Online Consumer Privacy in the Spotlight
Paula J. Hane
Posted On May 3, 2012
Choose Privacy Week is a national public awareness campaign that aims to educate the public on how to protect their privacy and understand their rights. This year, Choose Privacy Week is being held May 1-7, 2012. The theme is “Freedom from Surveillance.” The American Library Association’s (ALA) Office for Intellectual Freedom (OIF) established Choose Privacy Week in 2010 to deepen public awareness about the serious issue of government surveillance, and it offers individuals the resources to think critically and make more informed choices about their privacy. Through special programs, workshops, and events, the OIF aims to help libraries work with their communities in navigating these complicated but vital issues.
In conjunction with Choose Privacy Week, OIF released preliminary findings from a new survey measuring librarians’ views on privacy rights and protecting library users’ privacy. The data from the survey, which builds on an earlier 2008 survey assessing librarians’ attitudes about privacy, will help guide ongoing planning for Choose Privacy Week and similar initiatives. Librarians remain committed to protecting library users’ privacy, but the survey revealed some limitations in libraries’ handling of privacy issues, such as effectively communicating the library’s privacy policies to their patrons.
The timing for this public awareness campaign couldn’t have been better. Within the past week, we’ve seen controversial cybersecurity legislation highlighted in the news and high-profile media coverage of Google’s latest investigation by the Federal Communications Commission (FCC).
CISPA vs. Consumer Privacy Bill of Rights
On April 26, in an unexpected evening vote, the House of Representatives voted 248-168 to pass the Cyber Intelligence Sharing and Protection Act (CISPA), a controversial bill that allegedly would give the government and companies virtually unlimited power to track people online. The bill faced major bipartisan opposition but passed anyway. It now goes to the Senate where two similar bills have been sitting in committee review.
According to the Electronic Frontier Foundation (EFF), The Cyber Intelligence Sharing and Protection Act (CISPA) would allow companies to monitor our online communications and share private information about users with the government. “CISPA would let companies bypass all existing privacy law as long as they claim a ‘good faith’ belief that they are doing so for cybersecurity purposes. These exemptions would allow a huge trove of data to end up in the government's hands with no judicial oversight.”
Supporters of the bill emphasize that information sharing is voluntary under CISPA and say current laws leave them vulnerable both to cyberthreats and to lawsuits stemming from breaches of privacy and antitrust laws.
According to MapLight, a nonprofit, nonpartisan research organization that reveals money’s influence on politics, 34 major organizations gave contributions to House members in support of the bill, including AT&T, Facebook, IBM, Intel, Microsoft, Sprint Nextel Corp., and Verizon—3.4 times as much money as given by those in opposition to the bill, which included ALA, EFF, Privacy Rights Clearinghouse, the Sunlight Foundation, and others.
Concerned consumer groups continue to press for protective legislation while companies and industries that provide online services and collect personal information along the way push for legislation such as CISPA.
The American Civil Liberties Union (ACLU) called for some common sense in the legislative deliberation. “Much of the cybersecurity debate has been distorted by the conflation of scary stories of possible terrorist cyberattacks (scenarios that frequently fall apart when confronted by the facts) with troubling, but much lower-grade incidents of credit card and other theft. The result is a pervasive crisis atmosphere, which is then used to justify sweeping aside civil liberties in the name of security.”
While President Obama has reportedly not said he would veto CISPA if it were to pass, Alec Ross, a senior adviser to Hillary Clinton, reiterated the administration’s opposition to the proposals in more explicit language than previous statements from officials. “The Obama administration opposes Cispa,” he told the Guardian. “The president has called for comprehensive cybersecurity legislation. There is absolutely a need for comprehensive cybersecurity legislation.”
The White House has called for Congress to pass a Consumer Privacy Bill of Rights that will give people new legal and technical tools to safeguard their privacy. In February 2012, the White House released guidelines designed to improve online consumer privacy—Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy. The administration asked the Commerce Department to work with industry and privacy advocates to create and implement enforceable codes of conduct based on the set of guidelines.
The Consumer Privacy Bill of Rights advances these objectives by holding that consumers have a right to the following:
- Individual Control
- Respect for Context
- Access and Accuracy
- Focused Collection
Google Knew About Street View Data Collection
Recently, the FCC released a document asserting that Google had obstructed its investigation (ongoing since 2010) into Google’s Street View cars gathering information from Wi-Fi transmissions, though it cleared Google of legal wrong-doing. The information Google gathered included Wi-Fi access points, as well as emails, passwords, and more. Google had reported that the information was gathered by mistake and that an engineer was solely responsible for the code. Google then quietly released a complete version of the FCC report with only the names redacted, which indicates that the engineer had told at least one superior and that other engineers who worked on the project were in a position to know what was going on. It was quite clear that the data harvesting was not a rogue act.
The media picked up on this quickly, and soon the engineer who wrote the code was identified. Privacy advocates say this puts Google and the FCC in a bad light. Marc Rotenberg, executive director of the Electronic Privacy Information Center, told The New York Times, “Google’s rogue engineer scenario collapses in light of the fact that others were aware of the project and did not object. This is what happens in the absence of enforcement and the absence of regulation.”
Watching Out For Your Privacy Online
The tech media is full of commentary and suggestions of what users can do to protect themselves when searching and browsing the web. One of the best articles I’ve seen was on MSNBC TECH by Christina DesMarais, How to browse the Web anonymously. She notes that each of the major browsers has a “private browsing” mode that deletes cookies, temporary internet files, and browsing history after you close the window so others with access to your PC won’t be able to see what sites you visited. She also has suggestions for solutions with various levels of security and anonymity.
There have also been helpful cautionary posts about the apps you choose to use with Facebook. Now there’s an app called Privacyscore that will let users see which Facebook apps protect their privacy and which don’t. “Hundreds of millions of people use Facebook apps every day, sharing personal profile information widely across thousands of app providers,” said Jim Brock, PrivacyChoice founder and CEO. “Each app provider has its own privacy policies, which in many cases lack even minimal assurances. Our research also revealed that those apps bring in scores of third-party tracking companies, which in many cases also lack basic protections, choices, and oversight.”
Privacyscore.com is even mentioned as a tool to help consumers more readily compare websites’ data practices in the March 2012 report from the Federal Trade Commission, “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers.” The site lets you search for the scores of websites and you can download a plug-in for your browser that will show a privacy score at the top of each website you visit. It still pays to be cautious though—Google rates an 85 out of 100, Facebook a 95, and the NYTimes.com a 72.
FAQ on CISPA from PaidContent.
Electronic Frontier Foundation privacy analysis
Interesting infographic: Mother, Can I Trust Google?