Privacy, censorship, and freedom
Privacy issues in public policy — commercial data privacy, government repression, internet censorship, national ID cards, RFID issues of various kinds, data retention, etc.
David and Richi on Cisco and Ironport
The Ferris Research lads offer a succinct analysis of the Cisco/Ironport deal. As an old software stock analyst, I was particularly struck by their estimates that A. Cisco paid over 10 times revenue for Ironport and B. Ironport’s revenues weren’t growing. Even more interesting in my opinion is what Richi said to me by e-mail in response to a query, namely (emphasis mine):
Yes, clearly IronPort’s reputation data is part of the prize for Cisco. …
An interesting question is what will happen (if anything) with SpamCop. IronPort deliberately ran SpamCop at arm’s length as a matter of policy. I wonder if Cisco will maintain that policy. SpamCop is of course part of the raw data feeding into SenderBase, along with the data phoned home by the IronPort boxes.
As we’ve seen with the BlackSpider acquisition by SurfControl, spam control companies that aggregate lots of data about spam sources are valuable, for reasons in addition to spam control. If a zombie is sending spam, it’s also probably a potential source of other bad stuff, such as worms and DDoS connections.
Quite possibly, one of Cisco’s goals (dreams?) for this acquisition is to put a whole lot of sender policing into the network infrastructure. Mainly, that’s a good thing — but like most kinds of internet policing, that technology also has the potential for abuse.
In that vein, I note that the Ferris guys say Ironport’s big competitor was Ciphertrust, acquired by Secure Computing. Well, in my opinion Secure Computing are bad guys, or at least were as of my research a few years ago. They have long helped enforce nationwide Web censorship in Saudi Arabia; they got dinged by the SEC for early for CEO stock hyping/selective disclosure; they in my opinion were guilty of a lot more hyping than that; and for the cherry on top of this ethical sundae, CEO John McNulty has a resume in Secure’s SEC filings that is inconsistent with the SEC filings of a previous employer.
| Categories: Computing appliances, Privacy, censorship, and freedom, Security and anti-spam | Leave a Comment |
Anonymizer – penetrating the Great Firewalls of China and Iran
Lance Cottrell of Anonymizer is one of those rare guys who make me believe he started a company in no small part to do good. And so his cloaking-technology company is providing free services to help Chinese citizens sneak through their national firewall, and is doing the same thing for Iran on a paid basis, under contract to the Voice of America. I think this is wonderful, and he reports that it’s working well now. Even so, I think there are scalability concerns. Right now only 10s of 1000s of users are covered. If there were a few more zeroes on that, standard spam-blocking techniques, currently ineffective, might work. What’s more, the Chinese bureaucracy, currently not highly motivated to shut the service down, might bestir itself to be much more effective.
| Categories: Anonymizer, Privacy, censorship, and freedom, Public policy and privacy, Security and anti-spam, Software as a service | 3 Comments |
Anonymizer — internet privacy through anonymity
I chatted today with Lance Cottrell, the founder and president of Anonymizer. They’re a little 30-40 person company, but even so they do three different interesting kinds of things. In increasing order of importance, these are:
- Provide anonymity services to ordinary individuals.
- Provide anonymity services to enterprises (aka enterprise sneakiness support).
- Help people get through the national firewalls in Iran and China.
| Categories: Anonymizer, Privacy, censorship, and freedom, Public policy and privacy, Security and anti-spam, Software as a service | 3 Comments |
AOL’s IM content privacy policy
AOL’s privacy policy isn’t as bad as Microsoft’s, but it’s no joy either. “Rights” can be a slippery word, as partisans all over the political spectrum are apt to point out.
The contents of your online communications, as well as other information about you as an AOL Network user, may be accessed and disclosed in response to legal process (for example, a court order, search warrant or subpoena); in other circumstances in which AOL believes the AOL Network is being used in the commission of a crime; when we have a good faith belief that there is an emergency that poses a threat to the safety of you or another person; or when necessary either to protect the rights or property of AOL, the AOL Network or its affiliated providers, or for us to render the service you have requested.
| Categories: Online and mobile services, Privacy, censorship, and freedom, Public policy and privacy | Leave a Comment |
Microsoft’s non-privacy policy
I just went to download Microsoft Messenger, and reviewed the terms and conditions. The following is excerpted, emphasis mine.
We consider your use of the Service, including the content of your communications, to be private. We do not routinely monitor your communications or disclose information about your communications to anyone. However, we may monitor your communications and disclose information about you, including the content of your communications, if we consider it necessary to: (1) comply with the law or to respond to legal process; (2) ensure your compliance with this contract; or (3) protect the rights, property, or interests of Microsoft, its employees, its customers, or the public.
EDIT: I can’t find anything at all about content privacy on the Yahoo! Messenger privacy page.
| Categories: Online and mobile services, Privacy, censorship, and freedom, Public policy and privacy | Leave a Comment |
Would a Google PC succeed?
Richard Brandt asked me to look over his post on the oft-rumored possibility of a Google PC. I actually opined on this back in January, when the rumors were rife in connection with a supposed Wal-Mart sales/marketing agreement. I concluded that that would make a lot of sense for internet connectivity and student/homework uses (I didn’t consider work-at-home or gaming uses because that didn’t seem a good fit with Wal-Mart). The reasoning I came up with back then looks good in retrospect, with only minor tweaks (e.g., my new reason for not worrying about IE-only websites is the IE emulation capability in Firefox).
Richard, however, goes further, thinking that Google could succeed in PCs used mainly to run word processing, spreadsheets, etc.. His arguments include:
| Categories: Google, Hardware, Online and mobile services, Privacy, censorship, and freedom, Public policy and privacy, Software as a service | 6 Comments |
Scatterchat and Tor vs. The Great Firewall of China
Hacktivismo has just released Scatterchat, an IM tool intended to beat repressive regimes’ firewalls. Unlike other anonymizer types of tools that use Chinese repression mainly as a marketing hook, Scattershot seems to truly be focused on its stated goal. I haven’t figured out whether it does much clever other than leverage Tor, an anonymous network established by the Electronic Freedom Foundation to try to beat traffic analysis. This all sounds like a perfect example of what I’ve been calling for — technological creativity directed at beating technological repression.
Universal surveillance of vehicle movements
- Last December, Bruce Schneier documented the UK’s near-term intention to track the movement of every vehicle in the whole country, mile-by-mile. He further reported that there are (longer-term, of course) plans or hopes to track people’s personal movements, via face recognition and the like.
- Forrester Research apparently now reports (I found out via Ian Turvill) that pay-as-you-drive insurance in Europe is on the rise. This is a clever idea, for a variety of reasons, but it requires tracking almost every choice a driver makes.
- Meanwhile, cruder movement tracking is provided by electronic toll payment, something that is bound to skyrocket due to time savings, to pollution/congestion benefits, and eventually also to the benefits of time-of-day pricing, which can further reduce traffic congestion.
This is scary stuff. And we’re not going to wind up stopping it, even if we try. We can only hope to blunt its ill effects, by adopting new laws and legal principles that prevent misuse of data the government has already collected.
| Categories: Privacy, censorship, and freedom, Public policy and privacy | Comments Off |
Why I feel qualified to pontificate about public policy
Maybe I should explain why I feel motivated and qualified to hold forth at such length about public policy issues such as net neutrality, free-world privacy, authoritarian censorship, economic development, and so on.
If you’re reading here, you’re probably familiar with my software industry credentials — top-ranked stock analyst, top-tier product analyst, sometime entrepreneur, etc. If not, there’s always my official bio. But I also have some non-trivial public policy and economics chops. I spent two years at the Kennedy School of Government after getting my Ph.D. Then, turning down an assistant professorship at the Kellogg School of Management as well as research jobs at RAND and IDA, I went to Wall Street — which is, if one chooses to make it such, one heck of a further education in economics. And then in the mid/late 90s, Linda and I actually got active in the internet services market, analyzing, consulting, etc. Indeed, we even (re)wrote a few speeches for Steve Case of AOL, including some Congressional testimony.
Bottom line: Yes, I actually have some idea what I’m talking about. 
Technorati Tags: Net neutrality, privacy, censorship, economic development, public policy
| Categories: About this blog, Economic development, Net neutrality, Online and mobile services, Privacy, censorship, and freedom | Leave a Comment |
Layer 7 stateful deep packet inspection — the privacy threat is more serious than we thought
I’ve been reading up on net neutrality, and was just hit by an unhappy realization.
The technology that’s kicked off the whole debate is Layer 7 stateful deep packet inspection. This a feature of telecom equipment, originally found only in high-end firewalls, but now evidently found throughout Cisco’s (and surely also its competitors’) product lines. In IP telecom without this feature, the equipment just sees packets of data, and perhaps header information, but can’t look at the data’s content. However, when you’re looking at Layer 7, the equipment is looking at what the application sees. Everything is visible — every record, every word. And if Cisco’s marketing materials are to be believed, all that technology exists today.
The dangers this presents in terms of privacy and censorship, whether in the basically free countries or the basically authoritarian ones, should be obvious. Fighting for freedom is more urgent than we previously realized.