MediaTech Law

By MIRSKY & COMPANY, PLLC

Privacy Roundup: 4/21/2014- 4/27/2014

Sarah N. Lynch reported that Digital 4th, a group that defines itself as “ a non-partisan coalition dedicated to bringing Fourth Amendment protections into the 21st century.”, is slamming the United States Securities and Exchange Commission (SEC) for resisting changes to federal privacy laws proposed in Congress in 2013.  The legislation would force government agents to obtain warrants prior to accessing the email of any individual under investigation.  In urging the public to lobby the White House to support this reform, Digital 4th launched the website notwithoutawarrant.com.  Lynch writes that, currently, government investigators can legally access certain emails with only a subpoena, which has a lower legal threshold than a warrant since it doesn’t require a judge’s approval.

In The Economist’s “Babbage” blog, H.G. reported that a couple of Harvard students created a service which allows users to delete or alter the content of messages that they have already sent.  The service, Pluto Mail, also lets email senders see whether or not recipients have opened their messages.  The service was released in beta on March 1, currently has about 2,000 users, and accepts new recruits each day from a waitlist.  H.G. reports that, although the sender can access and alter or delete the content of a message via the cloud, senders cannot delete the actual message from a recipient’s inbox.  “The ability to delete all trace of an email would require access to all other messaging services, obliging Pluto Mail to collaborate with every other email provider in the world—a feat they did not consider feasible.”

The Associated Press reported that Brazil’s Congress passed a groundbreaking bill on internet privacy last Tuesday.  The new bill “puts limits on the metadata that can be collected from Internet users in Brazil. It also makes Internet service providers not liable for content published by their users and requires them to comply with court orders to remove offensive material.”  Brazil’s President Dilma Roussef championed the bill and praised Congress for its unanimous decision, and stated that the bill “guarantees the neutrality of the Web, which is fundamental to maintaining the Internet’s free and open nature.”  The AP reports that “Brazil has cast itself as a defender of Internet freedom following revelations last year that Rousseff was the object of surveillance by the United States’ National Security Agency.”  According to Reuters’ Esteban Israel, Roussef has signed the bill into law.

Winston Maxwell, writing in Hogan Lovell’s Chronicle of Data Protection, discusses the efforts of the European Union’s Article 29 working group to put some teeth into what actually constitutes effective “anonymization” of data.  This is interesting – and meaningful – because of the practice under typical privacy policies of permitting uses of users’ personal data so long as the data is “anonymized”.  Just as frequently, the meaning of “anonymized” is omitted entirely.  See for example, AT&T’s announcement [http://www.attpublicpolicy.com/privacy/our-updated-privacy-policy-2/] of its new privacy policy just last summer, discussing how “In the Internet world, … anonymous data can be used by retailers, advertisers and marketing companies to figure out what consumers want in a particular area.”  Nate Anderson, writing in Ars Technica ][http://arstechnica.com/tech-policy/2009/09/your-secrets-live-online-in-databases-of-ruin/] back in 2009, cited a study showing that “87 percent of all Americans could be uniquely identified using only three bits of information: ZIP code, birthdate, and sex.”

Twitter announced last month that it had recently implemented “StartTLS” encryption technology for its sending of emails to all Twitter members.  As Twitter sees it, “StartTLS encrypts emails as they transit between sender and receiver and is designed to prevent snooping.  It also ensures that emails you receive from Twitter haven’t been read by other parties on the way to your inbox if your email provider supports TLS.”  Twitter notes, however, the potential huge flaw with its plan in that email communication from Twitter cannot protect email communication to Twitter from Twitter members.  “TLS encryption only works if both the sender and receiver of emails support it.”  According to Twitter, Gmail and AOL Mail already support TLS encryption for their email users.  Email is only a small part of internet traffic generally, of course.  Klint Finley recently advocated  in Wired for “encryption everywhere” in light of the Heartbleed internet browser bug.

Share this article: Share on Facebook
Facebook
Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin
Email this to someone
email

Add Comment

Your email address will not be published. Required fields are marked *