Shhh… Google: No to Global ‘Right to Be Forgotten’ Order

Check out this Politico article below and my previous related columns on the same subject:


Google contests global ‘right to be forgotten’ order

Don’t make us apply European laws around the world, Google pleads.
By David Meyer
30/7/15, 5:59 PM CET
Updated 31/7/15, 5:38 PM CET

Google is appealing an order from the French data protection authority to apply the “right to be forgotten” on a global basis, the company said Thursday.

The Commission nationale de l’informatique et des libertés (CNIL) said in June that, when Google receives requests for the delisting of personal information from its search results, it should remove links to that information from all its sites around the world, including google.com.

The search giant currently only removes such results from its European domains, as the “right to be forgotten” stems from a ruling by Europe’s highest court.

Google has now formally asked CNIL to withdraw its order for global delisting.

“We’ve worked hard to implement the right to be forgotten ruling thoughtfully and comprehensively in Europe, and we’ll continue to do so,” said Peter Fleischer, Google’s global privacy chief, in a statement. “But as a matter of principle, we respectfully disagree with the idea that a national data protection authority can assert global authority to control the content that people can access around the world.”

The Court of Justice of the European Union ruled in May 2014 that EU-wide privacy legislation applies to foreign search engines operating in the region. It said search engines must take down links to information that is “inaccurate, inadequate, irrelevant or excessive” upon request, as long as there are no good reasons to keep them in its results.

Google went on to comply with the ruling, though a dispute remained between the firm and privacy regulators over the scope of the delinking.

Internet regulation is inherently complicated by the fact that the Internet does not naturally respect national borders. This leads to a tension between those who want to see national laws respected in the countries where they apply, and those who see international enforcement as the only way to make that happen.

While it is relatively easy to apply rules to country-specific versions of a website, such as those with addresses ending in Germany’s “.de” or France’s “.fr,” there is nothing to stop people visiting other versions of the site to find missing information.

The Article 29 Working Party, the umbrella group for EU data protection regulators, wrote in November that “limiting delisting to EU domains on the grounds that users tend to access search engines via their national domains cannot be considered a sufficient mean to satisfactorily guarantee the [privacy] rights of data subjects.”

This stance was the basis for CNIL’s order in June, which came with the threat of a fine of up to €150,000 for non-compliance.

However, a Google-convened panel of privacy experts said in February that the rights of EU citizens had to be balanced with those of people in other countries, who may have the right to see the offending information under their own national laws.

Americans accessing google.com, for example, live in a country whose legal system broadly prioritizes freedom of speech over the right to privacy.

Google built on this theme on Thursday, arguing that global delisting would risk a “chilling effect” on the web as many countries around the world have their own national speech restrictions.

The firm cited several national examples: Turkey criminalizes some criticisms of Kemal Ataturk; Thailand does the same for its royalty; and Russians are banned from disseminating “gay propaganda” online.

“If the CNIL’s proposed approach were to be embraced as the standard for Internet regulation, we would find ourselves in a race to the bottom,” Fleischer wrote in a blog post. “In the end, the Internet would only be as free as the world’s least free place.”

CNIL said it had received Google’s appeal and would “look at the arguments,” though it claimed those arguments were “in part political” whereas its own reasoning was “strictly legal.”

The regulator added that it would respond within two months.

Nicholas Hirst contributed to this story.

Shhh… FBI, DEA & US Army Bought Italian Spyware

Find out more from The Intercept article below:

Leaked Documents Show FBI, DEA and U.S. Army Buying Italian Spyware

By Cora Currier and Morgan Marquis-Boire @coracurrier@headhntr

The FBI, Drug Enforcement Administration and U.S. Army have all bought controversial software that allows users to take remote control of suspects’ computers, recording their calls, emails, keystrokes and even activating their cameras, according to internal documents hacked from the software’s Italian manufacturer.

The company, Hacking Team, has also been aggressively marketing the software to other U.S. law enforcement and intelligence agencies, demonstrating their products to district attorneys in New York, San Bernardino, California, and Maricopa, Arizona; and multi-agency task forces like the Metropolitan Bureau of Investigation in Florida and California’s Regional Enforcement Allied Computer Team. The company was also in conversation with various other agencies, including the CIA, the Pentagon’s Criminal Investigative Service, the New York Police Department, and Immigrations and Customs Enforcement.

The revelations come from hundreds of gigabytes of company information, including emails and financial records, which were released online Sunday night and analyzed by The Intercept. Milan-based Hacking Team is one of a handful of companies that sell off-the-shelf spyware for hundreds of thousands of euros — a price point accessible to smaller countries and large police forces. Hacking Team has drawn fire from human rights and privacy activists who contend that the company’s aggressive malware, known as Remote Control System, or RCS, is being sold to countries that deploy it against activists, political opponents and journalists.

Even in the U.S., where the software would presumably be used only with a judge’s approval, the tactic is still controversial. Just last month, Sen. Chuck Grassley, R-Iowa, wrote to the director of the FBI asking for “more specific information about the FBI’s current use of spyware,” in order for the Senate Judiciary Committee to evaluate “serious privacy concerns.”

The leaked emails show that the FBI has been using Hacking Team’s software since 2011, apparently for the secretive Remote Operations Unit. It’s long been reported that the FBI has deployed malware in investigations, but details on the agency’s efforts are thin, with the tactic only surfacing rarely in court cases — such as one instance last year when the FBI spoofed an Associated Press article to get a target to click on a link. The FBI reportedly develops its own malware and also buys pre-packaged products, but the relationship with Hacking Team has not been previously confirmed.

Hacking Team’s spokesperson, Eric Rabe, said in a statement that “we do not disclose the names or locations of our clients” and “we cannot comment on the validity of documents purportedly from our company.”

The director of the Metropolitan Bureau of Investigation in Florida told The Intercept that it “does not have plans to purchase any product from Hacking Team.” The Manhattan District Attorney’s office said, “It would be an overstatement to say that our office is planning to purchase this type of software. This company is one of several in the industry whom we’ve requested meetings with in order to keep pace with rapid technological advancements in the private sector.”

The CIA declined to comment, and ICE said it “does not discuss law enforcement tools and techniques.” (The Intercept will update this story if other agencies named in the documents respond to requests for comment.)

The leaked emails show that U.S. agencies worried about the legality and perception of Hacking Team’s tools.

Hacking Team refers to its U.S. clients by code names. The FBI unit is “Phoebe” (initially “f-client,” but one employee complained “it sounds like an antivirus),” the DEA is “Katie,” and the CIA, which appears to have sampled, but not bought Remote Control System, is “Marianne.”

In 2011, a representative of the DEA’s Office of Investigative Technology told Hacking Team that its budget request for Remote Control System had been denied because it was considered “too controversial,” according to an email. “We are working on the foreign angle,” the DEA said, according to Hacking Team’s U.S. account manager.

“I imagine Katie [DEA] is referring to the fact that they as the DEA could buy RCS for other countries (Colombia) where it’s less problematic to use it,” an employee replied in Italian.

The purchase did go through in 2012, and it appears to have been used mainly in conjunction with Colombian law enforcement. As one email explained, “Katie will be administrator of the system, while the locals will be collecting the data. They are saying if this works out, they will bring it to other countries around the world. Already they are speaking of El Salvador and Chile.”

Robotec, a company that manages Hacking Team’s sales to several Latin American countries, also mentions clients in Colombia using DEA funding.

Local police in the U.S. also had their worries. Florida law enforcement told Hacking Team this year that the software could create legal problems without the ability to have “‘minimization’ of the calls and messages — (ie. deleting portions which are not relevant to the search.)”

In 2013, San Bernardino’s district attorney wanted to go to a judge to obtain a warrant targeting a “known bad guy” even for a trial run of the software. “If the systems [sic] proves itself in this live trial, and the judge is convinced of both its value and proper protection of privacy, they would then move into the purchase phase,” one of Hacking Team’s U.S. business partners, from the security giant SS8, explained.

“One of the concerns of this segment is that the HT product is ‘too powerful,’” Fred D’Alessio, who sits on the board of SS8 and is identified on LinkedIn as a senior advisor to Hacking Team, wrote about local agencies. “They have also said, their biggest challenge is ‘getting the lawyers and the District Attorneys to agree on what they can do legally.”

Hacking Team’s FBI contacts worried that the spread of Hacking Team software around the country could cause word to get out (as has happened with technology like Stingrays, the devices that police use to track cell phone location.) “If San Bernardino gets exposed, they might also expose Phoebe,” Hacking Team’s U.S. point man, Alex Velasco, wrote in September 2013.

The FBI’s use of Hacking Team’s software also informs the public debate about the growing use of encryption to protect Internet communications. FBI and other top U.S. law enforcement officials have been calling for a law that would provide for a “backdoor” into commercial encryption technologies — something privacy advocates and many cybersecurity researchers see as a undermining Internet security.

Hacking Team claims that its software offers a way around encryption, obviating the need for a backdoor. Vincenzetti regularly sends out articles about the encryption debate to his email list with a plug for Remote Control System. Last February, he wrote that law enforcement and security agencies could use “technologies to ACCESS THE DATA they need IN CLEARTEXT, BEFORE it gets encrypted by the device and sent to the network and AFTER it is received from the network and decrypted by the device itself. Actually THIS IS precisely WHAT WE DO.”

The Buyers

The push into the local district attorney market, for which the company considered San Bernardino a pilot, appears to have been facilitated by SS8, a massive California-based security company that markets to law enforcement agencies in the United States and abroad. (Rabe denied that SS8 is working with Hacking Team, despite emails between the companies.) The local market could be lucrative: a budget for the district attorney in New York that Hacking Team proposed in April totaled $760,000 in upfront license fees, and another $382,000 in services and maintenance.

“As with so many other surveillance technologies that were originally created for the military and intelligence community, they eventually trickle down to local law enforcement who start using them without seeking the approval of legislators — and, in many cases, keeping the courts in the dark too,” said Christopher Soghoian, principal technologist of the American Civil Liberties Union.

The DEA, FBI and Army bought Hacking Team’s software through a company called Cicom, which for several years served as a middleman for Hacking Team’s U.S. business. The DEA and Army contracts to buy Remote Control System through Cicom were first revealed by the advocacy group Privacy International this spring. Reporters noted that Cicom shared the same corporate address in the United States as Hacking Team, but when asked about the connection by Ars Technica, Hacking Team’s U.S. spokesperson Eric Rabe said, “I cannot confirm any relationship between the company Cicom and Hacking Team.”

Alex Velasco, Cicom’s general manager, has in fact been a consultant under contract to represent Hacking Team to clients in North America since 2012, company emails show. The relationship ended in March, after Hacking Team accused Velasco of scheming to market competing products, according to an internal investigation commissioned by Hacking Team. Velasco declined to comment to The Intercept on the allegations, because he is in legal proceedings with Hacking Team.

Hacking Team was also in talks in 2014 with the FBI’s National Domestic Communications Assistance Center, a secretive unit formed in 2012 and focused on interception technologies. Velasco claims in an email that the group came to them after Citizen Lab, a research group at the University of Toronto focused on Internet technology and human rights, published a highly critical report on Hacking Team’s global sales. “If anything good came out of the Citizen lab articles is that it brought them to contact us to see if it was true,” he wrote. “Thank you Citizen Lab!!”

It’s not clear from Hacking Team emails what Army component bought an RCS system in 2011, but it was based at Fort Meade and apparently sat unused for years. According to a 2013 email from Velasco, “they purchased a system right before they got their budget cut…They were never given permission to pull an internet line to their office to install the system. (ridiculous but true!)”

Hacking Team was in the midst of negotiations for a new FBI contract from Cicom after Velasco’s firing, but the agency decided to go with another vendor due to budget timing issues, according to an email from Phillipe Vinci, Hacking Team’s vice president for business development. Besides, the product was “seen as a ‘nice to have’ by FBI,” but “they confessed they were using it for low level types of investigations. For critical operations, they were using another platform,” wrote Vinci. He said the FBI wanted more ability to go after users of Tor, the anonymizing web browser; those users accounted for 60 percent of its targets.

But Hacking Team appeared determined to continue its conquest of the U.S. market.

“There will be a process to have ‘HT Usa Inc.’ accredited,” wrote operations manager Daniele Milan. He pledged to stay in touch with the FBI, marketing new features, and identifying problems “to resolve for them (in exchange for $$$).”

While Hacking Team’s emails reveal the company to be stringent about selling only to governments, the company officials appear to worry less about how its technology is used once it gets to those customers. Responding to concerns raised by the district attorney of New York in 2013, Hacking Team’s chief operating officer Giancarlo Russo wrote that “all the consideration regarding the ‘legal framework’ cannot be addressed by us.”

Instead, he was more concerned about local customers’ ability to use the product effectively. “If you buy a Ferrari… they can teach you how to drive. They cannot grant you will be the winner of the race,” he wrote to his colleagues in English. “If Beretta sell you a gun, the most peculiar and sophisticated one, they can teach how to use it. They can not grant you are going to shoot your target properly on the field.”

–– Sheelagh McNeill contributed research to this report.

Shhh… Russian Parliament Paved Way for "Right to be Forgotten"

Check out the Reuters article below:

Russian parliament approves Internet privacy bill

Technology | Fri Jul 3, 2015 11:04am EDT
Reuters/Mal Langsdon

Russia’s parliament gave its final approval on Friday to a law that would require Internet search engines to remove users’ personal information from their results.

The bill, passed by the State Duma lower house in its third reading, seeks to emulate European Union rules on the “right to be forgotten”, under which search engines must take down certain results that appear under a search of a person’s name.

Under the new Russian legislation, Internet users will have the right to request the removal of information that is incorrect or “no longer relevant because of subsequent events or actions”, TASS news agency reported.

The regulation, which now needs to be signed into law by President Vladimir Putin, has been criticized by Russian web companies who are concerned about balancing rights to personal privacy against the freedom of information.

“We believe that control over dissemination of information should not restrict free access to public data. It should not upset the balance of personal and public interests,” said Russia’s biggest search engine Yandex.

After discussing the draft with search engine providers, the Duma approved some minor changes to the bill, Yandex added.

Users will now need to provide specific references to the web pages they wanted deleting and web companies will have 10 days to comply with the request.

TASS reported that search engines would also not be required to remove information about an applicant’s criminal record.

“Yandex and other Internet companies have criticized this legislation from the moment we heard about,” Yandex said in a statement. “Unfortunately, many important changes, from our point of view, have not been implemented.”

Google in Russia was not immediately available for comment.

(Reporting by Jack Stubbs and Maria Kiselyova; Editing by Alison Williams)

Shhh… Snowden Supports Apple’s Public Stance On Privacy

Edward Snowden Supports Apple’s Public Stance On Privacy

by Josh Constine (@joshconstine)

Edward Snowden says we should support Apple’s newly emphasized commitment to privacy rather than a business model driven by personal data collection, whether or not Tim Cook is being genuine. Snowden spoke over video conference during the Challenge.rs conference in Barcelona today.

I asked Snowden his thoughts on Cook’s recent acceptance speech for an Electronic Privacy Information Center award, saying:

CEO Tim Cook recently took a stand on privacy and Apple’s business, saying “some of the most prominent and successful companies have built their businesses by lulling their customers into complacency about their personal information. They’re gobbling up everything they can learn about you and trying to monetize it. We think that’s wrong. And it’s not the kind of company that Apple wants to be.”

Do you think Cook’s perspective genuine and honest, and how do you think it will play out long-term with regards to it hurting or helping Apple’s business, or whether Apple will keep this promise to privacy?

Snowden responded:

I think in the current situation, it doesn’t matter if he’s being honest or dishonest. What really matters is that he’s obviously got a commercial incentive to differentiate himself from competitors like Google. But if he does that, if he directs Apple’s business model to be different, to say “we’re not in the business of collecting and selling information. We’re in the business of creating and selling devices that are superior”, then that’s a good thing for privacy. That’s a good thing for customers.

And we should support vendors who are willing to innovate. Who are willing to take positions like that, and go “You know, just because it’s popular to collect everybody’s information and resell it..to advertisers and whatever, it’s going to serve our reputation, it’s going to serve our relationship with our customers, and it’s going to serve society better. If instead we just align ourselves with our customers and what they really want, if we can outcompete people on the value of our products without needing to subsidize that by information that we’ve basically stolen from our customers, that’s absolutely something that should be supported. And regardless of whether it’s honest or dishonest, for the moment, now, that’s something we should support, that’s something we should incentivize, and it’s actually something we should emulate.

And if that position comes to be reversed in the future, I think that should be a much bigger hammer that comes against Apple because then that’s a betrayal of trust, that’s a betrayal of a promise to its customers. But I would like to think that based on the leadership that Tim Cook has shown on this position so far, he’s spoken very passionately about private issues, that we’re going to see that continue and he’ll keep those promises.

It’s reasonable to wonder how much of Cook’s chest-beating on privacy is philosophy and how much is marketing. Since the iCloud celebrity photo hack last year, we’ve written about how Apple needs to be more transparent about security and privacy. Snowden seems to agree it could benefit the company as well as society.

Apple’s steps in that direction through press releases and public appearances by Cook have been positively received. They resonate especially well with the public in contrast to other tech giants like Google and Facebook that are aggressively collecting private personal data, and the widespread security breaches of big brands.

Yet while people frequently say privacy is important to them, their unwillingness to stray from products that rely on mining their data seems to suggest otherwise. We’re just at the start of the age of personalized computing, and those that embrace it may get an advantage in the market.

Apple is experimenting with ways to personalize with privacy in mind. Its new Proactive update to Siri scans your email to remind you about events, but only does this on your device rather than copying your data to its servers for processing. To keep up while remaining true to its ideals, Apple will need more creative solutions like this to deliver convenience without being creepy.

Shhh… French Ultimatum Clicking on Google Over "Right to be Forgotten" Ruling

Please check out my two previous columns on this topic – and the latest on the situation from the Bloomberg article below:

Google Faces French Ultimatum Over Right to Be Forgotten

by Stephanie Bodoni
June 12, 2015 — 5:22 PM HKT
Updated on June 12, 2015 — 11:24 PM HKT

Google Inc. risks French fines after being handed a 15-day ultimatum to extend the so-called right to be forgotten to all its websites, including those outside the European Union.

France’s data protection regulator, CNIL, ordered the world’s most-used search engine to proceed with delistings of links across its network, irrespective of the domain name, according to a statement on Friday. CNIL said it received “hundreds of complaints following Google’s refusals.”

The order comes more than a year after a ruling by the EU’s highest court created a right to be forgotten, allowing people to seek the deletion of links on search engines if the information was outdated or irrelevant. The ruling created a furor, with Mountain View, California-based Google appointing a special panel to advise it on implementing the law. The panel opposed applying the ruling beyond EU domains.

If Google “doesn’t comply with the formal notice within the 15 days,” Isabelle Falque-Pierrotin, the president of CNIL “will be in position to nominate a rapporteur to draft a report recommending to the CNIL Select Committee to impose a sanction to the company,” the watchdog said.

“We’ve been working hard to strike the right balance in implementing the European court’s ruling, cooperating closely with data protection authorities,” Al Verney, a spokesman for Google in Brussels, said in an e-mailed statement. “The ruling focused on services directed to European users, and that’s the approach we are taking in complying with it.”

Links Removal

EU data protection chiefs, currently headed by Falque-Pierrotin, last year already urged Google to also remove links, when needed, from .com sites.

Google Chairman Eric Schmidt has argued that the EU court’s ruling in May 2014 — in which it ordered search links tied to individuals cut when those people contend the material is irrelevant or outdated — didn’t need to be extended to the U.S. site.

“It is easy circumventing the right to be forgotten by using the domain Google.com,” said Johannes Caspar, the Hamburg data protection commissioner. “Google should be compliant with the decision and fill the protection gap quickly.”

Google has removed 342,161, or 41.3 percent, of links that it has “fully processed,” according to a report on its website.

‘Right Balance’

The U.K.’s Information Commissioner’s Office said in a statement that its experience with removal requests “suggests that, for the most part, Google are getting the balance right between the protection of the individual’s privacy and the interest of internet users.”

The right-to-be-forgotten rules add to separate demands for curbs on Google’s market power being considered by lawmakers this week. EU antitrust regulators in April escalated their four-year-old probe into Google, sending the company a statement of objections accusing the Internet giant of abusing its dominance of the search-engine market.

The same day, the EU also started a new investigation into Google’s Android mobile-phone software.

The Flawed "Right To Be Forgotten" Ruling on Google Cannot and Should Not be Globalized

A eight-member panel experts tasked to review privacy issues relating to online search giant Google Inc. has rejected late last week attempts by EU privacy watchdogs to extend the “right to be forgotten” ruling beyond the 28-nation bloc – see Bloomberg report below.

The European Court of Justice issued a landmark ruling last May that anyone living in the European Union and Europeans living outside the region could ask search engines like Google to remove links if they believed the online contents breached their right to privacy and are “inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed.”

I have explained in my column last July that the ruling was Much Ado About Nothing as it amounted to everything but forgotten: what Google essentially did was to remove results from name search of those names approved to be deleted but only on its European websites. The same results remain on the Google US homepage and all its non-European sites. Furthermore, Google is only removing the results but not the links.

Thus no surprise there are now efforts to address these not-so-forgotten issues.

But as I have further pointed out then, the more devastating and often overlooked impact was how any “right to be forgotten” would be a much welcomed and God-sent convenience for “women with a past and men with no future”, essentially amounting to the “right to be defrauded”.

In short, anyone in support and calling to extend the “right to be forgotten” ruling – including the Hong Kong Privacy Commissioner Allen Chiang who erroneously heralded it as a way to grant everyone a “second chance in life” – is not only pulling the plug on the free flow of information but also effectively facilitating the closing down of everyone’s right to information, which would derail the notion of free markets in this global economy if every individuals and entities could so conveniently erase their dirty laundries (like criminal convictions, litigation history, old debts and past bankruptcy records for starters) at the expense of their counter-parties who could no longer trace anything – especially if this ruling was blindly extended and embraced globally.

And I stress once again, the internet, originally designed to exchange raw data between researchers and scientists, has evolved into a self-contained, self-sustained and self-evolving ecosystem of records, communications, commerce, entertainment, etc. Any attempt to remove the contents, successful or otherwise, is like playing God.

Historians will mark the EU ruling as a (irreversible) seismic error. Extending it to a global scale will have no equals in the history of mankind.

Google Panel Opposes EU Data Watchdogs on Forgotten Case

by Stephanie Bodoni

(Bloomberg) — A panel of experts enlisted by Google Inc. to review privacy issues following a European Union court ruling backed the search giant’s bid to limit the “right to be forgotten” to websites within the 28-nation bloc.

The eight-member group, which includes Wikipedia co-founder Jimmy Wales, rejected a push by EU privacy watchdogs to extend search link removals to Google’s global site.

“Delistings applied to the European versions of search will, as a general rule, protect the rights of the data subject adequately in the current state of affairs and technology,” the group said in the 41-page report. “Removal from nationally directed versions of Google’s search services within the EU is the appropriate means to implement the ruling at this stage.”

A ruling by the EU Court of Justice last year created a right to be forgotten, allowing people to seek the deletion of links on search engines if the information was outdated or irrelevant. The ruling created a furor, with Mountain View, California-based Google appointing the panel to advise it on implementing the law.

The geographic scope of an EU court ruling that forced the company last year to remove some search links on request was a “difficult question that arose throughout” the panel’s meetings, the group said.

Today’s report puts the group at odds with the 28-nation EU’s data-protection regulators who last year urged the company to allow people to seek the deletion of links to some personal data on the company’s main U.S. website.

Sabine Leutheusser-Schnarrenberger, a former German justice minister and one of the panel’s member, said that she opposed the majority view of the group on the geographical scope of the EU court ruling.

EU Domains

Removal requests “must not be limited to EU domains,” she said in the report. “The Internet is global, the protection of the user’s rights must also be global. Any circumvention of these rights must be prevented.”

The Google advisory group last year visited seven European cities, from Rome to Berlin, listening to academics and public officials.

“It’s been valuable to hear a wide range of viewpoints in recent months across Europe and we’ll carefully consider this report,” David Drummond, Google’s top lawyer, said in an e-mailed statement. “We’re also looking closely at the guidance given by Europe’s data protection authorities as we continue to work on our compliance with” the EU court ruling.

The company has received 212,109 requests to remove 767,804 links from its website to date, according to its website.

Initial Split

The deletion of links beyond the 28-nation EU was one of two issues that created an initial split between Google and data-protection regulators. Regulators have complained that information blocked on EU websites shouldn’t be easily accessible by visiting Google in other countries by changing a few characters on the browser address line.

The company’s policy of notifying the media about deleted links to stories on their websites also sparked the ire of regulators. The report recommended that search engines “should notify the publishers to the extent allowed by law.”

“In complex cases, it may be appropriate for the search engine to notify the webmaster prior to reaching an actual delisting decision,” the panel said. “If feasible, it would have the effect of providing the search engine additional context about the information at issue and improve accuracy of delisting determinations.”

Shhh… Obama & Cameron: Here’s How Low-Tech Encrypted Communications Work – With Just a Pen & Paper – Which You Can’t Decrypt

Here’s a video on how to send an encrypted message in a very simple and low-tech way: with a pen and paper.

Beauty of this primitive but effective method is you would have burnt the “keys” and the authorities won’t be able to punch it out of you, even with water-boarding tactics.

But the one potential challenge is the pad of “cypher keys” (see video below) has to be shared securely in advance and used once at best. Alternative: have several of these pads and find a secure way to convey which pad to use for reference.

Wonder what British Prime Minister David Cameron and US President Barack Obama – who were keen to push for a total ban on encryption despite warnings of irreversible damages – have to say about this. The message to them: it’s impossible to ban encrypted communications.

Shhh… Paris Attacks: Dangerous Precedence & Irreversible Damages with Cameron's Pursuit of “Safe Spaces” & Ban on Encrypted Online Messaging Apps

In the aftermath of the recent Charlie Hebdo attacks, it came as no surprise politicians were quick to up the antenna (again) on surveillance and stifle the right to privacy – whilst, in the same breath, they drape themselves publicly in Paris to embrace free speech and press freedom.

British Prime Minister David Cameron, for example, stole the headlines this week saying that, if re-elected in May, he would ban encrypted online messaging apps like WhatsApp and Snapchat if the British intelligence agencies were not given backdoors to access the communications.

“We must not allow terrorists safe space to communicate with each other,” said Cameron as he spoke about a “comprehensive piece of legislation” to close the “safe spaces” used by suspected terrorists – and also planned to encourage US President Barack Obama (who should be reminded that he has promised to pursue NSA reforms) to make internet companies like Facebook and Twitter cooperate with British intelligence agencies to track the online activities of Islamist extremists.

Backdoors are by and large security holes and what Cameron is proposing would set a dangerous precedence with irreversible consequences far beyond the loss of free speech – this is best summed up in the following open letter to David Cameron (below – and here):

Cameron-OpenLetter
Cameron-OpenLetter2

Are You Unique – How to Check Your Browser Fingerprints & Online Privacy?

Think you have taken all measures to remain anonymous and untraceable online? Or are you still (unknowingly) leaving browser fingerprints that can be traced to you and your devices?

The good news is, there’s a way to check and confirm if you are unique in cyberspace.

A browser fingerprint, or device fingerprint, is the systematic collection of information about a remote device for identification purposes, even when cookies are turned off.

There’s a web site “Am I Unique” which you can visit and check by clicking “View my browser fingerprint” as shown below:

Fingerprinting-Browser

That should give much food for thoughts for the Christmas holidays?

According to a recent international survey on 23,376 Internet users in 24 countries, carried out between October 7, 2014 and November 12, 2014, which found some 64 percent confessed they’re more concerned today about online privacy than they were a year ago.

Privacy-survey

That’s one way to gauge the post-Snowden effects. And if you still wonder why privacy matters, I highly recommend the Glenn Greenwald’s TEDTalk on “Why Privacy Matters“.

Shhh… How to Contact US Senators Who Block NSA Surveillance Bill & Disregard Our Privacy

Fancy rolling up your sleeves and doing something about the (continued) intrusions of your privacy and communications? Now here’s your chance.

The US Senate was just 2 votes shy last Tuesday on the USA Freedom Act, a surveillance reform bill which would have otherwise put a (legal) stop to the National Security Agency’ clandestine domestic surveillance programs and metadata collection as revealed by the Snowden revelations.

Here is a list of the senators and their respective votes:

U.S. Senate Roll Call Votes 113th Congress - 2nd Session

And here’s a list of those 42 senators that voted NAYs – ie. they support more NSA surveillance – along with their social media handles so you can send them a personal Twitter message. Reckon they wouldn’t mind at all since they don’t value privacy, or respect your privacy to be precise. Besides it’s only their contact coordinates disclosed. Tell them how you feel about losing more than your contact coordinates, ie. your metadata and privacy. And share it with your friends, they may have something to tell those senators. So why are you waiting?

USsenate-Vote2
USsenate-Vote3
USsenate-Vote4

And here’s one to highlight:

Shhh… The BBC "Forgotten" List (& Forgotten Company Directors?)

The BBC plans to publish a regularly updated list of articles removed from the search engine Google following the controversial “right to be forgotten rule”.

Google has so far received some 153,000 requests which have involved about half a million different link and 40 percent of these links have been removed. However, according to associate professor David Glance, director of the Center for Software Practice at the University of Western Australia:

… there is a great deal of concern about the sorts of things that are being removed. So, for example, information about former company directors have been removed. So various people are now asking for that type of information to be restored because it’s part of the public record and important information when you are considering the effectiveness or the background of a company or the directors.”

Shhh… Privacy: Tor Guide on Browsing Anonymously

Here’s an interesting chart on how to use Tor to browse the web anonymously:

TorInfographics

The Tor Project is a free software and an open network that shields your online identity and thus helps you maintain privacy by defending against network surveillance:

But Tor can still be compromised and multiple layers of security is recommended:

Shhh-cretly to Feature in "Citizen B": A Documentary on Surveillance & Privacy

Shhh-cretly was interviewed by renowned and award-winning director Werner Boote, who was in Hong Kong with his Austrian crew this week to film Citizen B, a 90-minute documentary on surveillance and privacy to be released in 2015.

IMG_20141009_161005

IMG_20141009_161920

CitizenB

CitizenB2

Big Brother, Big Pharma

The US tries to cut off a lifeline for low-cost pharmaceuticals

The issue of parallel trading seems to have reached the United States, where the US Justice Department has begun demanding that the two largest American couriers, FedEx and UPS, open and report on the contents in the sealed packages of their customers or face criminal charges.

At stake is the delivery of prescription medicines from online pharmacies to customers, according to a report last week by the online news portal WND. FedEx and UPS disclosed last November that they are targets of a federal criminal investigation related to their dealings with online pharmacies.

Please read full column here and there.