Law in the Internet Society

View   r5  >  r4  >  r3  >  r2  >  r1
JanethLopezFirstPaper 5 - 23 Aug 2014 - Main.EbenMoglen
Line: 1 to 1
Changed:
<
<
META TOPICPARENT name="FirstPaper"
>
>
META TOPICPARENT name="FirstEssay"
 

JanethLopezFirstPaper 4 - 28 Mar 2013 - Main.JanethLopez
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"

Changed:
<
<

Data Mining and Information Sharing

>
>

Information Sharing

 -- By JanethLopez - 16 Oct 2012

Introduction

Changed:
<
<
There’s a diminished expectation of privacy online that most internet users have already come to acknowledge and accept.
>
>
This course has focused my attention on a problem that I, along with other users of "free" online services, face - the disconnect between what we think we are sharing with one party for a specific purpose and the reality of being spied on in ways and for purposes that aren't as obvious.
 
Changed:
<
<
What has "expectation" to do with it? That's a doctrinal fragment from Fourth Amendment law. If it's relevant here, why is it relevant?

The use of many products online – email, games, maps, music and video streaming – comes at a price. What we watch, what we buy, who we email and chat with, where we go is all tracked by a computer’s browser or a mobile phone.

The issue is not primarily what is known to client software. If your browser is a free software browser not made by an advertising company (i.e. Firefox, the only common browser not made by an advertising platform company and released as free software with access to buildable source code) you can trust it. It's the server-side software and the logs that software creates that are dangerous to you. (Locked-down mobile operating systems are a problem, too, but you don't have to do dangerous things with a mobile phone, unless you've given your soul to the King of the Undead.) Do you understand the technology enough to write this essay? If not, we should see to it that you learn what you need to learn.

Many people seem to be willing to sacrifice their right to privacy in exchange for "free" online services. The problem is not that users are unaware that information sharing and data mining occurs, it is that they assume the purchasers of the information are advertisers, who are not looking to personally identify each user, but instead are aggregating information from millions of users to know how to sell products efficiently.

No, it's that they don't understand how either personally identifiable information or aggregate information, let alone the combination of the two, is used against them.

While the harm seems minimal when information collected is used for targeted advertising, when data is shared with and abused by credit card companies, insurance companies, and government agencies, not for the purposes of advertising, but for surveillance and risk management, the privacy concerns raised are too great to ignore.

Perhaps you should also think more seriously about what happens through the process of behavior modification known as "advertising." Perhaps you should interrogate the assumptions that lie behind this graf, never mind for other people, but for you. Perhaps it would be helpful to stop distancing yourself from the situation by writing about "people" instead of "me and those I love."

Information Sharing for Targeted Advertising

Companies gather information on the online movements of internet users in order to target ads that they believe these users are statistically more likely to click.

No. That's the least of it. Perhaps you're unconsciously minimizing, repressing cognitive dissonance, in order to avoid acknowledging facts that would disturb your beliefs?

The data collected provides an overall view of the user's digital self. For example, Google’s Privacy Policy and Terms of Service allows Google to share information taken from all of its services, aggregating information on a user as Google tracks her every move online. Google reads information from Gmail, videos watched on Youtube, appointments on Google Calendar, gps information when using Google Maps, Google Search terms, purchases made with Google Wallet, mobile purchases of music and games via Google Play, etc. and ties the data together to get an overall view of a user’s interests in order to provide targeted advertising.

No. Providing advertising would be not a very good business unless they were actually selling at auction the key words that motivate your behavior. They aren't just interested in what your interests are: they are reading what you are thinking now, constructing it from the totality of your online behavior over the last 45 minutes. They are selling your thought processes to people who use your thought processes to automate your behavior. But you don't want to believe that your identity is constructed from moment to moment, because you have a self-protective belief in the long-term integrity of stable unified personality. So you can't let yourself understand what Google's actual business is. That makes your writing less useful to other people, because instead of helping them to attain freedom, you're actually unconsciously reinforcing their ignorance while believing yourself to be telling them the truth. Poor you.

Attention is a scarce commodity, and internet users understand that advertisers need to know what their interests are, what they buy, and how much they are willing to spend in order to target the right products. Google assures customers that no humans read emails to provide the ads (Gmail Ads) and that it never sells or shares information that personally identifies them for marketing purposes. Of course, these policies could change, but for now, providing this information is a price people (myself included) are willing to pay for the convenience of integrated services, like Google Maps working with Google Calendar to indicate how much traffic there is to a user's next appointment. It’s spying, yes, but who cares if a bot somewhere reads my search terms and a “relevant” ad appears on the side of my screen? The practice seems harmless. Advertisers are not interested in finding out who I am, just what they can sell me.

How do you know? What's your evidence for this point of view? What do you mean by "no human being reads your Gmail?" You mean, no human being does so unless she wants to? What is your email doing where anyone could ever read it? Why can't you figure out how much traffic there is between you and your next appointment without someone reading your mail? I can. This all just reads like lazy thinking. But it isn't. It's thinking that doesn't want to discover something bad is going on.

The greater problem is the amount of information that is being stored forever and what, in additional to advertising, could be done with the information in the future. Web searches, gps location, calendar appointments, emails, and purchases, when mixed with the abundance of information available on social media sites, including private conversations, family photos, employment information, and details on significant events (births, deaths, marriages) give a far too detailed view of an individual. The danger, which is ignored by most, is the risk that this extensive data set could easily be shared with those who are interested in personally identifying users.

What do you mean "could be"? What's your evidence for the subjunctive mood?

Information Sharing with Banks, Insurance Companies, and Government Agencies

An aspect of this course that has made me uneasy is discussion of the ways in which this data mining can affect online users, not because of the data shared with advertisers, but because of the data being inferred from activity sold to insurance firms and banks or shared with government agencies that will later make assumptions or predictions about my lifestyle choices. This kind of information sharing has a far more direct effect on my life than targeted advertising.

Even putting aside the clear privacy issue of having personal information sold without consent, there are far too many possibilities for abuses and false positives. If a user consistently researches a specific medical condition for a family member or purchases wine with her credit card for a group’s weekly wine and cheese, could this activity reach health or life insurance companies, affecting premiums?

Why are you asking whether it could? You're repressing the cognitive dissonance caused by your implicit knowledge that it does. You were assigned to read about the executive in the data brokerage serving insurance companies who says he buys junk food only with cash to keep his own insurer from finding out. You know that baby care and formula producers data-mine hospital records to find out whose pregnant before the husband is told. Look more closely at your own emotional need not to learn.
>
>
The main problem with the way I live my life is that I use free applications that, in the aggregate creates a very accurate view of a user's digital self. For example, Google’s Privacy Policy and Terms of Service allows Google to share information taken from all of its services, aggregating information on a user as Google tracks her every move online. Google looks over my shoulder as I read messages on Gmail, watch videos on Youtube, enter appointments into my Google Calendar. It knows where I travel, anticipating my daily commute using Google Maps, what I search for in Google Search, the purchases I made with Google Wallet, the games I download to my mobile phone, and even the music I listen to with Google Play Music. As I use their cloud-based service to create and share documents, Google pretty much knows everything I write. I have handed Google all the information it could possibly want - if not for themselves, to sell to others.
 
Changed:
<
<
What if online searches for a bankruptcy lawyer reaches a bank or credit card company? An alternative concern is that, as a greater online presence has come to be the norm and not the exception, a refusal to provide information online could be regarded as suspicious. Right now, insurance companies and banks are interested in inserting code into Facebook and Twitter to find clues about policyholders or to find promising leads (Economist). What happens if a credit card company or health insurance company decides that a particular individual is actually a higher risk simply because she does not have the kind of online presence that would provide relevant information on her activities?
>
>
Why should we care? Before this course, I was always aware that these "free" programs came with some strings attached, in the form of data collection, but I hadn't paid much attention to the dangers of how the data would be traded with others and used to automate behavior, and how our privacy laws do little to limit access to my information, especially when it comes to access by government agencies.
 
Changed:
<
<
Many online companies, including Facebook, Microsoft, and Google, cooperate with government agencies' request for user data. Google seems to be the most transparent, releasing information on the amount of government requests and admitting to complying either fully or partially with over 93% of these government requests in the United States ([http://www.google.com/transparencyreport/userdatarequests/][User Data Requests - Second Half 2011]]). The number of requests not only for user information but for the removal of content has increased steadily in the past few years, raising concerns about how Google (and presumably other online companies monitoring online movements) responds to requests that violate users' rights to privacy and free expression (Google Transparency).
>
>

Information Sharing

 
Changed:
<
<

Conclusion

>
>
Web searches, gps location, calendar appointments, emails, and purchases, when mixed with the abundance of information available on social media sites, including private conversations, family photos, employment information, and details on significant events (births, deaths, marriages) give a far too detailed view of an individual. And companies like Google are strongly incentivized to share this extensive data set with those who are interested in personally identifying users. And, the data collected is not just used for targeted advertising, but also shared with credit card companies, insurance companies, and government agencies for the purpose of surveillance and risk management, raising important privacy concerns.

The information is shared in ways that affect our daily lives, used by companies to make determinations about how we will behave without our knowledge and without an opportunity to challenge these determinations. One example we have seen in this course is that personally identifiable data is shared between banks or credit card companies and insurance firms, who later make assumptions or predictions about their customers' behavior. Even putting aside the clear privacy issue of having personal information shared without consent, there are far too many possibilities for abuses and false positives. An alternative concern is that the lack of an online presence could also hurt me. As a greater online presence has come to be the norm and not the exception, a refusal to provide information online could be regarded as suspicious. Right now, insurance companies and banks are interested in inserting code into Facebook and Twitter to find clues about policyholders or to find promising leads (Economist). What happens if a credit card company or health insurance company decides that a particular individual is actually a higher risk simply because she does not have the kind of online presence that would provide relevant information on her activities?

Government Access to Information

The course has also brought up concerns about how outdated our privacy laws are, which makes our data available to government agencies without the need for a warrant. The government standards for monitoring of internet communications is outlined in the now 26 year-old Electronic Communications Privacy Act of 1986(ECPA). While the ECPA generally regards online communications as private and protected by the Fourth Amendment, requiring the government to obtain a warrant before they can "listen in" or intercept communications, it treats communications stored on the servers of an email service provider for more than 180 days as abandoned property, not subject to the warrant standard. While 26 years ago, emails kept on the service provider's server could arguably be "abandoned", today's online users have a different expectation. The reality is that the way we live our lives now, maintaining all of our messages, calendars, photos, documents, and other very sensitive information, in the "cloud" instead of on our own hard drives, means that the government is no longer bound by the Fourth Amendment and need only ask these service providers for the data.

 
Changed:
<
<
In order to make a conscious decision about how much to disclose and to whom, users need to know what kind of information is being collected and to whom it is being sold.
>
>
The courts have been little help, in some cases noting that the third party doctrine, which states that an individual does not have a Fourth Amendment privacy interest in information that they convey to a third party and which that third party later conveys to the government, means we give up our expectation of privacy in the communications we store on these servers. The doctrine extends not only to communications, but also to any documents we store with these companies (see United States v. Miller, 425 U.S. 435 (1976)).
 
Changed:
<
<
How will they do that? Who is going to tell them, and why?
>
>
In practice, many online companies, including Facebook, Microsoft, and Google, openly cooperate with government agencies' request for user data. Google seems to be the most transparent, releasing information on the amount of government requests and admitting to complying either fully or partially with over 93% of these government requests in the United States ([http://www.google.com/transparencyreport/userdatarequests/][User Data Requests - Second Half 2011]]). The number of requests not only for user information but for the removal of content has increased steadily in the past few years, raising concerns about how Google (and presumably other online companies monitoring online movements) responds to requests that violate users' rights to privacy and free expression (Google Transparency).

Conclusion

 
Changed:
<
<
At the very least, if assumptions are being made about a user by a bank or insurance company based on online activity or offline purchases, they should be made aware of what information is being used, be provided with a copy of the data collected on them, and be given a chance to challenge the assumptions, much in the same way we are able to look into credit reports when denied credit.
>
>
All of this information sharing creates a scary world in which these "free" services are not just collecting information to target advertisements, but also using the information against us, automating our behavior, and making assumptions that we are not able to challenge. In addition, just as a person might vitiate any Fourth Amendment protection to information by making a disclosure or giving up documents to a government informant, even without knowing the person's true identity, keeping our information in the "cloud" makes our service providers "informants" for the government. In order to make a conscious decision about whether or not to use these services, users need to know what kind of information is being collected and to whom it is being sold. At the very least, if assumptions are being made about a user by a bank or insurance company based on online activity or offline purchases, they should be made aware of what information is being used and be given a chance to challenge the assumptions, much in the same way we are able to look into credit reports when denied credit. In addition, until outdated privacy laws related to government access to communications stored information is updated to address the ways in which users actually interact with these services, we should be wary of keeping our lives in the "cloud".
 
Deleted:
<
<
That's a statutory right you got from legislation written on the floor of the Senate in 1974 during a late-night session when lobbyists weren't present as they are now. Are you seriously supposing that any such legislation could now emerge from a Congress owned by Pharma in which Google is now more important than Hollywood, and Facebook is more necessary to the National Security State than Electric Boat?
 
You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable.

JanethLopezFirstPaper 3 - 29 Oct 2012 - Main.EbenMoglen
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Line: 10 to 10
 

Introduction

Changed:
<
<
There’s a diminished expectation of privacy online that most internet users have already come to acknowledge and accept. The use of many products online – email, games, maps, music and video streaming – comes at a price. What we watch, what we buy, who we email and chat with, where we go is all tracked by a computer’s browser or a mobile phone. Many people seem to be willing to sacrifice their right to privacy in exchange for "free" online services. The problem is not that users are unaware that information sharing and data mining occurs, it is that they assume the purchasers of the information are advertisers, who are not looking to personally identify each user, but instead are aggregating information from millions of users to know how to sell products efficiently. While the harm seems minimal when information collected is used for targeted advertising, when data is shared with and abused by credit card companies, insurance companies, and government agencies, not for the purposes of advertising, but for surveillance and risk management, the privacy concerns raised are too great to ignore.
>
>
There’s a diminished expectation of privacy online that most internet users have already come to acknowledge and accept.

What has "expectation" to do with it? That's a doctrinal fragment from Fourth Amendment law. If it's relevant here, why is it relevant?

The use of many products online – email, games, maps, music and video streaming – comes at a price. What we watch, what we buy, who we email and chat with, where we go is all tracked by a computer’s browser or a mobile phone.

The issue is not primarily what is known to client software. If your browser is a free software browser not made by an advertising company (i.e. Firefox, the only common browser not made by an advertising platform company and released as free software with access to buildable source code) you can trust it. It's the server-side software and the logs that software creates that are dangerous to you. (Locked-down mobile operating systems are a problem, too, but you don't have to do dangerous things with a mobile phone, unless you've given your soul to the King of the Undead.) Do you understand the technology enough to write this essay? If not, we should see to it that you learn what you need to learn.

Many people seem to be willing to sacrifice their right to privacy in exchange for "free" online services. The problem is not that users are unaware that information sharing and data mining occurs, it is that they assume the purchasers of the information are advertisers, who are not looking to personally identify each user, but instead are aggregating information from millions of users to know how to sell products efficiently.

No, it's that they don't understand how either personally identifiable information or aggregate information, let alone the combination of the two, is used against them.

While the harm seems minimal when information collected is used for targeted advertising, when data is shared with and abused by credit card companies, insurance companies, and government agencies, not for the purposes of advertising, but for surveillance and risk management, the privacy concerns raised are too great to ignore.

Perhaps you should also think more seriously about what happens through the process of behavior modification known as "advertising." Perhaps you should interrogate the assumptions that lie behind this graf, never mind for other people, but for you. Perhaps it would be helpful to stop distancing yourself from the situation by writing about "people" instead of "me and those I love."
 

Information Sharing for Targeted Advertising

Changed:
<
<
Companies gather information on the online movements of internet users in order to target ads that they believe these users are statistically more likely to click. The data collected provides an overall view of the user's digital self. For example, Google’s Privacy Policy and Terms of Service allows Google to share information taken from all of its services, aggregating information on a user as Google tracks her every move online. Google reads information from Gmail, videos watched on Youtube, appointments on Google Calendar, gps information when using Google Maps, Google Search terms, purchases made with Google Wallet, mobile purchases of music and games via Google Play, etc. and ties the data together to get an overall view of a user’s interests in order to provide targeted advertising.
>
>
Companies gather information on the online movements of internet users in order to target ads that they believe these users are statistically more likely to click.

No. That's the least of it. Perhaps you're unconsciously minimizing, repressing cognitive dissonance, in order to avoid acknowledging facts that would disturb your beliefs?

The data collected provides an overall view of the user's digital self. For example, Google’s Privacy Policy and Terms of Service allows Google to share information taken from all of its services, aggregating information on a user as Google tracks her every move online. Google reads information from Gmail, videos watched on Youtube, appointments on Google Calendar, gps information when using Google Maps, Google Search terms, purchases made with Google Wallet, mobile purchases of music and games via Google Play, etc. and ties the data together to get an overall view of a user’s interests in order to provide targeted advertising.

No. Providing advertising would be not a very good business unless they were actually selling at auction the key words that motivate your behavior. They aren't just interested in what your interests are: they are reading what you are thinking now, constructing it from the totality of your online behavior over the last 45 minutes. They are selling your thought processes to people who use your thought processes to automate your behavior. But you don't want to believe that your identity is constructed from moment to moment, because you have a self-protective belief in the long-term integrity of stable unified personality. So you can't let yourself understand what Google's actual business is. That makes your writing less useful to other people, because instead of helping them to attain freedom, you're actually unconsciously reinforcing their ignorance while believing yourself to be telling them the truth. Poor you.
 Attention is a scarce commodity, and internet users understand that advertisers need to know what their interests are, what they buy, and how much they are willing to spend in order to target the right products. Google assures customers that no humans read emails to provide the ads (Gmail Ads) and that it never sells or shares information that personally identifies them for marketing purposes. Of course, these policies could change, but for now, providing this information is a price people (myself included) are willing to pay for the convenience of integrated services, like Google Maps working with Google Calendar to indicate how much traffic there is to a user's next appointment. It’s spying, yes, but who cares if a bot somewhere reads my search terms and a “relevant” ad appears on the side of my screen? The practice seems harmless. Advertisers are not interested in finding out who I am, just what they can sell me.
Added:
>
>
How do you know? What's your evidence for this point of view? What do you mean by "no human being reads your Gmail?" You mean, no human being does so unless she wants to? What is your email doing where anyone could ever read it? Why can't you figure out how much traffic there is between you and your next appointment without someone reading your mail? I can. This all just reads like lazy thinking. But it isn't. It's thinking that doesn't want to discover something bad is going on.
 The greater problem is the amount of information that is being stored forever and what, in additional to advertising, could be done with the information in the future. Web searches, gps location, calendar appointments, emails, and purchases, when mixed with the abundance of information available on social media sites, including private conversations, family photos, employment information, and details on significant events (births, deaths, marriages) give a far too detailed view of an individual. The danger, which is ignored by most, is the risk that this extensive data set could easily be shared with those who are interested in personally identifying users.
Added:
>
>
What do you mean "could be"? What's your evidence for the subjunctive mood?
 

Information Sharing with Banks, Insurance Companies, and Government Agencies

An aspect of this course that has made me uneasy is discussion of the ways in which this data mining can affect online users, not because of the data shared with advertisers, but because of the data being inferred from activity sold to insurance firms and banks or shared with government agencies that will later make assumptions or predictions about my lifestyle choices. This kind of information sharing has a far more direct effect on my life than targeted advertising.

Changed:
<
<
Even putting aside the clear privacy issue of having personal information sold without consent, there are far too many possibilities for abuses and false positives. If a user consistently researches a specific medical condition for a family member or purchases wine with her credit card for a group’s weekly wine and cheese, could this activity reach health or life insurance companies, affecting premiums? What if online searches for a bankruptcy lawyer reaches a bank or credit card company? An alternative concern is that, as a greater online presence has come to be the norm and not the exception, a refusal to provide information online could be regarded as suspicious. Right now, insurance companies and banks are interested in inserting code into Facebook and Twitter to find clues about policyholders or to find promising leads (Economist). What happens if a credit card company or health insurance company decides that a particular individual is actually a higher risk simply because she does not have the kind of online presence that would provide relevant information on her activities?
>
>
Even putting aside the clear privacy issue of having personal information sold without consent, there are far too many possibilities for abuses and false positives. If a user consistently researches a specific medical condition for a family member or purchases wine with her credit card for a group’s weekly wine and cheese, could this activity reach health or life insurance companies, affecting premiums?

Why are you asking whether it could? You're repressing the cognitive dissonance caused by your implicit knowledge that it does. You were assigned to read about the executive in the data brokerage serving insurance companies who says he buys junk food only with cash to keep his own insurer from finding out. You know that baby care and formula producers data-mine hospital records to find out whose pregnant before the husband is told. Look more closely at your own emotional need not to learn.

What if online searches for a bankruptcy lawyer reaches a bank or credit card company? An alternative concern is that, as a greater online presence has come to be the norm and not the exception, a refusal to provide information online could be regarded as suspicious. Right now, insurance companies and banks are interested in inserting code into Facebook and Twitter to find clues about policyholders or to find promising leads (Economist). What happens if a credit card company or health insurance company decides that a particular individual is actually a higher risk simply because she does not have the kind of online presence that would provide relevant information on her activities?

 Many online companies, including Facebook, Microsoft, and Google, cooperate with government agencies' request for user data. Google seems to be the most transparent, releasing information on the amount of government requests and admitting to complying either fully or partially with over 93% of these government requests in the United States ([http://www.google.com/transparencyreport/userdatarequests/][User Data Requests - Second Half 2011]]). The number of requests not only for user information but for the removal of content has increased steadily in the past few years, raising concerns about how Google (and presumably other online companies monitoring online movements) responds to requests that violate users' rights to privacy and free expression (Google Transparency).

Conclusion

Changed:
<
<
In order to make a conscious decision about how much to disclose and to whom, users need to know what kind of information is being collected and to whom it is being sold. At the very least, if assumptions are being made about a user by a bank or insurance company based on online activity or offline purchases, they should be made aware of what information is being used, be provided with a copy of the data collected on them, and be given a chance to challenge the assumptions, much in the same way we are able to look into credit reports when denied credit.
>
>
In order to make a conscious decision about how much to disclose and to whom, users need to know what kind of information is being collected and to whom it is being sold.

How will they do that? Who is going to tell them, and why?

At the very least, if assumptions are being made about a user by a bank or insurance company based on online activity or offline purchases, they should be made aware of what information is being used, be provided with a copy of the data collected on them, and be given a chance to challenge the assumptions, much in the same way we are able to look into credit reports when denied credit.

 
Added:
>
>
That's a statutory right you got from legislation written on the floor of the Senate in 1974 during a late-night session when lobbyists weren't present as they are now. Are you seriously supposing that any such legislation could now emerge from a Congress owned by Pharma in which Google is now more important than Hollywood, and Facebook is more necessary to the National Security State than Electric Boat?
 
You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable.

JanethLopezFirstPaper 2 - 16 Oct 2012 - Main.JanethLopez
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Deleted:
<
<
 
Line: 4 to 3
 
Changed:
<
<

Data Mining, Targeted Advertisement, and Risk Management

>
>

Data Mining and Information Sharing

 -- By JanethLopez - 16 Oct 2012

Introduction

Changed:
<
<
There’s a diminished expectation of privacy online that most internet users have already come to acknowledge and accept. The use of many products online – email, games, maps, music and video streaming – comes at a price. What we watch, what we buy, who we email and chat with, where we go is all tracked by a computer’s browser or a mobile phone as the trade-off for convenient, linked services. Many people seem to be willing to sacrifice their right to privacy in exchange for "free" online services. The problem is not that users are unaware that data mining occurs, it is that they assume the purchasers of the information are advertisers. While the harm seems minimal when information collected is used for targeted advertising, when mined data is shared with and abused by credit card companies, insurance companies, and government agencies, not for the purposes of advertising, but for risk management, the privacy concerns raised are too great to ignore.
>
>
There’s a diminished expectation of privacy online that most internet users have already come to acknowledge and accept. The use of many products online – email, games, maps, music and video streaming – comes at a price. What we watch, what we buy, who we email and chat with, where we go is all tracked by a computer’s browser or a mobile phone. Many people seem to be willing to sacrifice their right to privacy in exchange for "free" online services. The problem is not that users are unaware that information sharing and data mining occurs, it is that they assume the purchasers of the information are advertisers, who are not looking to personally identify each user, but instead are aggregating information from millions of users to know how to sell products efficiently. While the harm seems minimal when information collected is used for targeted advertising, when data is shared with and abused by credit card companies, insurance companies, and government agencies, not for the purposes of advertising, but for surveillance and risk management, the privacy concerns raised are too great to ignore.
 

Information Sharing for Targeted Advertising

Changed:
<
<
There are dozens of companies that gather information on the online movements of internet users in order to target ads that they believe these users are statistically more likely to click. The data collected provides an overall view of the user's digital self. For example, Google’s Privacy Policy and Terms of Service allows Google to share information taken from all of its services, aggregating information on a user as Google tracks her every move online. Google reads information from Gmail, videos watched on Youtube, appointments on Google Calendar, gps information when using Google Maps, Google Search terms, purchases made with Google Wallet, mobile purchases of music and games via Google Play, etc. and ties the data together to get an overall view of a user’s interests in order to provide targeted advertising.
>
>
Companies gather information on the online movements of internet users in order to target ads that they believe these users are statistically more likely to click. The data collected provides an overall view of the user's digital self. For example, Google’s Privacy Policy and Terms of Service allows Google to share information taken from all of its services, aggregating information on a user as Google tracks her every move online. Google reads information from Gmail, videos watched on Youtube, appointments on Google Calendar, gps information when using Google Maps, Google Search terms, purchases made with Google Wallet, mobile purchases of music and games via Google Play, etc. and ties the data together to get an overall view of a user’s interests in order to provide targeted advertising.

Attention is a scarce commodity, and internet users understand that advertisers need to know what their interests are, what they buy, and how much they are willing to spend in order to target the right products. Google assures customers that no humans read emails to provide the ads (Gmail Ads) and that it never sells or shares information that personally identifies them for marketing purposes. Of course, these policies could change, but for now, providing this information is a price people (myself included) are willing to pay for the convenience of integrated services, like Google Maps working with Google Calendar to indicate how much traffic there is to a user's next appointment. It’s spying, yes, but who cares if a bot somewhere reads my search terms and a “relevant” ad appears on the side of my screen? The practice seems harmless. Advertisers are not interested in finding out who I am, just what they can sell me.

 
Changed:
<
<
When using these "free" services, users are knowingly providing information to advertisers in order to target ads relevant to the user and the user's social network. Attention is a scarce commodity, and internet users understand that advertisers need to know what their interests are, what they buy, and how much they are willing to spend in order to target the right products. This practice seems harmless. Google assures customers that no humans read emails to provide the ads (Gmail Ads) and that it never sells or shares information that personally identifies them for marketing purposes. Of course, these policies could change, but for now, providing this information is a price people (myself included) are willing to pay for the convenience of integrated services, like Google Maps working with Google Calendar to indicate how much traffic there is to a user's next appointment or the Google search screen on a mobile phone providing the current exchange rate and the weather conditions for scheduled trip abroad. It’s spying, yes, but who cares if a bot somewhere reads my search terms and a “relevant” ad appears on the side of my screen? It’s a small invasion of my privacy if my information is only being used for advertising.
>
>
The greater problem is the amount of information that is being stored forever and what, in additional to advertising, could be done with the information in the future. Web searches, gps location, calendar appointments, emails, and purchases, when mixed with the abundance of information available on social media sites, including private conversations, family photos, employment information, and details on significant events (births, deaths, marriages) give a far too detailed view of an individual. The danger, which is ignored by most, is the risk that this extensive data set could easily be shared with those who are interested in personally identifying users.
 

Information Sharing with Banks, Insurance Companies, and Government Agencies

Changed:
<
<
An aspect of this course that has made me uneasy, however, is discussion of the ways in which this data mining can affect online users, not because of the data shared with advertisers, but because of the data being inferred from activity sold to insurance firms and banks or shared with government agencies for the purposes of risk management. There is a great difference between (1) collecting and aggregating information to customize advertising for people will similar interests, and (2) sharing/selling information that identifies me personally to credit card or health/life insurance companies that will later make assumptions or predictions about my lifestyle choices. This kind of information sharing has a far more direct effect on my life than targeted advertising.
>
>
An aspect of this course that has made me uneasy is discussion of the ways in which this data mining can affect online users, not because of the data shared with advertisers, but because of the data being inferred from activity sold to insurance firms and banks or shared with government agencies that will later make assumptions or predictions about my lifestyle choices. This kind of information sharing has a far more direct effect on my life than targeted advertising.
 
Changed:
<
<
Even putting aside the clear privacy issue of having personal information sold without consent, there are far too many possibilities for abuses and false positives. If a user consistently researches a specific medical condition for a family member or purchases wine with her credit card for a group’s weekly wine and cheese, and this activity is shared with health insurance companies, could it affect insurance premiums? What if online searches for a bankruptcy lawyer reaches a bank or credit card company? An alternative concern is that, as a greater online presence has come to be the norm and not the exception, a refusal to provide information online could be regarded as suspicious. Right now, insurance companies and banks are interested in inserting code into Facebook and Twitter to find clues about policyholders or to find promising leads (Economist). What happens if a credit card company or health insurance company decides that a particular individual is actually a higher risk simply because she does not have the kind of online presence that would provide relevant information on her activities?
>
>
Even putting aside the clear privacy issue of having personal information sold without consent, there are far too many possibilities for abuses and false positives. If a user consistently researches a specific medical condition for a family member or purchases wine with her credit card for a group’s weekly wine and cheese, could this activity reach health or life insurance companies, affecting premiums? What if online searches for a bankruptcy lawyer reaches a bank or credit card company? An alternative concern is that, as a greater online presence has come to be the norm and not the exception, a refusal to provide information online could be regarded as suspicious. Right now, insurance companies and banks are interested in inserting code into Facebook and Twitter to find clues about policyholders or to find promising leads (Economist). What happens if a credit card company or health insurance company decides that a particular individual is actually a higher risk simply because she does not have the kind of online presence that would provide relevant information on her activities?
 
Changed:
<
<
Many online companies cooperate with government agencies, including Facebook, Microsoft, and Google. Google seems to be the most transparent, releasing information on the amount of government requests for user data. It admits to complying either fully or partially with over 93% of these government requests in the United States ([http://www.google.com/transparencyreport/userdatarequests/][User Data Requests - Second Half 2011]]). The number of requests not only for user information but for the removal of content has increased steadily in the past few years, raising concerns about how Google (and presumably other online companies monitoring online movements) responds to requests that violate users' rights to privacy and free expression Google Transparency.
>
>
Many online companies, including Facebook, Microsoft, and Google, cooperate with government agencies' request for user data. Google seems to be the most transparent, releasing information on the amount of government requests and admitting to complying either fully or partially with over 93% of these government requests in the United States ([http://www.google.com/transparencyreport/userdatarequests/][User Data Requests - Second Half 2011]]). The number of requests not only for user information but for the removal of content has increased steadily in the past few years, raising concerns about how Google (and presumably other online companies monitoring online movements) responds to requests that violate users' rights to privacy and free expression (Google Transparency).
 

Conclusion


JanethLopezFirstPaper 1 - 16 Oct 2012 - Main.JanethLopez
Line: 1 to 1
Added:
>
>
META TOPICPARENT name="FirstPaper"

Data Mining, Targeted Advertisement, and Risk Management

-- By JanethLopez - 16 Oct 2012

Introduction

There’s a diminished expectation of privacy online that most internet users have already come to acknowledge and accept. The use of many products online – email, games, maps, music and video streaming – comes at a price. What we watch, what we buy, who we email and chat with, where we go is all tracked by a computer’s browser or a mobile phone as the trade-off for convenient, linked services. Many people seem to be willing to sacrifice their right to privacy in exchange for "free" online services. The problem is not that users are unaware that data mining occurs, it is that they assume the purchasers of the information are advertisers. While the harm seems minimal when information collected is used for targeted advertising, when mined data is shared with and abused by credit card companies, insurance companies, and government agencies, not for the purposes of advertising, but for risk management, the privacy concerns raised are too great to ignore.

Information Sharing for Targeted Advertising

There are dozens of companies that gather information on the online movements of internet users in order to target ads that they believe these users are statistically more likely to click. The data collected provides an overall view of the user's digital self. For example, Google’s Privacy Policy and Terms of Service allows Google to share information taken from all of its services, aggregating information on a user as Google tracks her every move online. Google reads information from Gmail, videos watched on Youtube, appointments on Google Calendar, gps information when using Google Maps, Google Search terms, purchases made with Google Wallet, mobile purchases of music and games via Google Play, etc. and ties the data together to get an overall view of a user’s interests in order to provide targeted advertising.

When using these "free" services, users are knowingly providing information to advertisers in order to target ads relevant to the user and the user's social network. Attention is a scarce commodity, and internet users understand that advertisers need to know what their interests are, what they buy, and how much they are willing to spend in order to target the right products. This practice seems harmless. Google assures customers that no humans read emails to provide the ads (Gmail Ads) and that it never sells or shares information that personally identifies them for marketing purposes. Of course, these policies could change, but for now, providing this information is a price people (myself included) are willing to pay for the convenience of integrated services, like Google Maps working with Google Calendar to indicate how much traffic there is to a user's next appointment or the Google search screen on a mobile phone providing the current exchange rate and the weather conditions for scheduled trip abroad. It’s spying, yes, but who cares if a bot somewhere reads my search terms and a “relevant” ad appears on the side of my screen? It’s a small invasion of my privacy if my information is only being used for advertising.

Information Sharing with Banks, Insurance Companies, and Government Agencies

An aspect of this course that has made me uneasy, however, is discussion of the ways in which this data mining can affect online users, not because of the data shared with advertisers, but because of the data being inferred from activity sold to insurance firms and banks or shared with government agencies for the purposes of risk management. There is a great difference between (1) collecting and aggregating information to customize advertising for people will similar interests, and (2) sharing/selling information that identifies me personally to credit card or health/life insurance companies that will later make assumptions or predictions about my lifestyle choices. This kind of information sharing has a far more direct effect on my life than targeted advertising.

Even putting aside the clear privacy issue of having personal information sold without consent, there are far too many possibilities for abuses and false positives. If a user consistently researches a specific medical condition for a family member or purchases wine with her credit card for a group’s weekly wine and cheese, and this activity is shared with health insurance companies, could it affect insurance premiums? What if online searches for a bankruptcy lawyer reaches a bank or credit card company? An alternative concern is that, as a greater online presence has come to be the norm and not the exception, a refusal to provide information online could be regarded as suspicious. Right now, insurance companies and banks are interested in inserting code into Facebook and Twitter to find clues about policyholders or to find promising leads (Economist). What happens if a credit card company or health insurance company decides that a particular individual is actually a higher risk simply because she does not have the kind of online presence that would provide relevant information on her activities?

Many online companies cooperate with government agencies, including Facebook, Microsoft, and Google. Google seems to be the most transparent, releasing information on the amount of government requests for user data. It admits to complying either fully or partially with over 93% of these government requests in the United States ([http://www.google.com/transparencyreport/userdatarequests/][User Data Requests - Second Half 2011]]). The number of requests not only for user information but for the removal of content has increased steadily in the past few years, raising concerns about how Google (and presumably other online companies monitoring online movements) responds to requests that violate users' rights to privacy and free expression Google Transparency.

Conclusion

In order to make a conscious decision about how much to disclose and to whom, users need to know what kind of information is being collected and to whom it is being sold. At the very least, if assumptions are being made about a user by a bank or insurance company based on online activity or offline purchases, they should be made aware of what information is being used, be provided with a copy of the data collected on them, and be given a chance to challenge the assumptions, much in the same way we are able to look into credit reports when denied credit.


You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. To restrict access to your paper simply delete the "#" character on the next two lines:

Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list.


Revision 5r5 - 23 Aug 2014 - 19:31:21 - EbenMoglen
Revision 4r4 - 28 Mar 2013 - 19:30:41 - JanethLopez
Revision 3r3 - 29 Oct 2012 - 16:59:45 - EbenMoglen
Revision 2r2 - 16 Oct 2012 - 14:38:39 - JanethLopez
Revision 1r1 - 16 Oct 2012 - 03:22:04 - JanethLopez
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM