“Whither goest thou, America, in thy shiny car in the night?” [Jack Kerouac]


Matt Chinworth/The Washington Post

When I buy a car, I assume the data I produce is owned by me — or at least is controlled by me. Many automakers do not. They act like how and where we drive, also known as telematics, isn’t personal information.

Cars now run on the new oil: your data. It is fundamental to a future of transportation where vehicles drive themselves and we hop into whatever one is going our way. Data isn’t the enemy. Connected cars already do good things like improve safety and send you service alerts that are much more helpful than a check-engine light in the dash.

But we’ve been down this fraught road before with smart speakers, smart TVs, smartphones and all the other smart things we now realize are playing fast and loose with our personal lives. Once information about our lives gets shared, sold or stolen, we lose control.

There are no federal laws regulating what carmakers can collect or do with our driving data. And carmakers lag in taking steps to protect us and draw lines in the sand. Most hide what they’re collecting and sharing behind privacy policies written in the kind of language only a lawyer’s mother could love.

You can read this at the Washington POST if you have the proper subscription – or [at least, right now] over at news.ycombinator.com

Google Blocks Privacy Push

❝ Google blocked a privacy push at the main organization that decides how the world wide web works, according to a recent vote that isolated the internet giant from others involved in the process.

The Alphabet Inc. unit was the only member of the World Wide Web Consortium to vote against the measure to expand the power of the organization’s internet privacy group, according to a tally of the results viewed by Bloomberg News. Twenty four organizations voted for the idea in a recent poll.

❝ The W3C, as the group is known, makes decisions by consensus, so Google’s objection was an effective veto.

Golly gee. The folks who tell us they “do no harm” don’t seem to be in any hurry to do some good.

Federal judge rules police can’t force you to unlock your iPhone with Touch ID or Face ID

❝ In the United States, a suspect’s property has the potential to be searched by law enforcement officials as part of an investigation, but some items are typically left alone. While people are protected from having to unlock their devices via a passcode, biometric security has been considered fair game for use by investigators, bypassing the passcode rules.

A January 10 filing in the United States District Court for the Northern District of California applying for a search warrant for a residence in Oakland reveals investigators wanted to look into the affairs of suspects in an alleged blackmail attempt, where they were claimed to have threatened to “distribute an embarrassing video” of the victim unless a payment was made.

❝ As part of the warrant request, there was also a request to compel individuals present in the search to use a fingerprint reader, facial recognition, or iris recognition to unlock devices found on the property. In the filing, the court denies the request, as it “runs afoul of the Fourth and Fifth Amendments,” specifically in relation to unlocking devices.

Nice to see there are a few judges remaining who rate the value of our Constitution above conservative wannabe fascists.

Keeping Sources Secure


Birgit Püve for The New York Times

How do you keep communications with sources secure?

❝ Before moving to Europe this summer, I spent about a decade covering national security and intelligence in cities like Washington, so I’m pretty security conscious. Before I left, a friend who works in intelligence offered a gentle reminder that most countries would probably consider me fair game for intelligence collection.

So I use a cheap Chromebook when traveling to places where curious eyes might be tempted to sneak a peek. I set it up with a burner account, and I never connect it to any personal or business accounts.

And all those note-taking apps? If I’m working on something particularly sensitive or talking to someone who is sticking his neck out by meeting with me, those notes often don’t get saved digitally. When the story is done, the notebook gets tossed and that’s the end of it.

RTFA and check out what Matt uses/does when he’s not in Total Invasive Security Fear Mode.

Comcast sent Ian 10 pizzas. Not to be nice; to manipulate.

❝ I didn’t realize how seriously companies take social media until last year, when I opened my front door and saw a delivery guy holding a stack of pizza boxes up to his chin.

Comcast had recently started advertising mobile-phone service where I live. Given that Comcast and AT&T were already the only local choices for broadband and cable, the move felt like an ominous sign of even more industry consolidation. I took to Twitter to air this worry. “It’s nice that Comcast is offering mobile phone service now,” I posted. “But until I can get Comcast delivery pizza I will remain empty inside…”

❝ …The company saw my tweet and responded: “Hey Ian, you rang? DM us the address where you would like it delivered & we’ll make it happen.” I thought I was calling Comcast’s bluff by answering that I wanted gluten-free mushroom pizza, and that because I was a customer, the company should know my address. “Do your brand thang,” I quipped…

Then the pizzas arrived. Ten of them, from a local place that delivers gluten-free pies. I was surprised, which is exactly the outcome Comcast was after.

Read the whole article. More and more folks are reacting to Social Media and what it has become – instead of what the cheerful delivery of free pizza would like you to believe. Is it worth it to you to leave their cozy quarters as, for example, Om Malik and many others have done with Facebook? Or stay just with Twitter as many of those leaving Facebook have also done?

And why? Two social media giants – in each of their categories are just that. Separate and distinct categories serving differing needs. And what do they care about you? Your privacy?

US in group of nations calling for encryption back doors

The privacy of Internet users “is not absolute,” according to a statement from a five-country coalition that includes the United States following a meeting about security, with the overall theme demanding technology companies to make social networks and messaging services safer and to offer more support to government agencies to break encryption and access potentially sensitive data…

“Privacy laws must prevent arbitrary or unlawful interference, but privacy is not absolute,” the statement reads. “It is an established principle that appropriate government authorities should be able to seek access to otherwise private information when a court or independent authority has authorized such access based on established legal standards. The same principles have long permitted government authorities to search homes, vehicles, and personal effects with valid legal authority.”

Lockstep unity between these five English-speaking nations and they all sound like they’d have no problem with the divine right of kings, either.

OTOH, There is this letter to Washington politicians from lots of organizations concerned with our human rights – including privacy.

GOOGLE lets outside developers read your email

❝ Just over a year after promising to no longer scan user emails in Gmail for personalized ads, Google is allowing outside developers to do just that

❝ According to a Wall Street Journal report published Monday, Google continues to allow outside software developers to “scan the inboxes of millions of Gmail users who signed up for email-based services offering shopping price comparisons, automated travel-itinerary planners or other tools.”

Vetted app developers that are part of Google’s Gmail program are allowed to read these emails to create new services or app features. Normally, the bulk of emails are scanned electronically by computer software, but in some cases human employees are doing the reading.

Same as it ever was.