Interesting People mailing list archives
EFFector 19.29: AOL's Data Valdez Violates Users' Privacy
From: David Farber <dave () farber net>
Date: Tue, 8 Aug 2006 18:24:30 -0400
Begin forwarded message: From: EFFector list <editor () eff org> Date: August 8, 2006 6:02:41 PM EDT To: eff-all () eff org Subject: [E-B] EFFector 19.29: AOL's Data Valdez Violates Users' Privacy Reply-To: EFFector list <editor () eff org> EFFector Vol. 19, No. 29 August 8, 2006 editor () eff org A Publication of the Electronic Frontier Foundation ISSN 1062-9424 In the 390th Issue of EFFector: * AOL's Data Valdez Violates Users' Privacy * Surveillance, DRM Bills Held In Check, For Now * Senate Sneaks Through Cybercrime Treaty * Voting Security Attacked In Court Again * EFF Partners with Craigslist for Nonprofit Boot Camp, August 19 * Thank You, DefCon! * miniLinks (12): Going Digital * Administrivia For more information on EFF activities & alerts: <http://www.eff.org/> Make a donation and become an EFF member today! <http://eff.org/support/> Tell a friend about EFF: http://action.eff.org/site/Ecard?ecard_id=1061 effector: n, Computer Sci. A device for producing a desired change. : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * AOL's Data Valdez Violates Users' Privacy As recently reported by the blog TechCrunch and now the major media, AOL intentionally released three months of search queries by 658,000 AOL users. Though AOL has removed the data from its site and rightly apologized, the grave damage is already done. The data is available all over the Net, and AOL may have violated its own privacy policy as well as existing federal law. Congress should heed the lessons of this Data Valdez and enhance protections for your privacy. Particularly considering the uproar over the Department of Justice's demands for just this kind of information from Google only months ago, AOL's actions demonstrate a shocking disregard for user privacy. Search terms can expose the most intimate details of a person's life and, in doing so, cause great harm. Consider just a few hypothetical situations. Would you want your employer or credit company knowing that you searched for "how to file for bankruptcy"? Would you want anyone to know you searched for "HIV positive clinic," "breast cancer health services," or another illness-related query? What about "rape victim" or "depression" plus "counseling"? What about searches that reference your political or religious affiliation, or your sexual orientation? Though the data was associated with random ID numbers, that information could still be connected back to an individual given enough clues. Consider, for instance, what vanity searches for one's own name or MySpace profile could reveal. This incident highlights the dangers of allowing search companies to store this kind of personal data. We're still investigating, but it appears this disclosure may violate the Electronic Communications Privacy Act (ECPA), which strictly regulates disclosure of your Internet communications, along with AOL's own privacy policy. Regardless, Congress should take note of this latest Data Valdez by creating stronger, crystal clear legal protections for user information and by limiting data retention. DeepLink Follow-up, "Weblogs, Inc. CEO Tells His AOL Bosses To 'Not Keep Logs of Search Data'": <http://www.eff.org/deeplinks/archives/004866.php> News.com article about the disclosure:<http://news.com.com/2100-1030_3-6102793.html? part=rss&tag=6102793&subj=news>
EFF Article, "Subpoenas and Privacy": <http://www.eff.org/deeplinks/archives/004385.php> For this post: <http://www.eff.org/deeplinks/archives/004865.php> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Surveillance, DRM Bills Held In Check, For Now Before the Senate began its recess last week, Senator Arlen Specter tried to rush his awful surveillance bill out of committee. After being contacted by concerned constituents like you and groups like EFF, sympathetic Senators on the committee intervened to stop a vote. Specter is committed to bringing this bill back, so it's important to keep your calls and letters to the Senate Judiciary Committee coming: <http://action.eff.org/fisa> Meanwhile, despite rumors to the contrary, Senator Ted Stevens did not bring his telecom reform bill to a Senate vote. Unfortunately, the latest version still includes the audio and broadcast flag DRM mandates. These provisions would put Hollywood and federal bureaucrats in charge of restricting digital television and radio devices. Tell Congress to reject the tech mandates and protect innovation: <http://action.eff.org/broadcastflag> <http://action.eff.org/audioflag> Worse still, Stevens' bill now includes a dangerous provision that would allow the imprisonment of webmasters who don't litter their sites with burdensome warnings labels. Though the proposal requires all "sexually explicit" sites to bare these labels, it won't impact the majority of adult websites because they are hosted outside United States jurisdiction. Yet this proposal does damage free speech online and violate the First Amendment, forcing sex education, teenage advocacy groups', and other legitimate websites to describe their lawful content inappropriately. This provision has also sneaked into a Senate appropriations bill. When Congress returns from recess, we'll keep you updated on these bills and on how you can help fight them. For the Center for Democracy and Technology's letter to Stevens about the web labeling provision: <http://www.cdt.org/speech/20060803labeling.pdf> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Senate Sneaks Through Cybercrime Treaty After substantial pressure from the White House, the Senate ratified the sweeping Convention on Cybercrime treaty. Ratifying the Cybercrime treaty introduces not just one bad Internet law into this country, but also invites the enforcement of all the world's worst Internet laws. The treaty requires that the U.S. government help enforce other countries' "cybercrime" laws -- even if the act being prosecuted is not illegal in the United States. Countries that have laws limiting free speech on the Net could oblige the FBI to uncover the identities of anonymous U.S. critics or monitor their communications on behalf of foreign governments. American ISPs would be obliged to obey other jurisdictions' requests to log their users' behavior without due process or compensation. Instead of this one-way enforcement ratchet, Congress should be focusing on strengthening protections for your rights. ZDNet's Declan McCullagh on the treaty: <http://news.zdnet.com/2100-1009_22-5973735.html> For the original version of this post: <http://www.eff.org/deeplinks/archives/004864.php> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Voting Security Attacked In Court Again Despite all of our efforts to dispel the false dichotomy between secure voting and accessible voting, a shrinking but vocal minority of the disability rights community continues to take steps to prevent more secure voting by claiming that it will violate their rights. In PVA v. McPherson, a few such groups has filed suit in federal court to force Californians back into insecure voting systems without verifiable paper trails. This argument was wrong when rejected by a federal judge in 2004, and it's still wrong now. Secure, accessible voting can and should be our shared goals. In fact, EFF represented the Handicapped Voters of Volusia County (HAVOC) in Florida who insisted that their voting systems have a paper trail. They wanted to make sure their votes were counted as cast, too. Many secure voting systems are also broadly accessible to voters with disabilities. Our favorite current solution is the new generation of optical scan systems, led by the AutoMARK. Another option is the voter-verified paper trail attached to DRE electronic voting systems. While the current crop of voter-verified e-voting systems still aren't perfect, they are better than systems with no paper trail at all. EFF and a broad coalition of voting activists will likely participate in the PVA v. McPherson case, as we did in the similar 2004 case, Benavidez v. Shelly. To read the complaint in PVA v. McPherson: <http://moritzlaw.osu.edu/blogs/tokaji/PVA-Complaint.pdf> To learn about e-voting cases: <http://www.eff.org/Activism/E-voting/> For the original version of this post: <http://www.eff.org/deeplinks/archives/004863.php> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * EFF Partners with Craigslist for Nonprofit Boot Camp, August 19 EFF is proud to partner with the Craigslist Foundation for its 2nd Annual Nonprofit Boot Camp, a conference aimed at fostering nonprofit leadership and collaboration. Join more than 1,300 emerging nonprofit leaders to get educated in all aspects of successfully starting and running a nonprofit, find inspiration, and get connected with peers and valuable resources. Registration includes the conference and evening Networking Reception, as well as breakfast, lunch, and dinner. Learn more and register online at: <http://www.craigslistfoundation.org/eflyer06/npbc06.htm> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Thank You, DefCon! A huge thank you to the folks at DefCon and everyone who participated last week in the dunk tank, parties, and other shenanigans that raised funds for EFF. And special thanks to Vegas 2.0 for their excellent pre-DefCon fundraising bash. Every penny goes to keeping up the fight for your digital rights, and, this year, we raised more funds (and had more fun!) than ever before. We look forward to seeing you all again next year. For more info about DefCon: <http://www.defcon.org/> For more info about the Vegas 2.0 Summit: <http://www.vegassummit.org/> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * miniLinks The week's noteworthy news, compressed. ~ Going Digital Warner announced that 11% of their sales are digital...<http://www.recordoftheday.com/cgi-bin/rotd-mb/rotd_config.pl? read=84487>
~ Kicking and Screaming ... even as they still persist in suing P2P tech companies. <http://technollama.blogspot.com/2006/08/music-industry- sues-limewire.html> ~ Privacy Rights Clearinghouse Praised Beth Givens gets some exposure on her excellent privacy work...<http://www.signonsandiego.com/news/business/ 20060801-9999-1b1givens.html>
~ Not that Kind of Privacy Clearinghouse ...while AOL Research releases twenty million searches by over 500,000 users. <http://www.ipdemocracy.com/archives/2006/08/07/index.php#a001836> ~ Cybercrime Treaty Passed Allows the global application of other nation's online surveillance laws... <http://news.com.com/2102-7348_3-6102354.html> ~ Hong Kong Passes New Spying Law ...allowing, one day, the harmonization of Chinese and USA surveillance regimes? <http://news.bbc.co.uk/1/hi/world/asia-pacific/5249708.stm> ~ A Five Minute Guide Against DRM Linux Journal gives unvarnished arguments against digital rights management... <http://www.linuxjournal.com/node/1000073> ~ Committee Offers Brochure To Sell Telecom Bill ...while the Senate provides (then hastily hides) a glamorous brochure for its DRM-laden telecom bill. <http://www.publicknowledge.org/node/574> ~ Copyrighting Fashion Copyright hits the fashion industry? <http://www.publicknowledge.org/node/576> ~ Netting Net Neutrality Hacking the Net Neutrality debate, Dan Kaminsky premieres a tool at DefCon to detect content-biased networks. <http://www.boingboing.net/2006/08/03/test_for_network_neu.html> ~ First to File, Last to Pass The latest Leahy-Hatch Patent Bill takes yet another look at patent reform. <http://www.techdirt.com/articles/20060807/0323215.shtml> ~ Single Laugh Licensing Meanwhile, IP lawyers show comedians how to sue over joke infringement. <http://living.scotsman.com/performing.cfm?id=1126262006> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Administrivia EFFector is published by: The Electronic Frontier Foundation 454 Shotwell Street San Francisco CA 94110-1914 USA +1 415 436 9333 (voice) +1 415 436 9993 (fax) <http://www.eff.org/> Editor: Derek Slater, Activist derek () eff org Membership & donation queries: membership () eff org General EFF, legal, policy, or online resources queries: information () eff org Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements & articles may be reproduced individually at will. Current and back issues of EFFector are available via the Web at: <http://www.eff.org/effector/> Click here to unsubscribe or change your subscription preferences:http://action.eff.org/site/CO? i=z2cLqq3IjjBkVuB3X0tuC15RQ0mrfGpz&cid=1041
Click here to change your email address: http://action.eff.org/addresschange This newsletter is printed on 100% recycled electrons.To unsubscribe from all future email, paste the following URL into your browser: http://action.eff.org/site/CO?i=JZR4nHir76dDLfJ_7-- PFzqRNdUhPCN9&cid=1041
------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- EFFector 19.29: AOL's Data Valdez Violates Users' Privacy David Farber (Aug 08)