Reset the Net! It’s been one year since the Edward Snowden disclosures hit the news and the whole world woke up to the scale of mass, indiscriminate Internet surveillance — a spying campaign that was only possible because our own tools leak our private information in great gouts. Reset the Net provides you with a technical, political, and social toolkit to harden our Internet against the spies; and Boing Boing is proud to be playing a role.
I’m going to be in a hip hop video being shot next week by Ryan Junell. The song is called Under Surveillence by the group Variable Unit.
By a strange coincidence, that very same day I was recruited for the video, Billy Jam sent me this story, which details a situation where Dave Paul, owner of San Francisco’s tiny Independent BOMB Hip Hop record label, was questioned by two Secret Service Agents who were responding to a tip from Cheaptickets.com, who claimed Paul had made threatening statements about the Shrub while purchasing tickets over the phone.
Check it out:
“The Secret Service showed up at my door. I was not here. They had told my mom that I had said some stuff on the phone and that I needed to answer to it. So I called the agent on his phone and he claimed that cheaptickets.com had reported to them that I had said some things about George W. Bush when I was on the phone working on my flight. I assured them that I said absolutely nothing and they wanted to come over and interview me in person, which they did with two agents. And they even wanted to come in and take a look around my room to make sure that there were no photos of “so-called person” with a target drawn on it or something to that effect. I don’t know if it’s someone at cheaptickets lying or maybe the Secret Service just used that as an excuse to investigate since the name of the record company…. I even gave them a flyer for tonight’s show but they didn’t look like they were too interested. I invited them down. They were pretty nice about it. I think just because when you’re making flight reservations and the company name is what it is and that’s what on your credit card and it shows four people going to Oklahoma City that I’m sure someone at cheaptickets pulled a red flag on it.”
Note: As with any effective Dictatorship, this time around, the public will not be informed as to which airlines will be implementing the CAPPS II program. Such information will be kept secret from American citizens.
Soon passengers will be receiving one of three “color codings” based on things like who you’re traveling with and where you’re going. (What’s that got to do with your risk? Your guess is as good as mine.)
I wonder if wearing one of John Gilmore‘s “Suspected Terrorist” buttons bumps up your rating a notch? 🙂
Here’s the Washington Post story on it, and a video clip from KRON news in San Francisco.
In the most aggressive — and, some say, invasive — step yet to protect air travelers, the federal government and the airlines will phase in a computer system next year to measure the risk posed by every passenger on every flight in the United States.
The new Transportation Security Administration system seeks to probe deeper into each passenger’s identity than is currently possible, comparing personal information against criminal records and intelligence information. Passengers will be assigned a color code — green, yellow or red — based in part on their city of departure, destination, traveling companions and date of ticket purchase.
Most people will be coded green and sail through. But up to 8 percent of passengers who board the nation’s 26,000 daily flights will be coded “yellow” and will undergo additional screening at the checkpoint, according to people familiar with the program. An estimated 1 to 2 percent will be labeled “red” and will be prohibited from boarding. These passengers also will face police questioning and may be arrested…
The new system, called Computer Assisted Passenger Pre-screening System II (CAPPS II), has sparked so much controversy among both liberal and conservative groups that the TSA has struggled to get it going. Delta Air Lines backed out of a testing program with the agency earlier this year, and now the TSA will not reveal which airlines will participate when it tests a prototype early next year. If all goes as planned, the TSA will begin the new computer screening of some passengers as early as next summer and eventually it will be used for all domestic travelers.
“This system is going to be replete with errors,” said Barry Steinhardt, director of the American Civil Liberties Union’s technology and liberty program. “You could be falsely arrested. You could be delayed. You could lose your ability to travel.”
Protecting privacy from the ‘new spam’
By Peter Swire for the Boston Globe.
Overlooked in the heated rhetoric has been a victim of the RIAA’s campaign – the privacy of all those who surf the Internet or send e-mail. On the RIAA view, your sensitive personal information on the Web would be available to anyone who can fill out a one-page form. Congress can and should step in to fix this problem immediately.
The problem began in late 2002, when the RIAA demanded that Verizon Online, an Internet service provider, identify one of its customers based on an accusation that the person may have violated copyright laws by swapping files.
Verizon declined, citing the threats to customer privacy, due process, and the First Amendment. Was Verizon overreacting? No.
The new process starts when any website operator, recipient of an e-mail, or participant in a P2P network learns the Internet Protocol address of the home user. These IP addresses are automatically communicated by the nature of the Net, but until now only the ISP could usually match an IP address with a user’s identity.
When a copyright holder fills out a one-page form, however, a federal court clerk must now immediately issue a subpoena. That subpoena orders the ISP to turn over the name, home address, and phone number that matches the IP address.
This procedure violates due process. There is no judicial oversight and only the flimsiest showing of cause. Furthermore, Internet service providers risk large penalties if they even question the validity of a subpoena.
Privacy is destroyed because it becomes so easy to reveal the identity of Internet users. The First Amendment is undermined because of the chilling effect if every e-mail and every post to a Web page can be quickly tracked back to a home address and phone number.
The early use of these subpoenas has shown startling mistakes by copyright holders. One recording industry subpoena this spring – based on a patently incorrect allegation – nearly closed down a college astronomy department’s Web server in the middle of exam week. A major studio has sought a subpoena based on the careless assertion that a tiny computer file was a copy of a Harry Potter movie. (It was a child’s book report instead.)
An even greater risk is putting this subpoena power in the hands of anyone willing to pretend to have a copyright claim. These fraudulent requests will be impossible to distinguish from legitimate ones.
This flood of legally sanctioned harassment will quickly become the ”new spam,” with the kinds of abuses as limitless as the Internet itself:
The most common use may be that of website operators who want to identify their visitors for marketing purposes or for more nefarious reasons, including identity theft, fraud, or stalking.
A Safer System for Home PC’s Feels Like Jail to Some Critics
By John Markoff for the NY Times.
In an effort to retain the original open PC environment, the Microsoft plan offers the computer user two separate computing partitions in a future version of Windows. Beyond changing the appearance and control of Windows, the system will also require a new generation of computer hardware, not only replacing the computer logic board but also peripherals like mice, keyboards and video cards…
“This will kill innovation,” said Ross Anderson, a computer security expert at Cambridge University, who is organizing opposition to the industry plans. “They’re doing this to increase customer lock-in. It will mean that fewer software businesses succeed and those who do succeed will be large companies.”
Critics complain that the mainstream computer hardware and software designers, under pressure from Hollywood, are turning the PC into something that would resemble video game players, cable TV and cellphones, with manufacturers or service providers in control of which applications run on their systems.
In the new encrypted computing world, even the most mundane word-processing document or e-mail message would be accompanied by a software security guard controlling who can view it, where it can be sent and even when it will be erased. Also, the secure PC is specifically intended to protect digital movies and music from online piracy.
But while beneficial to the entertainment industry and corporate operations, the new systems will not necessarily be immune to computer viruses or unwanted spam e-mail messages, the two most severe irritants to PC users.
“Microsoft’s use of the term `trusted computing’ is a great piece of doublespeak,” said Dan Sokol, a computer engineer based in San Jose, Calif., who was one of the original members of the Homebrew Computing Club, the pioneering PC group. “What they’re really saying is, `We don’t trust you, the user of this computer.’ ”
a.k.a. Register In The “No Call” Registry (and It’s Illegal For Telemarketers To Call You)
A few months ago, I got all hot and bothered about the news that our cell phone numbers would soon be made available to telemarketers via 411 info.
One solution to this is to sign up for the “Do Not Call Registry.”
Most telemarketers cannot call your telephone number if it is in the National Do Not Call Registry. You can register your home and mobile phone numbers for free. Your registration will be effective for five years.
If a telemarketer calls you during that time, you can file a complaint.
It just took me less than a minute to register my home and cell phone numbers.
This is a follow up to my earlier post regarding cellphone numbers being added to 411 lists, which I still think, as it stands, is a really bad idea.
There’s more at stake here than the (I believe, still valid) concern of actually be charged money by your phone company every time you are contacted by a telemarketer, which would also be horrible and unfair to consumers, but isn’t nearly as worrisome as establishing a practice of charging people extra if they don’t want their personal information sold.
If discounts are offered to people that are willing to allow their number to be included in a directory, that’s one thing. But again, it would need to be properly represented to the consumer that they were trading something valuable — their personal information — for a discount.
That said, it’s not only about telemarketers. It’s about privacy. If I want someone to have my cell phone number, I’ll give it to them. Otherwise, they can email me and request it, and if I want to give it to them, I will.
In general, I would rather be emailed than called on the phone — especially from people I’m not expecting.
The way it is now, I have a little control over who calls me on my already too busy telephone. I should not have to pay money to have my number remain unlisted. It is a right, not a privilege, in my opinion.
This is the wrong direction for these kinds of services to go — making people opt-out of having their information made public. They should always have to explicitly opt-in to such services. This is dangerous if giving up one’s personal information in order to participate in a basic communications service, such as cell phones, becomes the exception, and not the rule.
Hope this clarifies my broader privacy concerns surrounding these types of policies.
Commercial interests are gearing up to benefit from making our personal cell phone information to the public.
Soon 411 will be able to sell your cell phone number to make extra money from its service. You’ll have to pay extra if you want to keep your number unlisted.
I think this is horrible news — A directory service for cell phones only makes sense if you have to opt-in to it, not if the burden is on you to not only opt-out of it, but pay for the privilege.
Now we’ll have to pay to be unlisted!
This seems more like a service you should have to pay to be included in, not the other way around.
Cell phone’s are largely “private” lines. If someone wants their business line listed, they can take the time to list it. The average person shouldn’t have to take up their time and valuable resources to make sure they’ve opted out.
Also, one mistake and the average person will have to foot the cost of getting a new phone number, so they can “try again” at protecting their privacy.
Please let me know if anyone knows how this can:
1) be stopped.
2) changed from an “opt-out” policy to an “opt-in” policy where the burden will be placed on the people who want to participate, not the people who want to protect their privacy.
3) be “opted out” of, at NO CHARGE, with confirmation IN WRITING, so a company can be taken to court if a mistake is made, and far enough (like a year) in advance of the roll out that we can no for sure that our privacy will be protected.
4) be made a built-in requirement for customers to be provided with a freely-available opt-out option at the same time they purchase a cell phone to make it as easy has possible to protect their privacy.
Privacy needs to be the default — not the paid-for exception.
Please keep an eye out for developments on this front and let me know about them! Thanks!
Wireless numbers to be added to 411
Large cell phone carriers on board with plan, source says
The centralized database of wireless numbers would be off limits to telemarketers, and consumers would be able to choose whether to have their numbers listed or unlisted, according to people familiar with the process.
Individual carriers would determine whether subscribers would have to pay to be unlisted.
Other privacy options are possible, too.
For example, wireless phone users might choose to be unlisted but willing to receive a short text message, sent through the directory service, from someone trying to contact them.
Ashcroft Out of Control
Ominous Sequel to USA Patriot Act
By Nat Hentoff for the Village Voice.
Under the proposed Ashcroft bill reversing that court decision, for the first time in U.S. history, secret arrests will be specifically permitted. That section of bill is flatly titled: “Prohibition of Disclosure of Terrorism Investigation Detainee Information.” In Argentina, those secretly taken away were known as “the disappeared.”
Moving on, under Section 501 of the blandly titled Domestic Security Enhancement Act of 2003, an American citizen can be stripped of citizenship if he or she “becomes a member of, or provides material support to, a group that the United States has designated as a ‘terrorist organization,’ if that group is engaged in hostilities against the United States.”
Until now, in our law, an American could only lose his or her citizenship by declaring a clear intent to abandon it. But~Wand read this carefully from the new bill – “the intent to relinquish nationality need not be manifested in words, but can be inferred from conduct.” (Emphasis added).
Who will do the “inferring”? A member of the Justice Department. Not to worry. As John Ashcroft’s spokeswoman, Barbara Comstock, says of objections to this draft bill: “The [Justice] department’s deliberations are always undertaken with the strongest commitment to our Constitution and civil liberties.” (This is a faith- based administration.)