Michael Zimmer.org

A few days ago I blogged about how I was able to check my wife into a local liquor store using Facebook Places without her permission, despite Facebook’s insistence that “No one can be checked in to a location without their explicit permission”. This check-in has remained visible in my news feed, and depending on my privacy settings, may be viewable by any logged in Facebook user. Presumably there also is a database at Facebook that contains a record of my checking-in my wife into this location. Again, all without my wife’s explicit consent to participating in this new “feature”. Now, four days later, my wife had a chance to react to the notification she received from Facebook regarding my tagging her, and I thought I’d share a few more reactions to her attempt to opt-out of Places altogether.

Facebook has finally launched its location-based service: Places. Places allows Facebook users to “check in” wherever they are using a mobile device, and let’s their friends know where they are at the moment.

Facebook has tried to do a better job addressing privacy with Places compared to previous launches of new “features”. Particularly, Facebook brags that “no location information is associated with a person unless he or she explicitly chooses to become part of location sharing. No one can be checked in to a location without their explicit permission.”

But as I’ve played around with the service, I’ve uncovered a problem with Facebook’s assertion that “no one can be checked in to a location without their explicit permission.”

When Google launched Google Latitude 9 months ago, they took steps to ensure users’ locational privacy was protected. Among the most important privacy-protecting features was the fact that Google didn’t keep a log of user locations on its servers; only the most recent locational ping was stored. Not even law enforcement could gain access to a user’s location history. This design decision, apparently made in consultation with the Electronic Frontier Foundation, was a very positive step for Google, who I have taken issue in the past with regard to its …

Recently, the EFF released a report named “On Locational Privacy, and How to Avoid Losing it Forever“, introducing some of the basic threats to locational privacy:
Over the next decade, systems which create and store digital records of people’s movements through public space will be woven inextricably into the fabric of everyday life. We are already starting to see such systems now, and there will be many more in the near future.
Here are some examples you might already have used or read about:

Monthly transit swipe-cards
Electronic tolling devices (FastTrak, EZpass, congestion pricing)
Cellphones
Services …

A couple of stories popped up on my radar this morning related to cellphone privacy:

The New York Times has a story on advertisers increasingly collecting behavioral and locational data from consumers’ cellphone activities: “Advertisers Get a Trove of Clues in Smartphones”.
The Berkman Center for Internet & Society recently hosted a talk by Albert Gidari, a partner at Perkins Coie, on the legal dimensions of cellphone tracking: “They Know Where You Are: Location Privacy in a Mobile World” (webcast) (David Weinberger’s liveblog)

This week, Google launched Google Latitude, a new Google Maps feature that lets users share location data with friends, using either a mobile phone or through an interface on iGoogle. (see how it works here)
Unsurprisingly, concerns have arisen regarding the privacy implications of Latitude, and I, of course, have taken issue in the past with Google’s approach to (not) protecting locational privacy (as well as cellphone tracking in general).
But this time, I think Google got it right, and designed Latitude with user privacy in mind.
Here’s a quick rundown …

As I just mentioned, Google recently announced plans to blur or otherwise obscure people’s faces in the Canadian version of the Street View product. After a brief conversation with my colleague Chris Hoofnagle, I’ve come to realize that in their launch of Street View, Google blew a chance to really take a leadership role in protecting user privacy.
Google released Street View to much criticism, given the prevalence of visible and identifiable faces and license plates captured by their fleet of camera-toting cars trolling our streets. To remove yourself from the …

Given the obvious privacy concerns with Google’s Street View imaging system (as well as Microsoft’s Windows Live Local Virtual Earth), you would think providers of such services would make it easy for privacy-threatening content to be flagged and removed. While Google did provide a means to flag “unacceptable images” in Street View, I noticed right away how hard it was to figure out how to do that, while others noted the hoops one had to jump through in order to actually get it done.
In a positive move, Google has changed …

Even while Earthlink seems to be stepping away from municipal wi-fi projects, San Francisco is introducing a non-binding ballot proposal to gauge citizen interest in blanketing the city in Google/Earthlink hotspots.
Nathan Weinberg dug up a copy of the ballot initiative, which includes requirements for privacy protections (emphasis added):
Declaration of policy supporting a wireless broadband network that provides free high-speed internet access for all San Franciscans and protects user privacy.
It is the policy of the People of the City and County of San Francisco that:
(1) The City should provide a wireless …

There continues to be quite a bit of buzz and concern about Google’s “Street View” enhancement for Google Maps. A couple of comments on recent developments:
:::
I don’t want to be picky, but given all the (necessary) attention given to the privacy aspects of Street View, I still wonder where everyone was when Microsoft launched basically the same service last year. As I pointed out then, the same privacy and surveillance concerns emerge. Is Microsoft truly that irrelevant now that we’re no longer concerned about their ability to surveil and …

About 6 months ago Microsoft launched their Windows Live Local Virtual Earth service, providing street level images of San Francisco and Seattle. You can drive or walk around the map and view the streets and storefronts…and the people. This detailed level of mapping carries significant concerns about one’s privacy in public, which I pointed out at the time.
Google has now jumped into the foray, offering their own “Street View” enhancement for Google Maps. Pretty slick, but the same concerns persist. If you click on the image to the right, …

GPS systems installed on Milwaukee Police squad cars to help dispatchers track officers’ whereabouts have recently been found covered with foil, rendering them useless and the cars invisible to monitoring. The Milwaukee Journal Sentinel reports:
A Milwaukee police captain was walking through the District 7 garage over the summer when he noticed something wasn’t right about the satellite tracking antenna on the back of a squad car.
A closer look revealed that the small square global positioning system antenna was wrapped in aluminum foil.
Capt. Donald Gaglione called the radio shop and confirmed …

The New York Times recently extolled the virtues of using GPS in digital cameras and camera cellphones to “geotag” photos with the location at which they were taken:
…advocates of geotagging, like Stewart Butterfield, co-founder of the photo-sharing Web site Flickr, contend that linking pictures to maps can lend a new dimension to photography. For one thing, it can help people make some sense of the mounds of photos accumulating on their hard drives.
”The value may not be immediately apparent. But 10 years from now, nobody who’s geotagging their photos is …

On the heels of Microsoft’s recent release of privacy guidelines for software developers, here’s an excellent example of another company working with privacy scholars to try to protect end-user privacy when using location-based mobile devices. From ComptuerWorld:
Intel Drafts Privacy License for Mobile Device Software
Intel Corp. has attached a privacy license to its new location-aware software product, intended to protect cell phone users’ personal information as mobile devices increasingly rely on tracking technology to provide targeted services.
Installed on a smart phone or ultramobile PC, location-aware software can use GPS (Global Positioning …

The geospatial technology magazine, Directions Magazine, has an interesting article noting the growing privacy concerns facing the spatial technology industry, and the lack of legal guidance as to how the industry should protect a person’s personally identifiable spatial (PIS) data. Their conclusion:
Although there is little direct guidance as to how spatial companies should deal with PIS data, there is a great deal of precedent with other types of personal data. As a result, spatial companies that collect, process or distribute PIS data should consider keeping current on federal and state …