CategoriesJoin Us At:
|
Technology Changes Things. Latest Example: Student Records.Schools care about kids. Some are better than others but educators get into the business because they want to help kids grow and learn. Any teacher will tell you one of the key ingredients for doing that is knowing your kids. What kind of student are they, how are things at home, are they having discipline issues, the list goes on and on. In order to accomplish this, schools (big surprise) keep records so they can monitor educational achievement and other things. Of course this is generally a good thing, caring equates to better education. The problem (and there is always a problem), comes when you sprinkle in the magic of technology, specifically, interlinked databases of school records. Under No Child Left Behind and other education mandates, schools have been required to collect more information and to share it with the state and federal government. Much of this sharing is in disaggregated (anonymous) form, however for auditing and other purposes, it still has to be linked to identifiable information about students. Now, the outlines of the problem start to reveal themselves. It might have been okay for a local teacher to know about a student's rotten home life or health issues but it seems a lot less okay when that information can be accessed by a wide variety of faceless bureaucrats. Worse, when we start to store it electronically (especially for tracking students over time) the data retention periods get longer and longer. How long do we have to save the fact that you cheated on a test in high school? This is not a hypothetical problem. The hard-working folks at the Fordham Center on Law and Information Policy reviewed the state data collection practices on K-12 students in all 50 states. A sampling of the data collected by particular states includes: pregnancy, mental health information, criminal history, birth order, victims of peer violence, parental education, medical test results, and birth weight. They also found that information was not being handled in compliance with current law, and that there were no clear rules for accessing the information. Bad, right? It could get a whole lot worse. H.R. 3221, the "Student Aid and Fiscal Responsibility Act of 2009" (SAFRA) has already been passed by the House and is currently being considered in the Senate. This is generally a good bill, but it has in it a proposal to expand these databases of student records to college and workforce education. Some proposals even want to include birth to kindergarten. Suddenly, this looks like a pretty good start on a birth-to-death database where your every mistake is catalogued and saved forever. We talk about the problems and solutions in more detail in our recent letter to the Senate Committee on Health, Education, Labor and Pensions. Technology changes things. It's not just students that have to learn to use the latest computers and software. Educators and education officials have to recognize that the systems and data they use will have real ramifications for kids and the adults they become.
Your Life, Your Data. Or Is It?(Originally posted on Daily Kos.) When we update our status on Facebook, post those photos on Flickr, or shop for holiday gifts on Amazon, a whole lot happens behind the scenes. The more we do online, the more digital footprints we leave behind. Many sites we visit collect detailed information about us—our politics, hobbies, relationships and more. Outdated privacy laws often fail to keep your personal information from being shared, sold, or handed over to a snooping government—without a warrant! And the government and some Web companies don’t exactly want us to connect the dots. Who Protects Your Privacy? In a nutshell, no one. You might think someone is minding the store and protecting your privacy online. But in reality, the federal law that is supposed to safeguard the privacy of digital communications was written in 1986 — way before the Internet as we know it today even existed. That’s like having traffic laws that were written in the days of wagon trains. Online companies regularly receive demands for personal information about their users — with little to no judicial oversight. Facebook reportedly receives up to 100 demands each week seeking information about its users. AOL reportedly receives 1,000 demands a month. In 2006, a U.S. Attorney demanded book purchase records of 24,000 Amazon.com customers. (In a show of loyalty to users, the company successfully fought back against the subpoena.) Other companies, like Google, don’t make public how often information about their users is demanded or disclosed. No one should be forced to choose between using the Internet and keeping their personal information from being misused. We shouldn’t have to pay for these seemingly free online services with personal details about our lives. That’s where the ACLU of Northern California’s new Demand Your dotRights campaign comes in. It provides a behind-the-scenes look at everything from social networking, to photo sites, to search engines. The campaign helps you connect the dots to see how your favorite online activities make it harder for you to keep your private information, well, private. If you’ve seen our ACLU Facebook quiz, you’re already aware of the problem — but that’s just the tip of the iceberg. Our dotRights video explains the digital information trail and illustrates how personal information is collected throughout our everyday lives. Watch it here. Then go to the dotRights Action Center to find out what you can do right now to take back control and keep details about your private life from being used, abused, and sold to the highest bidder. Consumers Care About dotRights, So Businesses and Lawmakers Should Too Consumers clearly want more control over personal information, so it’s good business for companies to join consumers in demanding a privacy upgrade. A 2009 national telephone survey conducted by the University of California, Berkeley, and University of Pennsylvania revealed that 92% of American adults believe they should retain the right to delete their information from a site, and 69% feel there should be a law that gives people the right to know everything that a website knows about them. For companies that want to be a part of the solution, the dotRights site includes resources like Privacy and Free Speech: It’s Good for Business. This primer provides real-life case studies and hands-on tips for how businesses can build their reputations—while saving time and money—by protecting customers’ privacy. Plus, since privacy laws and policies don’t auto-update, there are additional materials to help policymakers. Privacy Laws Don’t Auto-Update It’s time for consumers, policymakers, and businesses to work together to define a clear legal and policy framework that fits our modern online world and keeps personal information from being misused. It’s time to demand a privacy upgrade. It’s time to Demand our dotRights. Join the movement to Demand your dotRights and spread the word.
Amended Google Book Settlement: Doesn't Deal with Privacy Problems(Originally posted on the ACLU of Northern California's Bytes & Pieces blog.) The Amended Google Book Search Settlement, filed with the Court on Friday, November 13, does not resolve the privacy concerns. The ACLU, along with EFF and the Samuelson Clinic, have been working to ensure that Google Book Search does not become a one-stop shop for government surveillance into the reading habits of millions of Americans and pushing for robust privacy and free speech safeguards to be included in the settlement provisions. Read more about the necessary safeguards here and in our Opposition Brief to the Settlement (PDF) filed on behalf of author and publisher members of the class. One of our core privacy concerns with the Settlement has been that reading records are not properly protected from disclosure to the government and third parties. Readers should be able to use Google Book Search without worrying that the government or a third party is reading over their shoulder. No settlement should be approved that allows reading records to be disclosed without a properly-issued warrant from law enforcement and court orders from third parties. The amended settlement does not resolve this concern, with its only new privacy provision being the following: "The revised agreement includes language that specifies that Google will not share any private information with the Registry without valid legal process." See Google's FAQ on the Settlement here. Google's privacy policy does not resolve this concern either. See our blog post here and Statement to the House Judiciary Committee here. Nor does its statements to the FTC here. Tell Google that you don't approve of this latest deal- that you won't pay for digital books with your privacy and free speech. Send a letter to Google CEO Eric Schmidt here.
Privacy For SaleRon Peterson has a variety of exciting aliases. "In Florida I'm a female prostitute (named Ronnie); in Texas I'm currently incarcerated for manslaughter," Peterson, a California resident, said. "In New Mexico I'm a dealer of stolen goods. Oregon has me as a witness tamperer. And in Nevada — this is my favorite — I'm a registered sex offender." All of this is thanks to the unregulated data aggregation industry. For decades data aggregators have been collecting information on Americans and selling it to the private sector and the government. This has become a multi-billion dollar industry with companies claiming to have tens of billions of records involving virtually every American. Since September 11, the government has become increasingly obsessed with collecting information on Americans and, to keep up with demand, these companies have developed even more ways to invade your privacy. Data brokers are selling details on almost every aspect of our lives including DNA analysis, purchasing habits and credit history, pilot and gun licenses, eviction notices, and even lists of family and associates. In response to the growing number of cases of mistaken identity the president of backgroundchecks.com stated, “We're not in the business of authenticating the identity of individuals. All we do is report the data that's supplied to us from the courts.” Are you kidding? Currently data aggregator companies function entirely unregulated and pose a serious threat to American citizens. They are not required to prove any of the information they are selling is accurate, there is zero transparency in what agencies they are selling it to and there is almost no way to hold them accountable for any misinformation they provide. Most often individuals have no idea they are even the subject of such an investigation. The Privacy Act of 1974 banned the government from collecting information on citizens who are not already the subject of investigation. To get around this many agencies are just purchasing the information from data brokers. Americans know the importance of individuals having a reasonable measure of knowledge and control over how they present themselves to the world. The government has a responsibility to protect that right and is not doing so. Today the Senate Judiciary Committee is considering a bill called the “Personal Data Privacy and Security Act” (S. 1490) that takes a first step toward regulating this dangerous industry. The bill does not tackle the major issue of whether the government has any right to be collecting this kind of information but it will put in place some desperately needed regulation. The ACLU’s letter of support of the Personal Data Privacy and Security Act can be found here.
The Naked TruthAs we gear up for another holiday season, the Transportation Security Administration has added a new wrinkle: naked travel. USA Today has just reported that the TSA has purchased “150 security machines at airport checkpoints that enable screeners to see under passengers' clothes”. These virtual strip searches allow TSA screeners to see detailed images of passengers' bodies. These machines have been around for a while, but it appears they have gone mainstream. This purchase will “vastly expand the use of the controversial body scanners.” But it’s not just the program’s expansion that is raising eyebrows. TSA has always maintained that these machines are for secondary screening only, and that no one will have to undergo a virtual strip search. But now the machines will be used in place of metal detectors. Many people will likely go through them without ever knowing that there is a person in the room next door checking out their assets. Beyond the horrible invasion of privacy, this retreat from the truth calls into question TSA’s other protections for the program. Specifically, officers who view the image are never supposed to see the live passenger, and the passenger’s face is blurred. Further, officers aren’t allowed to bring cameras into the room where these images are viewed, and the computer system is not supposed to be able to retain images. But this is nowhere in law or regulation. It’s simply TSA policy, subject to change at any time. TSA has resisted commonsense regulation — already passed in the House — that would largely codify what was supposed to be their existing policy and assure that these machines are only used for secondary screening. The Senate should quickly follow the House’s lead. If you’d like to take action on this issue, please click here. Any security mechanism can be defeated. Security is always a balance between effectiveness and invasiveness. In this case, the TSA has gone too far. Can American travelers please put their clothes back on?
It's Funny Because It's TrueYesterday, Newark, N.J. Mayor Cory Booker jokingly placed Tonight Show host Conan O’Brien on the "Newark New Jersey Airport No-Fly List," after the comedian poked fun at the city on his late night television show. Mayor Booker’s joke about O’Brien’s potential barring from flying out of New Jersey is very funny. Maybe O’Briens across the country should be worried and leave extra time for future hassles at the airport, as should O’Brians, Obriens, Obermans, and people named Conan. Just ask the wife of Alaska Senator Ted Stevens, Catherine. She shares a name with No-Fly lister Yusuf Islam, a.k.a. Cat Stevens. Sadly though, many innocent Americans are tangled in the web of the no-fly list every day because they have a name similar to a possible terrorist suspect. The list has over a million names on it. We’re not sure if making a joke that someone else doesn’t like will get you on the list, but for all the people who can’t find out why they’ve been listed and can’t get off, it might as well be true.
Life. Well-Watched.On Wednesday, Wired's Ryan Singel reported the FBI's National Security Branch Analysis Center (NSAC), a datamining center, has collected 1.5 billion records on citizens and noncitizens alike for use in domestic criminal investigations. This wouldn't shock us, frankly, except Singel found that private companies like Sears, car rental company Avis and the Wyndham Worldwide hotel chain (parent company of budget hotels such as Travelodge, Ramada and Days Inn), have shared customer information with NSAC. If this kind of government-private sector collusion doesn't worry you, then you can stop reading now. But if it does, know this: Wired.com’s analysis of more than 800 pages of documents obtained under our Freedom of Information Act request show the FBI has been continuously expanding the NSAC system and its goals since 2004. By 2008, NSAC comprised 103 full-time employees and contractors, and the FBI was seeking budget approval for another 71 employees, plus more than $8 million for outside contractors to help analyze its growing pool of private and public data. This kind of long-term plan to expand the FBI's datamining capabilities without congressional oversight is extremely worrying. As Singel points out, NSAC is the closest the FBI has gotten to resurrecting its Total Information Awareness (TIA) program, which was so far-reaching and scary that Congress, with bipartisan support, defunded it in 2003. Singel adds: The FBI also has ambitious plans to expand its data set, the budget request shows. Among the items on its wish list is the database of the Airlines Reporting Corporation — a company that runs a backend system for travel agencies and airlines. A complete database would include billions of American’s itineraries, as well as the information they give to travel agencies, such as date of birth, credit card numbers, names of friends and family, e-mail addresses, meal preferences and health information. If you don't care that the FBI knows that you prefer vegan meals on your flights, no biggie. But your credit card numbers? The federal government isn't known for its foolproof protection of private information, so start worrying.
ACLU Legislative Counsel Legislative Counsel Christopher Calabrese said in a statement yesterday: It is not only troubling that the FBI is collecting this vast amount of information, but also that the information remains in the possession of the FBI, whether or not it is relevant to suspected criminal activity or reliable. The way this collection and retention works, if you happened to be staying at the same hotel or renting a car the same day as someone currently under FBI investigation, your private information is swept up and locked into one of these databases forever. The presumption of innocence is turned on its head and everyone becomes a suspect. So the next time you're staying at a Howard Johnson, make sure your in-room movie selection is something you wouldn’t mind the government keeping forever in its database.
ACLU Submits Statement to House Judiciary Committee on Google BooksThe ACLU submitted a statement to the House Judiciary Committee for yesterday's hearing on Google Book Search: The failure of the Settlement to include protections for book records and limitations on data collection, retention, use, and disclosure should be of great concern to this Committee, particularly given the tremendous breadth of the Google Book Search services that will emerge from the Settlement and the likely impact they will have on future authors, readers, libraries, the book market, and broader competition in the online services market. The ACLU believes the Committee should address the following issues:
For more information, please see the ACLU of Northern California's main Google Books page.
"The Fat Lady Has Sung for the Fourth Amendment"Sacramento's KXTV reported on our lawsuit to enforce our Freedom of Information Act (FOIA) request for records about Customs and Border Protection’s (CBP) policy of searching travelers’ laptops without suspicion of wrongdoing. We want to see the criteria used for selecting passengers for suspicionless searches, the number of people who have been subject to the searches, the number of devices and documents retained and the reasons for their retention. Pretty basic stuff, we think. "I don't carry my laptop overseas anymore," said Sacramento attorney Mark Reichel. "The fat lady has sung for the fourth amendment."You could also encrypt your hard drive, as the ACLU’s Technology and Liberty Project public education director, Jay Stanley, suggested last month. But whether you're using software or express mail to get around the CBP's invasive policy, those solutions don't address the fact that the government is violating your Fourth Amendment right against unreasonable searches and seizures. KXTV’s news segment features ACLU National Security Project attorney Larry Schwartztol explaining why laptop searches at the border are different from traditional searches of luggage. As Larry explains, your luggage probably doesn’t contain personal documents and files, pictures of your family and friends, all of your email correspondence or sensitive business information. Has your laptop been searched at the border? We want to hear your story. Contact us at "nspintake [at] aclu.org."
Please Join Authors, ACLU in Opposing Google Book Search Deal(Originally posted on Daily Kos.) A coalition of authors and publishers, represented by the ACLU, the Electronic Frontier Foundation, and the Samuelson Law, Technology, and Public Policy Clinic at the University of California Berkeley School of Law, filed an objection this morning in the Google Book Search case. The objection urges the federal judge to reject the proposed settlement because it lacks critical privacy rights for readers and writers. The objection has been filed, but we need your help to protect reader privacy. Write Google CEO Eric Schmidt and tell him that you won’t pay for digital books with your privacy. Insist that Google promise that Book Search will not become a one-stop shop for government and third party fishing expeditions into your private life! Jonathan Lethem, best-selling novelist and winner of a National Book Critics Circle Award, said: Google Book Search and other digital book projects will redefine the way people read and research. Now is the moment to make sure that Google Book Search is as private as the world of physical books. If future readers know that they are leaving a digital trail for others to follow, they may shy away from important intellectual journeys. If approved, the settlement would give Google the greenlight to scan and digitize millions of books and allow users to search for and read those books online. While the ACLU strongly supports efforts to expand access to information, Google’s service would also become the single largest collection of reading records in the world — like someone following you around the library, writing down every book you pick up and every page you read. Without strong privacy protections, this sensitive and highly personal information would be vulnerable to fishing expeditions by law enforcement or civil litigants. Readers need to know that Google Book Search will provide as much privacy in online books as they have in a library or a bookstore, so that it doesn’t become a one-stop shop for government access to the private lives of Americans. Unfortunately, neither the current settlement nor Google’s just-announced Google Books privacy policy are adequate to protect user privacy, and therefore the coalition has filed its objection to the settlement. For more information about privacy issues related to Google Book Search and to write a note to Google, visit www.aclunc.org/googlebooks. |
|
© ACLU, 125 Broad Street, 18th Floor New York, NY 10004 |
