Category: Privacy

2013 in review: how to use your users’ collected data

With a few days of interval I received two very different ways of reviewing data collected by users of “activity trackers”.

Jawbone_20140117-075010b The first one came from Jawbone (although I don’t own the UP, I might have subscribed to one of their mailing-lists earlier) and is also publicly available here. Named “2013, the big sleep” it a kind of infographics of how public (and mostly American) events influenced sleep of the “UP Community”. Here data about all (or at least a lot of) UP users were aggregated and shown. This is Big Data! This is a wonderful and quantitative insight on the impact of public event on sleep! But this is also a public display of (aggregated) individual data (something that UP users most probably agreed by default when accepting the policy, sometimes when they first used their device).

The second way came from Fitbit, also via e-mail. There was written how many steps I took in total as well as my most and least active periods / days of 2013. At the bottom there was a link to a public page comparing distances traveled in general with what it could mean in the animal kingdom (see below or here). This is not Big Data (although I am sure Fitbit have access to all these data). But at the same time (aggregated) individual data are not shared with the general public (although here again I am sure a similar policy apply to Fitbit users).

Different companies, different ways to handle the data … I hope people will realise the implication of sharing their data in an automated ways in such centralized services.

Fitbit2_20140117-075745

Privacy -vs- information conservation time

In my opinion privacy issues are a by-product of information conservation times reaching infinite.

For centuries and more humans were used to their own type of memory. When information reaches the brain, it is stored in short-term memory. When relevant and/or repeated, it is gradually consolidated into long-term memory (this is roughly the process).

Schematic memory consolidation process

The invention of oral transmission of knowledge, written transmission (incl. Gutenberg) and, to a certain extend, internet, all these successively increased the duration of retention of information shared with others. The switch from oral to written transmission of knowledge also sped up the dissemination of information as well as its fixed, un-(or less-) interpreted nature.

Duration of information over time

With the internet (“1.0” in order to put some buzzword) the duration of information is also extended but somehow limited ; it was merely a copy of printing (except speed of transmission). Take this blog, for instance: information stored here will stay as long as I maintain or keep the engine alive. The day I decide to delete it, information is gone. And the goal of internet was to be able to reach information where it is issued, even if there are troubles in communication pipes.

However on top of this internet came a serie of tools like search engines (“Google”) and centralized social networks (“Facebook”). Now this information is copied, duplicated, reproduced, either because of the digital nature of the medium that allows that with ease. But also because these services deliberately concentrate the information otherwise spread. Google concentrate (part of) the information in its own datacenters in order to extract other types of information and serves searches faster. Facebook (and other centralized social networks) asks users to voluntarily keep their (private) information in their own data repository. And apparently the NSA is also building its own database about us at its premises.

In my opinion, whenever we were sharing information before, privacy issues were already there (what do you share? to whom? in which context? …). But the duration of information is now becoming an issue.

Google+ API started

Logo Google PlusGoogle+ (G+) is a social networking and identity service operated by Google. It started a few months ago like a closed service from where you can’t get out any data and where the only possible interaction (read/write/play) is only possible via the official interfaces (i.e. the web and android clients). Google promised to release a public API and it partly did so tonight, here.

As they stated, “this initial API release is focused on public data only — it lets you read information that people have shared publicly on Google+” (emphasis is mine). So you can already take most of your data out of G+ (note that it was already possible to download your G+ stream with Takeout from the Google Data Liberation Front). As usual, it’s a RESTful API with OAuth authorization. It comes with its own rules and terms (it could be interesting to add to GooDiff). The next step would be to be able to directly write something on Google+.

I only tried to try the examples so far. But unfortunately I got an authorization error. I won’t go further for tonight but their error screen is interesting 🙂

Error 400 screen - Bad request - Google+ API

We don’t need a computer at home

Historically, computers were invented to solve issues in the factory or the office (university office or company office) but recently invaded home and are becoming ubiquitous.

IBM System/370 Model 145

At the beginning of this invasion, computers for home were (and are still) very similar to the ones for the industry/office: a CPU, a keyboard to enter data or commands and a screen to see what was happening. Artifacts to be attached to the computer were first invented for the corporate world and then progressively entered into homes. I still remember the first mouse we had at home: it was like a mini-revolution. After years there were still some software that could not take advantage of it or its usage was implemented but in a rudimentary way. Idem for the first webcam we acquired: only the provided software was able to use it. Now it comes embedded in most computer screen and can be used for various purposes (video chat, take pictures, read bar codes, art, …).

More and more, computers are now declined its various avatars like calculators, mobile phones, game consoles, car dashboards, ATMs, cashiers, … All of them affect our daily lives in a way or another. But in my opinion the computer shouldn’t have left the corporate world. Its home avatars should have directly been via adapted technologies. Because Mr. and Mrs. Everyone don’t need any computer at home.

Although some bosses want their employees to behave differently, the factory/office is were we work and home is were we don’t work. At home, we read, eat, sleep, play, interact with other family members and neighbors, perform personal care, watch the television, etc. None of these activities requires a computer as we know it (CPU, keyboard, mouse and screen). However some of them can be enhanced or at least affected by it.

Whatever how it is materialized, a “computer” can enhance your reading experience. It can monitor your sleep while you snore or, more broadly, it can monitor your health while performing your daily activities. Computers can enhance your movie experience (by linking to related content, e.g.). They can help you improve your cooking skills and watch your savings.

Without pretending to know the future, I think miniaturization is and will put thing back “in order”: you will no longer have a computer on your desk but a bunch of small devices, each of them responsible for a small part of your daily life activities. You probably already have a mobile phone or a smartphone, i.e. a mini portable computer allowing us to phone. You probably already used a calculator, i.e. a mini portable computer specialized for calculus. Computer-like devices are becoming more and more small and powerful. They are also doing more than one simple thing at a time.

Another interesting trend is that computer-like devices are becoming more and more transparent, i.e. becoming more and more hidden or at least embedded in our daily lives. This is obviously allowed by miniaturization. The soda distributor contains a small computer-like device. Your electronic watch contains more electronics than ever. Your television screen is flat and is more capable but takes less space than your grandma’s television (relatively to the size of the screen of course).

To go beyond that, people started to experiment with wearable devices and electronics. These devices are part of your daily clothes. Currently these artifacts are merely gadgets and most of them are monitoring devices, just collecting and sometimes displaying information to the outside world. But other applications can be found like being able to carry your electronic documents (without the need for a USB key or CDs) or actually being your receiver/transmitter (“phone” without the actual plastic object we always lose somewhere when we need it). Without becoming cyborgs these guys below won’t soon need cellphones anymore:

Suits & Cells

Now is this an praise of closed platforms like the iPad, the iPod, etc.? No. I don’t say that no computer should be allowed at home: some people are working from home and they obviously need a computer. On top of that, in order to become part of our everyday habits, these devices would need to be transparent, open: people should be aware of what these devices are doing, what are their benefits and potentially what are the drawbacks of using / wearing them. One of the main concerns about these closed platforms and future platforms is privacy: how much of you do you agree to reveal “in exchange” of being empowered by these devices? I think people should be able to refuse to reveal anything and still be able to use these devices.

Photo credits: IBM System/370 Model 145 by John Keogh (CC-by-nc) and Suits & Cells by Alexa Clark (CC-by-nc), both on Flickr.

A question of a few centimetres

It’s funny to see that in a short span of time, a few centimetres can make a difference. This month, Austria authorised Niko Alm to wear a pasta strainer as “religious headgear” on his driving-licence (BBC). This month too, Belgian law banned women from wearing the full Islamic veil in public (BBC).

Well, the Belgian law doesn’t exactly formally forbid the Islamic veil although it was often named as the “anti-burqa law”. The exact terms are:

Seront punis d’une amende de quinze euros à vingt-cinq euros et d’un emprisonnement d’un jour à sept jours ou d’une de ces peines seulement, ceux qui, sauf dispositions légales contraires, se présentent dans les lieux accessibles au public le visage masqué ou dissimulé en tout ou en partie, de manière telle qu’ils ne soient pas identifiables.
Toutefois, ne sont pas visés par l’alinéa 1er, ceux qui circulent dans les lieux accessibles au public le visage masqué ou dissimulé en tout ou en partie de manière telle qu’ils ne soient pas indentifiables et ce, en vertu de règlements de travail ou d’une ordonnance de police à l’occasion de manifestations festives.

The automated Google translation gives:

Shall be punished by a fine of fifteen to twenty-five euros euros and imprisonment from one day to seven days or one of these penalties, who, unless required by law, occur in places accessible to public masked or concealed in whole or in part, in such a way that they are not identifiable.
However, are not covered by paragraph 1, those that circulate in places accessible to the public masked or concealed in whole or in part in such a way that they are not identifiable and that, under regulations of work or Order of Police on the occasion of festivities.

This is even more scary: the law basically asks everyone to clearly show her/his face in public spaces except for work (e.g. construction workers with dust protection) or when the police explicitly authorised it during events. If it’s too cold in winter and your hood is hiding part of your face, you may be arrested. On top of that, you add the increasing number of CCTV in operation in Belgium as well as some good face recognition software and you have a tightly controlled society. 😦

Photo credits. Left: Masked by Katayun on Flickr (CC-by-nc-sa). Right: Heiliger Führerschein (Episode #6 – Das Finale) on Niko Alm’s blog.

Facebook -vs- Twitter short message usage?

The other evening, we started an interesting discussion with some colleagues about usage of Twitter and Facebook. Obviously most people in the room were (and are) using Facebook and knew about the feature (“status”) allowing you to share text messages with your friends (and the whole world). Less people were aware of Twitter, although is also offers the possibility to share text messages with your friends (and the whole world too). I was wondering why most (if not all) people in the room were registered on Facebook but almost none of them were registered (or even using) Twitter. Do not even mention Identi.ca, the open source alternative to Twitter.

Both Facebook and Twitter play in the “social networking websites” circle and both are proprietary. You must register with both to be allowed to participate although no registration is required to read Twitter messages (they are public by default). No such thing with Facebook: only registered users can read what other users posted. Another difference: Facebook allow you to share more than just text messages (photos, videos, play games, etc.) while Twitter relies on third-parties for that (although they are rolling out a photo sharing service). Is that difference in features that make most people prefer Facebook on Twitter? Is that just a snowball effect?

Twitip states that “Facebook appeals to people looking to reconnect with old friends and family members or find new friends online; the mashup of features like email, instant messaging, image and video sharing, etc. feels familiar, while Twitter is a bit harder to get your arms around at first. […] Twitter on the other hand, encourages you grab ideals in byte-size chunks and use your updates as jumping off points to other places or just let others know what you’re up to at any given moment.” Even with those differences, Facebook and Twitter had very similar demographics in 2010, according to Digital Surgeons.

Sharing information via social channels (Facebook, Twitter and alike) grew fast between 2009 (14%) and 2010 (24%) according to Social Twist. It even overtook instant messaging. But this shouldn’t hide the fact that most people still use e-mails to share links. Is it because most people using social media are still “old” (25-35 years old) and used to send and receive e-mails. Of course, Social Twist only records a special kind of measure (media sharing) and I wonder if the supposed use of social media in “Arab revolutions” will have an impact on the 2011 usage. It would be interesting to see the trend in the coming years.

Coming back to the initial question, I think most people in that other evening were mostly using Facebook (and not Twitter) mainly because of the snowball effect (most of the friends are also on Facebook). I mainly use Twitter to share information and Facebook to keep in touch with my friends’lives.

And you, do you use Facebook and Twitter in different manners?

P.S. If you want you can follow me on Twitter and, yes, you can find me on Facebook 😉

Facebook updates: nothing to fuss about

So Facebook, the current paramount social website, updated its website with the possibility to download all your data (among other updates). I don’t see why people need to fuss about this.

Although maybe useful, the important is not to be able to retrieve your data. After all, if your pictures are on Facebook, they were previously on your computer / camera / whatever. So you should already have them (and Facebook sends them to you in a zip file? what a feature!). Unless Facebook allows you to also download data about you but uploaded by others; this is a bit more interesting from a sociological / academic point of view (what has been posted about you). And then? A “big” step towards interoperability between social websites? Are you joking? For interoperability, you need 2 partners and, to my knowledge, no other websites (social or not) are currently offering the possibility to upload data from Facebook. Will it arrive? I’m sure of it. Is it secure? I doubt it: nothing is 100% secure in IT, Facebook is no exception. But this is still not important!

The important thing would have been to have total control on your data. The ability to post data. The ability to effectively remove data (Facebook policy explicitely states nothing is necessarily physically erased, not even your account if you decide to close it!). The ability to remove data about you posted by others. The ability to control data posted about your children. The ability to have real privacy.

So, why do I blog this? I don’t really get why people are so excited about this feature. Oxford building a new library [1, 2], why and how, this has nothing to do with the topic of this post but this is news!

Bodleian Library: Divinity School
Photo credit: Bodleian Library: Divinity School by Beth Hoffmann on Flickr (CC-by-nc-sa)

Belgian eavesdropping increased in 2009

Following this article (French), official phone eavesdroppings again increased in Belgium in 2009: Belgian police listened 5265 times to private conversations. The French transcript is here.

Evolution of the number of official eavesdropping in Belgium

One doesn’t get much more than these numbers: nothing about the number of hours spent listening, nothing about the percentage of effectiveness/results, nothing about internet eavesdropping (e-mail e.g.). One thing struck me: all requests for eavesdropping were accepted. Or, at least that what the Minister implied when he wrote “there is no distinction between the number of requests and the number of effective eavesdropping”.

Belgian State Security report 2008

When I first opened the Belgian State Security Report 2008 (PDF in French or in Dutch), I had the a feeling of déjà vu: the cover picture is in fact a part of the Great Court of the British Museum in London, UK. Strange for a report on Belgian security and surveillance …

The British Museum as illustration for a Security report
Comparison between an actual photo of the British Museum Great Court (left, by Guillermo Viciano, under CC-by-sa) and the cover of the Belgian State Security Report 2008 (right)

Then I saw it’s only a light version for the web, not the full version. I had a look at the Justice website and the Security web page but I couldn’t find the original version (if you have the full version, I’m interested).

The report summarizes all the activities done by the Security in 2008, including the groups, countries and activities watched, a report on the cases where it was involved (Belliraj, Benali, Trabelsi cases, a.o.) and a broad view of what they did to check people background, protect some others and check various accreditations.

The most interesting part for me, however, was a short description of a bill about data collection methods by the Security. This bill was submitted to the Belgian Senate in December 2008 and was recently adopted (the full text is here, in French). It’s now submitted to the Belgian king for signature.

Briefly, this bill modifies an existing law from 1998 and, among other things, tells apart ordinary data collection methods from specific (articles 18/7 and 18/8) and exceptional ones (articles starting from 18/9). As expected, the bill allows the use of techniques to intercept and read private communications between persons. The bill also allows entering into computer systems, removing protections, installing spyware, decrypting and collecting data (but it does not allow their destruction).

All these methods are controlled post hoc by two different bodies, an ad hoc administrative commission composed of magistrates (renewed each year by the king following a suggestion by the government) and a permanent “R” committee. Specific and exceptional methods needs to be approved first by the administrative commission but there is always the possibility for the Security hierarchy to bypass this and send a written notice to the commission later on. How many times can this last step be forgotten?

Although it’s nice to have the reference to the bill and be able to look for it on the internet, I would have liked to see some statistics about how many times these specific and exceptional measures were applied, how many times they were refused by the administrative commission, how many times the hierarchy allowed a mission and informed the commission later on, etc. in the same way they proudly show graphs of the number of hours spent protecting VIPs. I know details are protected by secret but it would still have been nice to have an idea on how often these methods are used.

Live picture from the Bruxelles Grand Place

On the Bruxelles website, you can watch from and move a webcam on the Grand Place. The resolution is good enough to distinguish faces in you zoom. But what is more interesting (imho), is that the stream from the webcam is just a stream of still images from http://www.brucity.be/webcam.jpg. The image below was the current image from the webcam when you loaded this page ; reload the page to see another picture …

webcam Grand Place Bruxelles

Now you can watch people on the Bruxelles Grand Place and watch what is interesting for people operating the webcam …