Author: jmadell

Note the location of MySpace. Amazing how rapidly the value of Internet-based intellectual property can plummet. Note the cyber-police at the bottom right, as well (image from Mashable.)

ArsTechnica reports that the California legislature is currently considering an anti-piracy bill that threatens to undermine privacy in a big way. Proposed by Senator Padilla, SB 550 would prohibit a person who manufactures optical discs for commercial purposes from making, possessing, or adapting any optical disc mold for the purpose of applying a forged, false, or deceptive identification mark or identifying code (under existing California law, every person who manufactures an optical disc for commercial purposes to permanently mark the manufactured optical disc with an identification mark or a unique identifying code). See Legislative Digest. In an attempt to bolster the ability of law enforcement to catch violators, SB 550 also provides for warrantless searches of commercial disc manufacturing facilities and warrantless seizures of violating discs. Wow.

According to §7 of the bill, officers “whose primary responsibilities include investigation of high-technology crime or intellectual property piracy” are authorized to perform inspections at commercial optical disc manufacturing facilities to verify compliance with the bill. This search can be executed without prior notice. Officers performing inspections have the authority under the bill to, among other things:

(1) Take an inventory of all manufacturing equipment, including the identification mark or unique identifying code that any piece of equipment has been modified to apply.

(2) Review any optical disc, manufacturing equipment, optical disc mold, or production part.

(3) Seize any optical disc or production part manufactured in violation of the law.

(4) Obtain and remove four samples each of the optical discs molded by each mold that has been used or could be used to manufacture optical discs.

Again, wow.

Not long ago, denizens of the web were thrown into a frenzy by Chatroulette, an innovative website that randomly paired visitors with webcams for impromptu video chats.

Hot off the HackerNews presses, meet RandTXT – Chatroulette for text messages. RandTXT allows anyone with a cell phone to anonymously send a text message to a randomly selected person and receive an anonymous reply from that person.

The instructions are simple: “(1) Send a (random, funny) text message to (650) 681-0830; (2) you’ll immediately receive a random text message from another person; (3) reply to the random text you just got; (4); get a reply to the original random text you sent.” All chat exchanges are posted to a public website that displays the originating phone’s area code but nothing else.

As with Chatroulette, the content runs the gamut from extremely obscene to serious, with almost anything in the middle. My favorite exchange so far:

Original Message: Is a hippopotamus a hippopotamus or just a really cool opotamus?
Reply Message: The latter

At first blush, this probably seems like a very minor addition to the technological landscape. After all, Twitter basically allows users to do the same thing – send short text messages. Yet there is something deep at the heart of RandTXT that is missing in Twitter – intimacy. Up until now, SMS has retained its status as a uniquely personal mode of communication. Unlike a tweet, which is broadcast to the world (or a limited number of followers), an SMS message is plain text’s version of the phone call. As a result, it brings with it a different set of contextually-rooted principles of information flow.

To give an example, one might well tweet one’s breakfast (particularly a delicious one), but one would probably not send an SMS to one’s friend solely to report this fact. While Twitter has become a forum for open contemplation and whimsical revelation, SMS is, or at least has been, a tool for more formal and personal communication. The social importance of SMS is evident in the sheer number of SMS-oriented applications that have proliferated on the iOS and Android mobile operating systems. Fast Society, Beluga, Disco, GroupMe – the list could go on. These applications offer very little that email does not. Yet they are extremely popular. For some reason, the SMS message holds a degree of appeal that other forms of communication can’t match.

If you buy my assertion that SMS is a more intimate protocol, then RandTXT becomes a lot more exciting. This is because RandTXT brazenly pulls SMS inside-out. The resulting cognitive dissonance – of using a private non-anonymous protocol (SMS) in a decidedly public and anonymous way – is thrilling.

OK – so it’s thrilling. Lots of online experiences are. But why should we care about this one? The thrill of services such as RandTXT and Chatroulette draws people into a mode of interaction they can’t find elsewhere. As a result, these services have enormous expressive potential. This is not to say that such open-ended services don’t have problems. As Jonathan Zittrain has famously pointed out, generativity can be a risky proposition. Plenty of objectionable content has surfaced on services such as RandTXT and will continue to do so. Yet insofar as Chatroulette and RandTXT users enjoy a social surplus from the new experience, and this surplus outweighs the loss caused by objectionable content, these services are worth supporting.

Which brings me to what I suppose is the point of this post – specifically (a) that opportunities for anonymity and pseudonymity on the web are shrinking, and (b) that this isn’t a good thing. While false identity allows those with impure motives to wreak havoc, it also empowers new (and old) methods of communication and human interaction. These methods of communication and interaction can advance not only our constantly-evolving discourse but also our understanding of ourselves. To the extent that privacy law exists to protect our right of expression, it should take care to make sure that the increasingly “identifying” Internet preserves a place for the delightfully obscured.

Surely most of you have seen Google’s “new” feature, Gmail Motion. If not, check out the video below:

Gmail Motion

The April Fools’ posting has become a bit of a tradition at Google. My personal favorite is Google Gulp. There’s a lot of fun to be had here for sure. But there’s also a lesson to be learned – or at least something serious to think about.

The Google pranks work because, like it or not, they are presented in the same “trust us, it’s OK” fashion as the rest of Google’s services. Like it or not, we have become accustomed to filling in forms, following links, and generally passively interacting with services we use online. When Google says “click here to find out about this amazing new service,” we probably do so. And when Google shows us a video about this new service, we expect to be (and are perhaps conditioned to think) that everything the video demonstrates is as great as it purports it to be.

Google, of course, capitalizes on this in building the visual elements of the prank. For example, the link to the prank is subtly included at the top right of the Gmail webmail client and below the Google homepage search field. These locations are precisely where Google draws us into legitimate new products. So we click.

The prank deepens with the landing page, the video on which is linked to above. The page is decked out just like any other Google product page. The usual language, font set, graphical flare – it’s all there. It draws us in in such a way that it might take a few minutes before we actually think critically about the substance. And, depending on how strong this effect is, we might be half through a tweet or Facebook posting about the service before we realize we’ve been duped. Not because we’re stupid. But because we’re operating on some sort of aesthetically-driven autopilot.

The point is that trusted parties such as Google have enormous ability to leverage the trust of users. In this case, the harm is minimal. A little embarrassment, if anything. This won’t always be the case. Google (and other major providers such as Facebook) are adept at using visual architecture, friendly tone, and other “trust cues.” Where the end result is a short video that informs you of the prank, there’s not much to worry about. But where the end result is unwitting participation in a terrible service such as Buzz, the ante is significantly upped.

The solution isn’t, of course, that we shouldn’t trust anything online. Services such as Gmail exist because we all trust Google with our content. Such trust, unmitigated, is problematic. But such trust, properly limited, is necessary to ensure the societal surplus that results when we can all use a valuable service such as Gmail. Rather, the problem is the risk of passive use and acculturation – the problem of “clicking here” or filling out a form by rote and without proper consideration.

I don’t have a solution for this problem in mind. For the moment, I’d just suggest that while we laugh at Google’s gag, we take a moment to think about why it’s so effective – and how the engine of that efficacy drives more serious and problematic privacy issues online.

Professor Ira Rubinstein’s comments to the FTC:

Comments

Professor Helen Nissenbaum’s comments:

NissenbaumIPTFComments

From the FTC: “The Federal Trade Commission, the nation’s chief privacy policy and enforcement agency for 40 years, issued a preliminary staff report today that proposes a framework to balance the privacy interests of consumers with innovation that relies on consumer information to develop beneficial new products and services. The proposed report also suggests implementation of a “Do Not Track” mechanism – likely a persistent setting on consumers’ browsers – so consumers can choose whether to allow the collection of data regarding their online searching and browsing activities.”

Find the report here.

Find the full release here.

Short but sweet post demonstrating why proof of concept hacks are very helpful! from SecurityWeek. Click here.

Shorter but not necessarily sweeter: Idiocy

Right on time for Halloween, a spooky post reminding us that creepy people offline + creepy people online = creepy people across domains. It never hurts to remember to always be careful out there…

So, there has been a fair amount of talk about Google’s Street View faux pas. Apparently, the data breach was more significant than some had anticipated. Apparently, among the bits and pieces of data collected were full emails!.

Perhaps more interesting is a hack developed by Samy Kamkar that uses MAC address information collected by Google to maliciously (and extremely accurately) determine a user’s geographical coordinates. Kamkar has a video demonstrating this hack (and the extent of information collected by Google’s Street View rovers here.