Re: [liberationtech] Microsoft Accesses Skype Chats
Google is not transparent about it. It started doing this with Gmail too. It didn't ask my permission. It didn't tell me what it was doing. If you click on a link from within one of your own personal emails, it opens via a Google redirect. Yes, Google already handles your mail. But you trust it not to pry. It transpires that this trust was misplaced. Google already, apparenty, serves adverts that match a content scan it has done of your personal communications. The question is where you would draw the line. And where Google has drawn the line. And whether you have any control over where the line goes at all. So this is just the half of it. Google has also started using search accounts, so when you log into Gmail it also logs you into search automatically. Thus your Google searches are tracked, and your links from Google searches are tracked, and a complete picture of your online activity is linked to you Google account. Add this to the scans it has taken of your personal emails, and it's demonstrated inclination to use your personal information in any way that suits its own interests, then you have in my opinion a thuggish intrusion of privacy. Google is behaving like a hoodlum with the run of the town. It has the power and the resources to take people's personal data. It has decided to use that power without any apparent regard for the personal space of its customers. Who decides what my personal boundaries are? Google does, apparenlty. I think it is instructive to imagine who Google thinks owns the behavioural information it gleans from your personal emails, your searches and your links from your searches and your mails. I would say it is my own business. Google thinks it owns that information. Google never told me it was tracking my behaviour. It never told me what it was doing with that data. It never asked my persmission. Perhaps Google doesn't keep the behavioural data it collects about people. It might treat the information as momentary - as transient as sand falling through its fingers - that it uses to sell advertising for that moment alone. Well then it wouldn't need to link my searches and browsing to my Google account, would it? But it does. Excuse me if this is common knowledge. Because it is news to me as a mere, powerless internet user - or Google user, as it has become. But the only reason why Google would need to link your browsing and searching to your Gmail account (and all the other behavioural and personal data therein) is to assemble a fixed and growing body of behavioural data about you as an individual. It constitutes a deep psychological profile - a computer mirror of your self. This information is what Google thinks it owns. This information that is the very stuff of you - the very soul of you. Google thinks it owns this information and that it can do what it likes with it. It is most amusing to say, but it is very serious indeed - and really, it is necessary to follow this line of reasoning to this point before drawing the obvious metaphors: but Google owns your soul, man. This state of affairs has become so serious that people now assume Google is already reading your personal communications, and that this is normal. As Kyle said: Google doesn't claim that nobody can read your content, and it's fairly obvious even to casual users that Google can see what you're discussing. Woah there, boy. Refer your sorry ass to the metaphor favoured by Sir Tim Berner's Lee: when the Post Office handles my mail I work on the assumption that it does not open my letters and read them, or snoop on my chit-chat. This is called trust. I do not have that trust for Google. I did nevertheless once have this trust. And it is true that I invested this trust with Google. It is crucial to understand that Google relied on my investing that trust with it in order to get my business in the first place. Just like it relied on everyone's trust. That is why it has the virtual monopoly it has on search. It's success is a function of everyone's trust. I trusted Google not to scan my personal mails for their content, nor to track my behaviour. It has abused that trust. There is a very particular way in which people have accepted this abuse as normal, Kyle. That is, they have not necessarily deemed it acceptable. This is how abuses of power work. People think it's wrong but they also think they can't do anything about it. So it just passes for normal. Google violates your privacy because it can. You consequently become like chump citizen of a totalitarian state. You carry on under the oppressive knowledge that someone's notching up every step, every turn, every word. In psychic terms, you become a gimp. Your soul becomes a rag doll. What would Google do with it? Are there limits? Do you even know? If your assumed trust was initially that Google would not read your personal communications, and it abused that trust and snatched your personal data, then what now of your assumption that it can be trusted
Re: [liberationtech] Privacy for the other 5 billion
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 30/05/13 22:44, R. Jason Cronk wrote: An interesting article that some on this list may find pertinent, though not really ground breaking http://www.ifex.org/international/2013/05/29/biometrics_programs/ http://t.co/YQ6loPZgtG This link leads to a meetup event about UX design - is this meant to be a demonstration of the dangers of link shorteners? Cheers, Michael -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJRqH24AAoJEBEET9GfxSfMZz0H/iCf++LjifiIRYh9+6PLl+At zcOjd/72v6ogAekVfIZBfZFpal/qE/dB2L1Nv8lxu5SLsL6417EE9OIJL1qhfT+M JX6Nw/y4kkI1Jf9yP08voO7CPSd3+zp12Y68z1Tz/sTBAiTaQBjnCBfPPI73Xmdv ycY8J+3nzPe8jpoxN1Y90EkEdpR3XHo5nrnrv7i1RELDp61e8TiOQOjN4D2TeERg gXpA+iG3u39L6VFPs3WiumWbzz4WoNB+oxi7oZTWUCh/hJGMHObCNjJZ9CkoNAf1 XxzADotYjsh49yxfqRm54peegEGuDMySytkTg2leOkglUttyl1zfUu4a0tfbinI= =wyCP -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Microsoft Accesses Skype Chats
Welcome to what Gilles Deleuze called les sociétés de contrôle https://files.nyu.edu/dnm232/public/deleuze_postcript.pdf www.youtube.com/watch?v=GIus7lm_ZK0 BTW, as you can see, Youtube (also owned by Google) carries a message decoding it.. Ergo, they don't care. It's not you - just your information! :-) Best Regards | Cordiales Saludos | Grato, Andrés L. Pacheco Sanfuentes a...@acm.org +1 (817) 271-9619 On Fri, May 31, 2013 at 3:10 AM, Mark Ballard markjball...@googlemail.com wrote: Google is not transparent about it. It started doing this with Gmail too. It didn't ask my permission. It didn't tell me what it was doing. If you click on a link from within one of your own personal emails, it opens via a Google redirect. Yes, Google already handles your mail. But you trust it not to pry. It transpires that this trust was misplaced. Google already, apparenty, serves adverts that match a content scan it has done of your personal communications. The question is where you would draw the line. And where Google has drawn the line. And whether you have any control over where the line goes at all. So this is just the half of it. Google has also started using search accounts, so when you log into Gmail it also logs you into search automatically. Thus your Google searches are tracked, and your links from Google searches are tracked, and a complete picture of your online activity is linked to you Google account. Add this to the scans it has taken of your personal emails, and it's demonstrated inclination to use your personal information in any way that suits its own interests, then you have in my opinion a thuggish intrusion of privacy. Google is behaving like a hoodlum with the run of the town. It has the power and the resources to take people's personal data. It has decided to use that power without any apparent regard for the personal space of its customers. Who decides what my personal boundaries are? Google does, apparenlty. I think it is instructive to imagine who Google thinks owns the behavioural information it gleans from your personal emails, your searches and your links from your searches and your mails. I would say it is my own business. Google thinks it owns that information. Google never told me it was tracking my behaviour. It never told me what it was doing with that data. It never asked my persmission. Perhaps Google doesn't keep the behavioural data it collects about people. It might treat the information as momentary - as transient as sand falling through its fingers - that it uses to sell advertising for that moment alone. Well then it wouldn't need to link my searches and browsing to my Google account, would it? But it does. Excuse me if this is common knowledge. Because it is news to me as a mere, powerless internet user - or Google user, as it has become. But the only reason why Google would need to link your browsing and searching to your Gmail account (and all the other behavioural and personal data therein) is to assemble a fixed and growing body of behavioural data about you as an individual. It constitutes a deep psychological profile - a computer mirror of your self. This information is what Google thinks it owns. This information that is the very stuff of you - the very soul of you. Google thinks it owns this information and that it can do what it likes with it. It is most amusing to say, but it is very serious indeed - and really, it is necessary to follow this line of reasoning to this point before drawing the obvious metaphors: but Google owns your soul, man. This state of affairs has become so serious that people now assume Google is already reading your personal communications, and that this is normal. As Kyle said: Google doesn't claim that nobody can read your content, and it's fairly obvious even to casual users that Google can see what you're discussing. Woah there, boy. Refer your sorry ass to the metaphor favoured by Sir Tim Berner's Lee: when the Post Office handles my mail I work on the assumption that it does not open my letters and read them, or snoop on my chit-chat. This is called trust. I do not have that trust for Google. I did nevertheless once have this trust. And it is true that I invested this trust with Google. It is crucial to understand that Google relied on my investing that trust with it in order to get my business in the first place. Just like it relied on everyone's trust. That is why it has the virtual monopoly it has on search. It's success is a function of everyone's trust. I trusted Google not to scan my personal mails for their content, nor to track my behaviour. It has abused that trust. There is a very particular way in which people have accepted this abuse as normal, Kyle. That is, they have not necessarily deemed it acceptable. This is how abuses of power work. People think it's wrong but they also think they can't do anything about it. So it just passes for
Re: [liberationtech] Microsoft Accesses Skype Chats
Pranesh Prakash: I noticed recently that (all?) URLs sent via Google Hangouts automatically get replaced by a Google URL redirection (the way their search results do if you're logged in). That's not limited to when you're logged in. And Google is not transparent about it, in fact they deliver code to make it look like there was no redirection before you click on a link in Google search results. Of course, Google only wants the best for everyone and is not evil. Yes, that's sarcasm. Google, like every company not run as, say, a fully family owned and run business without external shareholders (there it isn't necessarily the case, though still quite likely since they will have to compete with other companies), is driven by the expectation and requirement to monetize whatever they can, and this is guaranteed to impact ethics as soon as the pressure grows strong enough. Of course there could be, can be, and I would think most likely are legitimate uses for this URL redirection (such as the warning screens when you're about to visit a known phishing site), but I bet there is more to it. After all, you could work around this by just embedding this information directly in search results, or not displaying such search results unless set in preferences. But then, there is also a pretty obvious non legitimate use case there: tracking. And Google is all about tracking. Initially this was not the case, but during the past 10 years this has changed rapidly. Every new service introduced within the recent years has, if you think about it, a lot of benefit if the primary goal is to know more about your users. Just think about * Gmail, with its laughable privacy policy (yes they do say they will track you, and anyone who can sum up 1 + 1 knows this means you cannot use them for political work, and then you shouldn't rely on not directly paid services for doing anything sensitive anyways - there are viable alternatives), which is surely not suitable for organizations who care about keeping content of their e-mails to themselves, but is still used by way too many organizations, and many universities * Doubleclick, which was already one of the world's largest ad networks before Google bought it, embedding tracking cookies on every other website you visit, and was then combined with Google Ads for much even more reach (and sales) * Recaptcha, a way to look nice, because you're offering a useful feature, and on the other hand get integrated into loads of websites which this way ensure users' data ends up with Google * Google+, together with the Google+ icon which, just like Facebooks', is always pulled form Googles' servers, since they so need to now who is accessing websites which have the logo on it. * Google APIs are added to loads of websites, and loaded by (nearly) every web browser which accesses those websites. They always load data from Google servers, even if it's just about loading some Javascript you could easily host yourself. * Google Analytics, now embedded into pretty much every second website you visit on a daily basis * The accidental collection of information on the location of wireless networks as they were mapping for streetview. I could go on for much longer. If you take all these opportunities for Google to collect information and think about how this enables them to track your movements across multiple websites (*some* Google service is basically embedded on every website nowadays), even without cookies (but it workseven better with global cookies so Google uses them whereever they can), just based on your browsers' unique signature (definitely when combined with your IP address) [1], then it can become quite obvious how embedding Google services to your website and using them to send e-mail (and making your buddies send e-mail to them) is not going to increase your karma. It causes me pain each time I read an article which supports the view that Google is somehow doing good. It is not. Just like any other company, that's not what their business is about. And by their sheer size, they are actually pretty evil, since they have the power to centralize way too much information. And they happily will. And this is never a good thing. Definitely, other corporations are no better, some are worse. But none of them is as huge, as uncontrolled, and as widely deployed and enabled to collect every one of your daily actions online. There are alternatives to Google services. Use them, for your own good, and for the good of people you interact with. The myth of Google being for the people needs to be crushed. Al -- GPG key http://zimmermann.mayfirst.org/pks/lookup?search=0x39A8722D GPG FPA38F 4F71 749E 609F 397E EB52 778E 4678 39A8 722D Info https://tachanka.org/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Flaming Google
Please note the subject change, as the previous subject featured Microsoft - a notable reflection of the tides of history. In short, what price will you pay for your privacy? Google (like Facebook), makes the majority of its money by selling advertisements (I've heard on the order of 95% of Google's revenue is generated by AdWords). Like everything else the Internet touches, advertising has been disrupted by the innovations introduced by companies like Google and Facebook. In this case, the innovation is highly accurate micro-targeting of groups. For example, on Facebook you can place an advertisement that targets only current employees of a particular organization - because individuals document their employment history on Facebook. Disruption of the advertising industry has been enabled by the acquisition and compilation of information on individuals. We, as individuals, voluntarily provide our personal information to these organizations in the process of using the tools and amusements they provide to us - crucially, at no direct financial cost to us. The quantity and accuracy of aggregated personal data largely determines the amount of advertising revenue that can be generated. Therefore these organizations are incentivized to collect more and more personal data. In some circumstances (but not all), these same organizations provide paid versions of their tools which provide privacy guarantees, such as Google Apps for Business which includes GMail. It's worth noting there is no privacy protecting version of Facebook. So this calculus is pretty simple. If your privacy is worth something to you, what will you pay to keep it? Trouble finding privacy protective substitute technologies? Well, that's part of our answer. Technology has a cost for the convenience it provides, and that cost is not just economic. As McLuhan said, every technology is simultaneously an amplification *and an amputation*. And lately, there's a lot of severed personal data being scooped up. gf -- Gregory Foster || gfos...@entersection.org @gregoryfoster http://entersection.com/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Flaming Google
I don't know how many people watch Doctor Who, and I hate to use it as my example, but there was a planet where people used items of emotional value as currency. This is kinda how I see the future of the Internet going: People trade various details of their life, and they get various services in return (privacy economy?). I use Google services, while I never fully trust anyone, I trust them more than most with the data they collect about me. You sort of give this same level of trust to merchants when you swipe your credit card, not knowing if they are actually collecting your card number and are going to do bad things with it. Services should have the option (as Google does) to pay for a service, and not have to take part in advertising. I would love to pay Facebook $5 a month, and not have any ads and no tracking. Again, however, it comes down to trust -- every website can collect information about you even if they are not running ads. They can be sharing that information, etc. You wouldn't know unless you worked for the company, and realistically probably only if you were in upper management or a small little team. You don't have to trade your privacy for free services, but I choose to. I don't view a company as evil for it. Gregory Foster wrote: Please note the subject change, as the previous subject featured Microsoft - a notable reflection of the tides of history. In short, what price will you pay for your privacy? Google (like Facebook), makes the majority of its money by selling advertisements (I've heard on the order of 95% of Google's revenue is generated by AdWords). Like everything else the Internet touches, advertising has been disrupted by the innovations introduced by companies like Google and Facebook. In this case, the innovation is highly accurate micro-targeting of groups. For example, on Facebook you can place an advertisement that targets only current employees of a particular organization - because individuals document their employment history on Facebook. Disruption of the advertising industry has been enabled by the acquisition and compilation of information on individuals. We, as individuals, voluntarily provide our personal information to these organizations in the process of using the tools and amusements they provide to us - crucially, at no direct financial cost to us. The quantity and accuracy of aggregated personal data largely determines the amount of advertising revenue that can be generated. Therefore these organizations are incentivized to collect more and more personal data. In some circumstances (but not all), these same organizations provide paid versions of their tools which provide privacy guarantees, such as Google Apps for Business which includes GMail. It's worth noting there is no privacy protecting version of Facebook. So this calculus is pretty simple. If your privacy is worth something to you, what will you pay to keep it? Trouble finding privacy protective substitute technologies? Well, that's part of our answer. Technology has a cost for the convenience it provides, and that cost is not just economic. As McLuhan said, every technology is simultaneously an amplification *and an amputation*. And lately, there's a lot of severed personal data being scooped up. gf -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Privacy for the other 5 billion
It does lead to lesson in cut and paste. The only link that I meant to post is the one on top of the shortened one. http://www.ifex.org/international/2013/05/29/biometrics_programs/ Jason On 5/31/2013 6:38 AM, Michael Rogers wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 30/05/13 22:44, R. Jason Cronk wrote: An interesting article that some on this list may find pertinent, though not really ground breaking http://www.ifex.org/international/2013/05/29/biometrics_programs/ http://t.co/YQ6loPZgtG This link leads to a meetup event about UX design - is this meant to be a demonstration of the dangers of link shorteners? Cheers, Michael -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJRqH24AAoJEBEET9GfxSfMZz0H/iCf++LjifiIRYh9+6PLl+At zcOjd/72v6ogAekVfIZBfZFpal/qE/dB2L1Nv8lxu5SLsL6417EE9OIJL1qhfT+M JX6Nw/y4kkI1Jf9yP08voO7CPSd3+zp12Y68z1Tz/sTBAiTaQBjnCBfPPI73Xmdv ycY8J+3nzPe8jpoxN1Y90EkEdpR3XHo5nrnrv7i1RELDp61e8TiOQOjN4D2TeERg gXpA+iG3u39L6VFPs3WiumWbzz4WoNB+oxi7oZTWUCh/hJGMHObCNjJZ9CkoNAf1 XxzADotYjsh49yxfqRm54peegEGuDMySytkTg2leOkglUttyl1zfUu4a0tfbinI= =wyCP -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech *R. Jason Cronk, Esq., CIPP/US* /Privacy Engineering Consultant/, *Enterprivacy Consulting Group* enterprivacy.com * phone: (828) 4RJCESQ * twitter: @privacymaverick.com * blog: http://blog.privacymaverick.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Flaming Google
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 31/05/13 16:01, Travis McCrea wrote: Services should have the option (as Google does) to pay for a service, and not have to take part in advertising. I would love to pay Facebook $5 a month, and not have any ads and no tracking. Thought experiment: if you paid Facebook $5 to stop tracking you, what information would you expect them to stop collecting? It seems to me that a lot of the information they collect - such as interactions with other Facebook users, or visits to sites displaying Facebook buttons - involves communication between you and other parties. It's not clear that you have a right to prevent those other parties from disclosing that information to Facebook. So even if Facebook were to agree not to collect data _from_ you, they could still collect data _about_ you from those other parties - and thanks very much for the $5. The problem is that much of the information we consider private involves relations between two or more parties, so it can't be treated as any one party's personal property. You can't sell your privacy to Facebook, or stop selling it to Facebook, because there's no distinct entity called your privacy - it's inseparable from the privacy of everyone you interact with. I think we need to move beyond the conception of privacy as an individual property right and recognise it as a collective right and a collective responsibility. We can't buy our privacy back individually. Cheers, Michael -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJRqMqbAAoJEBEET9GfxSfMsZsIAIQYSokPoSBnguSIB6ll9vF6 9VQT5g2HrXsnfKZ7re121DOfPUiGkA2YywIklpBH6kfJ7hOQhB5jjkJrDM2/7xVA Ebb65p0oqkH4h3G2AnwDXYS8gvLqlqWRzYi2dzoheS50bzOeo6t/7SrkzkU9/QxG j0ZOEuTxQ+7EtXjA7TbFHaW8B0cCXH3RX1uzxJ2QHdwSWnJekbCy2X1F26SVzHec cpgL+lrsmBV59Cnt2+0uqCS9G/pGPOlR3L6shw9VJK41o+9xXcl9DXewy6Qz7g8z 4c4UfdQVP+jgXtjFMgryyP8S9DmHMYxvxQvBoQXIo8Gsv9eraA0k0QZWAzBIKrY= =+oK2 -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Flaming Google
not tracking is not an option for any company whose business model is based on tracking. Best Regards | Cordiales Saludos | Grato, Andrés L. Pacheco Sanfuentes a...@acm.org +1 (817) 271-9619 On Fri, May 31, 2013 at 11:06 AM, Michael Rogers mich...@briarproject.org wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 31/05/13 16:01, Travis McCrea wrote: Services should have the option (as Google does) to pay for a service, and not have to take part in advertising. I would love to pay Facebook $5 a month, and not have any ads and no tracking. Thought experiment: if you paid Facebook $5 to stop tracking you, what information would you expect them to stop collecting? It seems to me that a lot of the information they collect - such as interactions with other Facebook users, or visits to sites displaying Facebook buttons - involves communication between you and other parties. It's not clear that you have a right to prevent those other parties from disclosing that information to Facebook. So even if Facebook were to agree not to collect data _from_ you, they could still collect data _about_ you from those other parties - and thanks very much for the $5. The problem is that much of the information we consider private involves relations between two or more parties, so it can't be treated as any one party's personal property. You can't sell your privacy to Facebook, or stop selling it to Facebook, because there's no distinct entity called your privacy - it's inseparable from the privacy of everyone you interact with. I think we need to move beyond the conception of privacy as an individual property right and recognise it as a collective right and a collective responsibility. We can't buy our privacy back individually. Cheers, Michael -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJRqMqbAAoJEBEET9GfxSfMsZsIAIQYSokPoSBnguSIB6ll9vF6 9VQT5g2HrXsnfKZ7re121DOfPUiGkA2YywIklpBH6kfJ7hOQhB5jjkJrDM2/7xVA Ebb65p0oqkH4h3G2AnwDXYS8gvLqlqWRzYi2dzoheS50bzOeo6t/7SrkzkU9/QxG j0ZOEuTxQ+7EtXjA7TbFHaW8B0cCXH3RX1uzxJ2QHdwSWnJekbCy2X1F26SVzHec cpgL+lrsmBV59Cnt2+0uqCS9G/pGPOlR3L6shw9VJK41o+9xXcl9DXewy6Qz7g8z 4c4UfdQVP+jgXtjFMgryyP8S9DmHMYxvxQvBoQXIo8Gsv9eraA0k0QZWAzBIKrY= =+oK2 -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Deadline extension: International Summit for Community Wireless Networks 2013
FYI, the deadline for workshop and panel proposals at this year's Summit has been extended until July 1st. See below for more info. -- Are you passionate about using technology to improve your community? Do you want to help expand access to affordable Internet? Are you an advocate for open technology, ICT4D or community-owned infrastructure? If so, then we invite to you to participate in this year's International Summit for Community Wireless Networks (IS4CWN) http://2013.wirelesssummit.org/. The Summit will take place in Berlin on October 2-4, 2013. IS4CWN is a gathering of technology experts, policy analysts, on-the-ground specialists, and researchers working on state-of-the-art community broadband projects across the globe. Above all, IS4CWN is a community of communities, and the annual summit serves as an opportunity to share ideas and challenges, discuss policy issues, and coordinate research and development efforts. The 2013 Summit theme is community. In the past decade -- which included the founding of Freifunk http://start.freifunk.net/, the birth of the International Summit for Community Wireless Networks, and the genesis of major projects including Commotion https://commotionwireless.net/ and CONFINE http://confine-project.eu/ -- the community wireless movement has expanded substantially in both size and visibility. But where do we go from here? How can we take the movement to the next level in terms of technological advancement, community engagement, and diversity? We encourage our speakers, workshop leaders, and participants to think big this year and help us grow our community of communities. Interested? Head on over to www.WirelessSummit.org http://www.wirelesssummit.org/. Registration is open and forms to submit workshop proposals and request travel funding are available. Early registrants will receive a 50% discount. Potential topics include: using wireless for social justice, rural broadband frameworks, technical developments in mesh networking, spectrum policy, training communities in technical skills, case studies of networks, challenges of corporate monopolies, and much more. This year's Summit is committed to having a diversity of voices and experience, and we're looking to have a lot of new faces in the room. Community networks encompass a whole range of social, political and technical challenges, so technical knowledge is definitely not required. Access to technology and technical knowledge has been historically inequitable and remains so to this day. Recognizing this, the International Summit for Community Wireless Networks aspires to include participants and speakers from a broad range of backgrounds and experiences. We seek and welcome diversity in order to reflect the communities that wireless networks can and should serve, cultivating expertise, creativity, and innovation. Please join us in creating an environment of respect, equity, and accessibility at all levels of Summit involvement. -- Dan Staples Open Technology Institute https://commotionwireless.net -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Looking digital privacy policies
From: Lisa Goddard lgodd...@austinfoodbank.org I’m looking for examples or resources for digital privacy policies. Also, if you can provide any insight on who is responsible within your organizations to craft these policies. Do you outsource to a lawyer or some other third party? Thank you. Lisa Goddard Online Marketing Director Capital Area Food Bank of Texas 512.684.2526 direct @lisa_goddard on Twitter www.austinfoodbank.org -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Cell phone tracking
Eugen Leitl writes: There might be use cases for using end-to-end encrypting VoIP phones on Mifi over 3G/4G (assuming you can penetrate the double NAT), as here both security compartments are separate. That seems to have some clear potential privacy and security benefits, but if you use a MiFi with a 3G account registered in your own name, the carrier will still be able to track the location of the MiFi device itself and associate it with your identity. We could imagine 3G interfaces with frequently randomized IMEIs and the use of blinded signatures to pay for service, so that the carrier will know that someone has paid but not who the device owner is. (Refilling a prepaid account with that kind of mechanism needn't be much more complicated than prepaid refills today, especially when the user tops up their account at a kiosk with an electronic terminal as opposed to with an online credit card payment or by buying a scratch-off card.) I think this gets us back to the political problem that some governments have already made the use of these mechanisms _illegal_*. A pretty common challenge for situations like this is that if a telco wanted to actively cooperate in order to deliberately know less about its customers, we might be able to figure out a way to make it work technically. But telcos generally don't want to do that and governments don't want the telcos to do it either. And this applies to other kinds of service providers too; there's great research from the academic cryptography world about privacy-protective ways of providing many services but today's service providers are mostly reluctant to make use of this research or other crypto tools to reduce what they know about users (with a couple of shining exceptions). Arvind Narayanan has just pushed a two-part paper in _IEEE Security Privacy_ about exactly this point: http://randomwalker.info/publications/crypto-dream-part1.pdf http://randomwalker.info/publications/crypto-dream-part2.pdf Narayanan argues that a mis-alignment of incentives frequently occurs to discourage the use of cryptography to protect privacy (particularly in the strongest end-to-end sense) and that there is minimal demand for protecting data against intermediaries and service providers. (I find this paper extremely depressing, but it does describe actual events. If I were writing this paper, I would continue to ask how we can increase demand for cryptographic privacy mechanisms rather than declaring defeat.) * To pick up on Narayanan's argument, even if this kind of service is legal and even if carriers thought it was a reasonable service for them to offer, we might expect problems with demand for it. One problem for the level of demand for blinded e-cash payments for telecommunications services is that if users lose their mobile devices and don't have suitable backups, they lose all of their prepaid account value (because it existed only in the form of e-cash on the devices). This is different from the status quo where prepaid balances can be associated with an account that persists and can be claimed by a user if even they lose a particular device. Methods of paying for services that have cash-like privacy properties like cash could be unpopular because they expose to customers to cash-like risks. And many people now prefer to pay for point-of-sale transactions with credit cards despite the major privacy losses compared to cash; probably people who regularly accept that trade-off would be skeptical that totally anonymous prepaid service accounts are a benefit. I've recently done some research and writing about anonymous payments for transportation services and seen that transportation agencies expect very few users to prefer unregistered cash-equivalent payment methods that are purchased in cash. That might be partly a self-fulfilling prophecy (if the agencies don't promote the idea that it's good to pay for transportation in a way that leaves fewer records, and don't do more to make this convenient, clearly fewer people will do it), but it's also surely based in part on their observations from customers' behavior. -- Seth Schoen sch...@eff.org Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech