Consumer Online Privacy

06/22/2012
Data Mining

Weird Computer-Generated Quiz Produces Customer Service Fail

By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 4:20pm

I lost my credit card yesterday and had a very telling experience on the phone with American Express trying to get it replaced. After I gave them various pieces of information, the customer service agent said they would ship me a new card to the billing address on file. Just when I thought I was done, she then read something to the effect of, “For security purposes, I am going to ask you a question. The information this question is based on is not connected to your account, but was obtained from third-party information services.”

Read More»
06/05/2012
Do Not Track

Do Not Flack

By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 12:10pm

Microsoft’s welcome announcement that it plans to leave a “Do Not Track” flag turned on by default for its users has been very revealing in a number of respects. It also risks distracting from more important issues in the debate over commercial online surveillance.

Read More»
03/01/2013
Do Not Track

The Time is Now for Do Not Track Legislation

By Sandra Fulton, ACLU Washington Legislative Office at 4:53pm

While our electronic privacy laws have remained stagnant, online advertising has grown into a multi-billion dollar industry. The browsing and communications habits of online users are routinely and secretly tracked as they surf the internet. Yesterday, Senator Rockefeller (D-WV), chairman of the powerful Senate Commerce Committee, introduced a bill to establish a Do Not Track mechanism –similar to a Do Not Call Registry– that would allow users to restrict what companies collect about them and regain control of their privacy and online identity.

Read More»
09/14/2012
Online Privacy

Twitter Forced to Hand Over Occupy Wall Street Protester Info

By Naomi Gilens, ACLU Speech, Privacy and Technology Project at 5:28pm

This morning, faced with the threat of criminal and civil contempt, Twitter turned over information about Occupy Wall Street protester Malcolm Harris to a New York criminal court judge. This development follows Twitter’s months-long effort to challenge the Manhattan District Attorney Office’s subpoena for Harris’s information, which was issued as part of the D.A.’s disorderly conduct prosecution of Harris stemming from his participation at an Occupy event last fall.

Read More»
04/29/2013
Civil Liberties in the Digital Age

Do Young People Care About Privacy?

By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 10:00am

Everywhere I go, I hear some variation of the claim that “young people today just don’t care about privacy.” This is something that people widely seem to believe is “just true.” The latest claim to this effect comes in the form of a new poll, the release of which was trumpeted with unfortunate headlines like “Millennials don’t worry about online privacy.”

In fact, the poll, which was conducted by the University of Southern California’s corporate-partnered Center for the Digital Future, showed no such thing. Although there were some differences between younger and older respondents,

Read More»
04/12/2013
IRS

Why Won’t the IRS Deploy Basic Web Security?

By Katie Haas, ACLU Human Rights Program & Chris Soghoian, Principal Technologist and Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 10:45am

This tax season, when you visit the IRS’s website seeking tax information, can you be certain that no one else is monitoring which pages you browse?

Unfortunately, right now the answer to that question is “no.” Unlike Facebook, Twitter, Google Mail (Gmail), and virtually every bank and credit card company, the IRS, like most government agencies, does not use HTTPS for encryption and authentication on its website. If you try typing “mail.google.com” into your browser right now, you will see that the URL you end up at is actually “https://mail.google.com.” That “s” after the “http” may seem insignificant, but it means a lot. It signifies that Google is using Secure Sockets Layer encryption, or SSL, to both encrypt and authenticate its communications. When you visit google.com and you see “https” at the beginning of the address, it lets you know that your connection is secure, and that third parties – such as your internet service provider, employer, or university cannot monitor what you’re doing through the use of network interception technology.

Read More»
02/06/2013
Online Anonymity and Identity

White House-Led Effort to Create Online ID Standards Proceeding; Stakeholders Gather in Phoenix

By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 2:32pm

In April 2011, the White House set forth a proposed "National Strategy for Trusted Identities in Cyberspace," or NSTIC. The document was a proposal to create a mechanism by which people could identify themselves online to another party with certainty—a long-elusive goal that has been talked about and pursued by the private sector and "identity community" for many years, without success.

Read More»
02/04/2013
Consumer Online Privacy

Business Model vs. Fourth Amendment

By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 5:10pm

I wrote recently about the U.S. government and companies lobbying against the EU’s attempt to strengthen their privacy laws, and our own efforts at the ACLU to advance high transnational privacy standards. Our efforts helped attract a round of press coverage of this unfolding drama (including stories in the New York Times and Washington Post). We’ve also written a letter along with other privacy groups to senior Obama Administration officials, asking for a meeting to discuss the issue.

Read More»
01/22/2013
Consumer Online Privacy

US Government Busy in Europe Defending Interests of Advertisers, Security Agencies, But Not Americans' Privacy

By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 10:10am

My colleague Ben Wizner and I are in Brussels this week, partly to meet with European lawmakers and others about the new privacy regime that the EU is in the process of putting into place. Unlike the United States, Europe has a set of basic rules and institutions in place to protect individuals’ privacy, and is trying to update its existing rules and institutions for the digital age.

The United States needs similar protections—a basic, overarching privacy law, and institutions with the teeth to enforce it. We are an outlier in the world in lacking those things. However, some U.S. companies seem to be terrified at the prospect of basic, fair privacy rules being put into place in Europe. Not only are companies such as Facebook and Google furiously lobbying against those rules, but the U.S. government has “shocked” Europeans by also lobbying hard against many elements of this update.

Read More»
11/09/2012
Data Brokers

Data Brokers Release Information About Their Operations In Response to Congressional Inquiry

By Jay Stanley, Senior Policy Analyst, ACLU Speech, Privacy and Technology Project at 5:18pm

Yesterday Reps. Ed Markey (D, Mass.) and Joe Barton (R, Texas) released a batch of important details about the operation of the nation’s largest data broker companies. The information came in responses from nine data broker companies to a list of questions posed by a group of Members led by Markey and Barton seeking details of their operation in light of the privacy sensitivity of what they do. The responses released yesterday provide a good snapshot and reminder of what it is these companies are doing.

Read More»

Related

case

5/20/2013
Association for Molecular Pathology v. Myriad Genetics

interactive

5/9/2013
Patents on Human Genes: A Patient's Perspective

press

5/3/2013
The 10 Big Problems with E-Verify

video

5/3/2013
Who Owns Your Body?

case

4/10/2013
Oregon Prescription Drug Monitoring Program v. Drug Enforcement Administration
Statistics image