Mobile Privacy

The California Attorney General has released her recommendations for privacy in mobile space.  Overall, it is a fairly good set of recommendations though some groups have already criticized it.  Two notable recommendations are the integration of privacy into the design process. While not full on privacy by design or privacy engineering, it does give some advice to the mobile developer on how to think about privacy (particularly data minimization) before creating their apps.

The drug war and privacy

Not that this is a new revelation on my part but I just wanted to relay it because it’s fresh on my mind: the war on drugs is the biggest threat to American privacy we have going.  What happened to me that makes me want to post this now?

I’m currently driving across the country visiting friends and family.  I left Salt Lake City earlier today and braved winter storm Gandolf to make it to Reno, Nevada. Afterwards, I’m headed to northern California to visit a friend, then make my way back to Florida through the Southern United States. As I approach Reno, a flash of red and blue lights up behind me.  Perplexed, I pull over at the next safe spot. I wasn’t speeding  given the severe weather conditions (though it wasn’t too bad at that moment). I had actually seen a state trooper a few miles back but I didn’t see him leave his spot though I suspect this was the same one.

He approached the car and I rolled down my window to the 25 degree air. He asked how I was doing this evening (about 9pm). I said fine then asked why he had pulled me over. He asked for my license, which I produced and he said I had crossed the line and wanted to make sure I was safe to drive.  This was a blatant falsity. What was really going on was he was profiling me because of my Florida license  in Nevada (or maybe my Gary Johnson bumper sticker) and used the pretext of me crossing the line to stop me.  [More about how I know this in a minute.]  He then asked for my registration and proceeded to ask me a series of questions:

Where was I headed? Oh a friend is California? How did I know him? High school, really?  Was I staying in Reno? Where was I staying? What did I do for work? Website development? Anything he would know about? Why do I have so much crap in my car? Why am I acting nervous? (I was shaking because I had been warm until I had to roll down the window to the cold night air) The state trooper was a really good actor. He genuinely seemed interested in the answers; like he wanted to learn more about me. The entire time he is vigorously inspecting my license and registration for any discrepancy. Of course he found none.

Unfortunately for him, I’m not a drug mule and had an immediate answer for every question.He eventually let me go and didn’t even say be careful about crossing the line, his original excuse for stopping me. 

 How do I know the officer was pretexting in stopping me?  My friend, whom I’m visiting in Northern California, had exactly the same experience in Oregon. He was driving to visit a friend in Oregon and just a few miles across the state line, he was stopped under the guise of having crossed the line. He was given almost the exact same line of questioning, where was he going, what did he do for work (it was midweek), etc.  Unfortunately for my friend, the officer claimed to smell marijuana and searched his car without his consent. Fortunately, the officer didn’t go that far in my case.

Privacy is about the right to be let alone.  By pulling people over under false pretenses, invading their personal space and then asking a series of ever probing questions in an attempt to find a gap in their story that would allow them to ultimately search their vehicle in at attempt to find illicit drugs, our fundamental right to let alone suffers. This is no isolated incident, this is a systematic assault on the freedom we enjoy as Americans.  No other rationale serves to create such a culture of invasiveness than the drug war. From pretext traffic stops, to no-knock warrants, to databasing of our cold drug buying habits, the drug war is an insidious disease on freedom. Not event the cause-du-jour, the war on terror, with it’s privacy assault is as pervasive across the country and world as the the fight against narcotics

The war on drugs must end. 

You can have my privacy when you pry it from my cold dead hands.

Sorry for the extended holiday break. Lot’s going on in my life and lots to announce coming up. In the mean time, here is an article on guns and privacy.

After the recent Newton school shooting, in which the shooter allegedly used his mother’s licensed and permitted firearm, a debate has raged about the privacy rights of gun owners. A newspaper in Massachusetts published a  list of licensed firearms owners in the area culled from public records. After a visceral outcry from the public, lawmakers have proposed bills to limit the free speech of newspapers to publish information about gun owners. Notice how I framed the debate as one of the first amendment versus the privacy rights of the second amendment. I’m not the only one who noticed it

When City Paper asked McDonogh if the bill intended to “limit the First Amend­ment in order to pro­tect the Sec­ond,” he responded: “That’s a good way to put it.”

This is hardly a new debate. If fact this is something I wrote about in a white paper for the Florida First Amendment Foundation back in 2007.  That white paper discussed the seeming tension between public records and privacy. My home state of Florida even has a law prohibiting the creation or keeping of a list of owners of firearms, though with copious and quite reasonable exceptions. One of those exceptions is for the state’s licensing of concealed weapons permit holders, currently over a million licensees in Florida. Though this list is exempt from the public records is still doesn’t protect against the ultimate privacy harm upon which the Second Amendment rests, namely the confiscation of firearms by the government in times of civil unrest. 

In states without such exemptions, additional privacy harms are prevalent.   The concern is that once released, this information about gun ownership can be used for nefarious purposes: criminals can target houses with guns (in an effort to steal them) or they can target houses without guns (to avoid armed homeowners). Part of the benefit of a concealed carry is the benefit of surprise, criminals don’t know who is carrying a weapon and where they are. Publicizing this information defeats some of the tactical advantage of concealing the weapon.

So how do we sustain the arguably legitimate interest of government to restrict gun usages (possession / concealed carrying, etc) to those legally eligible yet maintain the privacy of the gun users not only from the general public but from the government that licenses them.  While the first step must be to analyze the entire ecosystem. Fundamentally, if only a small percentage of people are excluded from the eligible pool (and potentially aren’t going to follow the rules anyway), would it make more sense to identify those ineligible people rather than spotlight the eligible majority. Assuming such an option is not politically viable, then a smarter system would be to decentralize the license. In Florida, concealed carry permit holders must carry their license on their persons.  F.S. 790.06 (1) This provision provides part of the solution. If the process for issuing the license can be validated and the license renewed probably more frequently than it is today, then the necessity of keeping a centralized list of licensees becomes moot.  Failure to carry the license at the time of carrying a concealed weapon is a crime and the authorization can be refreshed every time the license is renewed.