Obama May Toughen Internet Privacy Rules

CWmike writes "The Obama administration is considering plans to step up policing of Internet privacy issues and to establish a new position to direct the effort, reports the WSJ, which cites unnamed sources. Any push for stronger federal oversight over online privacy is likely to be welcomed by privacy advocates increasingly concerned about the data-collection and data-sharing practices of big Internet and marketing companies. High profile cases such as the uproar over Facebook's personal data collection habits and the public reaction to Google's continuing problems over its Street View Wi-Fi snooping have created a broader awareness of online privacy issues. The big question, though, is just how successful any fresh attempt at enforcing new privacy strictures on the Internet will be with Republicans soon to be in charge of the House."

Re:I call

[Anonymous Coward]

Isn't that the idea behind the statement? Democrats have utterly failed so the question is will the Republicans do it any different?

Or you can look at it procedurally in that any time a house of Congress changes its power structure the effects of any law passed during a lame duck session of Congress may change. If you wish, you can mentally switch Republican with Democrat to mirror other changes of power, but today it's swinging D to R so the question is valid.

What we really need is punishment for violation

[gurps_npc]

Right now, when your privacy is violated, they say "My bad" and keep on going. We need a law that says something like: 1. For violating all non-medical, non-sexual privacy, (revealing Social Security information, bank account information, phone numbers, etc.) each incident costs the violater $100 fine per person 2. For violating medical privacy, each incident costs the violater $800 fine per person 3. For violating sexual privacy, each incident costs the violater $5,000 fine per person Having the fines go to the EFF (to avoid spurious lawsuits) This would be in addition to the legal right to sue for damages.

Re:Right.. Im going to trust the gov with privacy.

[Pojut]

While I agree with your overall point, I'd like to take this moment to point out how awesome it is that C-SPAN 1, 2, and 3 exist. Being given a direct line-of-sight into our legislative process is rad as hell, especially when compared to the secretive inner workings of many other governments around the world.

The people that call-in during the morning show on C-SPAN Radio commonly say "Thank you for C-SPAN". There's a damn good reason for that.

My Privacy Anecdote

[BJ_Covert_Action]

So, that's nice that the government wants to crack down on sites like Facebook, but I think there are data mining things going on that most folk (even some on slashdot) are unaware of. For instance, awhile back I decided to switch my car insurance policy from company A to company B. When I contacted company B and had them quote me a rate, they said there was an at-fault accident on my record that shouldn't have been there. I asked them where they got that information because my DMV record was clean. They explained that they got their info. from a third party company that gets that kind of information from DMV. They told me I could contact the company to have the accident removed from my record, as there seemed to be no problem with the insurance company disputing the alleged incident (in other words, I am not paying for the accident). Well, I did some Googling and internet browsing and found the company. They list themselves as a data aggregation company (one that I had never heard of) that will sell information to any party interested (information like my personal driving record). There was a whole process you could go through to "opt-out" of their aggregation service, effectively limiting them from collecting information on you. I started the process which involved a few forms asking for personal information. Not wanting to give this company much more information, I just decided to call them instead.

I talked to a customer service rep. and they helped me get though the opt-out process without giving up much more in the way of personal info. The rep. quipped, however, that my efforts were pretty futile because there were countless other companies providing the same services. So I asked for those company names and, sure enough, eventually found their web presence with similar business-descriptions and opt-out policies. All of this data aggregation was happening unbeknown to myself and probably most folk that are not in the car insurance industry. Many of them had outdated records (they only mine DMV so often), and showed various false information about my driving record in their records. This was the info. that would be used to analyze my driving habits for insurance rates. All in all, it was breathtaking how flawed and vast this info. gathering network was.

So, long story short, the privacy thing goes a lot deeper than Facebook. Frankly, I have a Facebook profile and I couldn't give a damn about my privacy settings on there (I never want to work for someone that takes things I say on a site like Facebook seriously). What I do give a damn about is companies that turn a profit off of data-mining me without my permission (I NEVER requested any of these company's services, why the hell do they have the right to gather a profile on me?)

Anyways, I would much prefer to see legislation regarding issues like mine rather than crap directed at Facebook or Google. Either way, it was a few months back that I went through all of this and I forget the name of the first company I contacted. I think I still have it written on a post-it note at home. I'll try to find it and dig it up to post in a response to this message later.

Google broke privacy laws

[Vainglorious Coward]

Actually, where I live, the collection of personal information is regulated by law, and Google is/was in flagrant violation of that law. It doesn't matter that the data was available in the clear, over the air : personal data is protected by law, and hand-waving excuses about technical errors or artifacts of collection process are irrelevant. I realise that the US has no proper privacy laws, but many other places (and all other industrialised nations) do have such legislation. Google simply ignored those laws, which is why they were called to task by the Canadian Privacy Commissioner and EU data regulators.

False Path

[dave562]

I have to hand it to the government on this one. They have completely reframed the idea of "privacy" online and separated it from anonymity. We all know that to have true privacy, you have to have anonymity. That aspect of the debate has already been marginalized and will never be addressed. Instead what we are getting is a regulatory regime that proposes to protect our real identities online. What happens if you do not want to use your real identity? It seems like the path that we are going down is to make it more and more difficult not to.

The battle has been lost. We're already in the aftermath; the laws are now being codified to solidify the decisions that have already been made.

It would be nice to see some push back against the government on this. I'm of the opinion that if they want me to be me online, I want a cryptographically secure authentication mechanism. I want two factor RSA. I don't want a single piece of unsolicited email. Unless I have opted in by signing with my digital key, I don't want to hear one peep from advertisers.

If the government is going to get involved, it better go one of two ways. Either A, let me be anonymous or B, make it so damn burdensome for anyone who I don't want to talk to talk to me that they decide it isn't worth the hassle to initiate communication unless I solicit it.

Re:Different opinions? Or different contributors?

[brirus]

I always thought "Tyranny of the majority" was a poor and insidiously elitist framing of the issue. "Tyranny of the uninformed" is better... so how can we as a society ensure that the decisions are made by fully informed people in a transparent manner? As self-proclaimed "nerds" (i.e. some of the best informed people on the planet), should we really defer that decision (or other decisions) to someone else? Red Flayer, I'd like to thank you for quoting the "metagovernment.org" url, because otherwise i might never have heard of it.