A modest proposal: How Google can weigh “right to be forgotten” requests

I took part in a panel discussion of the European Union’s “right to be forgotten” privacy directive earlier today, and it didn’t take long for the conversation to turn to one of the thornier aspects of that rule: How is any one company, even one with the resources of Google, going to adjudicate all of those requests?

Google RtbF searchThat’s turned out to be a much bigger problem than I’d feared when I covered this issue in a Yahoo Tech column in May. At the end of July, Google reported that it had received more than 91,000 requests from EU citizens asking to have particular links not shown in response to searches for their names. And many were sketchy in a way that wasn’t immediately obvious:

… we may not become aware of relevant context that would speak in favour of preserving the accessibility of a search result. An example would be a request to remove an old article about a person being convicted of a number of crimes in their teenage years, which omits that the old article has its relevance renewed due to a recent article about that person being convicted for similar crimes as an adult. Or a requester may not disclose a role they play in public life, for which their previous reported activities or political positions are highly relevant.

At the panel, I suggested there was only one fair way to resolve this, and I’ll expand on it here.

It’s clear that Google will have to research each “RtbF” request carefully to see if it falls under the EU’s exceptions for people in public life or whose activities would otherwise involve the public’s right to know. The history of search-engine abuse shows you can’t count on everybody to act ethically about their image online–and when that kind of manipulation goes uncaught by unscrupulous individuals, innocent people suffer.

But that’s not enough. Lest Google inadvertently hide material from somebody about to launch a business or a political campaign, it would be wise to check for evidence of any upcoming ventures into the public sphere by an individual. The history of “RtbF” abuse so far leaves little other choice.

EU citizens, in turn, deserve a timely response to their right-to-be-forgotten queries. The simplest way to do that for a company with Google’s search traffic and computing capabilities would be to do some advance work: It could merge its own records with other sources to determine which EU citizens clearly qualify as being in public life, which ones rank as private citizens and which ones seem likely to cross that threshold either way. To avoid unduly burdening smaller search sites also subject to the “right to be forgotten” directive, Google could allow them access to these records as well.

And so Google would come to protect the privacy of EU citizens by maintaining a massive database about them.

An extreme solution for a problem that can be solved by easier, simpler means in the real world? Yes, that’s my point.

About these ads

PGP and me

If you’ve received an e-mail from me in the past week or so, you may have noticed something extra in the message’s headers: an indication that it was digitally signed with my Pretty Good Privacy key.

GPGTools iconAs yet, no recipient has asked about that, much less complimented my digital hygiene or sent a reply encrypted with my PGP public key. Which is pretty much what I expected: The last time I had a PGP setup in operation, I had to ask Post readers to send me an encrypted message before I got any.

A few weeks later, my inbox once again featured only un-encrypted e-mail.

Then some fumbled corporate transitions and the switch to OS X left the open-source MacGPG as the most appealing option on my Mac–and a slow and slowing pace of updates left it an increasingly awkward fit. Without ever consciously deciding to give up on e-mail encryption, I gave up.

(I should have felt guiltier than I did when I offered a Post colleague a tutorial on crypto that I didn’t bother to operate on my own machine. On that note, if you have a key for robp@washpost.com or rob@twp.com in your own PGP keychain, please delete it.)

I finally returned to the fold two weeks ago, when I ducked into a “crypto party” tutorial at the Computers, Freedom & Privacy conference. Jon Camfield of Internews explained that things had gotten a lot better and pointed me to a newer, far more elegant open-source implementation called GPGTools. I downloaded it, installed it, and within minutes had a new set of public and private keys plugged into my copy of Mail (no need to copy and paste a message into a separate decryption app as I did in MacGPG), with my public key uploaded to a keyserver for anybody else to use to encrypt mail to me.

My key ID is 03EE085A, my key fingerprint is FD67 6114 46E8 6105 27C3 DD92 673F F960 03EE 085A, and the key itself is after the jump. Do I expect to get a flood of encrypted messages after this post? Not really. But if somebody does want to speak to me with that level of privacy, they now have an option I should have provided all along, and that’s what counts.

Continue reading

Mail merge? Work, home and other e-mail addresses

I keep telling myself that one of ways I maintain what’s left of my work/life balance is to have separate home and work e-mail addresses. And yet I have to ask who I’m kidding when these two Google Apps accounts, each at its own domain name, constitute separate lines or windows in a mail client, and when I’m sometimes corresponding with the same person from each address on alternate days. Meanwhile, many people I know seem to function perfectly fine with one all-purpose e-mail address.

MailboxIn a prior millennium, it was an easier call. After having lost a bunch of messages from friends during a transition from one e-mail system to another at the Post–and then discerning the dreadfulness of the new Lotus Notes system–I had little interest in trusting personal correspondence to my employer’s IT department.

I also figured that I would have less trouble staying on top of friends-and-family e-mail if it weren’t competing for space and attention in the first screen of my inbox with random PR pitches, interoffice memos and chit-chat with other journalists. And the address that wasn’t listed on a major newspaper’s Web site should, in theory, get vastly less spam.

(Because I am this persnickety about my communications tools, I also have a regular Gmail account that I use for almost all of my online commerce, financial transactions and other things that are neither personal- nor work-related. I don’t mind the ads there, while my Google Apps inboxes have no such distractions, courtesy of Google ending ad scanning for Apps users–even those on the free version it no longer offers to new users.)

It’s been years since I’ve had to worry about IT-inflicted mail misery. What about the other virtues of this split setup?

  • Being able to flag messages for follow-up means I’m now less likely to forget to answer an important message, whatever address it was sent to.
  • But I don’t need 11 different folders to sort my home e-mail after I’ve dealt with it. Less cognitive load is a good thing.
  • Having to ask myself nit-pick questions like “since I’m asking a friend about something that may lead to him being quoted in a story, should I send this message from my work address?” increases my cognitive load.
  • Searching for messages and then looking over the results is faster when I’m excluding an entire account’s worth of e-mail. But when I ask Mail for OS X to query all of the gigabytes of messages that have accumulated at both addresses… ugh.
  • My anti-spam strategy has been a total bust. When I checked earlier this morning, Google had quarantined almost 1,500 spam messages in my home account, about 100 of which were messages on my neighborhood mailing list that shouldn’t have been screened as junk.

On that last note, here’s a question for you all to ponder: That mailing list will soon be moving to a commercial hosting service subsidized by ads, and of course I haven’t yet read its privacy policy. Should I switch my subscription to my Gmail address, where I can read those messages alongside those from my neighborhood’s smaller Nextdoor group, or should I keep using my home address there?

 

The spam alphabet

Yahoo Mail spam iconI have a lot of words for spammers, but “creative” isn’t one of them. The same subject headers come up every time, such that I have to wonder about the basic life skills of anybody who clicks on one. And at some point, I realized that these recurring lures constituted their own distinct a-to-z lexicon, one that speaks to a certain internationalization of junk e-mail and that must also annoy a few large companies’ brand managers.

AIG Direct Life

Bank Lottery

Credit Score

Debt Consolidation

Expert Annuities

Free [fill in the blank]

Grandes novidades

HARP

International Monetary Fund

JunkCarCash

Know Your Neighbors

lotto.nl

Make Money Online

National Lottery

Online Doctorate

Payment information

Qualicorp Saúde

Refinance Now

SEO

Target Voucher

Updated Notice

Vehicle Protection

Walmart Voucher

xxnoxben

Your Score Check

zphzkzywq

(Okay, the “x” and “z” entries are a stretch. But those gibberish subject headers do keep showing up in my spam folder. If you have a less-nonsensical candidate for each letter, please suggest it in a comment.)

 

 

 

Potential exposure is not forced exposure

One of the foremost foes of intellectual-property extortion is shutting down. Groklaw founder and editor Pamela Jones announced this morning in a post, titled “Forced Exposure,” that the possibility of NSA surveillance of her e-mail means she can’t trust e-mail as a means of collaborative input, and therefore the blog must end.

Groklaw signoffThey tell us that if you send or receive an email from outside the US, it will be read. If it’s encrypted, they keep it for five years, presumably in the hopes of tech advancing to be able to decrypt it against your will and without your knowledge. Groklaw has readers all over the world.

This news bothers me deeply–because Groklaw has provided an immense public service in collecting and presenting evidence of grotesque IP abuse such as the SCO Group’s prolonged and mendacious attempt to claim copyright over code in the Linux operating system, and because I don’t like finding fault with somebody whose work I and so many other people admire.

But look: Potential exposure is not forced exposure. Or if it is, it’s always been there. Yes, the NSA might be reading my e-mail and PJ’s. But keyloggers planted by the Russian mob might be reading it too. The NSA might have the ability to crack PGP encryption in five years–or they could have had it all along and haven’t told us, or they could decide to ignore that five-year timeline. Your own computer might be airtight, but what about the machines of all your correspondents? For that matter, how can you be sure you’ve maintained your privacy offline without going into Kaczysnki-esque seclusion?

If your reaction to those possibilities is to declare that all is lost and that you should “get off the Internet to the degree that it’s possible,” as PJ wrote in this morning’s post, then how are you not tumbling into the same existential fear that the defenders of the surveillance state sometimes seem to think is the right and proper state of a compliant citizenry?

I don’t know PJ (friends whose judgment I trust do and profess a deep respect for her) and only have a vague notion of what her life has been like running Groklaw (it’s entailed being the target of an unhealthy dose of character assassination). But with my limited knowledge I can’t endorse her stance. I wish she’d at least found somebody else to run the site: While we’re having this hypothetical discussion, very real copyright and patent extortion is going on, and Groklaw was doing a damn good job of exposing it.

Belated updates to this year’s stories

You don’t have to run a correction when a story changes after you’ve written about it–but it is polite to follow up. Here’s a not-so-short list of updates to stories I’ve done this year.

Old stories sepia toneWhen I wrote that Google’s new, unified privacy policy would almost certainly be recast to let users opt out of having the company assemble a detailed portrait of them based on their use of separate Google services, I was wrong; that has yet to happen.

Sonic.net’s groundbreaking fiber-to-the-home service–a steal at $69.95 a month for 1 billion bits per second–seems to be off to a fine start in Sonoma County, but the planned expansion to San Francisco’s Sunset District is still on the way. It hasn’t shown up as an advertised offering on this Santa Rosa, Calif., Internet provider’s home-services page either.

Remember when adjacent-friend-discovery apps were going to blow up after their moment in the sun at SXSW in March? Didn’t happen. Facebook bought Glancee (and has yet to do much publicly with its technology), while Highlight seems to have fallen off the map (maybe I’m not hanging out with the right crowd?).

The ethics of outsourced manufacturing, fortunately, have stayed in the headlines since I wrote about them in March for CEA. And we may even be seeing legitimate progress, to judge from the New York Times’ story earlier this week recounting upgrades in pay and working conditions at contract manufacturers Foxconn and Quanta’s Chinese factories.

I’m still waiting to see comparable progress in liberating e-books from “digital rights management.” The sci-fi publisher Tor/Forge–a subsidiary of Macmillan–went DRM-free in July, but other branches of the major publishing houses have clung to this self-defeating measure. 

After saying so many good things about the car2go car-sharing service–and seeing that story get picked up in a few other places–I have to confess that I, ahem, haven’t used the service since. Capital Bikeshare is even more convenient and cheaper for trips under two miles, plus I need to make my way into the District to jump into one of car2go’s Smart fortwo vehicles.

I tempered my praise for Sprint’s Evo 4G LTE by wondering how long its users would wait to get Google’s software updates. Answer: almost six months, the time it took HTC and Sprint to deliver the Android 4.1 release Google shipped in June.

I was pretty sure I’d buy a Nexus 7 tablet after liking it as much as I did in July. But now that I own an iPad mini, that purchase seems like it would be redundant. Am I making a mistake there?

After teeing off on Apple Maps in the first chapter of my iPhone 5 review for CNNMoney.com, I have to give Apple credit for fixing the two worst flaws I called out. It now lists the correct address for the Kennedy Center as its first search result and provides a route to Dulles Airport that don’t cross any runways. But it still doesn’t know about Yards Park or the new 11th Street Bridges across the Anacostia–and the latter omission means its directions will now send you on a closed stretch of freeway.

My upbeat review of Samsung’s $249 Google Chromebook noted some build-quality concerns, in the form of a loose corner of the screen bezel. I found out the hard way that it’s more delicate than that; its LCD is now broken, and I don’t even know how. (We do have a two-year-old at home, but it’s also possible that I dropped something on it.)

My advice about enabling multiple-calendar Google Calendar sync on an iOS device by setting up your Google account as a Microsoft Exchange account will soon be obsolete. Effective January 30, Google will no longer support Exchange syncing on new setups (although existing ones will still work). Fortunately, it’s also posted instructions to enable multiple-calendar sync without the Exchange workaround.

3/23/2013: Updated the link for the car2go review after the post vanished in a site redesign and, for CMS-driven reasons that escape me, could not be re-posted at the same address. 

You’ve gotta be on [social-media site of the month]

I finally posted something on Pinterest. Are you happy now?

I held out as long as I could. But almost five months after I’d signed up with the site, and with 110 people following me there despite a complete lack of content, the guilt got to me.

This seems to be a permanent occupational hazard of writing about social media. There’s always some new shiny thing that the early adopters are jumping onto, and that you are professionally obliged to check out–except that the day’s annoying habit of only lasting 24 hours often obstructs that.

So I have to confess that I haven’t done anything on Instagram (I wasn’t using an iPhone when it started getting cool, then it seemed beside the point). I somehow never got around to testing Path, even when its privacy violations got into the headlines. I got a semi-coveted invite to the leave-notes-around-the-world site Pinwheel at SXSW but have only logged in a few times since. And my Tumblr blog amounts to a placeholder for my LLC coupled with an updated set of links to my articles; it’s getting the lame readership such a transparently self-promotional exercise deserves.

I’m not proud that I’ve only registered at some of these sites to make sure nobody else grabs “my” username, or that I’ve only done a drive-by inspection of others. Plus, you never know what new site will send some crazy level of traffic your way.

(My current self-marketing budget: tweeting out a link to a story and revisiting that a day later; sharing it on Google+; doing the same on my public Facebook page if an RSS page hasn’t done that for me; archiving the link on Tumblr; noting it in each Sunday’s “weekly output” post here. Any suggestions for optimizing that?)

And yet: I can’t drop everything to immerse myself in every new site, much less add it to my daily communications routine. If I have to flack for myself on 17 different sites, I won’t have time to report and write much worth promoting.

I tell myself that saying “no” to a new social-media site helps reminds me that all of this stuff is optional. But if you think I’m missing out on a useful channel of communication, I hope you’ll tell me about it–on one of the social networks I do inhabit regularly.