My Digital FootPrint

The US  Stop Online Piracy Act (SOPA)  is controversial depending if your business model needs copyright protection (helpful) or user-generated content (censorship) AOL, eBay, Facebook, Google, LinkedIn, Mozilla, Twitter, Yahoo and Zynga delivered  a letter  to members of the U.S. Senate and House of Representatives last month that argues SOPA “pose[s] a serious risk to our industry’s continued track record of innovation and job creation, as well as to our nation’s cybersecurity.” They later ran the letter as a full-page ad in The New York Times. Meanwhile, the Motion Picture Association of America (MPAA) and the Recording Industry Association of America (RIAA) support the bill. “If rogue websites legislation passes, American jobs will be preserved and the Internet will continue to be free and open,” reads an MPAA blog post. “Content protection laws have given us the Internet of today, alive with innovation, free speech and commerce.” As the opposing sides launch argumen

http://ec.europa.eu/commission_2010-2014/reding/index_en.htm Source : http://www.iewy.com/37704-viviane-reding-vice-president-of-the-european-commi... My comments in CAPS/ BLACK and BOLD ! Ladies and gentlemen, I am delighted to be with you today to discuss the reform of the European Union data protection laws. Data protection is a fundamental right in Europe. It is enshrined in the Charter of Fundamental Rights of the European Union and in our Treaty. The Treaty also underlines that the role of independent data protection authorities (DPAs), your authorities, is to control the compliance with data protection principles. Your important role is recognised under Article 29 of the current Data Protection Directive. Supervisory authorities in Member States have a key role in developing, defending and enforcing individual’s data protection rights. They respond to complaints and investigate cases. They make public companies and public institutions aware of their rights and obligations

Lord Erroll (Merlin) has proposed an amendment to the Protection of Freedoms bill before Parliament to create a position of Privacy Commissioner.   Here’s the text of his proposed amendment: http://www.publications.parliament.uk/pa/bills/lbill/2010-2012/0099/amend/ml099-ichw.htm After Clause 4....Privacy Commissioner..... (1) The Secretary of State shall appoint a Commissioner to be known as the Privacy Commissioner (referred to in this section as “the Commissioner”). (2) It shall be the duty of the Commissioner to promote respect for individual privacy. (3) The Commissioner shall have all the duties and functions set out in— (a) section 51 of the Data Protection Act 1998 (Data Protection Commissioner), (b) section 57 of the Regulation of Investigatory Powers Act 2000 (Interception of Communications Commissioner), (c) section 91 of the Police Act 1997 and section 62 of the Regulation of Investigatory Powers Act 2000 (Chief Surveillance Commissioner), (d) section 20 of th

Midata - access and control your personal data, this is the UK governments  Consumer Empowerment Strategy for data…. The three main objectives of midata are to: secure broad private-sector participation in the project, with a key number of businesses agreeing to release individual, personal data to consumers let consumers access and use their data in a safe way encourage businesses to develop innovative services and applications that will interpret and use the data for consumers Agenda 1: consumer data  “Giving people back their data” is billed as putting the customer back in control when forming or reviewing a relationship with a vendor. Sorry but this misses the point totally and most users don’t want their data. We generate vast amounts of data in creating and consuming. You will get zero understanding our consumption patterns based on the data – you need the algorithm and the output. Please start protecting those who want to give data but have no value as they will be l

The US national identity strategy NSTIC (National Strategy for Trusted Identities in Cyberspace) is to receive $16.5 million some $8 million less than requested.  Jeremy Grant [leader] said the bulk of the money will go to fund pilot projects around such issues as privacy, and the rest will admin and overhead….. In April 2011 NSTIC  outlined the rules for an “identity ecosystem” to be built and managed by the private sector. The NSTIC effort is now under the control of the Commerce Department. The program is not about a national ID card, but about an infrastructure to help stimulate and secure online interactions and transactions.   NSTIC.pdf Download this file

Here is the thinking, which has wider implications than a small change at Google…. If you took a complex algorithm and asked a 15 year old, a 30 year old and a 65 year old; both male and female, from different countries, using different computing languages and compliers to cut some code: will you get the same output from the same test datasets using the different implementations of the algorithm? – Probably not! So changing the algorithm is one thing; changing compliers (and who coded that), language and the age, sex, experience (life and skills) of the coders is another……but we depend on them. Yes there are tools to help ensure maintainability, supportability, scalability, performance and conformity but we do have a massive and increasing reliance on the coders ethics and lack of bias in the way the interrupt an algorithm……just wondering who is thinking about this as well. Why this is important to digital footprints. Someone you don’t know is taking your data and predicting your

Mr Justice Eady gave a speech entitled “ How private is private?”  to the “ 2011 Young Bar Conference “ on 8th October 2011 – long but worth reading. This is privacy “and public” based on what we have – a shame nothing on where we are going given the issues of data and digital footprints.

Another European Union privacy group has published a document with recommendations about location privacy the problem is that it will inform those who are influential in the EU but not really understanding the wider implications and unintended consequences. The paper is published by "Article 29 Data Protection Working Party", which is part of the justice division of the EU, and is formed by a representative in charge of data protection (privacy) in each EU member state. When the Article 29 group puts out an opinion, its recommendations can be followed by either individual EU states or the EU itself and they did set limits on how long search engines should be retaining their search data.  The recommendations aren’t law but they do appear to go far above and beyond what's been discussed so far in the U.S. just as Google,  Apple, Sony and Nintendo are being interrogated about their policies when it comes to user data its use and ownership. The key recommendations are:

Original blog : https://www.eff.org/deeplinks/2011/03/carrier-intransigence-harms-internet-security Love little stories like this as who is paying. Apple side load new updates via iTunes and therefore no OTA (over the air) update, therefore no cost to the operator. All the other create an OTA cost for the operator and why should the operator pay to update software that is not their business problem. However, who do I have the contract with! Implication. Free sounds good until you actually need to call someone to fix it. “By delaying or even blocking security updates for mobile devices, mobile carriers put their users, their business, and the country’s critical infrastructure at unnecessary risk. Mobile security problems plague the entire software stack — the baseband, the kernel, the application frameworks, and the applications — and carriers continue to resist shipping regular and frequent updates. Mobile carriers are chiefly to blame for this problem. Although Apple, Google, and Mi

Original blog : https://www.eff.org/deeplinks/2011/03/carrier-intransigence-harms-internet-security Love little stories like this as who is paying.  Apple side load new updates via iTunes and therefore no OTA (over the air) update, therefore no cost to the operator. All the other create an OTA cost for the operator and why should the operator pay to update software that is not their business problem. However, who do I have the contract with! Implication. Free sounds good until you actually need to call someone to fix it. “By delaying or even blocking security updates for mobile devices, mobile carriers put their users, their business, and the country’s critical infrastructure at unnecessary risk. Mobile security problems plague the entire software stack —  the baseband , the kernel, the application frameworks, and the applications — and carriers continue to resist shipping regular and frequent updates. Mobile carriers are chiefly to blame for this problem.  Although Apple, Google,

Original blog : https://www.eff.org/deeplinks/2011/03/carrier-intransigence-harms-internet-security Love little stories like this as who is paying.  Apple side load new updates via iTunes and therefore no OTA (over the air) update, therefore no cost to the operator. All the other create an OTA cost for the operator and why should the operator pay to update software that is not their business problem. However, who do I have the contract with! Implication. Free sounds good until you actually need to call someone to fix it. “By delaying or even blocking security updates for mobile devices, mobile carriers put their users, their business, and the country’s critical infrastructure at unnecessary risk. Mobile security problems plague the entire software stack —  the baseband , the kernel, the application frameworks, and the applications — and carriers continue to resist shipping regular and frequent updates. Mobile carriers are chiefly to blame for this problem.  Although Apple, Google,

Viviane Reding (VP European Commission) is making sure that the message is clear that non-EU companies have to adhere to the new stringent EU privacy laws?   Speech Any company that is active within the 27-nation region of the EU or even possesses a digital product line targeting an European audience must adhere to EU standards.  The new rules go even further than controversial American “ Do Not Track ” initiatives.  This EU initiative proposes to create national watchdog agencies across Europe to investigate and launch national and EU-wide legal proceedings, presumably with the possibility of civil damages awards against violators. " A U.S.-based social network company that has millions of active users in Europe needs to comply with EU rules ," says Reding " Privacy standards for European citizens should apply independently of the area of the world in which their data is being processed. " Worthy of note in the EU proposals for non-EU companies are:- Compa

- not obvious to all, but the circuit diagram is for a slow fading light – like the one in your car - This is the BBC news story  http://news.bbc.co.uk/1/hi/technology/10324209.stm Dutch researcher Dr Harold van Heerde is looking into ways to gradually "degrade" the information that sites gather about visitors.  Slowly swapping details for more general information can help guard against accidental disclosure, he said.  "There are so many weak points in security that you can never be sure that your data is safe," Dr van Heerde is from the Centre for Telematics and Information Technology (CTIT) at the University of Twente Something I have been thinking about as well; here is my dilemma. Facebook make me an offer, based on cost economics for themselves, which says after 12 months you need to pay $1 per year for us to keep your data “live” e.g on spinning disks so it is easily accessed.  If you don’t pay we will achieve it.  (See post on GreenPeace http://blog.

Close to dark side thinking I believe and it starts from the wrong point. They question again is why regulate storage of data.  All data should be thrown away. Regulate collection and maybe what can be done with analysis.  My view is that the existing framework is broken and is not suitable for adaptation. However, I expect it will all happen and have passed by the time the regulator catches up. Parliament would like more privacy and security in relation to the internet of things The European Parliament welcomes the development of the internet of things (IoT) but asks the Commission to set up a clear legal framework on the security, safety, privacy and protection of personal data in relation to the IoT. It also points out concerns on other issues not directly related to the IoT, including on the legal uncertainty surrounding cloud computing. The resolution adopted on June 15, 2010 also proposes that the Commission should carry out a detailed assessment of a number of issues lin