Transparency and the Marketplace for Student Data

Student lists are commercially available for purchase on the basis of ethnicity, affluence, religion, lifestyle, awkwardness, and even a perceived or predicted need for family planning services. This study seeks to provide an understanding of the commercial marketplace for student data and the interaction with privacy law. Over several years, Fordham CLIP reviewed publicly-available sources, made public records requests to educational institutions, and collected marketing materials received by high school students. The study uncovered and documents an overall lack of transparency in the student information commercial marketplace and an absence of law to protect student information.https://ir.lawnet.fordham.edu/clip/1003/thumbnail.jp

Carnivore: Will It Devour Your Privacy?

Perhaps you have written an e-mail that looks something like this

Privacy in transformational government (t-government): an investigation of citizens' privacy preferences and perceptions

No Abstract

Cross Border Data Flows: Could Foreign Protectionism Hurt U.S. Jobs?: Hearing Before the Subcomm. On Commerce, Mfg. & Trade of the H. Comm. on Energy & Commerce, 113th Cong., Sept. 17, 2014 (Statement of Laura K. Donohue)

Documents released over the past year detailing the National Security Agency’s telephony metadata collection program and interception of international content under the Foreign Intelligence Surveillance Act (FISA) directly implicated U.S. high technology companies in government surveillance. The result was an immediate, and detrimental, impact on U.S. firms, the economy, and U.S. national security. The first Snowden documents, printed June 5, 2013, revealed that the U.S. government had served orders on Verizon, directing the company to turn over telephony metadata under Section 215 of the USA PATRIOT Act. The following day, The Guardian published classified slides detailing how the NSA had intercepted international content under Section 702 of the FISA Amendments Act. The type of information obtained ranged from E-mail, video and voice chat, videos, photos, and stored data, to Voice over Internet Protocol, file transfers, video conferencing, notifications of target activity, and online social networking details. The companies involved read like a who’s who of U.S. Internet giants: Microsoft, Yahoo, Google, Facebook, PalTalk, YouTube, Skype, AOL, and Apple. More articles highlighting the extent to which the NSA had become embedded in the U.S. high tech industry followed. In September 2013 ProPublica and the New York Times revealed that the NSA had enjoyed considerable success in cracking commonly-used cryptography. The following month the Washington Post reported that the NSA, without the consent of the companies involved, had obtained millions of customers’ address book data: in one day alone, some 444,743 email addresses from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, 33,697 from Gmail, and 22,881 from other providers. The extent of upstream collection stunned the public – as did slides demonstrating how the NSA had bypassed the companies’ encryption, intercepting data as it transferred between the public Internet and the Google cloud. Further documents suggested that the NSA had helped to promote encryption standards for which it already held the key or whose vulnerabilities the NSA understood but not taken steps to address. Beyond this, press reports indicated that the NSA had at times posed as U.S. companies—without their knowledge—in order to gain access to foreign targets. In November 2013 Der Spiegel reported that the NSA and the United Kingdom’s Government Communications Headquarters (GCHQ) had created bogus versions of Slashdot and LinkedIn, so that when employees from the telecommunications firm Belgacom tried to access the sites from corporate computers, their requests were diverted to the replica sites that then injected malware into their machines. As a result of growing public awareness of these programs, U.S. companies have lost revenues, even as non-U.S. firms have benefited. In addition, numerous countries, concerned about consumer privacy as well as the penetration of U.S. surveillance efforts in the political sphere, have accelerated localization initiatives, begun restricting U.S. companies’ access to local markets, and introduced new privacy protections—with implications for the future of Internet governance and U.S. economic growth. These effects raise attendant concerns about U.S. national security. Congress has an opportunity to redress the current situation in at least three ways. First, and most importantly, reform of the Foreign Intelligence Surveillance Act would provide for greater restrictions on NSA surveillance. Second, new domestic legislation could extend better protections to consumer privacy. These shifts would allow U.S. industry legitimately to claim a change in circumstance, which would help them to gain competitive ground. Third, the integration of economic concerns at a programmatic level within the national security infrastructure would help to ensure that economic matters remain central to national security determinations in the future

Anatomy of the Third-Party Web Tracking Ecosystem

The presence of third-party tracking on websites has become customary. However, our understanding of the third-party ecosystem is still very rudimentary. We examine third-party trackers from a geographical perspective, observing the third-party tracking ecosystem from 29 countries across the globe. When examining the data by region (North America, South America, Europe, East Asia, Middle East, and Oceania), we observe significant geographical variation between regions and countries within regions. We find trackers that focus on specific regions and countries, and some that are hosted in countries outside their expected target tracking domain. Given the differences in regulatory regimes between jurisdictions, we believe this analysis sheds light on the geographical properties of this ecosystem and on the problems that these may pose to our ability to track and manage the different data silos that now store personal data about us all

More than just friends? Facebook, disclosive ethics and the morality of technology

Social networking sites have become increasingly popular destinations for people wishing to chat, play games, make new friends or simply stay in touch. Furthermore, many organizations have been quick to grasp the potential they offer for marketing, recruitment and economic activities. Nevertheless, counterclaims depict such spaces as arenas where deception, social grooming and the posting of defamatory content flourish. Much research in this area has focused on the ends to which people deploy the technology, and the consequences arising, with a view to making policy recommendations and ethical interventions. In this paper, we argue that tracing where morality lies is more complex than these efforts suggest. Using the case of a popular social networking site, and concepts about the morality of technology, we disclose the ethics of Facebook as diffuse and multiple. In our conclusions we provide some reflections on the possibilities for action in light of this disclosure