Michael Zimmer.org

When Google launched Google Latitude 9 months ago, they took steps to ensure users’ locational privacy was protected. Among the most important privacy-protecting features was the fact that Google didn’t keep a log of user locations on its servers; only the most recent locational ping was stored. Not even law enforcement could gain access to a user’s location history. This design decision, apparently made in consultation with the Electronic Frontier Foundation, was a very positive step for Google, who I have taken issue in the past with regard to its …

For quite some time now, I’ve been writing about how “search” has become the center of gravity of our informational ecosystem, and that a primary externality of our dependence on search has been the threat to privacy. On numerous occasions I’ve called on Google to engage in value-conscious design in order to protect user privacy, and specifically argued for the creation of a Google Data Privacy center where users can see exactly what data Google has collected about them from their expansive infrastructure of dataveillance, edit or remove this data …

Helen Nissenbaum and others on the PORTIA and PRESIDIO projects have released a white paper describing Privads, a client-side behavioral advertising system designed to protect users’ privacy:
Online behavioral advertising (OBA) refers to the practice of tracking users across web sites in order to infer user interests and preferences. These interests and preferences are then used for selecting ads to present to the user. There is great concern that behavioral advertising in its present form infringes on user privacy. The resulting public debate — which includes consumer …

Last month I noted that Google’s Street View service was being challenged by German data privacy authorities, who insisted that Google must permanently remove personally-identifying images from their databases (not just blur them in the user interface). Google argued that the original images are necessary to help the system “learn” how to automatically blur better in the future, but Germany feels (and I agree) that privacy must trump. engineering in this case.
Google has conceded, and will now erase identifiable raw data depicting people, property, or cars upon request.
This is a …

Today, a six page letter was sent to Google’s CEO, Eric Schmidt, asking Google to honor the important privacy promises it has made to its customers and protect users’ communications from theft and snooping by enabling industry standard transport encryption technology (HTTPS) for Google Mail, Docs, and Calendar.
The open letter is signed by 38 researchers and academics in the fields of computer science, information security and privacy law — myself included. The letter was spearheaded by Christopher Soghoian, a computer researcher, programmer and privacy activist, and it has already received …

Google’s Street View product has been criticized by privacy advocates since its very inception, including various posts on this blog. Two years after its release, Google continues to face challenges over its collection and treatment of potentially personally-identifiable images of people in public spaces.
Most recently, Germany has noted that Google’s (reluctant) blurring of faces and license plates is not enough, demanding that the original images themselves be permanently removed from their databases. Google argues that the original images are necessary to help the system “learn” how to automatically blur better …

Speaking of Lessig, two interesting cases emerged this week that help illustrate Lessig’s position that, when thinking about the architecture of cyberspace,  “code is law.”
In Code, Lessig argues that all of the rules, tendencies, affordances, and constraints of/in cyberspace are the result of human decisions, actions, and, ultimately, code. What we can and cannot do there is governed by the underlying code of all of the programs and protocols that make up the Internet, which can, alternatively or simultaneously, permit and restrict certain human actions:
In real space recognize how …

Today, Google announced its long-awaited behavioral targeted advertising program.
Building from its acquisition of DoubleClick, Google’s new ad system — which it refers to as “interest-based advertising” — will use cookies to track users across the multitude of sites that show Google’s display ads, allowing Google to create a profile of each user based on the kind of sites visited. Google will then target ads to a user based on that profile.
While Yahoo!, Micrsoft, and AOL have all been engaged in behavioral targeting for some time, Google’s entrance into this controversial …

We are frequently confronted with examples and rhetoric that people’s stated privacy preferences don’t match up with what they do in practice. For example, see Adam Thierer’s recent post, where he provides thoughts from Nick Carr, Bruce Schneier, and Jim Harper, all pointing to the conclusion that:
In a nutshell, ask anyone if they care about their privacy and almost 100% of them will say, yes, absolutely. But then ask them about what they do both online and offline on a daily basis and most of them will reveal a very …

I’ve written a lot here about the need for companies to engage in value-conscious design of their products and services. This, admittedly, is no simple task. Ever since spending a few weeks thinking about this topic a few years ago, my colleague Noëmi Manders-Huits and I have been organizing our thoughts on the pragmatic challenges of bringing ethics and values into the design & boardrooms.
The result of our efforts has just been published in a special issue of the International Review of Information Ethics focusing on the convergence between business …

I recently taped an interview with Milwaukee’s public radio affiliate, WUWM, and it aired today. The topic was privacy and technology, focusing mostly on how to balance the speed and ubiquity of new technology, the conveniences they provide, and the strains they place on personal and informational privacy. You can listen to it here.

Interestingly, I was asked a question I don’t often get: “Should we be scared?”
My reply was basically that fear is not the proper response, but we do need to be concerned and we need to take action, …

Over the past few days I have been attending the 9th annual conference of the Association of Internet Researchers (AoIR) in Copenhagen. This year’s conference is “Internet Research 9.0 – Rethinking Community, Rethinking Place“, and it has been expertly organized by The IT University of Copenhagen.
While I missed the first day, I was able to attend excellent panels on “Coding Places”, “Privacy Disclosure Identity”, “Beyond Offline vs Online: Effects of Technology”, “e-Health”, and “Gaming”.
One particular highlight was the …

I’m spending the next few days at the 72nd Annual Meeting of the Society of American Archivists in San Francisco, and I’m looking forward to learning more about many of the ethical and policy issues confronted by archivists in an age of growing digitization and Web-based archival services.
This afternoon I had the pleasure of presenting on a panel titled “Values in Design: Defining a Privacy-Aware Model for Web Access to Archives,” organized by Nancy McCall, Archivist at Johns Hopkins University Medical Archives, and her colleague Phoebe …

Similar to my recent probes and interactions with the designers of the social networking site Moli, I recently enjoyed the opportunity to discuss privacy-related design issues with the product manager for Microsoft’s HealthVault platform.
HealthVault is Microsoft’s attempt to provide an online platform where personal electronic health records can be stored, managed, and shared with various healthcare providers. HealthVault also features a topical search engine allowing users to search specifically for health-related information (Microsoft will use sponsored search ads on the search engine to monetize the HealthVault platform). Microsoft’s press release …

Earlier this week, Technology Review ran a piece discussing the social networking site, Moli, which allows users to manage multiple identities through a common login, controlling who gets to see what aspect of their lives. I was quoted in the story (and blogged about it), expressing concern that Moli, while pitching themselves as privacy-friendly, might actually pose a greater threat to user privacy than sites like Facebook:
Given that I have less control over who can see my profile at Facebook, there is some information I’m simply not willing to share …