Wednesday's Takeaways of the Week

Discussing the Question of the Week: Is privacy dead?

• General consensus: No, Logan: Yes
• Conclusion: Privacy is changing and evolving over time, but it's not dead yet. 

Next Topic: Reclaiming Your Privacy

• Here we discussed 35 ways to protect your privacy
• These were divided into 3 levels:
• Normal
• Geek
• Tin Foil Hat
• Since Ivana listed the 35 points I'm not going to enumerate them again here.

Next Topic: Ephemeral Messaging & Related Assignment

• Ephemeral messaging could have uses in business as well as personal use
• May lead to a lack of evidence in lawsuits

My Takeaways: Some of these methods of protecting one's privacy seem like little steps which could make a big difference. I see a lot of webcams around covered with stickers, so that seems like a popular one. The use of a password logging app seems like it would take some of the hassle out of having long/complicated passwords for all online accounts, so I do plan on looking into that. The "tinfoil hat" methods are mostly beyond what I plan on doing though. 

As with everything, ephemeral messaging has its uses as well as potential problems. Although I haven't ever used Snapchat, it was interesting hearing about some of the issues people had with that app.

The Future of Privacy

Topic:

There is inherent tension between privacy and transparency.  Some argue that in a democracy transparency, not privacy, is necessary for public institutions, but that privacy, not transparency, is necessary for individuals. And yet governments and corporations have legitimate needs to keep certain secrets (think national defense and trade secrets) and certain individuals such as terrorists and criminals use privacy as a means of accomplishing their hostile and illegal acts (think encryption and ephemeral messaging).

How will the tensions between privacy and transparency be reconciled over the next 20 years?

This really depends on the events of the next twenty years. We know that there is a trade off between privacy and security. If there is a large event like 9/11 relating to national security, then people will be more than happy to give away much of their privacy to the government in order to feel a sense of security. This website has a poll asking if "Privacy and Freedom Is More Important Than Security." Even with the question being phrased in such a was as to equate privacy with freedom the results are surprisingly close with (53%) Yes and (47%) No. How will this opinion change in the next twenty years? There's no way to be sure. As for government and corporation transparency I think that people will always push for more transparency. "There is no public interest in reducing privacy for the powerless – but huge benefits in increasing transparency of the powerful" [3] I don't see many reasons why citizens would not push for transparency in a government that is supposed to be representative of them, even in the case of national security. People should want to know what steps the government takes to protect them. Even if the government is surveilling it's citizens a truly representative government would not fear backlash doing so in an open manner. Obviously this transparency would only extend to methods of data collection and not to the actual data collected.

Will one value prevail over the other or will they both be harmonized?

This is again dependent on extenuating circumstances that sway the will of the majority vastly to one side or another. I don't see a way that the trade off between privacy and security could be overcome, so as far as privacy of individuals is concerned I only see it being able to move between well balanced and heavy surveillance. I don't think there is a type of event that would cause the balance to shift towards the side of privacy over security but any amount of fear mongering over terrorism, national security, or even immigration directly leads to less privacy and more surveillance.

Will personal privacy be a thing of the past?

There are some reasons that lead me to think that privacy can also be a thing of the future. In the early 21st century there were many new threats to privacy, most of which people did not recognize. After 9/11 there was a push for more security over privacy,  this lead to the expansion of the NSA and passing of the Patriot Act. [2] Also in the early 21st century there was an explosion of new technology, smart phones with cameras became common place, Facebook was created along with other social media platforms, companies began mass data collection on their consumers, yet people remained oblivious to much of the data collection; even in more tech savvy generations. As of 2017,
44% of millennials in the United States believed that their personal information was kept private “all” or “most of the time” by the businesses or companies. [1] However, during the recent Facebook data scandal and subsequent issues it raised, the question of data privacy and data collection was brought into the forefront of peoples minds. It is possible that the issue of privacy will stay in peoples minds and eventually translate into new policies regarding data collection and privacy that lean much more towards the privacy side of the spectrum. 



[1] https://www.forbes.com/sites/blakemorgan/2017/02/13/the-future-of-privacy-and-customer-experience/#1b1fba8e5f0e
[2] https://debatewise.org/debates/3040-privacy-vs-security/
[3] https://newint.org/features/2015/01/01/privacy-transparency

Takeaways For Week NO. 15 (Wednesday 18th)

Reclaiming Your Privacy

Q: Is privacy dead?

Yes: 1 No: 11

Logan: “Privacy is as dead as blockbuster movies.”

(Last year this was a majority perceptive)

Ethan’s take on privacy:

“With the technological boom of the 20th/21st century, a child (our society) was essentially given a bicycle. It takes falling off of the bike a few hundred times (data breaches, data mining, unlawful surveillance, etc etc) until one day, something finally clicks and the child stops falling off the bike. Failure is bad in the sense that sensitive data is released and damaged, but failure is good in the sense that progress is being made”

The definition of privacy has changed, it has become more limited and requires more effort. Privacy is becoming increasing contextualized.

Privacy Practices:

35 ways to protect your privacy

Levels of paranoid

1. Normal
2. Geek
3. Tin Foil Hat

Level I: Normal

Practice good password hygiene

• Password protect all your computers and mobile devices
• Use complex password 8-12 characters, use a phrase (easier to remember)
• Use a separate password for each online account

password managers: Keeper 

• DON’T use the default online security questions, make one up yourself

Use best practices for authentication

• Use two-factor authentication
• Replace/combine passwords with biometric identification

Practice self-censorship and restraint

• Use cash to pay for embarrassing items
• Use the delete button often
• The fewer things you “like” on social media networks the less complete your online profile becomes
• Decrease your digital footprint ( Do not give unnecessary information like zip code or take online quizzes)

Be care with social network and apps

• If you haven’t used it in 6 months, delete
• Turn off geotagging when posting photos and status updates
• Some personal details you shouldn’t share on facebook
• Use sound judgment when posting a photo
• Log out when through viewing or posting

Be careful with social media and apps

• Change FB settings to “friends only”
• Check permissions when downloading an app
• Skip or monitor automatic updates
• Periodically review your apps and delete unnecessary ones

Level II: Geek  

Emphasize data security

• Encrypt your data security
• Don’t use an unencrypted cloud services
• Keep malware and virus protection software
• Use a VPN
• Property wipe computer and mobile device when disposing

Confidential Communications

• Encrypt your telephone communication
• Use an ephemeral messaging app
• Avoid free public networks or wifi

Keep in mind when web browsing

• Clear browser history and cookies on a regular basis
• Use a browser that does not track/profile EX: Go Go Duck
• Use an IP masker EX: TOR
• Install plugins to avoid tracking
• Use a disposable temporary email address

Level III: Tin Foil Hat

• Keep a Faraday case for your phone when your not making a call
• Cover all interfacing cameras on any internet connected devices
• Plug your headphones  when not listening to music
• Wear “unhackable”  fashion (Ex: drone cloak, glass led light escape facial recognition, laptop privacy headsock)

My personal takeaway:

After this week, I am going to start using some of these methods to ensure my privacy. I am going to begin to use a password manager which until this point I this not know existed. I might not go all the way to tin foil hat to create a sense of privacy but before this course, I did, however, cover my webcam with a sticker.

It was really interesting learning about ephemeral messaging and how individuals utilize it in business. Previously I had only known Snapchat, and now I know about confide. Though I see the potential benefits of ephemeral messaging I don’t believe it should be used in a business setting where could be potentially used for sexual harassment.

Learning Takeaways for Week 15 (Monday 16^th)

Reclaiming Your Privacy 

i)     Recent Privacy Developments

(1)  Mark Zuckerberg update 

(a)  Google and twitter CEO’s didn’t have to appear in the court

(b)  However, they have 14 questions that they have to answer due the 25^th

(c)  Google does way more advertising than Facebook does

(2)  346,000 Wuhan Citizens Secrets 

(a)  Art exhibit with special papers hung up displaying people’s private information that can be seen with special glasses

(b)  This exhibit was shut down after two days 

(c)  The artist said that he bought all of the information

ii)   Valarie’s Post-Multiple Platforms

(1)  Explains ephemeral messaging and identities

(2)  She listed 6 platforms

(a)  Snapchat, Wickr, Mirage, Dust, Confide, Facebook Messenger

(i)   Facebook Messenger uses encryption

1.    Secret Conversation: You can set timers for how long people can see your message before its erased

(b)  Vaporstream

(i)   “Say what you mean on Vaporstream”

(ii)  Their main hit was that email encryption only does so much

(iii)This platform makes it so that as soon as the message is read its gone

(3)  Cole’s Comment

(a)  Teens are bolder and less cautious when they have ephemeral messaging

(b)  People can use these apps to send explicit photos or say aggressive hateful things with no fear of repercussion 

(4)  Brady’s Comment 

(a)  Brady would like to keep records so that he can back up any false claims against him with evidence

(5)  Andrew’s Comment

(a)  Since the messages disappear online records can help back validity 

(6)  Quaid’s Comment 

(a)  Quaid said that ephemeral messaging is no different than speaking in private or burning letters like George Washington

iii)  Mark Cuban made Cyberdust to avoid government sifting through

(1)  Mark’s motivation to create Cyberdust was because of the fact he was prosecuted for inside trading

iv)  Not all Ephemeral Messaging apps are created equal

(1)  The questions you should find out before you use an ephemeral messaging platform

(a)  What electronic trail will be left?

(b)  Can you change the time the messages are seen?

(c)  Can you prevent screenshots?

(d)  Is the platform encrypted and encrypted in motion?

(e)  Is metadata collected?

v)    Issues and Challenges of Ephemeral Messaging

(1)  It can be limiting based on what the platform wants 

(2)  Can be abused for sexual harassment

(3)  Could be used for HIPPA and FERPA violations

(4)  Basically, it has pros and cons

vi)  Unique Issues to government use of ephemeral messaging

(1)  There is no accountability

(2)  Violates the Freedom of Information Act

Personal Takeaways

            I came into this lesson thinking ephemeral messaging might take over the business world in the future. However, it wouldn’t be for a while just because of the fact that email is the way of business. People aren’t easy to change especially if something like the email has been the standard forever. After this lesson, my feelings remained the same. Learning even more cons about ephemeral messaging just reinforced my feelings. The fact that the messages disappear is unreasonable In the terms of business. Contracts and agreements need to be recorded and evidence needs to be provided. I do like the concept of encryption however so I do believe that more and more companies will switch over to some kind of encryption. If ephemeral messages are involved without the disappearing of messages, then I would say their time is coming a lot sooner than later.

Q. OF THE WEEK NO. 13

Do you agree with the following statement? "Privacy as we know it is essentially dead and we must learn to live in a totally transparent world where every aspect of our lives, except for our unexpressed thoughts, are on open book."

A Less Permanent Internet: Ephemeral Messaging

What is it? Ephemeral messaging, or self-destructive messaging, is a system where messages are deleted after a certain period of time after being read. Messages can be text, images, videos or emails. The process usually involves encryption during transfer and strong password walls to verify users before messages are viewed. A certain period of time after the message is viewed it is deleted on both the sender’s and receiver’s devices, as well as the system servers. Examples of platforms that use ephemeral messaging are Snapchat, Wickr, Mirage, Dust, Confide and Facebook Messenger.

Purpose. Internet users have limited control over their online content, ephemeral messaging offers an increased level of privacy. It provides protection against a widespread distribution of the content you send and keeps conversations private from others. Since no record is maintained, someone with your device is unable to read those messages. Ephemeral messaging helps those who are hiding activities, which could be for privacy in everyday life up to hiding illegal activity or threatening messages that could otherwise be used in court. Generally, ephemeral messaging is for users to communicate without leaving a copy of everything they send to be permanently recorded. See this video (start at 2:45) for more information on benefits of ephemeral messaging.

How secure is it? It is impossible for ephemeral messaging to be perfectly secure. Some platforms have tools to prevent screenshots of messages, or require a finger to be on the screen to make it more difficult. However, this doesn’t prevent a user from having an external camera to take a picture of the content while viewing the message. There is also the possibility that the service provider doesn’t destroy their copy of the message. The apps’ companies may also collect some information for analysis or to sell to advertisers, or be forced to surrender that information when asked by the NSA or through the legal process for an employer or school. For more information see this website discussing potential security issues in ephemeral messaging. Despite the lack of perfect security, ephemeral messaging is more secure than regular messaging. The chances of the message content being released much lower, providing a more private means of communication.

Apps. The most popular app for ephemeral messaging is Snapchat. It has had some issues, such as getting hacked and potentially not deleting photos off their servers. Confide is another app, which has a feature requiring the user to drag their finger to reveal each line of the message, making it more difficult to copy the message. Facebook Messenger has a new feature, Secret Conversation, which includes encryption. Wickr allows its users to set the duration of auto-destruction on their messages. See this website for more information on popular ephemeral messaging apps.

Use in Business. Ephemeral messaging has begun to spread into business use. These apps could be useful in the communication of private and sensitive information. It can be essentially used as a digital version of in-person meetings or phone calls, in lieu of emails which maintain the information sent. Ephemeral messaging could protect businesses in the case of hacking, where their conversations would be vulnerable if stored. Sensitive information won’t be stored, where it has the potential to be found. Though ephemeral may not be for all communication, it may be used for information the company/entity wishes to keep private. This type of communication could be useful in government, hospitals, senior-citizen care, law enforcement, fire departments and financial institutions. Some regulation may be necessary to incorporate ephemeral messaging in business, this website outlines some possible regulations.

I cannot say if ephemeral messaging will be widely used, but it has benefits which gives it the potential to become commonplace. It offers a step towards making information on the Internet less permanent.

Works Cited

https://ssd.eff.org/en

http://www.techspot.com/guides/1292-web-security-anonymizer-primer/

https://www.lifewire.com/self-destructing-messaging-4102193

http://www.businessinsider.com/republicans-encrypted-ephemeral-messaging-app-confide-hacking-fears-gop-report-2017-2

https://iapp.org/news/a/new-wickr-ceo-looks-to-build-on-ephemeral-messaging/

https://www.forbes.com/sites/parmyolson/2013/11/22/delete-by-default-why-more-snapchat-like-messaging-is-on-its-way/#59691cd36f31

https://www.linkedin.com/pulse/ephemeral-messaging-need-self-destruct-apps-radhika-ramachandran

https://www.linkedin.com/pulse/part-2-best-practices-corporate-ephemeral-messaging-barsocchini

https://www.schneier.com/blog/archives/2014/04/ephemeral_apps.html

(2:45) https://www.youtube.com/watch?v=0ahNBwcqjaw

http://iphone.qualityindex.com/charts/19789/top-5-ephemeral-messaging-apps-on-iphone

Takeaways for week no. 12

Brady Jacobson

Weekly Takeaways

• Facebook and Cambridge Analytica controversy

• The British political consulting firm “Cambridge Analytica” took data from Facebook users and used that data for the sake of Trump’s presidential campaign.
• By analyzing friends and friends of friends, the 270,000 accounts who took the quiz turned into about 87 million accounts accessed without express permission.
• It’s shocking how Facebook could justify taking information from 87 million people despite the fact only 270,000 agreed to the terms of service.
• Lead to much well deserved criticism against Facebook. Some much needed progress has been made in the conversation regarding privacy.
• The #deletefacebook movement gained traction.
• Mark Zuckerberg gave testimony to the U.S. congress. 
• Changes to Facebook were implemented to give users greater control over privacy.

• The Deep Web

• The Deep web is everything that is not searchable, and makes up 90% of the web.
• This massive percentage makes sense in hindsight, as the Deep web includes both items in the dark web and items that are simply protected by a firewall, such as personal accounts for Facebook or Universities.
• The Dark web is a part of the Deep web, and contains much illicit material. The Dark web cannot be found through search engines like Google. The existence of the Dark web is thanks to software such as Tor, which offers anonymity to users. 
• It is ironic that Tor, a tool used to access the Dark web and all of the illegal markets it contains, was created by the U.S. government.

• Virtual Currency 

• These are currencies offered online, allowing users to remain anonymous. Over 700 different cryptocurrencies exist. 
• Bitcoin is the most mainstream cryptocurrency out there.
• Virtual currencies are pseudo-anonymous. 
• Public ledgers lack user names, but a number does exist.
•  IP-address can be located, which can be used to link transactions to individuals.
• BitCoin and other currencies are recorded with a public ledger. Nodes are used to verify transactions and private keys are used to link to the owner.
• Monero, during transactions, uses multiple possible recipients instead of just the one recipient, making it harder for outsiders to track who receives the money.
• Virtual currencies make it easy for illegal activity to take place. It is commonly used as currency on the Dark web, and Bitconnect was involved in a Ponzi scheme.

• Zuckerberg’s Testimony

• Mark Zuckerberg, in the wake of Facebook’s controversy, gave testimony to Congress.
• Facebook not opposed to some regulations.
• Deleted accounts are completely deleted from servers and backups.
• Facebook has a duty to reveal if someone was hacked in a reasonable timeframe.
• Some questions were brought up by congress that can be discussed in great detail.
• Has Facebook become to large to be lead by only a few people?
• Should tech companies be considered an information fiduciary? After all, they are entrusted with personal info.

• Dark Web sites

• “Dread Pirate Roberts” created Silk Road. The man, Ross Ulbricht, was arrested and sentenced to life in prison without possibility for parole.
• One service on the Dark web is to be a middleman between the purchaser and seller, offering greater anonymity.
• This can easily lead to an exit scheme, where the middleman takes the money without finishing the transaction.
• Dark Web News attempts to find and alert users to possible exit schemes.
• Emails and other credentials are sold online through the dark web.

• Should accessing and/or using the Dark Web be criminalized?

• Accessing was a point of contention.

• Many locations in real life are illegal to enter without permission, such as military bases or the White House lawn. Is the Dark Web really that different?
• Not all sites on the Dark Web offer illicit material, so should the entire dark web still be illegal to access?

• The Deep web and Dark web offer users a chance to be whistleblowers and activists against oppressive corporations and regimes. Should it be illegal for these people to access the website?
• The Dark web debate is similar to the gun control conversation. Some say we shouldn’t blame the platform (guns, the dark web), but rather blame the users.

Q. OF THE WEEK NO. 12

Should accessing and using the Dark Web be criminalized?

A Timeline by the New York Times of Regulatory Actions against Facebook and Google

Facebook and it's privacy and data policies have been in the news of late with the revelation that a British voter analytics firm accessed  personal user data from up to 87 million Facebook accounts in connection with Donald Trump's presidential campaign. The resulting public outcry has focused attention on the data and privacy practices of the major U.S. technology companies, including Google. Below is a timeline prepared by the New York Times summarizing the significant regulatory actions recently taken by both U.S. and European Union regulators against Facebook and Google.

By Natasha Singer

March 24, 2018

Over the years, regulators on both sides of the Atlantic have cracked down on Facebook and Google for privacy violations. But as the European Union prepares to introduce comprehensive new data protection regulation in May, European regulators have been stepping up investigations into tech industry data practices.

MARCH 2011

The Federal Trade Commission for the first time requires a company to institute a comprehensive program to protect consumer data privacy

Google reaches a settlement with the F.T.C., which charged the company with using deceptive tactics and violating its own privacy promises to consumers. Google had enrolled Gmail users in its social network, Buzz, without effective ways for them to opt out of the service or limit the sharing of their personal details, the agency said.

NOVEMBER 2011

The F.T.C. goes after Facebook for exposing users’ information

Facebook agrees to settle charges by the F.T.C. that it deceived users by telling them that they could keep their profile information private and then repeatedly allowing it to be shared and made public.

 AUGUST 2012

The F.T.C. fines Google $22.5 million for Safari privacy violations

Google agrees to pay $22.5 million to settle F.T.C. charges that the company misled people who used Apple’s Safari browser by placing advertiser tracking codes, called cookies, on their computers after Google told them that they would be opted out of such tracking. Google also violated a previous settlement that prohibited it from misleading consumers over how they could control collection of their data, the agency said.

ADVERTISEMENT

SEPTEMBER 2012

Facebook turns off facial recognition in Europe after complaints that the company failed to ensure user consent

After an audit by Ireland’s data protection commissioner, regulators reportthat Facebook turned off its photo-tagging facial recognition feature for new users in the European Union and will delete facial template data it had already collected from users there. The commissioner’s office saidFacebook had not sufficiently notified users or obtained their explicit consent to use the feature.

MAY 2017

The European Commission fines Facebook $122 million, saying the social network misled regulators about WhatsApp

The European Commission fines Facebook $122 million for misleading regulators during their investigation of the company’s acquisition of the WhatsApp messaging service. The commission, the executive arm of the European Union, says Facebook told regulators that it would be unable to automatically match an individual user’s Facebook account with his or her WhatsApp account. But WhatsApp later announced that it would begin sharing user data with Facebook.

In December, the French Data Protection Authority orders WhatsApp to stop sharing data with Facebook or face penalties. And in March, a German court bars Facebook from using data from German users of WhatsApp for Facebook’s own purposes, upholding the ruling of a lower court.

DECEMBER 2017

German antitrust regulators censure Facebook’s data practices

In a preliminary finding, Germany’s Cartel Office reports that Facebook has abused its dominant position in the country by requiring users to allow it to endlessly amass data by tracking them through other online services. In February, the regulator says it planned to investigate whether the ability of large platforms like Facebook and Google to set up closed advertising systems and have access to user data was limiting market competition.

FEBRUARY 2018

A Belgian court tells Facebook to stop tracking users around the web

A court in Belgium rules that Facebook must stop tracking users on third-party sites and delete the data it had already collected. The court says Facebook hadn’t sufficiently informed users about the data it gathered on their use of sites outside the social network or how it used that data.

MAY 2018

A sweeping data privacy law is set to take effect in Europe, reshaping data collection practices

The European Union will put into effect a comprehensive privacy law, called the General Data Protection Regulation, that requires companies to obtain consent from users before processing their data and allows the authorities to fine companies up to 4 percent of their annual revenue if they fail to comply.

Natasha Singer is a business reporter covering health technology, education technology and consumer privacy. @natashanyt

A version of this article appears in print on March 24, 2018, on Page A26 of the New York edition with the headline: Feeling