Category Policy

Entries 32 Total Description

Posts related to government or corporate technology policies.

Communications Privacy in Tennessee

Jun 27, ’11 3:45 PM

Tim Lee wrote about a new law in Tennessee that affects communications privacy over on Ars Technica. Most of the article deals with the First Amendment issues, but there’s an interesting development for communications privacy near the end of the article:

Another provision of the legislation governs law enforcement access to the contents of communications on social networking sites. The government can get access to “images or communications” posted to a social networking site by offering “specific and articulable facts,” suggesting that the information sought is “relevant and material to an ongoing criminal investigation.”

This section, too, faces constitutional problems. Julian Sanchez, a privacy scholar at the Cato Institute, tells Ars that “this is a lower standard than the federal Electronic Communications Privacy Act requires” for unread communications. More importantly, because Tennessee is in the Sixth Circuit, it is bound by that court’s Warshak decision, which held that the Fourth Amendment requires the government to obtain a full search warrant in order to access e-mail communications. “That case dealt with e-mail,” Sanchez said, “but there’s no good reason to think a private message on a social network site is any different.”

Electronic communications privacy continues to be under-protected from law enforcement access. The standard described by this law is stunningly low.

Comments (0)

Apple Responds to Location Data Concerns

Apr 27, ’11 10:59 AM

Yesterday, I wrote about Apple and Location Data, and I ended that article with a list of questions:

  1. Should there be a master switch that actually prevents location tracking?
  2. Should location data be deleted after a reasonable period of time?
  3. Should users be able to manually wipe location data at will?
  4. As my colleagues point out, we should also ask whether users should be able to provide a slightly randomized bogus location within 10 miles for services that don’t require precise latitude and longitude, like weather.

Several of these questions are answered directly by Apple’s response:

Software Update

Sometime in the next few weeks Apple will release a free iOS software update that:

  • reduces the size of the crowd-sourced Wi-Fi hotspot and cell tower database cached on the iPhone,
  • ceases backing up this cache, and
  • deletes this cache entirely when Location Services is turned off.

In the next major iOS software release the cache will also be encrypted on the iPhone.

Looks like most of my questions will be addressed. Definitely my first and third questions will be addressed. My second question will probably be addressed by the reduced size of the cache, but they didn’t actually word it exactly like I did. My fourth question is based on new research done at NC State, and it could take more than a few weeks to implement in Apple’s Core Location Framework. More interestingly, Apple decided to encrypt the cache on the iPhone. Encrypting the database is probably partly genuine concern for privacy and partly a move to break tools like iPhoneTracker. I’ll leave it to others to figure out which part weighed more heavily. In the meantime, I’m satisfied with this announcement.

I should end by noting that Android systems do the same sort of location tracking. If you’re interested in more and you have a technical bent to you, start here.

Comments (0)

▶ Apple and Location Data

Apr 26, ’11 9:53 AM

The NY Times reports that some European governments believe Apple may have violated privacy laws by collecting and storing location data. From the article:

“This data that was supposedly discovered yesterday has existed in earlier iPhones,” said Alex Levinson of Katana Forensics, a company that specializes in extracting data from electronic devices for legal cases. Mr. Levinson said that he and colleagues had explained Apple’s practices at conferences and in research papers, and that his firm has helped law enforcement agencies “harvest geolocational evidence from iOS devices,” a reference to the Apple operating system.

The article goes on to mention that the data collection isn’t entirely new, and was discussed in a letter delivered to Congress last July from Apple. If you want to read the letter in its entirety, it’s online here (PDF). Ars Technica has more coverage of why this is suddenly news again and what Congress wants Apple to tell them now.

Jacqui Cheng makes an important point in that first Ars Technica article:

From the end-user point of view, Apple only does one kind of location tracking, and it happens via GPS. The company makes sure to notify you on your iPhone or iPad every time you use an app that will grab your GPS location so that you’re always informed of when you’re being tracked. However, that’s not all that’s going on behind the scenes. Apple also triangulates your location from cell phone towers and logs that information in order to help get a faster GPS lock (or to find your location without GPS if you’re getting bad GPS signal).

[...snip...]

Users don’t get to decide whether their locations are tracked via cell towers or not—unlike GPS, there is no setting that lets users turn it off, there’s no explicit consent every time it happens, and there’s no way to block the logging. (Nitpickers will point out that you do give your consent to iTunes when you download and install iOS 4, but this is not treated the same way as the consent given to the iPhone every time an app wants to use GPS.) So, whether or not you’re using GPS, if you’re using your iPhone as a cell phone, you are being tracked and logged constantly without your knowledge. This is why my trip to Hong Kong wasn’t logged (because I had all cell connections turned off while GPS was on), but my stop-over in Tokyo Narita on the same trip was logged (I had turned on my phone to make a quick call, but did not use GPS).

In short, simply turning Location Services to the “off” position doesn’t actually prevent you from having your location tracked.

I’m not convinced this is a uniquely Apple problem. Location is a killer feature for everything from getting driving directions to finding a place to eat to knowing what the weather will be like. It’s worth pointing out work that some of my colleagues at North Carolina State have done on Android-based phones:

Jiang says TISSA could be easily modified to incorporate additional settings that would allow more fine-grained control of access to personal information. “These settings may be further specialized for different types of information, such as your contact list or your location,” Jiang says. “The settings can also be specialized for different applications.”

For example, a user may install a weather application that requires location data in order to provide the user with the local weather forecast. Rather than telling the application exactly where the user is, TISSA could be programmed to give the application generalized location data – such as a random location within a 10-mile radius of the user. This would allow the weather application to provide the local weather forecast information, but would ensure that the application couldn’t be used to track the user’s movements.

Any smartphone worth the extra expense is going to have to track location some of the time, so we’re really talking about what level of control to give to users over that data. Should there be a master switch that actually prevents location tracking? Should location data be deleted after a reasonable period of time? Should users be able to manually wipe location data at will? As my colleagues point out, we should also ask whether users should be able to provide a slightly randomized bogus location within 10 miles for services that don’t require precise latitude and longitude, like weather. There’s a lot of room for innovation here.

Comments (2)

Relying on Regulation

Apr 17, ’11 3:59 PM

Great quote from Jim Harper about the recent proposed changes to FERPA:

When legislation or regulation is what you rely on for privacy protection, your privacy protection relies on political consensus staying the same. When political consensus changes, your privacy can go away.

Read the whole post. It’s short.

Comments (0)

Email and the Fourth Amendment

Apr 9, ’11 12:10 PM

The seemingly never-ending saga of email and the fourth amendment continues:

The Obama administration is urging Congress not to adopt legislation that would impose constitutional safeguards on Americans’ e-mail stored in the cloud.

As the law stands now, the authorities may obtain cloud e-mail without a warrant if it is older than 180 days, thanks to the Electronic Communications Privacy Act adopted in 1986. At that time, e-mail left on a third-party server for six months was considered to be abandoned, and thus enjoyed less privacy protection. However, the law demands warrants for the authorities to seize e-mail from a person’s hard drive.

If you’re interested in the DoJ’s argument, Wired.com has James Baker’s testimony (PDF). It’s only 12 pages, and it’s quick reading.

Comments (0)

Obama Administration Backs Privacy Law

Mar 17, ’11 11:43 AM

Computerworld is reporting that the Obama administration wants a new online data privacy law. The proposed law will likely be based on recommendations from the Department of Commerce. Whether you like those proposals or not, it’s hard to argue with this part of the Computerworld article:

Erica Newland, a policy analyst at the Center for Democracy and Technology, today said that the White House’s support for a new privacy bill will help its passage in Congress.

“This is incredibly significant that the White House has backed comprehensive privacy legislation,” Newland said. The support signals the importance of the issue, she said. The fact that the Commerce Department is solidly behind the bill is also noteworthy because it highlights the broad industry support that appears to exist for a privacy bill.

Definitely something to watch in the next few weeks.

Comments (0)

Location Privacy

Feb 2, ’11 3:52 PM

For years, law enforcement officials in the United States have been able to access some kinds of location data without a search warrant. It appears that Ron Wyden (D-Oregon) and Jason Chaffetz (R-Utah) are creating legislation that may change that situation:

The forthcoming legislation [...] will apply to “all acquisitions of geolocation information,” including GPS tracking devices that police are generally allowed to place on cars without warrants under current law.

It will address both law enforcement and intelligence investigations, including saying that Americans who are overseas continue to enjoy the same location-privacy rights, a nod to the debate a few years ago over rewriting federal wiretapping law. It will also extend the same privacy protections to both “real-time monitoring and acquisition of past movements.”

I admit that I’d probably be a little bit surprised if this eventually becomes law. The argument in favor of it falls into a lot of soundbite problems. On one hand, there’s the concrete benefit of law enforcement being able to access location data of suspects without the paperwork of a warrant. On the other hand, there’s the protection of this somewhat nebulous concept of ‘privacy.’ This mischaracterization is not at all uncommon for privacy concerns, but with more and more cell phones including GPS tracking, it is time to revisit the issue of whether location data should require a search warrant.

Comments (0)

Felten Named FTC Chief Technologist

Nov 5, ’10 11:57 AM

Yesterday the FTC announced that Dr. Edward Felten, Director of the Center for Information Technology Policy at Princeton, had accepted a position as the first Chief Technologist at the FTC starting in January 2011. In my opinion, this is fantastic news, and it’s received extremely positive coverage in the media. Here’s a bit from Ars Technica:

Princeton computer science professor Ed Felten today was tapped for a one-year stint at the FTC in a decision so shockingly sane that it’s still a bit hard to believe. Felten has a terrific reputation as both a researcher and advocate, someone with deep technical knowledge, a pro-consumer/pro-openness/pro-tinkering bias, and an aversion to posturing and zealotry.

Congratulations to the FTC and to Dr. Felten!

Comments (0)

Federal Cloud Computing Security Requirements

Nov 4, ’10 11:19 AM

This could be rather big news for cloud computing and federal agencies:

The Obama administration on Tuesday proposed a common set of security requirements for cloud computing that all federal agencies and contractors could share. The move is intended to expedite the transition to universal Web-based services by eliminating the need for agencies to assess and authorize every information technology product. During the next decade, the White House wants agencies to shift their IT operations to the cloud — the collective term for software, servers and file storage that users access online on a subscription basis — instead of managing and owning individual, in-house infrastructures.

The Obama administration has some personal experience with the pain of authorizing IT products for official government use. If you remember their campaign, they were widely regarded as being tech-savvy and taking a fast-paced approach to using the latest and greatest to get the job done. Then they got to the White House, and they were told they had to trade their MacBooks for desktop PCs running Windows XP. (Not to mention Obama’s well-publicized Blackberry addiction.) Suffice it to say that there was some difficulty accepting that they had to use particular equipment for security reasons.

The proposal includes two basic changes. First, it changes the current authorization process so that a product only has to be authorized once for government use. Previously, each agency had to authorize products separately. There’s something to be said for avoiding this kind of single point of failure, but it’s possible that other agencies were already using the same infrastructure to make the authorization process easier. In short, a single authorization process is a different set of security tradeoffs, not an unambiguously better approach to security.

Second, the proposal includes provisions to make “all of the security requirements, processes, and templates” publicly available. This is an almost entirely good sentiment. Security depends very heavily, but not exclusively, on avoiding the use of obscurity as a security measure and encouraging heavy scrutinization of security practices. Of course, good sentiments can quickly become “the best intentions” with no real follow-through.

Comments (0)

The Problems of Government Cryptographic Policy

Oct 30, ’10 2:10 PM

Here’s a must-read piece from Steven Bellovin, a Professor of Computer Science at Columbia and an internationally recognized leader in computer security research. I’m not sure how I missed this in both of my previous posts on the recent government push to wiretap the Internet. It beautifully ties together several recent stories and the history of government interests in modifying cryptographic protocols. Here’s a teasing snippet:

The oldest cryptographic protocol in the unclassified literature was published in 1978; a previously-unsuspected flaw was found in 1996 — and this protocol, in modern notation, is only three messages long. More recently, a serious flaw was found in crucial cryptographic components of the World-Wide Web. All of these flaws were blindingly obvious in retrospect, but the flaws had gone unnoticed for years. And all of these were for the simplest case: two parties trying to communicate securely.

The administration’s proposal would add a third party to communications: the government. This demands a much more complicated protocol.

Check this out if you’re looking for a broader explanation of why Government involvement in commercial cryptographic protocols is a bad idea.

Comments (0)