Kiddie Monitoring Software Spying On IM Chats, Selling Info To Marketers

from the yeah,-that'll-go-over-well dept

There are a bunch of different "child filtering/monitoring" software on the market these days, and many parents use it to help them keep track of what their kids do online. I have no problem with this -- so long as such filters aren't mandated by the government. But it appears that just selling the tools isn't enough for some companies. JJ sends in the news that one of the top providers in the space doesn't just monitor what kids do for parents, but collects all the data -- including the text of chat room discussions -- and resells it to marketers. You have to imagine that this isn't exactly what the FTC (or parents) expects of such tools.

The company defends the practice, claiming that the data is anonymized and no identifiable data is included -- but we've heard that before. Every single time someone insists their data is anonymized, news breaks showing that it is not. I don't think there's anything wrong, necessarily, with doing targeted marketing programs, but using unsuspecting parents and getting them to install filters and monitoring software, without realizing the data will be handed over to marketing firms, seems pretty sleazy.

16 Comments | Leave a Comment..

Does The US Government Really Need 'Wider Latitude' To Monitor Private Networks?

from the e-Maginote-Line dept

Harvard Law Professor, and former Bush White House lawyer, Jack Goldsmith has an opinion piece today in the NYT about cyber-security. In it, he makes a number of obvious (though admittedly often overlooked) points about the need for better education and information sharing, but then asserts that those, untried, methods will not be enough. Instead, he argues, "The government must be given wider latitude than in the past to monitor private networks and respond to the most serious computer threats." For a lawyer who saw first-hand (and even wrote a book about) the excesses of the Bush administration, this is a reckless claim. The repeatedly documented violations of civil liberties by the NSA and other government agencies (not to mention their private sector compatriots) through widespread network surveillance did not serve to protect and defend US critical infrastructure. In fact, by adding legitimacy to network monitoring, scholars like Goldsmith and respected countries like the USA make it easier for less savorable regimes to justify their digital surveillance and crackdowns. While China's "Green Dam" censorship software was justified on child-safety grounds, the next iteration of liberty limiting code could very well be to stop "cyber-terrorism" or some other amorphous, ill-defined concept.

A far more level-headed approach to cyber-security is taken by Evgeny Morozov in his recent essay in the Boston Review, which points out that "[m]uch of the data are gathered by ultra-secretive government agencies—which need to justify their own existence—and cyber-security companies—which derive commercial benefits from popular anxiety. Journalists do not help. Gloomy scenarios and speculations about cyber-Armaggedon draw attention, even if they are relatively short on facts." While Goldsmith is certainly not promoting increased government intervention out of self-interest, it is not good enough to pay lip-service to privacy and network openness. Decision-makers need to recognize that certain policies and rhetoric will inevitably have dangerous, unproductive unintended consequences.

Kevin Donovan is an expert at the Insight Community. To get insight and analysis from Kevin Donovan and other experts on challenges your company faces, click here.

22 Comments | Leave a Comment..

Massachusetts Wants GPS Driving Tax, Too

from the big-brother dept

For several years, authorities in Oregon have been pursuing a plan to put GPS units in every car in the state to track and tax drivers' mileage. Now, Massachusetts wants to get in on the act, and replace its gas tax with a mileage-based tax (via Boing Boing) generated by GPS units in cars. The state wants to ditch its gas tax because rising fuel efficiency is leading to decreasing tax revenue, so the new plan would instead charge drivers a quarter of a cent for each mile they drive. The state's governor is talking not just about boosting tax revenue, but says he likes ideas that are "faster, cheaper, simpler." It's not clear how replacing the current gas tax by forcing drivers to install GPS trackers in their cars and building an infrastructure to gather data from them, then assess and collect a mileage tax will be fast, cheap or simple. This doesn't even mention the myriad privacy concerns of giving state employees access to records of Massachusetts drivers' activity. This idea continually pops up, whether as a tax idea or a new way to charge for auto insurance -- but it never seems to hold any more value beyond a soundbite.

Carlo Longino is an expert at the Insight Community. To get insight and analysis from Carlo Longino and other experts on challenges your company faces, click here.

55 Comments | Leave a Comment..

Is Nokia Demanding The Right To Spy On Its Employees?

from the or-it-will-leave-Finland? dept

There's quite a story making the rounds, suggesting that Nokia is putting significant pressure on the Finnish government, demanding that it pass a law allowing it to spy on its employees, or the company will leave Finland. Nokia is quickly denying the claim, which does seem pretty extreme. However, that doesn't mean that Nokia hasn't put political pressure on the government to pass this law. Apparently, the company has been caught multiple times illegally spying on employees, and has worked hard to get this law passed, which would legalize its actions. Despite legal experts all insisting that the law is unconstitutional, apparently the Finnish Parliament's Constitutional Law Committee has decided to move forward with it anyway -- which is what resulted in the speculation about the threat to leave Finland.

1 Comments | Leave a Comment..

RIAA Dumps MediaSentry, But Hires DtecNet Instead

from the the-king-is-dead,-long-live-the-king dept

Over the past few days there's been a lot of attention paid to the news that the RIAA has ended its relationship with MediaSentry, the highly controversial firm that the RIAA used to try to find those involved in file sharing. There have been various lawsuits questioning MediaSentry's techniques -- and the sheer number of falsely identified people certainly suggested pretty strongly that the company wasn't doing a particularly good job. Of course, with the RIAA's "new strategy" of abandoning lawsuits in favor of having ISPs be their enforcers, the record labels still need a company to come up with whatever flimsy evidence it can find. So, don't think the ending of the relationship means that the RIAA has stopped monitoring file sharing. Instead, it's simply switched to a new company: DtecNet out of Copenhagen.

19 Comments | Leave a Comment..

Wait, You Mean Homeland Security Isn't Already Scanning Blogs & Forums For Terrorists?

from the uh,-yikes? dept

USA Today is reporting that Homeland Security is looking to start scanning blogs, forums and message boards to try to track terrorists and terrorist activity. My first reaction to this, honestly, was shock. Shouldn't they have been doing this already? As in, for many, many years? To be fair, the article suggests that the real difference here is that in the past Homeland Security has done static searches that they check on every so often -- and now they're hoping for a more real-time solution. Even so, it strikes me as odd that Homeland Security didn't already have something that was at least close to real-time in alerting them to certain things online. For all the talk of sophisticated monitoring on internet activities, could it be that we're really that far behind in internet terrorist monitoring?

23 Comments | Leave a Comment..

UK Releases Details, But Delays, Plan To Surveil Every Bit Of Communication

from the one-more-year-to-be-free-of-draconian-rules dept

We recently noted that some articles were appearing in the UK about a plan by the government to track all phone calls, emails and internet surfing histories in that country in a giant database. The whole thing sounded so extreme we even doubted it was true. However, it appears to be based in fact, as the government is outlining the details of the plan, while at the same time agreeing to delay introducing it for at least year, in order to hear from the public (or, perhaps, to hope that public dislike of this proposal dies down enough that it can be introduced quietly). The backers of the plan stress that all they want is the data about the communications, rather than the communications themselves. So, that would mean they're interested in who called whom, not what was said, and who emailed whom, not what was written. That may be small comfort to some, but it still seems like a huge privacy violation, and the database is almost certainly to be abused and misused by those who have access to it.

11 Comments | Leave a Comment..

Germany Says P2P Company Must Proactively Monitor Content For Infringement

from the a-little-understanding-please? dept

Another day, another awful legal ruling about file sharing. This time, coming out of Germany. A German court has told file hosting company Rapid Share that it needs to proactively screen and monitor all content hosted on its site and remove any infringing files. The company already uses a hash method to screen out infringing files its been alerted to and employs six people who monitor for infringement, but the court has said that's not enough. Specifically, it notes (correctly) that an uploader need only change a file slightly to avoid the hash filter -- but then somehow makes the leap to suggesting that this becomes Rapid Share's liability. It's yet another case where judges seem to not understand where liability should lie. It should be common sense that liability lies with the user who's doing the actual infringing, rather than the platform provider -- but it seems to get mixed up way too often. Of course, in the grand scheme of things, this will have almost no impact as people will simply migrate to other sites instead.

20 Comments | Leave a Comment..

ABA Says RIAA File Sharing Watchers Shouldn't Need Private Investigators' Licenses

from the and-they're-probably-right dept

We've seen a few cases against the RIAA in which either state officials or defendants will point out that the RIAA's hired hands in tracking down file sharers -- companies like MediaSentry -- are violating state laws requiring private investigators' licenses for certain activities. Now, the American Bar Association (ABA) has put out a report suggesting that this is silly, and that states and judges shouldn't require such companies to have a PI's license. While I'm a bit surprised at myself, I actually agree with the ABA. As distasteful as the RIAA's legal strategy is, and as flimsy as the evidence is that these company's collect, going after them for not having a PI's license is focusing on a loophole, not the actual merits. And, honestly, most of these requirements for PI licenses are really just a way to create artificial scarcity in the PI business, not actually a way to ensure safety or quality. The RIAA's efforts to sue music fans have plenty of problems, but focusing on whether or not companies like MediaSentry need a PI license seems like a tangent that takes away from the bigger picture.

23 Comments | Leave a Comment..

Parents Are Never Going To Be Able To Monitor All Kids Online Activities

from the but-think-of-the-children! dept

Over the past few years, the "but think of the children!" crowd constantly talks up the importance of having parents monitor their kids' online activities, and often puts out studies like the following one, bemoaning the fact that not enough parents are monitoring their kids enough. Of course, the simple fact is that parents are never going to be able to fully monitor what their kids do online (at least without seriously pissing off their kids). If kids want to chat online, they're going to find a way to be able to do so. Perhaps rather than focusing so much on spying on everything that kids do, the focus should be more on educating them to the dangers that are out there, the laws that they should be aware of and the risks of not obeying them. We have this tendency in our society to overprotect kids, which often has the opposite effect: not preparing them properly to face the real world. Kids who understand the risks tend to make better choices online. As for those who are constantly spied on and overly protective? We'll again quote Richard Posner in one of his legal rulings:

"Violence has always been and remains a central interest of humankind and a recurrent, even obsessive theme of culture both high and low ... It engages the interest of children from an early age, as anyone familiar with the classic fairy tales collected by Grimm, Andersen, and Perrault are aware. To shield children right up to the age of 18 from exposure to violent descriptions and images would not only be quixotic, but deforming; it would leave them unequipped to cope with the world as we know it."

Parents should be aware of what their kids are doing online by talking to them about it, and helping to educate their kids on the risks they face, but that doesn't mean spying on their every move. That will only backfire.

53 Comments | Leave a Comment..

Turns Out Drivers Not So Interested In Big Brother Style Car Insurance

from the please-don't-spy-on-me dept

Four years ago, we wrote about the concept of "Big Brother-style car insurance," where drivers would agree to have special black boxes attached to their cars which would transmit all sorts of info to the insurance company about their driving habits, including how much, when and how fast they drove. Those drivers who drove safer (or at safer "times") were offered better rates. We were actually quite surprised in 2005 to hear the company behind the most intrusive of these programs, Norwich Union in the UK, claim that the early tests were going so well that it was expanding the program. Three years later, we now learn that the "going so well" part may have only been on the insurers' side, rather than the customers' side. In a post talking about why such surveillance insurance plans are a bad, bad idea, the EFF also points out that Norwich Union has just ditched its offering, noting that... well... almost no one signed up. Turns out that people aren't so keen to sign up for Big Brother Brand car insurance after all. The "going well" part was actually all just wishful thinking, as the company says that it thought people would sign up only to discover that they didn't.

33 Comments | Leave a Comment..

FBI Wants More Power To Monitor Internet Activity

from the because-they're-so-trustworthy dept

The FBI, which still can't even get its own computer network working properly, would rather just have more widespread access to spy on the computer network everyone else uses: the internet. Talking to Congress today, the FBI proposed a few different things, including the right to more widely spy on internet activity as well as legislation to force ISPs to retain log file data for an extended period of time. While the Congressional reps in attendance seemed to respond by saying "sure, sounds great" to both of these suggestion, both should actually be looked at much more closely.

More freedom to spy on internet usage potentially violates the 4th Amendment as well as federal wiretap laws. Given the evidence that the FBI has widely abused its ability to wiretap, this should be a major concern. As for data retention, problems with such an idea have been chronicled for years. It tends to put a tremendous expense on ISPs for no real reason -- and it tends to make it even harder to find the type of data authorities actually need to deal with criminal activities. If you're in the FBI, it's no surprise that you'd want both things in place, but that hardly means Congress should roll over and give them to the FBI.

19 Comments | Leave a Comment..

Italy Says P2P Monitoring Firm Broke The Law -- But This Might Not Be A Good Thing

from the there-goes-that-evidence dept

There have been various accusations in the US that the techniques used by various P2P monitoring firms that the entertainment industry uses are an "illegal investigation." While we're still waiting to see the outcome of such cases, over in Italy, the government organization in charge of privacy has determined that, indeed, the efforts to monitor P2P use violates local privacy laws. This comes just a few months after a similar finding in Switzerland. With the EU recently saying that IP addresses are private information, you can see why these types of rulings are coming through.

While I will argue vehemently over the fact that the entertainment industry's tactics are wrong, short-sighted and unfair to many of the people it accuses of copyright infringement, I'm not so sure that merely collecting information that someone's computer broadcasts about themselves should be considered a violation of privacy. I do agree that ISPs shouldn't just hand over data on who's account is attached to a certain IP address (that's a privacy violation. But, to simply collect the data, which is publicly "broadcast" by the user, hardly seems like a privacy violation. There are plenty of arguments against the entertainment industry's tactics -- but you get into dangerous territory when you start declaring publicly broadcast information as somehow "private." While it may be appealing in that it makes life more difficult for short-sighted entertainment industry execs hellbent on suing customers, the unintended consequences of such things could be dire. It raises serious questions about how other types of publicly broadcast info may be judged later.

25 Comments | Leave a Comment..