Site Meter

Author: Daniel Solove

3

Symmetrical Privacy and Musings on Site Meter

friendster.jpg

Lior Strahilevitz (law, Chicago), has an interesting post at the Chicago Faculty Blog on what he calls “symmetrical privacy.” He begins by discussing Friendster, a social networking website where individuals post profiles and look up the profiles of others. Strahilevitz’s post was inspired by a post by Tara Wheatland at Boalt.org, who wrote:

Friendster suddenly and without notice changed a fundamental assumed feature of the community–that you could look at anybody’s profile you wanted to, while remaining anonymous yourself. Before this change, people who did not want random people to look at their profiles could change their settings accordingly. To apply this new feature retroactively and without notice really feels like a serious invasion of privacy. I don’t like it. . . .

As Strahilevitz notes: “Now Friendster users could quickly satisfy their curiosity by finding out who had viewed their profiles, but were mortified to learn that other users could do the same thing to them. Friendster was deluged with outraged user emails.”

Strahilevitz agrees that Friendster made a big gaffe by not informing people in advance, but he applauds Friendster’s “initial instincts” for devising a system of symmetrical privacy, which is a kind of privacy tit-for-tat. If you access my data, I get to access yours:

If an employer, identity thief, health insurer, or credit card company wants to access my credit report, at least let me know about it. If someone makes a FOIA request for government documents that reveal something about me, I should be notified of this request by the government. If someone goes to Fundrace.org or a similar site to see which political candidates I have donated to, I have no right to stop them from doing so, but I ought to have the right to be informed of their snooping. Symmetrical privacy might or might not be a solid foundation for a social networking site, but it seems to me that it is an excellent starting point for the law’s treatment of private information.

This is an interesting idea. We have something like that here, and so do many blogs. It’s called Site Meter. We can see how many of you are visiting and learn information about you. It’s quite interesting. Although we don’t learn your names, we can see what institutions you belong to, where you’re located, how many pages you’ve viewed, and more. Is this “symmetrical privacy” – we give you information on this blog and we get to see information about you? Actually, everybody can see this information at our Site Meter. You can too by clicking here. We’re all in a big fishbowl, and visits to this blog (and many blogs) are not totally private. Now, that’s symmetrical! I’ve always felt ambivalent about Site Meter. I am fascinated by the information about the visitors to this site, but it has always made me feel a bit like a voyeur.

I generally agree with Strahilevitz that people should be more aware of who is accessing their data. But the devil’s in the details. How far should this go? For example, I just posted about Harriet Miers’ donations to political candidates. Indeed, people can look up anybody’s contributions. Should Miers get a notice anytime somebody looks up this information?

9

Airport Screening Stories

Cartoon-SecFlt.jpg

Once upon a time, in an airport far far away, some people had problems with passenger screening. Nice people found themselves on lists of naughty people. Some called or emailed their complaint to the TSA Contact Center, in the hopes of fixing their problems or getting off the naughty lists (the Selectee or No Fly lists). The Electronic Privacy Information Center obtained the logs of their complaints, which contain many interesting tales.

From the call logs:

Consumer called and stated that

she was on a no fly list.  She would like to know what she would have to do or

who do [sic] she have to talk to to get off the list.  She stated that she was

informed at the airport that she was on a list.  I informed Mrs.

******* that since she’s allowed on the

plane after secondary screening, she isn’t on the No Fly List.  Mrs.

******* spoke to local detectives

stationed at FLL.  They informed her that she may be on the No Fly List.  But

the case is out of their jurisdiction.  She was referred to Homeland Security. 

Info has been forwarded to the appropriate source.  No accurate timeframe for

response.

* * * * * * *

Dr. ******* complains that every time he tries to fly commercial airlines, especiall United and Continental, he is “submitted to the most embarrassing and humiliating security checks at the counter even before they take my luggage.  It takes up to 25 minutes standing up.”

From the email logs:

I would like to know why my name is on the No Fly List and how I can get it removed. When I fly Continental for business, I have to have an airline representative check my identification and a TSA representative clear the reservation so my ticket can be issued for me to fly. This seems to only happen at Continental Airlines, but frequently I have had to go through the additional search at other airlines. The Continental agent did tell me that my name was on the No-Fly List and that it would be next to impossible to get if off, but I shall try anyway. I have not had any run-ins with the law or nor the airline, so I do not understand the reason for being on this list and subject to additional security when I fly for business or personal reasons. . . .

* * * * * * *

Read More

4

The USA-PATRIOT Act: A Fraction of the Problem

usa-patriot1.jpgOver at Legal Affairs Debate Club, Geoffrey Stone and Judge Richard Posner are debating the USA-PATRIOT Act. The focus of the debate thus far is on Section 215 of the USA PATRIOT Act, which states:

The Director of the Federal Bureau of Investigation or a designee of the Director (whose rank shall be no lower than Assistant Special Agent in Charge) may make an application for an order requiring the production of any tangible things (including books, records, papers, documents, and other items) for an investigation to protect against international terrorism or clandestine intelligence activities, provided that such investigation of a United States person is not conducted solely upon the basis of activities protected by the first amendment to the Constitution.

Further, this section requires that the person ordered to turn over the materials shall not “disclose to any other person . . . that the Federal Bureau of Investigation has sought or obtained tangible things under this section.”

Stone calls for curtailing Section 215 and Posner comes out in favor of a modified version of it.

The problem with this debate, as with many debates over the USA-PATRIOT Act, is that it is focused only on the USA-PATRIOT Act. Many of the issues that people are debating about already existed in federal electronic surveillance law before the USA-PATRIOT Act.

Read More

2

Why Blogging Is Good

Blog1.jpgRecently, there have been many thoughtful discussions about whether blogging is a good activity for academics to be engaging in. I sure hope it is! Jack Balkin at Balkinization has a terrific post about blogging. He writes: “It has become increasingly obvious to me (and to many others as well) that some academic writing works perfectly well as a blog posting.”

A recent essay in The Chronicle of Higher Education by Henry Farrell (political science, GW), a blogger at Crooked Timber, offers some fantastic observations. Here are a few nibbles (actually, more like a few bites, because it’s such a good essay):

Properly considered, the blogosphere represents the closest equivalent to the Republic of Letters that we have today. Academic blogs, like their 18th-century equivalent, are rife with feuds, displays of spleen, crotchets, fads, and nonsenses. As in the blogosphere more generally, there is a lot of dross. However, academic blogs also provide a carnival of ideas, a lively and exciting interchange of argument and debate that makes many scholarly conversations seem drab and desiccated in comparison. Over the next 10 years, blogs and bloglike forms of exchange are likely to transform how we think of ourselves as scholars. While blogging won’t replace academic publishing, it builds a space for serious conversation around and between the more considered articles and monographs that we write.

What advantages does blogging offer over the more traditional forms of academic communication? Blogging sacrifices some depth of thought — it’s difficult to state a complex thesis in the average blogpost — but provides in return a freedom and flexibility that normal academic publishing can’t match. Consider the length of time it takes to publish an article in a peer-reviewed journal. In many disciplines, a period of years between first draft and final publication is normal. More years may elapse before other academics begin to publish articles or books responding to the initial article. In contrast, a blog post is published immediately after the blogger hits the “publish” button. Responses can be expected in hours, both from those who comment on the blog (if the blog allows them) and from other bloggers, who may take up an idea and respond to it, extend it, or criticize it. Others may respond to those bloggers in turn, leading to a snowballing conversation distributed across many blogs. In the conventional time frame of academe, such a conversation would take place over several years, if at all. . . .

The essay wonderfully captures the positive influences blogging is having on the academy. More from Farrell’s essay:

Read More

4

The Pathology of Picking Supreme Court Justices

sct1.jpgThe Supreme Court appointment process has become almost pathological . . . ironically, for rational reasons. The incentive is for presidents to select people who are: (1) young, so they have a reign on the Court that rivals Fidel Castro’s in length; and (2) obscure, so they have rarely taken any positions on any major issues. [Sadly, the future prospects for Supreme Court appointments for bloggers are not looking good.]

The nomination of Harriet Miers has left many people guessing. We know very little about her. Mark Graber writes on Balkinization: “What both John Roberts and Harriet Miers have in common is that the administration knows a lot more about them than the rest of us.” Jack Balkin calls her a “stealth candidate.” Orin Kerr is “quite puzzled.”

We should be selecting Supreme Court justices from the most accomplished and distinguished of legal figures. Instead, being a judge for a long time almost disqualifies a person for the Supreme Court.

The Senate confirmation hearings have turned into vapid ritual, where Senators posture and bluster, and the appointee does a well-rehearsed dance to reveal as little as possible. No appointee is going to go before the Senate and say: “Well, yes, Senators, I intend to legislate from the bench. I’ll be activist. I won’t follow the Constitution. Instead, I’ll decide cases based on what I’ve had for breakfast that day. I’ll be biased and I’ll try to twist the law to conform to my personal whims.”

I hope that in the debates that follow about Harriet Miers, the focus will also include the systematic problems with the appointments process more generally.

Read More

18

California’s Tougher Anti-Paparazzi Law and the First Amendment

paparazzi2.jpg

Recently, Governor Arnold Schwarzenegger signed a law that toughened California’s Anti-Paparazzi Act, Cal. Civ. Code §1708.8. The original act was passed in 1998 in response to Princess Diana’s death, which was caused when her car was fleeing aggressive paparazzi.

Paparazzi photos can fetch a lot of money. A photo of Princess Diana and Dodi al-Fayed sold for over $3 million.

Arnold Schwarzenegger is not stranger to paparazzi. In one instance, they chased him and his wife, Maria Shriver, off the road to take photos of him.

The Anti-Paparazzi Act creates heightened penalties when a person commits a trespass “in order to physically invade the privacy of the plaintiff with the intent to capture any type of visual image, sound recording, or other physical impression of the plaintiff engaging in a personal or familial activity and the physical invasion occurs in a manner that is offensive to a reasonable person.” A person can also be liable even if there is no trespass if he “attempts to capture, in a manner that is offensive to a reasonable person, any type of visual image, sound recording, or other physical impression of the plaintiff engaging in a personal or familial activity under circumstances in which the plaintiff had a reasonable expectation of privacy, through the use of a visual or auditory enhancing device.”

Read More

4

Miers’s Political Contributions to Al Gore and Lloyd Bentsen

Harriet Miers’s

political contribution history doesn’t look surprising until you get to the

two earliest entries.  On the later entries, she gave to George Bush (R), Kay

Bailey Hutchison (R), Pete Sessions (R), and Phil Gramm (R).  But the two

earliest entries, from the late 1980s, strike me as very odd. 

MIERS, HARRIET E MS

DALLAS, TX

75219

LOCKE PURNELL RAIN HARRELL

GORE,

AL (D)

President

ALBERT GORE JR FOR PRESIDENT COMMITTEE INC

$1,000

primary

02/16/88

MIERS, HARRIET E MRS

DALLAS, TX

75201

LOCKE PURNELL ETAL

BENTSEN, LLOYD SENATOR (D)

Senate – DC

SENATOR LLOYD BENTSEN ELECTION COMMITTEE

$1,000

primary

03/30/87

Hat tip:

Larry Solum

2

The DHS Privacy Office

dhs-nuala.jpg

Nuala O’Connor Kelly left the DHS privacy office last week. I have mixed reviews of her performance. On the good side, she did not rubber stamp DHS policies. She criticized the TSA, for example, for improperly gathering airline passenger records from Jet Blue Airlines. But on the negative side, she acted more as an internal facet of DHS than as an external overseer. Her role was more akin to an in-house privacy counsel who would advise behind the scenes than to an independent agent.

This wasn’t necessarily O’Connor Kelly’s fault. The DHS privacy office lacks essential powers, like the ability to subpoena documents. It lacks the independence to rebuff the DHS. It lacks any real teeth to enforce sanctions when the DHS violates the law. Although it produces public reports about its activities, the privacy office could do more to ensure greater public accountability for DHS, which often operates in manner that isn’t transparent.

We need a privacy agency, one that has teeth. For a good proposal for such an entity, see Robert Gellman, A Better Way to Approach Privacy Policy in the United States: Establish a Non-Regulatory Privacy Protection Board, 54 Hastings L.J. 1183 (2003). As Gellman notes: “The failure of the United States to have a national privacy agency is, perhaps, the single most important difference in approach to data protection between the United States and most other industrialized countries.”

3

When Clacks Squawk: The New Keystroke Surveillance

keyboard1.jpg

You thought keyboard clacking was just annoying noise. Little did you know your clacking is broadcasting what you’re typing!

Berkeley researchers have developed a way to monitor your keystrokes without installing a device into your computer. Thus, far, keystrokes can be monitored via special software or other devices installed into people’s computers (either directly or via a virus or spyware). This new technique relies on the clacking of your keyboard. According to the AP:

If spyware and key-logging software weren’t a big enough threat to privacy, researchers have figured out a way to eavesdrop on your computer simply by listening to the clicks and clacks of the keyboard.

Those seemingly random noises, when processed by a computer, were translated with up to 96 percent accuracy, according to researchers at the University of California, Berkeley.

“It’s a form of acoustical spying that should raise red flags among computer security and privacy experts,” said Doug Tygar, a Berkeley computer science professor and the study’s principal investigator.

Researchers used several 10-minute audio recordings of people typing away at their keyboards. They fed the recordings into a computer that used an algorithm to detect subtle differences in the sound as each letter is struck.

On the first run, the computer had an accuracy of about 60 percent for characters and 20 percent for words, said Li Zhuang, a Berkeley graduate student and lead author of the study. After spelling and grammar checks were deployed, the accuracy for individual letters jumped to 70 percent and words to 50 percent.

The software learned to improve as researchers repeatedly fed back the same recordings, using results of spelling and grammar checks as a gauge on correctness. In the end, it could accurately detect 96 percent of characters and 88 percent of words.

5

Yet Another New Blog . . .

newblog3a.jpg

Just what the world needs – another new blog! I used to blog primarily at PrawfsBlawg and occasionally at Balkinization. I’m now shifting my PrawfsBlawg blogging to this new blog. Why? Because I want to grab land in the blogosphere while they’re still handing out forty acres and a mule. PrawfsBlawg is a great place, and I’ll still be stopping by a lot, but I think it’s time to cultivate a new plot of land.

If you enjoyed my posts at PrawfsBlawg and Balkinization, please come by and visit me here. Concurring Opinions will be a group blog, and other co-bloggers will be joining me shortly. Together, we’ll cover issues involving law, culture, and current events. We’ll focus on technology, privacy, intellectual property, contract, property, torts, constitutional law, criminal law and procedure, literature and humanities, legal theory, sociology, and more.

We promise we’ll try our best to be interesting and entertaining. And we’ll invite interesting and entertaining guest bloggers. All for free! Yes, all this content and you don’t have to pay a dime. What a great deal! Who ever said you don’t get something for nothing?

Please bookmark this website. Add it to your blogrolls. Spread the word far and wide. Visit many times per day. Comment frequently. Link to the posts. And you’re certainly welcome to send in large donations. That’s not too much to ask, is it?