Computers, Freedom, and Privacy Conference 2008

Below is the announcement email from - well as you can see:

COMPUTERS, FREEDOM, AND PRIVACY: TECHNOLOGY POLICY '08
http://cfp2008.org/
18th Annual CFP conference
May 20-23, 2008
Omni Hotel
New Haven, CT

DEADLINES this Week:
Early Bird Registration: Fri., May 2, 2008
YJoLT Tech Policy Essay Contest: Mon., May 5, 2008

Conference Blog: http://cfp08.blogspot.com/
Facebook Group: http://www.facebook.com/group.php?gid=10926816973

ABOUT CFP: TECHNOLOGY POLICY `08

What should the technology policy priorities of the next administration
be?

As the choice of presidential candidates becomes clearer and election
year moves towards a comparison of the candidates' platforms on the
issues, technology policy is increasingly relevant to the forefront of
public debate. In the areas of privacy, intellectual property,
cybersecurity, telecommunications, and freedom of speech, topics that
were once confined to experts now appear in the mainstream of political
issues. We now know that our decisions about technology policy are being
made at a time as the architectures of our information and communication
technologies are still being built.

This year, the 18th annual Computers, Freedom, and Privacy conference is
focusing on those issues at the forefront of technology policy this
election year. With plenary panels on the "National Security State and
the Next Administration" and "The 21st Century Panopticon?" the
discussions taking place look towards our present and future priorities.

CFP: Technology Policy '08 is an opportunity to participate in shaping
those issues being made into laws and regulations and those technological
infrastructures being developed. Policies ranging from spyware and
national security, to ISP filtering and patent reform, e-voting to
electronic medical records, and more will be addressed by expert panels
of technologists, policymakers, business leaders, and activists. The
panel topics are listed below and full panel descriptions are available
on the conference website at:

http://www.cfp2008.org/wiki/index.php/Program.

The CFP: Technology Policy `08 conversation has already begun in the
virtual spaces connected to the conference. Even if you are unable to
attend the conference this year, there are several opportunities to
participate remotely. The guiding principles that ought to guide our
policies are being debated on the conference blog. Social networking
groups on Facebook and LinkedIn are providing new spaces for the CFP
community to meet and discuss. The Yale Journal of Law and Technology is
hosting a call for essays, on the priorities of the next administration,
with more details below.

We look forward to seeing you in New Haven on May 20-23.

CONFERENCE PROGRAM

Plenary Sessions
Presidential Technology Policy: Priorities for the Next Executive
The 21st Century Panopticon?
The National Security State and the Next Adminstration

Tutorials
A Short History of Privacy
Constitutional Law in Cyberspace
e-Deceptive Campaign Practices: Elections 2.0
Maintaining Privacy While Accessing On-line Information

Panel Sessions
Activism and Education Using Social Networks
Breaking the Silence: Iranians Find a Voice on the Internet
Charismatic Content: Wikis, Social Networks, and the Future of
User-Generated Content
Filtering Out Copyright Infringement: Possibilities, Practicalities, and
Legalities
Filtering and Censorship in Europe
Hate Speech and Oppression in Cyberspace
Interoperability at the Crossroads?: The "Liberal Order" versus
Fragmentation
Law, Regulation, and Software Licensing for the Electronic Medical Record
Measuring Global Threats to Internet Freedom
Network Neutrality: Beyond the Slogans
New Challenges for Spyware Policy
Patents: The Bleeding Edge of Technology Policy
Privacy, Reputation, and the Management of Online Communities
Rights & Responsibilities for Software Programs?
States as Incubators of Change
"The Transparent Society:" Ten Years Later
Towards Trustworthy e-Voting: An Open Source Approach?

CALL FOR ESSAYS

Yale Journal of Law & Technology Call for Essays on the Technology Policy
of the New Administration
Deadline: Monday, May 5th

The Yale Journal of Law & Technology (YJoLT) is seeking essay-length
submissions concerning the technology policy platform of the new American
presidential administration. Essays selected for publication will appear
in the Fall Issue of YJoLT (publication date November 2008).

Ideal submissions will discuss the priorities and guiding principles that
American technology policy should follow. Submissions analyzing a
particular technology policy issue in depth will also be accepted.

Essays of less than 5,000 words are preferred. Please submit all essays
to yjolt.submissions@gmail.com. Please include the text "CFP Essay"
in the subject line of the email. The authors of essays selected for
publication will be notified on a rolling basis. Any questions can be
directed to Lara Rogers, lara.rogers@yale.edu.

--------------
Eddan Katz
CFP: Technology Policy '08 Program Chair
http://www.cfp2008.org/

International Affairs Director, Electronic Frontier Foundation
http://www.eff.org/
Lecturer and Associate Research Scholar, Yale Law School
Senior Fellow, Yale Information Society Project
http://isp.law.yale.edu/

Save To Del.icio.us    Digg This!

Yahoo Open Strategy (Y!OS) vs Privacy

I attended the O'Reilly Web 2.0 Expo Friday at Moscone West in San Francisco where I attended two sessions I'd like to address here. First was titled "Yahoo and Open Platforms - A Deeper Dive" by Yahoo Chief Architect of Platforms, Neal Sample. The second was a (Yahoo-owned) Flickr presentation on "Casual Privacy" by Kellan Elliot-McCrae. (This Flickr photo sharing tool is aptly titled and the technology consists only of a simplistic use of hard to guess complex URL's - once posted to a blog they become exposed to search engines and lose all privacy.)

I often come away from sessions like the first one mentioned above thinking "Wow! There are some scary smart people working on some really incredible things out there." But when looked at through the filter of personal privacy, the "Scary" part stands out for me.

Scary simply because the "Yahoo Open Strategy" takes personal data and distributes Yahoo user profiles across a multitude of Yahoo properties and makes it available to all Yahoo services once a user is logged in. Scary only because it means this database of personally identifiable information on anyone who opts-in becomes distributed widely across those Yahoo properties. I hope that user preferences for which services it is shared with come with their own privacy settings - necessarily complex settings to boot.

I had to miss two Web 2.0 sessions, one Wednesday and another on Thursday that I'd wanted to attend when a work project required immediate attention. Those included one with Joseph Smarr from Plaxo titled "Data Portability, Privacy and the Emergence of the Social Web" and I had heard Smarr speak at WebGuild event on OpenSocial launch in November, hosted on the Google campus.

The second session I had to miss was the Yahoo announcement of "Yahoo Open Strategy" by Ari Balogh, Chief Technology Officer at Yahoo! during his keynote on Thursday. This last announcement was major and has been characterized as a move against the Microsoft takeover bid. Personally, I think it's too big and sweeping to not have already been in progress before the bid became public. It involves reworking the entire system to incorporate the "Open Strategy" into most Yahoo properties, including Yahoo Mail, the home page, their Open Search platform, (announced at SMX West in Santa Clara in March). Bits a bytes of this have been leaking out here and there since then.

My reaction at the SMX show was "Wow, sounds cool!" and I'm still excited about how this might change the face of search and usability, and I'll address that elsewhere, but for now I'm pulling back a bit due to Privacy concerns related to this "Openness" because it makes me nervous that all of the aggregation of data (potentially in the hands of Microsoft) has me concerned about willingly providing all my data to one source.

I had my first privacy concerns when I noticed, on (Yahoo-owned) MyBlogLog, a request for extensive (and yes, publicly available) data from all my social sites. Having had a bit more time to digest this all - and now looking at it in the full light of the Yahoo Open Strategy announcement, It's losing its shininess due to privacy concerns.

The commenter on the previous post where I address this concern points to the MyBlogLog Blog discussing the new tools. But nothing is really addressed there except that this data will be offered to users from their own profile and made available to their own "Friends" if they opt-in. Swell, despite the fact that I want to define my "Friends" and what they see, differently based on they kind of friend they are, (marketing, business, true close friends, co-workers, management, family, etc.)

I'm going to leave that for now and look purely at this one fact: Despite the wonderfully friendly UI and utility of this "Openness" I'm not liking the need to gather all my own data and hand it to others to use as they see fit. In this case, Yahoo, in the future, Microhoo and who knows who else if they choose to "Share" it in aggregate or "Ooops" leak it out like AOL did in August of 2006.

I just don't know that I'll ever give Yahoo, or Microhoo - all of my public data to aggregate (and maybe leak) regardless of how convenient it is (and only on Yahoo-owned properties) or how easy it makes my online life. The aggregation and distribution of public social profiles is interesting, but once it starts getting distributed through API's to each social network or service - you've lost all control of who sees what and when.

This only truly matters if you DON'T want family seeing ALL of your Flickr photos or DON'T want your employer looking at resumes posted on job boards on social networks, or DON'T want your clients reviewing your connections with their competitors on business social networks - this list could go on endlessly and with thousands of DON'T wants - because we've already seen people fired from corporations due to private information or photos or personal associations being exposed on social networks.

Some people live their entire lives in full public view - others prefer a bit of control and security of that data. If everyone gave serious thought to how they want this information shared, it would surprise me. But for those who care, fine control of where the information flows should be an option. I doubt that level of control will ever be available, with the full ability to change or delete all data in all places it flows via API's and "Open Strategies."

Save To Del.icio.us    Digg This!

All Your Datas are Belong to Yahoo: Social=NO Privacy

I belong to and use about a dozen social networking sites, including LInkedIn, Facebook, Plaxo, a bunch of Google services and publicly link to profiles on several that I want to be public. But it wasn't until I visited my settings page on MyBlogLog (a Yahoo owned social network) that I realized how companies hope to "mine" that data and use it for their own purposes.

The first annoyance was when I jumped over to MyBlogLog and was asked for my Yahoo ID - which I begrudgingly provided and thought to myself, "Damn! I wish they didn't own so many things!" From there it took me to a screen with tabs across the top, one of which was labeled "Data Collection" - "Well," I thought, "at least they are being honest about that title - most times it is marked something tame like "Your info" or "Details" - but being charmed by their honesty didn't last long after visiting the page. (shown below)

Uploaded with plasq's Skitch!

I noted that I was "Opted-in" by default, realizing that being a part of this community meant sharing my photo or avatar and publicly agreeing to be tracked across the MyBlogLog member communities that I visited. I like this service and use it fairly often. One thing I like is how the service prompts you to "Join Community" after you've visited a blog a preset number of times *(mine is set to 10 visits - but you can choose 5). Alright, I realize they need to track me to make this feature work and I find it useful.

But then I got REALLY disturbed when I clicked on a tab that is benignly labeled "Services" to see a list of over 40 online social sites with those I had previously provided were pre-filled with each of my identities and/or URL's. But then I started to scroll the list to see over 40 other services listed, including OpenID, Plaxo and other aggregators. This is a bit much - what does this do to improve the MyBlogLog user experience? It seems to me that it only helps Yahoo track members of MyBlogLog - no?

Uploaded with plasq's Skitch!

These are hard to read at this size, but click the images to see larger versions. What do you think - is this useful for you as a member of MyBlogLog? How would listing your membership data for all of those services/sites improve your user experience? Am I missing something here? Why are they collecting that data? Why do people provide it willingly? Hmmm.

Save To Del.icio.us    Digg This!

Internet Service Providers Spying on Users

The New York Times has an editorial piece today on ISP tracking of users and selling that information for behavioral targeting. Doesn't mention that the information is already sold to net tracking firms (yes in anonymized aggragate form supposedly) but it is becoming pervasive and nobody seems to care enough to attempt to stop it. The NY Times editorial, by Adam Cohen titled The Already Big Thing on the Internet: Spying on Users quotes the famous New Yorker cartoon

One dog, sitting at a computer, tells another: “On the Internet, nobody knows you’re a dog.” Fifteen years later, that anonymity is gone.

Then says ominously, "It’s not paranoia: they really are spying on you."

Yes, many of us know that and have been complaining about it for years now. The question becomes... What can be done to stop it? The question before that is ... How do you get the public to care?

Save To Del.icio.us    Digg This!

Security Conscious Loose with Private Financial Data

The linked headline leads to a Silicon.com commentary on how careless we all are with personal financial information while comparing how cautious companies sometimes are with that same information it holds on millions of individual customers. The author discusses his own care with customer data, while marveling at how careless he is with his own financial information

I wonder how much I pay as a consumer for the privilege of using digital and electronics for purchases and to manage my life.
Whatever that cost, I'm certain that given the needs of online businesses and with the scale of the information flow there are major gaps in the handling of personal data.
In many cases these failings may not be created through ignorance but rather complexity. It is rapid growth and oversights that cause personal information to be exposed.

Save To Del.icio.us    Digg This!

What Will Make Privacy Important to Public & Business?

For several years now I've blogged about privacy laws, data mining, data breaches, search privacy, cookies, phishing, spyware, data theft and big brother.

What never fails to amaze me is the fact that few people care about privacy until it touches them personally through identity theft, harmed reputation, excessive spamming, loss of work or public embarrassment.

I've searched for ways to spur public discussion of the need for effective privacy laws and protections. There is the ocassional flare-up in public interest when AOL leaks the private searches of their users to the world. There are dumb moves by our government when they over-reach their authority and exceed reason as when the Department of Justice demanded 30 days of search data from the top tier search engines.

There are silly stumbles of companies when they expose users to spam by including ALL their customer database of emails in stupid slip-ups. There are major cases of careless greed when data mining companies continuously sell consumer data to criminals because they won't bother to check their own customers need for (or even the right to) private financial data. There is the proposal by the Bush Administration that we have a (poorly designed) defacto National ID required of us to travel anywhere, which becomes an even greater risk to security and privacy.

I could go on for days with this. But to get to the point of this post, I've searched for ways to engage the public in discussion of important privacy issues of the day, so far without effect.

So when I see ways that may help expose the privacy issues discussion to more people, I leap on it with gusto in the hopes that it will bring more attention to privacy laws and protections. I've discovered a tool that may help bring privacy to more bloggers and those involved in building the technologies of the web.

It's called BlogRush and works on the principle of the old banner exchange model - but this one operates with an embeddable widget. The more times you display the widget, the more "credits" you get for your posts being displayed within the widgets of other members of the BlogRush Network. The concept is extended beyond simple one-to-one numbers as those who get their widgets from you, then expose your widget to their own audience and you gain more credits for display of your post headlines across the network on all bloggers using the widget. It seems like the model will overextend itself at some point unless growth is phenomenal and sustained over time.

Nevertheless, I'm happy to try it out and see if the model works for exposing privacy concerns to the world of influential bloggers. Take the BlogRush widget you see to the right on this blog and see how it works for you to increase the visibility of your most important topic. If your topic involves the need to research privacy at all - try out our Privacy Search Engine which draws ONLY from authoritative privacy sources via the Google Custom Search Engine.

Save To Del.icio.us    Digg This!

Google on International Internet Privacy Standards

Google Calls for International Standards on Internet Privacy and has taken some lumps from privacy advocates which may not be justifiable - YET. The linked Washington post article above quotes comments from Google's global privacy counsel, Peter Fleischer where he makes a case for a standards body to set and enforce privacy rules internationally.

Not a bad idea, especially if European standards are incorporated into that mix. But the fact is that Google is very likely to be making this call for international privacy standards simply to deflect concerns about their DoubleClick acquisition when a decision is made by the FTC.

I recently ran across the video below at the VortexDNA Blog. It is a whiteboard discussion of Google Privacy Policy by senior search engineer Maile Ohye - which makes no direct mention of major public concerns - but somehow manages to calm fears - even if you are a bit sceptical of the safety or your private information under current Google privacy practices.

All I can say to this issue is that Google has proven themselves trustworthy so far and has suffered no major data losses or privacy gaffes. This call for international privacy standards from Google appears at a time when they are under scrutiny for the DoubleClick acquisition and after Ask announced the "Ask Eraser" product which will allow any user to completely wipe out their search history and delete all information already gathered and opt out of future data gathering by Ask. Google and all other search engines should consider adopting the Ask Eraser model. Although right now it is all talk and little action by Ask as it is simply a promised product and not a reality.

Save To Del.icio.us    Digg This!