Author: denialism_bv2x6a

Christoper Rhoads and Loretta Chao report in today’s Journal:

…the Iranian government appears to be engaging in a practice often called deep packet inspection, which enables authorities to not only block communication but to monitor it to gather information about individuals, as well as alter it for disinformation purposes, according to these experts.

The monitoring capability was provided, at least in part, by a joint venture of Siemens AG, the German conglomerate, and Nokia Corp., the Finnish cellphone company, in the second half of 2008, Ben Roome, a spokesman for the joint venture, confirmed.

The article later clarifies that the actual creator of Iran’s deep packet inspection (DPI) technology is not certain. But I blog for a different point. A group of companies, including ISPs and new advertising firms have proposed DPI for advertising purposes. The idea is that if you were to allow your internet tracking to be analyzed and used for targeted advertising, this could offset the cost of providing internet access. The proposals have largely failed in the US, because of legal, privacy, and business problems with the plan.

The holy grail advertising technologies are the same types of tools that governments would like to use for norm setting, criminal enforcement, and terrorism prevention. It’s interesting to see how advertisers and governments are interested in similar technologies.

I’m very proud of the Know Privacy team, a group of three students who performed a broad analysis of online privacy issues for their master’s project at UC Berkeley’s School of Information. The study is featured today on the New York Times Bits blog. Several findings are notable:

They found: “From our analysis, it is apparent that Google is the dominant player in the tracking market. Among the top 100 websites this project focused on, Google Analytics appeared on 81 of them. When combined with the other trackers it operates, such as DoubleClick, Google can track 92 of the top 100 websites. Furthermore, a Google-operated tracker appeared on 348,059 of 393,829 distinct domains tracked by Ghostery in March 2009 (over 88%).”

Also, under the Bush administration, the Federal Trade Commission has framed privacy as one of “consumer harms.” That is, they claimed (without any evidence), that consumers really cared about privacy issues that caused harm. However, in an analysis of the FTC’s own consumer complaint data, the group found that American consumers were most frequently complaining about a lack of control over personal information.

The team investigated web site affiliate sharing too. The public policy debate around information sale generally is limited to third parties. There is a growing consensus, driven by international privacy rules, that companies should not sell personal information to third parties without affirmative consent from consumers. However, affiliate networks are very large, and US privacy law generally does not allow consumers to restrict the flow of personal information among affiliated companies. In looking at the top websites, the average had almost 300 affiliates. Newscorp, the company that owns myspace, has 1,500 affiliates. Identifying affiliates was very difficult: “We sent each company a request via email or an online web form for a list of each affiliate they may share data with. We received 14 replies, but none included the lists we asked for.”

Finally, it’s worth checking out the team’s findings on third party tracking: “…36 of the [top 50] websites affirmatively acknowledged the presence of third-party tracking. However, each of these policies also stated that the data collection practices of these third parties were outside the coverage of the privacy policy. This appears to be a critical loophole in privacy protection on the Internet.” Regulators should rethink this practice. Websites claim that they do not sell personal information to third parties, but then they allow third parties to follow you on their site. This seems to me to be outside consumers’ expectations.

Following up on my earlier post about Beyond Google and Evil, I just came across this article from the Wall Street Journal on one of Google’s detractors, Consumer Watchdog. Believe it or not, Google went after their funding!

…In January, Consumer Watchdog circulated a press release alleging a “rumored” lobbying effort by Google to enable it to sell personal medical data stored on its Google Health service. Simpson said the organization merely wanted to examine whether Google was trying to avoid new regulation under the Health Insurance Portability and Accountability Act, or HIPAA, which guards the confidentiality of patient data.

But Google was incensed. “That’s when Bob Boorstin went ballistic,” Simpson said, referring to Google’s director of corporate and policy communications in Washington.

Simpson defended the use of hearsay to make public allegations, arguing that it was appropriate for an advocate. “I don’t see any obligation in particular to call up the other guy and get his side of the story,” he said, adding, “We don’t lie, but we put out the facts we think are interesting.”

Google, however, was prompted to take the unusual step of asking the Rose Foundation to reassess its funding for Consumer Watchdog.

“In 17 years as a grant maker, that’s never happened to me before,” the Rose Foundation’s Little said. “Nothing Google has done has discouraged us from follow-up funding” for Consumer Watchdog, Little said, though no decisions have yet been made. He added, “Google would be much better off engaging with them.”

If you are proposing products that would put individuals’ health records online, you have to be ready for some criticism. But Google responded by trying to shut down Watchdog, and by trying to link Watchdog to Microsoft! (Microsoft is not linked to Watchdog.) Way to go, Google. That’s a standard PR tactic. I wonder whether it is good or evil.

In a sense, Watchdog did have the right intuition about Google. Google health is all about capturing the DTC drug advertising market away from the TV networks. Just imagine the types of targeting that will be possible when you’ve decided to upload your health information to Google!

I apologize for the infrequent blogging. A tough semester. I did have time, however, to publish an essay about Google’s rhetoric that might be of interest to Denialism readers.

No, I’m not calling Google denialist, but am trying to explain what Google means when the company talks about privacy (most companies interpret information privacy to mean security). And it’s not all bad for Google–the company’s rhetoric has created confusion, and clarifying it would help Google communicate why search advertising might be better for the consumer than other forms of targeting.

We’re discussing a junk mail case from the 1970s in my information privacy law case. In Rowan, Justice Burger laments:

…the plethora of mass mailings subsidized by low postal rates, and the growth of the sale of large mailing lists as an industry, in itself, have changed the mailman from a carrier of primarily private communications, as he was in a more leisurely day, and have made him an adjunct of the mass mailer who sends unsolicited and often unwanted mail into every home. It places no strain on the doctrine of judicial notice to observe that, whether measured by pieces or pounds, Everyman’s mail today is made up overwhelmingly of material he did not seek from persons he does not know. And, all too often, it is matter he finds offensive.

And things have only gotten worse since 1970. Here are the most recent statistics from the Postal Service on junk mail (here, roughly defined as “standard mail”). Starting in 2005, the Postal Service started carrying more standard mail than first class, and now the gulf between the two is pretty significant. Also, note that the standard mail is much heavier than first class mail, and it generates LESS revenue!

San Francisco recently passed a resolution calling for a do-not-junk-mail list. I’ll be signing up.