Consumer Online Privacy

12/05/2012
Online Privacy

FTC Busts Advertisers In Browser Snooping Scandal, But Web Sites Shouldn't be Off the Hook

By Chris Soghoian, Principal Technologist and Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 7:16pm

Today, the FTC announced a settlement with Epic Marketplace, an online advertising company that had abused a security flaw in popular web browsers in order to covertly “sniff” other websites visited by consumers.

According to the FTC complaint, for a period including between March 2010 and August 2011, the online advertising company Epic Marketplace probed the browsing history of visitors to popular websites including CNN, the Red Cross, and Orbitz in order to determine which other web sites those consumers had previously visited. The pages revealed by this snooping included those relating to fertility issues, impotence, menopause, incontinence, disability insurance, credit repair, debt relief, and personal bankruptcy.

Read More»
10/12/2012
Do Not Track

Doesn’t the Ad Industry Trust the Free Market?

By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 12:33pm

The advertising industry continues to mount a strong attack on the Do Not Track concept for protecting online privacy. As my colleague Chris Calabrese described last week, the industry threw an “epic hissy fit” (in the words of Ed Bott at ZDNet) over Microsoft’s laudable decision to turn on Do Not Track by default in Internet Explorer.

Read More»
07/10/2012
Civil Liberties in the Digital Age

What’s Wrong With the Pauls’ Internet Manifesto

By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 2:36pm

Ron and Rand Paul’s manifesto on “The Technology Revolution,” released the other day, is unexpectedly incomplete, focusing most of its animus not on government security and police agencies, but on what they call “collectivists,” by which they mean those who advance attempts to “regulate competition, infrastructure, privacy and intellectual property.” I think they mean us.

Read More»
04/09/2012
Civil Liberties in the Digital Age

Civil Liberties in the Digital Age: Weekly Highlights (4/9/2012)

By Anna Salem, ACLU of Northern California at 11:10am

In the digital age that we live in today, we are constantly exposing our personal information online. From using cell phones and GPS devices to online shopping and sending e-mail, the things we do and say online leave behind ever-growing trails of personal information. The ACLU believes that Americans shouldn’t have to choose between using new technology and keeping control of your private information. Each week, we feature some of the most interesting news related to technology and civil liberties that we’ve spotted from the previous week.

Read More»
03/06/2012
Online Privacy

Meet the ACLU Digital Privacy Team at SXSW!

By Ateqah Khaki at 1:47pm

The ACLU's "dotRights" digital privacy team will be out in force at the 2012 South by Southwest (SXSW) Interactive Conference to make sure privacy is on the agenda!

From social networking to cloud computing, online shopping to location services, Americans are increasingly living, working and playing online. As technology is advancing at lightning speed, it can sometimes feel like privacy law is moving at a glacial pace. The ACLU believes you shouldn't have to choose between privacy and technology. That is why we started the Demand Your dotRights campaign, and why the campaign will be at SXSW, one of the country's largest and most influential gathering of technology and new media brands and innovators.

Read More»
04/12/2013
IRS

Why Won’t the IRS Deploy Basic Web Security?

By Katie Haas, ACLU Human Rights Program & Chris Soghoian, Principal Technologist and Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 10:45am

This tax season, when you visit the IRS’s website seeking tax information, can you be certain that no one else is monitoring which pages you browse?

Unfortunately, right now the answer to that question is “no.” Unlike Facebook, Twitter, Google Mail (Gmail), and virtually every bank and credit card company, the IRS, like most government agencies, does not use HTTPS for encryption and authentication on its website. If you try typing “mail.google.com” into your browser right now, you will see that the URL you end up at is actually “https://mail.google.com.” That “s” after the “http” may seem insignificant, but it means a lot. It signifies that Google is using Secure Sockets Layer encryption, or SSL, to both encrypt and authenticate its communications. When you visit google.com and you see “https” at the beginning of the address, it lets you know that your connection is secure, and that third parties – such as your internet service provider, employer, or university cannot monitor what you’re doing through the use of network interception technology.

Read More»
10/17/2012
Consumer Online Privacy

Protections Against Commercial Internet Spying: Why Delay is Deadly

By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 12:13pm

I wrote last week about how the ad industry is going on the attack against Do Not Track. Then yesterday, as the New York Times reported, the Direct Marketing Association kicked off a $1 million public relations campaign to try to persuade policymakers and the public that privacy protections from the data mining industry are not needed. Unfortunately, those who are advocating on behalf of the public do not have $1 million to throw into a counter-campaign. The outcome will be a test of the degree to which money can trump the public good in our political system right now. And that highlights one of the dynamics that it seems to me is at work when it comes to regulating commercial privacy: delay is deadly.

Read More»
09/14/2012
Online Privacy

Twitter Forced to Hand Over Occupy Wall Street Protester Info

By Naomi Gilens, ACLU Speech, Privacy and Technology Project at 5:28pm

This morning, faced with the threat of criminal and civil contempt, Twitter turned over information about Occupy Wall Street protester Malcolm Harris to a New York criminal court judge. This development follows Twitter’s months-long effort to challenge the Manhattan District Attorney Office’s subpoena for Harris’s information, which was issued as part of the D.A.’s disorderly conduct prosecution of Harris stemming from his participation at an Occupy event last fall.

Read More»
09/13/2012
Consumer Online Privacy

Is the ACLU Inconsistent on Regulation of Speech and Privacy?

By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 3:02pm

Adam Thierer of the libertarian Mercatus Center posted a thoughtful critique of my recent piece on online tracking and consumer “choice.” I wrote about a new paper on behavioral advertising and how it “demonstrates the absurdity of the position that individuals who desire privacy must attempt to win a technological arms race with the multi-billion dollar internet-advertising industry.”

Read More»
06/22/2012
Data Mining

Weird Computer-Generated Quiz Produces Customer Service Fail

By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 4:20pm

I lost my credit card yesterday and had a very telling experience on the phone with American Express trying to get it replaced. After I gave them various pieces of information, the customer service agent said they would ship me a new card to the billing address on file. Just when I thought I was done, she then read something to the effect of, “For security purposes, I am going to ask you a question. The information this question is based on is not connected to your account, but was obtained from third-party information services.”

Read More»

Related

case

6/13/2013
Association for Molecular Pathology v. Myriad Genetics

case

6/3/2013
Maryland v. King

case

5/31/2013
FOIA Request for Justice Department Policy Memos on GPS Location Tracking

interactive

5/9/2013
Patents on Human Genes: A Patient's Perspective

press

5/3/2013
The 10 Big Problems with E-Verify
Statistics image