E-book privacy guide
Dec/090
Anyone shopping for e-books in the coming months would do well to check out the EFF’s handy guide to the various readers and book stores’ privacy pros and cons. It rates Google Books, Amazon Kindle, B&N Nook, the Sony Reader, and the FBReader on what info is collected, who it’s shared with, and what control (if any) users have over their reading habits.
One particularly worrying quote:
Amazon’s wording — “information related to the content on your Device and your use of it” — reads so broadly that it appears to allow Amazon to track all content that users put on the device, regardless of whether that content is purchased from Amazon. Some security researchers have indicated that the Kindle may even be tracking its users’ GPS locations. Is this the future of reading?
It’s a great resource, but it misses a key question for anyone planning on building a digital library. Which book stores and devices allow the vendor to reach into your e-book and delete books you’ve already bought?
Privacy on the cloud
Oct/090
Dan Michaluk has a great post over at slaw.ca asking an important question for anyone considering moving their data to the “cloud”:
After reviewing the relevant law, he concludes that the best approach would be to define the terms of service very carefully, ensuring that data is kept in the digital equivalent of a sealed container and that it is absolutely clear that the data being hosted is confidential.
Perhaps the most bit:
There are those who may suggest that information that deserves the special protection associated with confidential or private status should always be under an owner’s direct control. A more nuanced view that turns on the actual relationship between data owner and data processor invites a realistic balancing of interests that doesn’t clash with a model of computing that has become so prominent. Bring on the cloud!
Dan gets it. The internet has made it next to impossible to be sure that your information lives only in your office, and developments in cloud computing and online collaboration tools make it undesirable to insist on local storage. We need a legal model that allows us to adopt these new tools without losing our traditional expectations of privacy.
BC Privcom and TreoScope – Analysis
Jul/090
This is my second post on the BC Privacy Commissioner’s recent order in the Wild Coyote Club complaint. The first is available here. A press release from the Commissioner’s Office is available here, while the full decision is here.
The story made big waves in the media:
- Barwatch program violates privacy laws: commissioner – CBC News
- Vancouver nightclub must destroy customer information it had no right to collect – The Province
- B.C. watchdog bans ID scans at bars – Times Colonist
- Bars violate privacy laws – Nanaimo Daily News
- B.C. bars violating personal information by scanning I.D. – Vancouver Sun
Only Wild Coyote Club
First of all, it is important to note that the order is specific to the Wild Coyote Club and their application of the TreoScope system. While other clubs may make changes based on this decision, some may continue to scan IDs for the foreseeable future. Expect more fallout from this decision over the weekend as clubgoers find they are still being scanned.
Opening the TreoScope black box
The order explores the workings of the TreoScope system in great detail, explaining what information is collected, how it is stored, and who it is available to. This discussion is particularly interesting because in the past, TreoScope has been less than forthcoming with information about their system’s inner workings.
Information collected by the TreoScope system includes:
- Name
- Date of birth
- License number
- Partial postal code
- Photograph
This information is used to generate a patron profile, tracking visits to other clubs using the TreoScope system.
Staff of the club can only see the following:
- Name
- Photo
- Age (not date of birth)
- Notes on patron specific to that club (incidents, VIP status, etc.)
All of the information is stored on TreoScope’s servers, and no club has access to information generated by other clubs aside from “community incident” reports, which are sent out if a patron behaves poorly at the club.
TreoScope as Licensing Requirement
Interestingly, the Liquor Branch has required some establishments to install a TreoScope-like ID scanning system. ABLE BC, a liquor industry lobby group, submitted that “the supply and recording of identification is necessary to provide our service and to protect our customers and the public.”
PIPA Analysis
Necessity of collection
In determining the “necessity” of data collection, the Commissioner looked to three areas:
- nature of information collected
- purpose of collection
- the scope of the collection
The collection of personal information must be “integral to the provision of the product or service”. Throughout the entire analysis, the collection of information must be minimal. The standard is higher the more sensitive the information collected is.
In the case of TreoScope and the Wild Coyote Club, the Commissioner found that the collection was not necessary to provide the service, and that the purposes outlined could be met by less invasive means.
Necessity of data retention
In ordering Wild Coyote Club and TreoScope to destroy data collected in violation of PIPA, the Commissioner wrote that since “it is not necessary or appropriate for Wild Coyote to collect the full range of information which is at present collected by the TreoScope system, it is not necessary for Wild Coyote to retain that information for any period.”
Conclusions
It remains to be seen what impact the decision will have on the practices of other bars and clubs in BC. Public opinion has been split between those relieved that their personal information will finally be protected to those who are concerned that gang violence will spike. This story certainly will not end with the Privacy Commissioner’s order.
BC Privacy Commissioner Rules on TreoScope ID Scanning System
Jul/090
The BC Privacy Commissioner issued a long awaited order regarding the use of the TreoScope system today, finding that while collecting information to keep troublemakers out of bars and clubs is a worthy objective, the method of collection currently used by the Wild Coyote Club and the TreoScope system “does not comply with PIPA”, BC’s Personal Information Protection Act.
I’ll write a more detailed post on the decision tomorrow, but for now, here’s the Commissioner’s press release (PDF) and the text of the decision (PDF).
TreoScope Technologies has not commented on the decision.
“No expectation of privacy”
Jul/090
Canadian Public Safety Minister Peter Van Loan appeared on the last episode of TVO’s Search Engine to defend the Conservatives’ new “lawful access” bill. If passed, the bill will force ISPs to install equipment to facilitate internet wiretapping and allow Canadian police access to customer name and address information from internet service providers without court oversight.
Reaction to the bill has been almost universally negative. The Ottawa Citizen called it “out of balance” in an editorial, while the Montreal Gazette called the increased powers “a tool police don’t need“. Even the law-and-order National Post suggested that the bill is a “bogus, ill-advised expansion of state power“.
This new bill comes only two years after former Public Safety Minister Stockwell Day assured the public that police would require court approval to access subscriber name and address information:
“We have not and we will not be proposing legislation to grant police the power to get information from Internet companies without a warrant. That’s never been a proposal,” Mr. Day said. “It may make some investigations more difficult, but our expectation is rights to our privacy are such that we do not plan, nor will we have in place, something that would allow the police to get that information.”
- Ottawa Citizen, September 14, 2007
Public Safety Minister Peter Van Loan
However, in his Search Engine interview, Minister Van Loan denied that his government had ever made such promises. He also clashed with Jesse Brown, the host of Search Engine, over the phrase “reasonable expectation of privacy”. Van Loan referred to what Canadian courts have defined as a “reasonable expectation of privacy”, while Brown suggested that those legal definitions may clash with what Canadian internet users feel should be private.
Van Loan is correct in stating that Canadian courts have been hesitant to find even the slightest expectation of privacy in internet protocol addresses or phone numbers (I’ll address these rulings in a later post). However, Brown is correct to point out that Canadians using the internet expect that their activities are carried out in private, whether or not the court finds these expectations reasonable.
More and more areas of our lives are moving into the online world, from work to play, from the social to the political. Van Loan’s legislation will allow Canadian law enforcement agencies unprecedented access to our private lives. While the new law may meet the “reasonable” standards of constitutionality, it is still an unreasonable intrusion on innocent Canadians’ lives.
(Originally discussed by Cory Doctorow on BoingBoing)