On Several Fronts, US Gov't Prepares To Regulate Online Privacy 123
storagedude writes "There are at least five US government efforts underway to regulate data and online privacy, according to a new US government internet policy official, who sees some kind of privacy regulation as likely. Ari Schwartz, who left the Center for Democracy and Technology two months ago to become senior internet policy advisor at the National Institute of Standards and Technology, says issues like Facebook's never-ending privacy concerns are making some kind of a national law or regulation more and more likely. He thinks segregating identity from data isn't enough; the data must then be aggregated after identity is stripped out. He also called for objective measures of privacy compliance."
Major intrusion (Score:3, Funny)
Re: (Score:2)
That's not what "regulate" means.
Stock up on toilet paper, though.
Re: (Score:2, Funny)
By "regulate", they mean "forward to the NSA"...
Re:Major intrusion (Score:4, Insightful)
He thinks segregating identity from data isn't enough; the data must then be aggregated after identity is stripped out.
I'm no lawyer or anything, but last time I checked, that was the opposite of unmasking anonymous posters.
Re: (Score:1, Offtopic)
It says PRIVACY not PIRACY.
Re: (Score:2)
Stand by... (Score:2, Flamebait)
... for the "one more step to big government dictatorship" speech in 5-4-3-2-1...
Re:Stand by... (Score:5, Interesting)
That sounds a little bit sarcastic.
It may not be a step towards government dictatorship, but it is a step towards an environment where an oppressive government could germinate rather quickly. Or did you mean government dictatorship in the context of regulations and Big Government?
My first thought was that this is like having the fox guard the hen house. Considering how far the government has gone in the last 20 years to eliminate our rights to privacy, anonymity, and free communications in general I find it rather curious they are stepping up to protect us from Mr. Zuckerburg and evil Google.
They are the least of my worries. After all, I am not forced to deal with them.
While the government starts to create regulations that affect companies like Facebook and Google, I wonder why we so quickly forget its intentions to secure access to all encrypted voice communications? That development was quite recent, but let's forget that and talk about how people can see what I am doing with my chickens in Farmville. That is far more important right?
Re: (Score:2)
Bang on schedule.
Rhythm (Score:4, Funny)
Bang on schedule.
What does government advice about banging on schedule [womenshealth.gov] have to do with online privacy?
Re: (Score:2)
Dear citizen, cover up your webcam while banging. Love, the government.
Bwah! (Score:2)
Points to you [slashdot.org] both [slashdot.org]! (... if I had them.) Much laughter. Thank you for lightening my day!
Cheers,
Bwah! (Score:2)
Points to you [slashdot.org] both [slashdot.org]! (... if I had them.) Much laughter. Thank you for lightening my day!
Cheers,
Re:Stand by... (Score:5, Insightful)
The US government is sufficiently large that there isn't a single entity which can be called "the government". One part may well be genuinely interested in protecting privacy, while another part is doing its best to have the Fourth Amendment repealed. Schizophrenic? Oh yes. It's also part of why trying to make plans on what the regulatory environment will be like in four years a complete crapshoot.
There's also the matter than if the government acquires the ability to specifically regulate privacy on Internet sites (above and beyond the more basic "your Terms of Service say X, you did Y, you are in material breach of contract" which applies to all businesses), this forms precedent that the government has the power to regulate other things... content, access, reporting. Only the DHS and other jackboots would consider this a good thing.
No new law or government entity is needed to enforce compliance with privacy statements. Facebook can be held liable for violating its Terms of Service, and fraud on the basis of saying "we don't do this" when they in fact do (and then profiting from it). We don't need a Department of Enforcing Internet Stuff; we just need a judge, a jury, a plaintiff, and a court date.
Re: (Score:2)
For no purpose is the reduction of "the government" to a single entity useful.
Only if an offended party brings suit, and they'll only do that if they can find evidence. What's being suggested here is recognizing the violation of onlin
Re: (Score:3, Insightful)
I think you don't understand what a Terms of Service is. It binds the company to jack shit. There's nothing enforceable in it against the company. What it does is state up front behavior that they expect of you or they'll remove your access. If you need any proof that it's null and void- for a contract to be enforceable, it requires both sides to give up something material (called "consideration"). Terms of Service require no exchange, thus no contract is enforceable in court. The same goes for any "
Re:Stand by... (Score:4, Informative)
The US government is sufficiently large that there isn't a single entity which can be called "the government". One part may well be genuinely interested in protecting privacy, while another part is doing its best to have the Fourth Amendment repealed. Schizophrenic? Oh yes.
Hey! That's not what schizophrenic means! You should instead have said "Does the US government appear to have dissociative identity disorder? Oh yes."
Re: (Score:2)
Well, considering that the Federal Government (House, Senate, and President) hallucinated WMDs in Iraq, I'd say that they have schizophrenia. I'd also say the government has DID, ADD, and if you've ever seen legislators debate, bipolar disorder.
Crazy shit. We're screwed, dude.
Re: (Score:1)
Hey! That's not what schizophrenic means! You should instead have said "Does the US government appear to have dissociative identity disorder? Oh yes."
You're just mad because the voices talk to ME!
Re: (Score:2)
Re: (Score:2)
The US government is sufficiently large that there isn't a single entity which can be called "the government".
Exactly. Instead we have the Ministry of Love, the Ministry of Peace, the Ministry of Plenty, and the Ministry of Truth.
Re: (Score:2, Informative)
Quite contrary to the business propaganda, Adam Smith spelled this out Way Back When: the invisible hand needs a counter to it, and that's democratic, public government. "Unless government takes pains to prevent it..." http://books.google.com/books?id=-mxKAAAAYAAJ&pg=PA163&dq=unless+government+takes+some+pains+to+prevent&hl=en&ei=Ku_ATM3jE4y [google.com]
Re: (Score:2)
I think it is good that government makes some rules how Facebook stores your personal information.
I have seen far too many cases of how not to do it, how not to store passwords, social security numbers, medical history, purchase history, etc.
Sure "feeding the starving children" is more important, but it does not mean I am willing to allow Google to do whatever it feels is best just because "I am not forced to deal with them".
Re: (Score:2)
I find it rather curious they are stepping up to protect us from Mr. Zuckerburg and evil Google. They are the least of my worries. After all, I am not forced to deal with them.
But you are compelled (or nearly so) to deal with banks, insurance companies, and employers, all of which seem happy to use your private information against you.
And one by one... (Score:5, Insightful)
And one by one all the bills will die on the floor as the campaign money comes rolling in.
Re:And one by one... (Score:4, Insightful)
Are we sure all 5 of these are actually attempts to -preserve- privacy? Because if not, some of them might survive. "Regulation" to me doesn't mean "protection," skimming TFA didn't really clarify things any, and the bill is incomprehensible to me.
Re: (Score:2, Troll)
Are we sure all 5 of these are actually attempts to -preserve- privacy?
I'm sure they are all designed to protect privacy, in the same manner as the L.A. Police were trying to preserve the peace when they pulled over Rodney King. Subjective, perhaps, but in someone's eyes, I'm sure they are all "good" bills.
Re: (Score:1)
Are we sure all 5 of these are actually attempts to -preserve- privacy?
Of course not. It's an attempt at featherbedding the bureaucracy with another toothless department, whose main purpose is to collect political "donations" to be laundered during the election cycle. Close to 2 billion on this one so far... not too shabby
Re: (Score:3, Insightful)
Incomprehensible is fine. If it were readable, then politicians might have to actually do just that.
Re: (Score:2)
Rich people want privacy too and the way the laws work one in all in, it means there will be a lot of people that will demand far stronger privacy laws, anti-data mining laws and, protection of minors privacy and identities. Additionally held data reports to individuals, corporations should be required to report to all individuals for who they have information on, the nature of that information, the details contained therein and, give the individuals the right to correct and or delete that data and, this s
Re: (Score:3, Interesting)
And one by one all the bills will die on the floor as the campaign money comes rolling in.
One will stand. The one that ends up with language that protects corps which invade people's privacy.
Re: (Score:2)
I wonder if anyone's patented that business model.
1. Propose sweeping legislation affecting profitability of large corporations.
2. ???
3. Profit!
Re: (Score:2)
I wonder if anyone's patented that business model.
1. Propose sweeping legislation affecting profitability of large corporations.
2. ???
3. Profit!
At least some Politicians have that business model.
Do you think that lobbyists will pay if there is no threat?
How many are in it for Good Government?
Re: (Score:2, Insightful)
Re: (Score:2)
So I suggest: Privacy Regulations Over Facebooks & Internet Technology
To reflect all the lobbying which will shoot down most of the bits except the ones which involve making money.
Re: (Score:2)
Sorry. "Y" is a tough one.
Re: (Score:1)
Re:And one by one... (Score:4, Insightful)
Facebook's never-ending privacy concerns are making some kind of a national law or regulation more and more likely.
Looks like Facebook isn't ponying up enough lobbyists and campaign contributions. If they'd just do this and data-mine for the government, they'd probably be allowed to do everything they do plus install anal/brain probes on us.
Re: (Score:2, Funny)
Re: (Score:3, Insightful)
Too early to know . . . (Score:1, Insightful)
. . . if this is good or bad. It sounds "good" in theory but in execution we might all end-up with boxes tied to our lines that monitor everything we do.
Re: (Score:2)
Too late, AT&T, Comcrap, and every ISP already feeds all the data they move from their cores right out to the NSA. For "National Security." Bush signed your privacy away and Obama is keeping it status quo. Feel safer now? Yeah, me neither.
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
Expect any privacy protection legislation to be poisoned to the point of uselessness (think "... to protect the rights of terrorists and paedophiles." on the end of every sentence).
To protect online privacy... (Score:2)
...except from itself.
Double edged sword (Score:1, Offtopic)
On the one hand, such legislation would definitely be welcome in this current environment of information free-for-all. We could finally have some benchmark against which we could judge whether companies (and governments!) were properly addressing security and privacy concerns.
On the other hand, it puts an enormous burden on businesses, especially in the still nascent online business sector where we are far from seeing market maturity. Laws like this put a massive damper on technology improvement and force a
Re: (Score:2)
In 5 years without regulation your name would be Oracle_User_Entity_e45feb7a895abe88:0.1.
You want this now.
Re: (Score:2, Funny)
I don't want to hamstring American businesses while the industry is still in its infancy.
Re:Double edged sword (Score:4, Insightful)
B-M-W (Score:2, Interesting)
I don't want to hamstring American businesses while the industry is still in its infancy.
Just exactly what business is it that you believe might be 'hamstrung' by any legislation that might protect my privacy, and what good would such business possibly serve if it trades on my right to said privacy? Why should I care about any business person that might seek to trade on my personal information... WAIT THAT'S IT!!
All that would be REQUIRED in such legislation is that every online business that tracks it's user's data, habits, behavior or the like, include the details of it's intent, methods, dat
Re: (Score:2)
We could finally have some benchmark against which we could judge whether companies (and governments!) were properly addressing security and privacy concerns.
We could but we won't. It is more likely to be: your data is private, but not from us, the govt and law enforcement. And that's for your own good and protection.
Re:Double edged sword (Score:4, Insightful)
On the other hand, it puts an enormous burden on businesses
Since when did not revealing my personal data become a "burden"?
Re: (Score:2, Informative)
Don't you mean "since when did proving to the auditor that I am in complaince with 200 pages of regulations" become a burden? Have you ever done PCI compliance? Regulatory compliance is significant burden on a start up and that's the point. Established corporations love endless regulations, as that means there will never be a startup to shake up thier stone-age ways, and eventually the corps just start writing the regs themselves. This is called "regulatory capture", and it's how liberals make oligopoli
Re: (Score:2)
Re: (Score:2)
So you're saying that Facebook should be the only site of it's kind, and all the open source work in that area should be illegal? Nice.
Re: (Score:2)
Re: (Score:2)
That's not how legal compliace actually works, is the thing. Code review (and unit test) process is part of the audit criteria for some of this stuff. And you're not audited against any rational, sensible goals like "protect the users data" - no, it's compliance with hunderds of pages of arbitrary regs, which may include buying equipment produced only in some congresscritter's district.
There's just world of difference between "people ought to do X" and "let's pass a law".
Re: (Score:2)
I think I now know why Americans think the federal government has such a level of intrusiveness on their daily lives. They attribute to government any restriction, regulation, or social convention they don't like, regardless of whether the government has anything at all to do with it.
PCI has nothing to do with the government. It's a standard implemented by the Payment Card Industry Security Standards Counsel, which is an industry group of Visa, Mastercard, American Express, etc.
Re: (Score:2)
More /.ers are familiar with PCI compliance than most of the government stuff. Point taken though: HIPAA would have been a better example.
Re: (Score:2)
Right now in the health insurance industry we are having to hire a lot of external lawyers just to figure out how to comply with
Re: (Score:2)
Well, if they werent such unethical fucks, they wouldnt have to do any of that, as it is they cant behave so theyll be made to.
It never works that way past the first few years. Sure, year 1 you can regulate the giant, but by year 5 the giant writes the regulations, and hands them to their personal senator for passage. "But they suck, let's do something" does not result is useful control.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Dude. TMI.
Re: (Score:2)
"But I only watched 'Will And Grace' one time - one day. Wish I hadn't 'cause TiVo now thinks I'm gay" -- Weird Al
Re: (Score:1)
Um, and have you visited any gay porn sites? Or maybe it's just that you bought 5 CDs worth of show tunes on iTunes. Perhaps you're constantly searching Bette Midler movies on IMDB? Or maybe you do your Christmas shopping at Michaels.com?
Re: (Score:2)
More on topic. Homosexuality ads in either direction are often based on combining the "Gender" and "Looking for" facebook attributes. If you have the gender set, and you are "looking for" both genders, even if just for "friendship", you will get some Gay or Lesbian targeted ads (depending on your gender). It has always worked that way.
The advertises have always (or at least for nearly the entire existence of face-book ads) been able to target users based on Gender, age ranges, and "looking for" genders. The
Re: (Score:2)
Another tip: If you buy women's Halloween costumes or any other women's clothing on Amazon, be sure to mark it as "was a gift" or it'll think you've become a crossdresser. I can't imagine the hilarity that would ensue on a social-media-tard's Amazon account that's linked to their Facebook account.
"John Smith bought Sexy Cop Outfit"
"55 people Like"
Jim Green Says: "If I see you wearing that in public I'm going to pretend I don't know you."
Ernestine Brown says: "I told your mother not to play that Barbara Stre
Re: (Score:2)
If you don't want people to have access to certain information, don't post it at all.
Re: (Score:2)
If you don't want people to have access to certain information, don't post it at all. ...duh.
And monitor everyone else in the world to ensure they don't post it either.
In Soviet Russia, (Score:1, Troll)
Privacy regulates you!
Privacy and the Federal Government (Score:1)
If the Federal Government cares about privacy, they can demonstrate it by telling the people running Medicare to stop violating USC 42 1395b by suggesting to private insurers that they should refuse to insure customers who don't want to give their Social Security Numbers.
The US government already regulates privacy. (Score:3, Insightful)
As in seeing to it that we don't have too much of it. Think CALEA, for example.
Don't worry (Score:4, Interesting)
Maybe Facebook's, sure, but rest assured that the government won't limit their own ability to spy on you
Re: (Score:3, Interesting)
Re: (Score:3, Insightful)
What's needed are laws that make keeping data beyond their immediate purpose a strong liability. We should be able to
objective measures of privacy compliance (Score:1)
impossible... It's simply too easy to siphon off information without anybody knowing about it.
Want privacy??? (Score:1)
I have nothing online that I am concerned with someone finding out about. It is the World Wide Web. It is not your personal intranet! All the information is out there anyway if you know where to look.
The proposed regulations: (Score:1)
The FTC is pushing a browser-based do-not-track mechanism similar to the do-not-call list [ecrmguide.com]
Followed by numerous non-government codes o
no need (Score:2)
clearly the free market will solve this problem~
It's a little bloody late for that. (Score:5, Informative)
The EU and the Brits figured this out long ago. The British data protection act is a model of privacy protection that we should have emulated. But that was in the day that the world wide wibbley web was still very immature and back when moneyed interests weren't as powerful. Now there's so much inertia for data mining the web that this will never see the light of day outside any Senate or House committee.
--
BMO
Re:It's a little bloody late for that. (Score:5, Informative)
The British data protection act is a model of privacy protection that we should have emulated.
Actually, the DPA offers fairly poor privacy protection. It doesn't require opt-in before tracking personal data, for example, nor does it give you any right to demand that personal data held about you be removed from a system as long as that data is actually correct. In fact, it doesn't really offer any privacy guarantee at all in the traditional sense; we rely more on the provisions of the European Convention on Human Rights for such privacy protection as we do have.
The real problem we have today is that in a world with massive databases, fast and cheap communications via the Internet, etc., traditional privacy standards don't actually protect the things they used to in any meaningful way. We need to consider why privacy is important, and establish social and legal norms that protect what matters, instead of trying to somehow adapt ideas that are decades out of date as if they are still going to protect individuals from abuse by larger and more powerful organisations today.
So long as they don't go too far. (Score:2)
This might be good if limited to the kinds of information sharing that takes place without the user's knowledge, but I can easily see how it would turn out not to be such a good thing if the law catered to those who aren't cautious enough to protect their own privacy.
One example of a feature I consider useful that others might not is Amazon's suggestion system. In my case I actually want Amazon to suggest new books to me, and the only way it can do that is to collect information about the books that I and o
Sauce for the Goose? (Score:2)
Facebook's online privacy concerns?? (Score:1)
Last time I checked, Facebook wasn't going to reveal any information about me that I didn't put there to begin with. So now instead of simply telling people DON'T PUT ANYTHING ON THE INTERNET THAT YOU DON'T WANT PEOPLE ON THE INTERNET TO SEE, we have to have another set of 500 page regulations that no one will understand, that no one voting on them will even read before voting, and that will end up having some messed up consequences down the road. That makes sense. Your tax dollars at work, folks.
Okay, I
Dont be fooled (Score:2)
Dont be fooled, the corporations and governments will craft legislation to give them all the power they want to collect all the data they want, think: national security.
What Privacy Acts really do, In countries like Canada, is protect the governments and protect the corporations.
its so simple
"sorry we cant release that information because it would violate the persons privacy"
Executives, Politicians, Middle Managers, Bureaucrats, they are all people too, they all have a right to privacy, right?
customer comp
International visitors, sites and jurisdictions (Score:3, Insightful)
I understand that the US government can regulate the interaction between US citizens and US companies, and that it can also regulate US citizens and US companies each in their own right.
But if series-of-facetubes.dk (a hypothetical Danish company, operating in Denmark, privately owned by a Danish citizen) became the hot new social network, the US gov. can't really regulate it, can it? Of course, the US can always threaten to "bring democracy" to Denmark if we aren't obedient enough, but that would be kind of iffy.
So... given that any regulation can only give incomplete results, the point of it is... the incomplete results? I.e. "They're better than nothing"? Granted, some of the biggest perceived privacy threats are american (google, facebook).
Just a thought: whenever anyone wants to regulate the internet, ask yourself "how will this work, internationally?"
Re: (Score:2)
Ownership rights (Score:4, Insightful)
This crap is never going to stop until we clearly define who owns what data. Out current system says any data you collect is yours to do with as you please. I think we, as a society, need to change the definition. Henceforth, as proclaimed by me and everyone else that agrees, I am the sole owner of any and all data about myself. Sometimes we may share data, such as when I owe you money, but beyond that everything about me is mine, my location, purchases, height, weight, finger prints, DNA, medical history, library usage, bank balance and transactions, mood........ You may find you know some of these things about me. If you do, keep it to yourself and don't be caught recording it or selling it or aggregating it or I can sue you for theft of personnel data. All we need to do do is change the definition and this becomes possible.
Re: (Score:2)
It's not theft if you give it to them.
Re: (Score:2, Informative)
This works except for the plain view doctrine. Any information that is available in plain view, which when adapted to the context of the modern Internet include any information that you put in a publicly viewable site such as Slashdot, is free for use by anyone who can see it.
In real terms, if you leave your house, anyone can see what color your skin is. They cannot be prohibited from communicating that information to someone else. You cannot tell someone they are not allowed to know that which they can see
Re: (Score:2)
Re: (Score:2)
Re: (Score:2, Insightful)
No, because of non-thinking voters like *you*, we get the heavy hand of government.
Re: (Score:2)
You just now figured that out?
Re: (Score:2)
If the government was simply responding to bad business practices, why has there been no sensible policy or discussion about net neutrality, or why do I still pay $3 to make ATM withdrawals or pay a $30 NSF fee for a $1 overdraft, etc., etc.? It's because it is not in the government'
Re: (Score:2)
I am becoming more cynical and paranoid of government the older I get
That's normal. With age usually comes wisdom.