Archive for the ‘digital rights management’ Category

BTC -The problem with data privacy is your ability to hang onto it is getting harder and harder. Last year we learned that almost every conventional Internet application and handheld device will leave behind a stream of data which leads back you, Jean Q. Public. You, being any number of marketing and logistics demographic information, of course. Businesses like Facebook became notorious for selling or just giving away your information to unnamed businesses and in some cases the FBI, for non-criminal matters.

Laws, like the ECPA, meant to protect your privacy in terms of your electronic communication pre-date the Internet. So, unless there’s an upgrade to digital due process, the information raids on your privacy will probably continue.

Here are 10 ideas on how to keep your data yours. The rule of thumb is that you should be able to opt-out of any online or digital service for violations of privacy.

1) Make the hard decisions about when and how to abandon a web service or application. Facebook has become a WANTED poster as serial offender against millions of users privacy. While some choose to abandon the enmeshed digital society, others will work really hard to stay on top of digital upgrades. New useful features on any web based app can report your information to someone unknown. So privacy upgrades may not extenuate into a company’s privacy policy. It really is always up to you.

2)Stop reporting everything you do from your web phone or handheld. (iPad, netbook, iPhone 4G) Location surveillance and call information is really really easy to poach or buy from your cell phone provider. Your mobile phone transmits location data about you directly to the web in most cases. Even crappy old phones leave bits of data laying around for snooping computers looking around for you. If you aren’t using your phone and you’re not expecting a call, take the battery out of your cell. It’s the best way to enforce your privacy on your own. 

3)Shut off your electronic devices when you’re not using them. This interrupts the stream of data. The proverbial “they” in the unseen paranoid recesses of hackland cannot see you when you shut off your airport or unplug your internet or connection. 

4)Contact your local, State and Federal leaders about digital privacy invasions which clearly violate your human right to common privacy. Sick of all the surveillance cameras? Don’t want a fusion center down the road from you? Do they want all of your identity and a blood sample before an approved purchase? If the TSA admin spent too much time checking out your backside on the X-Ray and then asked for a pat down too, it’s time to pick up a phone or a pen to squander the urge to get out the guns and the pitchforks. Seriously.

5)Stay informed of leaks, breaches or the sale of your personal information. Word search alerts will help you be better informed of issues with public and private data breaches. Poke around online for privacy journals. Computing and IT journals are also vigilant on information hacks and breaches. You can also subscribe to blogs like Slashdot, LossofPrivacy, BeatTheChip and and others. 

6)Meet the bullies in person ..or at least over the phone.
When you are the victim of identity fraud or privacy abuses it will impact the company/corporation/government office if you contact them to let them know where you stand on how your information is being handled or mishandled. While it may be considered confrontational for you to do this, let them know they may be hearing from an attorney next. If a company feels so entitled to sell information about you without your consent, it’s okay to show them you are a real person vs. a data account for sale.

7)Limit your use of credit and debit card transactions.
 International banking policies are not going to be any nicer about keeping your transactional data private. US “know your customer” policies are deliberately intrusive with one sided protection of your information. You can look out for yourself by limiting the amount of debit and credit transactions, carrying more cash for necessary transactions and carrying through online purchase orders over the phone or via mail with checks, money orders or cashiers checks. It’s analog and slower, but it’s better for privacy. You might even discover buying with cash forces you into local shopping areas with one-of-a-kind stores, with unique finds you couldn’t get anywhere else. It’s worth exploring!

8)Look into existing privacy amenities. 
You can defend your privacy with existing tools on the market. Oftentimes, there are existing settings you may not be aware of in upgrades. Right now Google is trying out the Do Not Track list for users who do not want their browser histories made available for sale. Most big technology companies have privacy offices who deal with the public. They are usually very helpful, nice people. So don’t call them when you’re mad. 

9)Find alternatives to allowing your body images to be recorded as digital information.There’s no easy way out. Companies and government offices seem to want a piece of you no matter where you go- so there is usually a digital record too. When they assume you should automatically give them a biometric or body identifier-like a fingerprint-you can ask for an alternative. If you get someone at the window who gets really demanding about this, you can opt-out or obfuscate the information they want. It’s not illegal…yet.

10) Don’t volunteer up private information to social networks, online gaming, the government, companies or anyone who doesn’t really care about your need for privacy. This is going to take some intestinal fortitude and more attention to detail to follow through with this. Sometimes you aren’t aware of what you are giving up when you sign up to win a hot car or when you visit doctors office and you are asked to fill out a survey. Only give the most focused and relevant information. Does the guy running a bread shop promotion need to know your age and what your natural hair color is? Does the dental office need to ask you about your mental health history? Does the post office need to know your place of employment? Not really. So don’t volunteer unless you really don’t care where that information goes. “Decline to state” or leaving a blank is an option too.

The strong point of privacy is that the intimidation and consequences are usually false or unenforceable. The costs to you are great. If your privacy is really valuable to you, trust yourself to look for alternatives to dealing with institutions and people who will put you and data about you in a compromised position in terms of your privacy.

This piece was done in conjunction with Data Privacy Day 2011

ScienceDaily (Dec. 15, 2009) — Although physicians support the use of electronic health records, concerns about potential privacy breaches remain an issue, according to two research articles published in the January 2010 issue of the Journal of the American Informatics Association (JAMIA), in its premiere issue as one of 30 specialty titles published by the BMJ (British Medical Journal) Group, UK.

One published study is based on views of more than 1,000 family practice and specialist physicians in Massachusetts who were asked whether they thought electronic health information exchange (HIE) would drive down costs, improve patient care, free up their time and preserve patient confidentiality. They were also asked whether they would be willing to pay a monthly fee to use the system.

The electronic exchange of health information (HIE) among different long- distance providers has become the focus of intense national interest, following recent legislation and moves to offer cash incentives for those who switch to the system.
The responses showed widespread support for the use of HIE, even though only just over half were actually using electronic health records.

Most (86%) said that HIE would improve the quality of care and seven out of 10 thought it would cut costs. Three out of four (76%) felt that it also would save time.

But 16% said they were “very concerned” about potential breaches of privacy, while a further 55% were “somewhat concerned.”
The authors note that the responses indicate a lower level of concern than expressed by physicians in the UK, but suggest that this might change if breaches occur to a greater extent than currently recognized.

Despite their overall enthusiasm, physicians were not willing to support the suggested $150 monthly fee, and nearly half were unwilling to pay anything at all.

A second study reported in JAMIA, suggests that mental health professionals have significant concerns about the privacy and security of data on electronic health records.

Of 56 responding psychiatrists, psychologists, nurses, and therapists — out of 120 who were sent the survey–based at one academic medical center, most (81%) felt that the system permitted the preservation of “open therapeutic communications.” Most also felt that electronic records were clearer and more complete than paper versions, although not necessarily more factual.

When it came to privacy, almost two-thirds (63%) were less willing to record highly confidential information to an electronic record than they would to a paper record.

More than eight out of 10 (83%) said they if they were to become a patient, they would not want to include their own mental health records to be routinely accessed by other providers.

The authors point out that previously published surveys of patients/consumers have reflected a lack of confidence in tight security, and that people with mental health issues already face stigmatization.

While the narrative data of patients’ life histories and experiences inform clinical decision-making in psychiatric care, the threat of security breaches makes them vulnerable to potential misuse or misinterpretation, the authors say.
Adoption of electronic health records has been slower than anticipated, the authors add. And they conclude: “Designers of future systems will need to enhance electronic file security and simultaneously maintain legitimate accessibility in order to preserve confidence in psychiatric and other [electronic health record] systems.”

“The ramifications of data security cover more than the psychiatric domain, implying a need for considerable reflection,” they say.


The Electronic Frontier Foundation (EFF), Electronic Information for
Libraries (, and other international copyright experts joined
together today to launch Copyright Watch — a public website created
to centralize resources on national copyright laws at .

Copyright Watch is the first comprehensive and up-to-date online
repository of national and regional copyright laws. Users can find
links by choosing a continent or by searching a country name. The site
will be updated over time to include proposed amendments to laws, as
well as commentary and context from national copyright experts.
Copyright Watch will help document how legislators around the world
are coping with the challenges of new technology and new business
models. and EFF Successfully Fight Back Against Bogus FBI Subpoena

A police fishing expedition has been fought successfully over the course of the past year by one of the system administrators and the Electronic Frontier Foundation (EFF), largely in secret due to dodgy gag orders — which actually didn’t have any real legal standing to begin with. Earlier this year, U.S. attorneys issued a federal grand jury subpoena to sysadmin Kristina Clair demanding “all IP traffic to and from” for a particular date, potentially identifying every person who visited any news story on the Indymedia site. EFF argued that the overly broad demand for Internet records not only violated federal privacy law but also violated Clair’s First Amendment rights, by ordering her not to disclose the existence of the subpoena without a U.S. attorney’s permission.

c/o Boing Boing

The internet chapter of the Anti-Counterfeiting Trade Agreement, a secret copyright treaty whose text Obama’s administration refused to disclose due to “national security” concerns, has leaked. It’s bad. It says:

* That ISPs have to proactively police copyright on user-contributed material. This means that it will be impossible to run a service like Flickr or YouTube or Blogger, since hiring enough lawyers to ensure that the mountain of material uploaded every second isn’t infringing will exceed any hope of profitability.
* That ISPs have to cut off the Internet access of accused copyright infringers or face liability. This means that your entire family could be denied to the internet — and hence to civic participation, health information, education, communications, and their means of earning a living — if one member is accused of copyright infringement, without access to a trial or counsel.
* That the whole world must adopt US-style “notice-and-takedown” rules that require ISPs to remove any material that is accused — again, without evidence or trial — of infringing copyright. This has proved a disaster in the US and other countries, where it provides an easy means of censoring material, just by accusing it of infringing copyright.
* Mandatory prohibitions on breaking DRM, even if doing so for a lawful purpose (e.g., to make a work available to disabled people; for archival preservation; because you own the copyrighted work that is locked up with DRM)

The ACTA Internet Chapter: Putting the Pieces Together