Washington wants to know: Why can't technology protect consumers' privacy instead of violating it?
The Federal Trade Commission met today in Berkeley, Calif., with corporate technology leaders and privacy advocates, challenging them to create ways to protect consumer privacy online. The FTC is encouraging technology companies such as Facebook and Apple to come up with self-regulatory tactics that will protect consumers without squashing corporate innovation.
Technology companies should be doing more to protect people, says Pamela Jones Harbour, the FTC's commissioner. "Apple requires all developers to submit potential apps for review," Harbour says. "Through that process, the company could do more to regulate privacy disclosures." Similarly, she says other companies should be taking more steps to protect consumer privacy.
The brainstorming session was the second of three the FTC has held before planning to draft new laws this summer that will control how consumer information is collected and used on the Web. Scrutiny of consumer privacy violation on the Internet has grown over the past several years, as technology advancements arm marketers with new ways to target potential buyers. Companies are buying consumer data from sources such as consumer surveys, loyalty programs and Web and mobile applications to identify potential consumers who are then tracked online and off to deliver more relevant advertising.
Silicon Valley, like Madison Avenue, would be severely affected if the FTC were to impose new privacy restrictions. The advertising industry is making attempts to thwart federal regulation. Just yesterday, the Future of Privacy Forum, a watchdog group based in Washington, D.C., and a coalition of advertising groups, unveiled a symbol (similar to the "@" sign with an "i" inside) they will attach to online ads. When clicked, the symbol will link to a page explaining how the advertiser is using Web habits and demographic data to target consumers. Late last year, the Network Advertising Initiative, an ad industry group, launched downloadable software to prevent cookies from loading on Web browsers.
Google and Yahoo! representatives say they have already established more privacy controls that consumers themselves can oversee. "We'll continue to let people know how to manage their privacy online," says Anne Toth, Yahoo!'s vice president of policy and head of privacy. "But there's already more control online than there is in the offline world."
Some say self-regulation has its limits. Web browsers, such as Microsoft Explorer or Google's Chrome, let consumers erase cookies (except Flash cookies described in "Marketers Have A Fresh Way To Follow You Online"), but they can only let consumers control so much, says Peter Eckersley, a technologist at digital rights group Electronic Frontier Foundation in San Francisco. "At the end of the day, even browsers will risk shutting out advertisers."
A few tech companies are urging the FTC to take action. Those that deal directly with customers do what they can to protect them, says Scott Taylor, Hewlett-Packard's chief privacy officer. Third-party vendors and developers tend to be the problem, and they trigger the need for regulation. "The fact is that that tech isn't bad," says Taylor. "But we need all organizations to be held accountable."
Even Facebook, which recently changed its privacy policies in favor of opening more private information to the public, urged the FTC to step in. "The federal government will have to take a role," says Tim Sparapani, Facebook's director of public policy. "We have to have an open system but we need to have some regulation."
Friday, January 29, 2010
Another eBay Pirate Heads to Prison
A software pirate responsible for ripping off nearly 8,000 online customers and a handful of leading software vendors was sentenced Monday to 21 months in prison after pleading guilty to conspiracy, mail fraud and criminal copyright infringement charges.
Matthew Thomas Purse, 32, of Gilbert, Ariz. also received three years probation from a federal judge in Phoenix, and was hit with $12,000 in fines and restitution for his role in the elaborate software piracy scam.
Purse, along with Christopher Loring Walters, 29, of Newport Beach, Calif., created multiple eBay (NASDAQ: EBAY) merchant accounts between September 2004 and February 2006 from which they sold counterfeit copies of software developed by Apple, Corel, McAfee, Symantec and other vendors.
Walters remains a fugitive, according to a statement released by the Software & Information Industry Association, a trade association for the software and digital content industry that assisted the U.S. Department of Justice in the investigation.
The duo used online sites including SoftwareDiner.com, Thesoftwareyard.com, Argyleeequity.com, Eagletronics.com and Tekdealer.com among others to advertise themselves on eBay as authorized distributors of the counterfeit applications.
According to the SIIA, the top-tier software vendors lost more than $500,000 in sales through the illicit operation.
"Matthew Purse duped nearly 8,000 unsuspecting consumers out of hundreds of thousands of dollars," Keith Kupferschmid, SIIA's senior vice president for intellectual property and enforcement, said in a statement. "He and Christopher Walters cheated software companies such as Adobe, Symantec, Apple, Corel, Intuit and many others out of millions of dollars in revenue."
"Like so many others who sell pirated software online or make illegal copies in the workplace, at least Matthew Purse is now finding out that the justice system takes this crime seriously," he added.
The SIIA along with state and federal law enforcement agencies have racheted up their efforts in recent years to stem the illegal trafficking of counterfeit and stolen software applications at online sites including eBay.
In 2008 alone, IDC estimated that software vendors lost more than $53 billion to software piracy -- an especially galling figure considering worldwide sales of legitimate software applications totaled just over $88 billion that year.
In October, Gregory William Fair of Falls Church, Va. was sentenced to 41 months in te+Gets+41+Months+in+prison for selling bogus copies of various Adobe Systems (NASDAQ: ADBE) applications on eBay from 2001 through 2007 -- software worth more than $1.4 million.
"Anyone who thinks software piracy isn't taken seriously should pay close attention to the Matthew Purse case," Kupferschmid said. "When SIIA uncovers software piracy, the offenders often end up paying thousands of dollars in damages. And as Mathew Purse found out, SIIA's investigations can also lead to jail time for these software pirates."
SIIA originally uncovered the pair's massive software piracy scheme and began an investigation that eventually led to the indictment and conviction of Purse. SIIA investigators forwarded the results of its investigation to the DOJ and other government agencies, and then worked closely with them to pursue Purse and others involved in the piracy schemes.
Those efforts led to Purse's guilty plea in February of last year to a series of conspiracy, mail fraud and criminal copyright infringement charges.
Matthew Thomas Purse, 32, of Gilbert, Ariz. also received three years probation from a federal judge in Phoenix, and was hit with $12,000 in fines and restitution for his role in the elaborate software piracy scam.
Purse, along with Christopher Loring Walters, 29, of Newport Beach, Calif., created multiple eBay (NASDAQ: EBAY) merchant accounts between September 2004 and February 2006 from which they sold counterfeit copies of software developed by Apple, Corel, McAfee, Symantec and other vendors.
Walters remains a fugitive, according to a statement released by the Software & Information Industry Association, a trade association for the software and digital content industry that assisted the U.S. Department of Justice in the investigation.
The duo used online sites including SoftwareDiner.com, Thesoftwareyard.com, Argyleeequity.com, Eagletronics.com and Tekdealer.com among others to advertise themselves on eBay as authorized distributors of the counterfeit applications.
According to the SIIA, the top-tier software vendors lost more than $500,000 in sales through the illicit operation.
"Matthew Purse duped nearly 8,000 unsuspecting consumers out of hundreds of thousands of dollars," Keith Kupferschmid, SIIA's senior vice president for intellectual property and enforcement, said in a statement. "He and Christopher Walters cheated software companies such as Adobe, Symantec, Apple, Corel, Intuit and many others out of millions of dollars in revenue."
"Like so many others who sell pirated software online or make illegal copies in the workplace, at least Matthew Purse is now finding out that the justice system takes this crime seriously," he added.
The SIIA along with state and federal law enforcement agencies have racheted up their efforts in recent years to stem the illegal trafficking of counterfeit and stolen software applications at online sites including eBay.
In 2008 alone, IDC estimated that software vendors lost more than $53 billion to software piracy -- an especially galling figure considering worldwide sales of legitimate software applications totaled just over $88 billion that year.
In October, Gregory William Fair of Falls Church, Va. was sentenced to 41 months in te+Gets+41+Months+in+prison for selling bogus copies of various Adobe Systems (NASDAQ: ADBE) applications on eBay from 2001 through 2007 -- software worth more than $1.4 million.
"Anyone who thinks software piracy isn't taken seriously should pay close attention to the Matthew Purse case," Kupferschmid said. "When SIIA uncovers software piracy, the offenders often end up paying thousands of dollars in damages. And as Mathew Purse found out, SIIA's investigations can also lead to jail time for these software pirates."
SIIA originally uncovered the pair's massive software piracy scheme and began an investigation that eventually led to the indictment and conviction of Purse. SIIA investigators forwarded the results of its investigation to the DOJ and other government agencies, and then worked closely with them to pursue Purse and others involved in the piracy schemes.
Those efforts led to Purse's guilty plea in February of last year to a series of conspiracy, mail fraud and criminal copyright infringement charges.
Social Networks Balk Over Privacy
Representatives of some of the leading social sites on the Web today urged federal regulators to resist calls to establish heavy-handed rules that would set limits on the use of consumer data on social networks, warning that far-reaching regulations would threaten to choke off a fast-growing sector of the digital economy.
The Federal Trade Commission continued its inquiry into the privacy implications of online marketing and data collection at a day-long forum at the University of California, Berkeley, hearing from privacy advocates and members of industry as it mulls new regulations.
"Regulation that's a one-size-fits-all will fail," said Erika Rottenberg, general counsel at LinkedIn. "There is self-regulation that is going on."
Each of the industry representatives agreed that in the increasingly cluttered social Web, there are bad actors who endeavor to trick consumers into sharing more information than they realize. However, they called for regulatory restraint, arguing that in most cases those sites or applications fail on their own because word gets around.
The Federal Trade Commission continued its inquiry into the privacy implications of online marketing and data collection at a day-long forum at the University of California, Berkeley, hearing from privacy advocates and members of industry as it mulls new regulations.
"Regulation that's a one-size-fits-all will fail," said Erika Rottenberg, general counsel at LinkedIn. "There is self-regulation that is going on."
Each of the industry representatives agreed that in the increasingly cluttered social Web, there are bad actors who endeavor to trick consumers into sharing more information than they realize. However, they called for regulatory restraint, arguing that in most cases those sites or applications fail on their own because word gets around.
Wednesday, January 27, 2010
FCC Opens Inquiry Into ETFs, Questions Carriers, Google
Expanding its probe into cell phone early termination fees, the Federal Communications Commission Tuesday sent letters to the four major U.S wireless carriers and Google asking about their ETF policies.
The opening of a formal inquiry follows the FCC's probe into Verizon Wireless' doubling of its ETF on smartphones from $175 to $350 in November. It also comes on the heels of last week's launch of the agency's Consumer Task Force, created to help safeguard the rights of wireless consumers.
In the letter sent [PDF], to AT&T, Verizon Wireless, Sprint-Nextel, T-Mobile and Google, the FCC asked the companies to explain the reasoning behind their ETFs as well as how consumers are notified about the fees.
"We recognize that wireless carriers may have various rationales for ETFs. At the same time, these fees are substantial (and in some cases are increasing) and have an important impact on consumers' ability to switch carriers," stated the joint letter sent by FCC Consumer Bureau Chief Joel Guerin and Wireless Bureau Chief Ruth Milkman.
"We therefore believe it is essential that consumers fully understand what they are signing up for -- both in the short term and over the life of the contract when they accept a service plan with an early termination fee."
The companies have until Feb. 23 to respond. In response to a prior letter from the FCC following its ETF hike on high-end phones, Verizon last month told the agency the increased charge covered not only the cost of subsidizing sophisticated handsets, but related operating and marketing expenses as well.
That reply was not well received. FCC Commissioner Mignon Clyburn issued with a withering public statement, calling Verizon's answers "unsatisfying, and in some cases, troubling."
The carrier said it would take a hard look at Clyburn's statement and respond appropriately. Verizon last week limited the number of advanced devices it sells that carry the $350 ETF.
The letters sent to Google and wireless partner T-Mobile Tuesday were also pointed in questioning their ETF policies. Anyone who buys Google's recently launched Nexus One phone with a two-year contract from T-Mobile is required to pay a $350 ETF to Google and a separate $200 fee to the carrier if they drop the service within the first 120 days (but after the 14-day trial period). That's a total of $550 --more than the unsubsidized $530 cost of the phone.
"The combination of ETFs from Google and T-Mobile for the Nexus One is also unique among the four major national carriers," stated the letters to Google and T-Mobile. "Consumers have been surprised by this policy and by its financial impact. Please let us know your rationale(s) for these combined fees, and whether you have coordinated or will coordinate on these fees and on the disclosure of their combined effect."
Responding to he FCC's inquiry on ETFs, wireless trade group CTIA issued a statement defending the legitimacy of the charges. "While we understand that the FCC's Consumer Task Force is only looking into the issue of early termination fees, we hope that there is a recognition by the FCC that these fees are part of the rate and rate structure that allows wireless carriers to, among other things, subsidize phone purchases," it read.
The opening of a formal inquiry follows the FCC's probe into Verizon Wireless' doubling of its ETF on smartphones from $175 to $350 in November. It also comes on the heels of last week's launch of the agency's Consumer Task Force, created to help safeguard the rights of wireless consumers.
In the letter sent [PDF], to AT&T, Verizon Wireless, Sprint-Nextel, T-Mobile and Google, the FCC asked the companies to explain the reasoning behind their ETFs as well as how consumers are notified about the fees.
"We recognize that wireless carriers may have various rationales for ETFs. At the same time, these fees are substantial (and in some cases are increasing) and have an important impact on consumers' ability to switch carriers," stated the joint letter sent by FCC Consumer Bureau Chief Joel Guerin and Wireless Bureau Chief Ruth Milkman.
"We therefore believe it is essential that consumers fully understand what they are signing up for -- both in the short term and over the life of the contract when they accept a service plan with an early termination fee."
The companies have until Feb. 23 to respond. In response to a prior letter from the FCC following its ETF hike on high-end phones, Verizon last month told the agency the increased charge covered not only the cost of subsidizing sophisticated handsets, but related operating and marketing expenses as well.
That reply was not well received. FCC Commissioner Mignon Clyburn issued with a withering public statement, calling Verizon's answers "unsatisfying, and in some cases, troubling."
The carrier said it would take a hard look at Clyburn's statement and respond appropriately. Verizon last week limited the number of advanced devices it sells that carry the $350 ETF.
The letters sent to Google and wireless partner T-Mobile Tuesday were also pointed in questioning their ETF policies. Anyone who buys Google's recently launched Nexus One phone with a two-year contract from T-Mobile is required to pay a $350 ETF to Google and a separate $200 fee to the carrier if they drop the service within the first 120 days (but after the 14-day trial period). That's a total of $550 --more than the unsubsidized $530 cost of the phone.
"The combination of ETFs from Google and T-Mobile for the Nexus One is also unique among the four major national carriers," stated the letters to Google and T-Mobile. "Consumers have been surprised by this policy and by its financial impact. Please let us know your rationale(s) for these combined fees, and whether you have coordinated or will coordinate on these fees and on the disclosure of their combined effect."
Responding to he FCC's inquiry on ETFs, wireless trade group CTIA issued a statement defending the legitimacy of the charges. "While we understand that the FCC's Consumer Task Force is only looking into the issue of early termination fees, we hope that there is a recognition by the FCC that these fees are part of the rate and rate structure that allows wireless carriers to, among other things, subsidize phone purchases," it read.
Tuesday, January 26, 2010
DMA Revises Guidelines To Comply With FTC 'Blogger' Rules
The Direct Marketing Association has revised its ethics guidelines to incorporate the Federal Trade Commission's new guides to endorsements and testimonials.
The new DMA principles require marketers who use testimonials or endorsements on social networking sites, blogs and other types of social media to "clearly and conspicuously disclose any material connections between the endorser and marketer, which the consumer would not expect."
In addition, marketers should ensure that any celebrity endorsers disclose their relationships with marketers when touting products on talk shows or in social media, according to the DMA's revised ethics guides.
The trade group's new ethics rules largely track the FTC's recent revisions to its endorsements guidelines. That update stirred considerable controversy, with critics arguing that the new guidelines make arbitrary distinctions between traditional and newer forms of media. For instance, the FTC said that bloggers should disclose the receipt of free review copies, but didn't make that same recommendation for critics who write for mainstream media.
An FTC official later fueled even more debate by reportedly saying that celebrity endorsers might not have to disclose relationships to marketers because many consumers understand that celebrities often get swag. This issue came up recently when the actress Gwyneth Paltrow touted La Mamounia Hotel in Marrakesh, Morocco on her blog Goop.
For now, the DMA isn't addressing some of the thornier questions, including what constitutes a "material connection" and what types of marketer-blogger connections would consumers expect. But Senny Boone, senior vice president for corporate and social responsibility at the organization, says the group intends to issue case studies and examples within the next few months.
The new DMA principles require marketers who use testimonials or endorsements on social networking sites, blogs and other types of social media to "clearly and conspicuously disclose any material connections between the endorser and marketer, which the consumer would not expect."
In addition, marketers should ensure that any celebrity endorsers disclose their relationships with marketers when touting products on talk shows or in social media, according to the DMA's revised ethics guides.
The trade group's new ethics rules largely track the FTC's recent revisions to its endorsements guidelines. That update stirred considerable controversy, with critics arguing that the new guidelines make arbitrary distinctions between traditional and newer forms of media. For instance, the FTC said that bloggers should disclose the receipt of free review copies, but didn't make that same recommendation for critics who write for mainstream media.
An FTC official later fueled even more debate by reportedly saying that celebrity endorsers might not have to disclose relationships to marketers because many consumers understand that celebrities often get swag. This issue came up recently when the actress Gwyneth Paltrow touted La Mamounia Hotel in Marrakesh, Morocco on her blog Goop.
For now, the DMA isn't addressing some of the thornier questions, including what constitutes a "material connection" and what types of marketer-blogger connections would consumers expect. But Senny Boone, senior vice president for corporate and social responsibility at the organization, says the group intends to issue case studies and examples within the next few months.
Monday, January 25, 2010
FCC Urged To Steer Clear Of Online Privacy Issues
The Interactive Advertising Bureau is urging the Federal Communications Commission to refrain from addressing privacy issues in the national broadband plan.
"IAB believes that regulation by the commission, or potentially conflicting regulations from multiple government agencies, could stifle the Internet," the trade group said in a letter to the FCC. "Existing robust self-regulatory principles provide consumers with strong protections in a manner that has allowed the Internet to thrive, thereby benefiting the U.S. economy."
The group's filing came in response to a request for comments about privacy issues raised by the Center for Democracy & Technology. Earlier this month, that organization asked the FCC to solicit input on how to meet consumers' expectations of privacy online and build privacy protections into new technology.
The FCC made the inquiry as part of its efforts to formulate a national broadband plan, mandated by Congress last year when it passed the broadband stimulus bill.
The IAB said in its filing that the FCC should not consider online privacy issues because the broadband stimulus bill "makes no mention of privacy" and was aimed at "furthering the build out of a high-speed broadband infrastructure across the country."
The group reiterated its stance that Web companies can protect consumers' privacy by complying with self-regulatory principles. "Unlike formal regulations, which can become quickly outdated in the face of evolving technologies, self-regulation provides industry with a nimble way of responding to new challenges presented by the evolving Internet ecosystem," states the letter, which was signed by IAB Vice President for Public Policy Mike Zaneis.
Last year, the FTC issued self-regulatory guidelines generally recommending that online ad companies notify consumers about online behavioral advertising -- or tracking consumers across the Web in order to serve them ads -- and allow people to decline to participate.
Privacy advocates have been pressing for new laws to require companies to obtain consumers' consent before tracking them online for ad purposes. A coalition of nine consumer groups -- including the ACLU, Center for Digital Democracy, Consumer Federation of America, and U.S. Public Interest Research Group -- filed their own papers with the FCC Friday arguing that self-regulation by the online ad industry will not protect users' privacy. The advocacy organizations asked the commission to "consider all avenues it may use to protect consumers, including exercising its ancillary jurisdiction to address broadband privacy issues."
The privacy advocates are asking the FCC to base online privacy protections on the Fair Information Practices standards set out in 1973 by the U.S. Department of Health, Education and Welfare.
They argue in their comments that online behavioral advertising can compromise Web users' privacy even when companies don't collect people's names, but instead identify them based on "anonymous" markers like cookies. "Often, data that is believed to have been rendered anonymous can easily be "de-anonymized," and sensitive data would be linked back with the affected individual," the groups argue.
"IAB believes that regulation by the commission, or potentially conflicting regulations from multiple government agencies, could stifle the Internet," the trade group said in a letter to the FCC. "Existing robust self-regulatory principles provide consumers with strong protections in a manner that has allowed the Internet to thrive, thereby benefiting the U.S. economy."
The group's filing came in response to a request for comments about privacy issues raised by the Center for Democracy & Technology. Earlier this month, that organization asked the FCC to solicit input on how to meet consumers' expectations of privacy online and build privacy protections into new technology.
The FCC made the inquiry as part of its efforts to formulate a national broadband plan, mandated by Congress last year when it passed the broadband stimulus bill.
The IAB said in its filing that the FCC should not consider online privacy issues because the broadband stimulus bill "makes no mention of privacy" and was aimed at "furthering the build out of a high-speed broadband infrastructure across the country."
The group reiterated its stance that Web companies can protect consumers' privacy by complying with self-regulatory principles. "Unlike formal regulations, which can become quickly outdated in the face of evolving technologies, self-regulation provides industry with a nimble way of responding to new challenges presented by the evolving Internet ecosystem," states the letter, which was signed by IAB Vice President for Public Policy Mike Zaneis.
Last year, the FTC issued self-regulatory guidelines generally recommending that online ad companies notify consumers about online behavioral advertising -- or tracking consumers across the Web in order to serve them ads -- and allow people to decline to participate.
Privacy advocates have been pressing for new laws to require companies to obtain consumers' consent before tracking them online for ad purposes. A coalition of nine consumer groups -- including the ACLU, Center for Digital Democracy, Consumer Federation of America, and U.S. Public Interest Research Group -- filed their own papers with the FCC Friday arguing that self-regulation by the online ad industry will not protect users' privacy. The advocacy organizations asked the commission to "consider all avenues it may use to protect consumers, including exercising its ancillary jurisdiction to address broadband privacy issues."
The privacy advocates are asking the FCC to base online privacy protections on the Fair Information Practices standards set out in 1973 by the U.S. Department of Health, Education and Welfare.
They argue in their comments that online behavioral advertising can compromise Web users' privacy even when companies don't collect people's names, but instead identify them based on "anonymous" markers like cookies. "Often, data that is believed to have been rendered anonymous can easily be "de-anonymized," and sensitive data would be linked back with the affected individual," the groups argue.
Sunday, January 24, 2010
FTC Probes Facebook's EPIC Privacy Fail
A privacy watchdog's criticisms of Facebook appear to have captured the attention of the Federal Trade Commission.
In a letter dated Jan. 14, David Vladeck, head of the FTC's Bureau of Consumer Protection, told the Electronic Privacy Information Center that its complaint about recent privacy changes at Facebook "raises issues of particular interest for us at this time."
Vladeck added that he has asked an official to arrange a followup meeting with EPIC, but also said he can't currently confirm or deny whether the FTC has opened an investigation. FTC investigations are not public until the agency either issues a complaint or closes the matter.
The FTC's consumer protection chief also said in his letter to EPIC that the commission plans to focus on privacy issues raised by social networks at the next roundtable, scheduled to be held in Berkeley, Calif. on Jan. 28.
"As the amount of personal information shared on social networking sites grows, and the number of third parties and advertising networks with access to such information grows, it is important that consumers understand how their data is being shared and what privacy rules apply," Vladeck wrote. "The Commission staff believes it is critical that companies provide transparency about how this data is being handled, maintained, shared, and protected, and what steps consumers may take to control the use of their information."
Last month, EPIC and nine other groups filed a complaint alleging that Facebook's new privacy settings constitute an unfair and deceptive change in terms. The groups say that Facebook's decision to institute the new controls violates users' expectations and diminishes their privacy. The new settings classify a host of data as "publicly available information" -- including users' names, profile pictures, cities, networks, lists of friends and pages that people are fans of.
EPIC late last week filed a supplemental complaint that mentions Vladeck's letter. The new papers also highlight recent statements made by Facebook CEO Mark Zuckerberg and an anonymous employee.
In an interview earlier this month, Zuckerberg said that new social norms justified the company's decision to change its privacy settings. "People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people," he said. "We view it as our role in the system to constantly be innovating and be updating what our system is to reflect what the current social norms are."
In addition, a Facebook employee allegedly said recently that users' messages are stored in a database regardless of whether users attempt to delete them. "We track everything. Every photo you view, every person you're tagged with, every wall-post you make, and so forth," the employee allegedly added.
EPIC alleges that these public statements demonstrate that Facebook engages in unfair and deceptive trade practices.
The new filing also questions a new iPhone synching feature that transfers users' iPhone contacts to Facebook, even when the phone contacts are not Facebook friends with the users. "Some Facebook users and non-Facebook users have consciously chosen not to provide Facebook with their contact information. This choice is rendered meaningless with the sync function of the application, because information from all phone contacts will be transferred to Facebook if the sync function is enabled on an iPhone," EPIC alleges. "There is no privacy setting on Facebook that allows Facebook users to prevent having their information shared in this way."
Facebook spokesperson Andrew Noyes said that EPIC's latest filing "offers little or no new information to substantiate the claims they make."
In a letter dated Jan. 14, David Vladeck, head of the FTC's Bureau of Consumer Protection, told the Electronic Privacy Information Center that its complaint about recent privacy changes at Facebook "raises issues of particular interest for us at this time."
Vladeck added that he has asked an official to arrange a followup meeting with EPIC, but also said he can't currently confirm or deny whether the FTC has opened an investigation. FTC investigations are not public until the agency either issues a complaint or closes the matter.
The FTC's consumer protection chief also said in his letter to EPIC that the commission plans to focus on privacy issues raised by social networks at the next roundtable, scheduled to be held in Berkeley, Calif. on Jan. 28.
"As the amount of personal information shared on social networking sites grows, and the number of third parties and advertising networks with access to such information grows, it is important that consumers understand how their data is being shared and what privacy rules apply," Vladeck wrote. "The Commission staff believes it is critical that companies provide transparency about how this data is being handled, maintained, shared, and protected, and what steps consumers may take to control the use of their information."
Last month, EPIC and nine other groups filed a complaint alleging that Facebook's new privacy settings constitute an unfair and deceptive change in terms. The groups say that Facebook's decision to institute the new controls violates users' expectations and diminishes their privacy. The new settings classify a host of data as "publicly available information" -- including users' names, profile pictures, cities, networks, lists of friends and pages that people are fans of.
EPIC late last week filed a supplemental complaint that mentions Vladeck's letter. The new papers also highlight recent statements made by Facebook CEO Mark Zuckerberg and an anonymous employee.
In an interview earlier this month, Zuckerberg said that new social norms justified the company's decision to change its privacy settings. "People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people," he said. "We view it as our role in the system to constantly be innovating and be updating what our system is to reflect what the current social norms are."
In addition, a Facebook employee allegedly said recently that users' messages are stored in a database regardless of whether users attempt to delete them. "We track everything. Every photo you view, every person you're tagged with, every wall-post you make, and so forth," the employee allegedly added.
EPIC alleges that these public statements demonstrate that Facebook engages in unfair and deceptive trade practices.
The new filing also questions a new iPhone synching feature that transfers users' iPhone contacts to Facebook, even when the phone contacts are not Facebook friends with the users. "Some Facebook users and non-Facebook users have consciously chosen not to provide Facebook with their contact information. This choice is rendered meaningless with the sync function of the application, because information from all phone contacts will be transferred to Facebook if the sync function is enabled on an iPhone," EPIC alleges. "There is no privacy setting on Facebook that allows Facebook users to prevent having their information shared in this way."
Facebook spokesperson Andrew Noyes said that EPIC's latest filing "offers little or no new information to substantiate the claims they make."
Friday, January 22, 2010
Secretary of State criticized .. 'Internet Freedom' Speech ..
Consumer advocates say that Secretary of State Hillary Clinton's sweeping call Thursday for global Internet freedom lends support to their calls for new domestic laws about matters like text messaging, net neutrality and privacy.
In her broad remarks, Clinton criticized repressive regimes for censorship of all types of new media, including text messages. "Blogs, emails, social networks, and text messages have opened up new forums for exchanging ideas, and created new targets for censorship," she said.
Clinton also broadly touted the Internet's role in enabling free speech. "The internet is a network that magnifies the power and potential of all others. And that's why we believe it's critical that its users are assured certain basic freedoms. Freedom of expression is first among them," she said.
She also spoke of the "freedom to connect" -- calling it a "final freedom" that was inherent in Franklin Roosevelt's famous "four freedoms" speech of 1941. "It allows individuals to get online, come together, and hopefully cooperate," Clinton said of the freedom to connect. "Once you're on the internet, you don't need to be a tycoon or a rock star to have a huge impact on society."
The neutrality advocacy group Open Internet Coalition seized on those remarks to support the need for net neutrality laws in the U.S. that would require Internet service providers to let consumers access all lawful content.
"We must also protect the rights of individual free expression on the Internet at home as well as abroad because neither government nor network provider should be able to interfere with this freedom," the Open Internet Coalition said after Clinton's speech. "The current effort at the FCC to enact common-sense rules to ensure the Internet remains a platform for free expression at home is critical to making sure that the freedom of choice for our own citizens is protected."
Advocacy group Public Knowledge added that Clinton's remarks about texting highlighted the need for laws banning censorship of SMS. "While Secretary Clinton commented on the benefits of text messaging as a means of expression abroad, there are no legal protections for text messaging here," Public Knowledge president and co-founder Gigi Sohn said in a statement.
She then urged the FCC to act on the petition filed by Public Knowledge and other groups in late 2007 seeking to have the commission prohibit wireless carriers from blocking text messages based on content. That request was largely sparked by Verizon's brief refusal earlier that year to issue a short code to the abortion rights group NARAL Pro-Choice America.
In her broad remarks, Clinton criticized repressive regimes for censorship of all types of new media, including text messages. "Blogs, emails, social networks, and text messages have opened up new forums for exchanging ideas, and created new targets for censorship," she said.
Clinton also broadly touted the Internet's role in enabling free speech. "The internet is a network that magnifies the power and potential of all others. And that's why we believe it's critical that its users are assured certain basic freedoms. Freedom of expression is first among them," she said.
She also spoke of the "freedom to connect" -- calling it a "final freedom" that was inherent in Franklin Roosevelt's famous "four freedoms" speech of 1941. "It allows individuals to get online, come together, and hopefully cooperate," Clinton said of the freedom to connect. "Once you're on the internet, you don't need to be a tycoon or a rock star to have a huge impact on society."
The neutrality advocacy group Open Internet Coalition seized on those remarks to support the need for net neutrality laws in the U.S. that would require Internet service providers to let consumers access all lawful content.
"We must also protect the rights of individual free expression on the Internet at home as well as abroad because neither government nor network provider should be able to interfere with this freedom," the Open Internet Coalition said after Clinton's speech. "The current effort at the FCC to enact common-sense rules to ensure the Internet remains a platform for free expression at home is critical to making sure that the freedom of choice for our own citizens is protected."
Advocacy group Public Knowledge added that Clinton's remarks about texting highlighted the need for laws banning censorship of SMS. "While Secretary Clinton commented on the benefits of text messaging as a means of expression abroad, there are no legal protections for text messaging here," Public Knowledge president and co-founder Gigi Sohn said in a statement.
She then urged the FCC to act on the petition filed by Public Knowledge and other groups in late 2007 seeking to have the commission prohibit wireless carriers from blocking text messages based on content. That request was largely sparked by Verizon's brief refusal earlier that year to issue a short code to the abortion rights group NARAL Pro-Choice America.
Wednesday, January 20, 2010
Microsoft: Privacy, Data, Ad Targeting Hit Crossroads In 2010
This year advertisers and consumers will get answers on privacy, data and ad targeting. So says Jeff Lanctot, who joined Microsoft Advertising from Razorfish in late 2009 after the Redmond, Wash., company sold off the agency to Publicis Groupe.
Privacy discussions among industry members and government regulators will come to a head either by a "clash of ideology" or "confluence of good thinking," says Lanctot. The discussions will focus on ways to determine self-regulation and/or pending FTC or congressional legislation, Lanctot tells me. "The industry needs to reach an agreement on the definition of 'free content' between advertisers, content providers, and consumers," he says.
When I ask Lanctot if consumers really believe they have privacy on the Internet, he responds, "Do they have it, or do they care?" So, as we hash out the difference between consumer privacy and protecting data, he makes sure I understand that Microsoft believes consumers deserve as much data protection as the company can provide.
Think about privacy when targeting ads, which typically doesn't rely on personally identifiable information (PII). It's not like the protection required by private data, such as social security card numbers.
Still, the advertising industry needs to demonstrate to consumers it understands the value that comes from using the non-PII data. You've heard it before: yes, that means serving up the correct message to a specific person at the perfect time.
Microsoft realizes consumers need to see a benefit when agreeing to share data, but the company also must take the responsibility of helping people understand how the process works, and that it doesn't have to be scary. "Some view targeted advertising as a bad thing that we should repress, while others in Congress and the FTC know self-regulation can work," he says. "My sense it that those who know more about the ad businesses understand how to put those self-regulation tools in place."
On another privacy-related note, Tuesday Microsoft reported it would reduce the time it retains IP addresses tied to search queries from 18 months to six months. Microsoft's Chief Privacy Strategist Peter Cullen wrote in a blog post that the "change is the result of several factors, including a continuing evaluation of our business needs, the current competitive landscape and our ongoing dialogue with privacy advocates, consumer groups, and regulators...
"Under our current policy, as soon as Microsoft receives a Bing search query we take steps to de-identify the data by separating it from account information that could identify the person who performed the search," Cullen writes. The new policy will take between 12 and 18 months to implement.
Privacy discussions among industry members and government regulators will come to a head either by a "clash of ideology" or "confluence of good thinking," says Lanctot. The discussions will focus on ways to determine self-regulation and/or pending FTC or congressional legislation, Lanctot tells me. "The industry needs to reach an agreement on the definition of 'free content' between advertisers, content providers, and consumers," he says.
When I ask Lanctot if consumers really believe they have privacy on the Internet, he responds, "Do they have it, or do they care?" So, as we hash out the difference between consumer privacy and protecting data, he makes sure I understand that Microsoft believes consumers deserve as much data protection as the company can provide.
Think about privacy when targeting ads, which typically doesn't rely on personally identifiable information (PII). It's not like the protection required by private data, such as social security card numbers.
Still, the advertising industry needs to demonstrate to consumers it understands the value that comes from using the non-PII data. You've heard it before: yes, that means serving up the correct message to a specific person at the perfect time.
Microsoft realizes consumers need to see a benefit when agreeing to share data, but the company also must take the responsibility of helping people understand how the process works, and that it doesn't have to be scary. "Some view targeted advertising as a bad thing that we should repress, while others in Congress and the FTC know self-regulation can work," he says. "My sense it that those who know more about the ad businesses understand how to put those self-regulation tools in place."
On another privacy-related note, Tuesday Microsoft reported it would reduce the time it retains IP addresses tied to search queries from 18 months to six months. Microsoft's Chief Privacy Strategist Peter Cullen wrote in a blog post that the "change is the result of several factors, including a continuing evaluation of our business needs, the current competitive landscape and our ongoing dialogue with privacy advocates, consumer groups, and regulators...
"Under our current policy, as soon as Microsoft receives a Bing search query we take steps to de-identify the data by separating it from account information that could identify the person who performed the search," Cullen writes. The new policy will take between 12 and 18 months to implement.
Tuesday, January 19, 2010
Microsoft to Purge User Data on Bing After 6 Months
BERLIN — Bowing to pressure in Europe, Microsoft said Tuesday that it would redesign the worldwide operation of its online search engine, Bing, to eliminate all data collected on users after six months.
John Vassallo, a Microsoft vice president and associate general counsel, said the company would introduce the changes over the next 18 months, aiming to satisfy a European advisory group that had been critical of how search engines collect and retain data on individuals for advertising purposes.
The concession, relatively painless for Microsoft given its tiny share of the global search market — just 3 percent — is yet another example of a U.S. technology giant’s changing its way of doing business to suit stricter European concepts of antitrust and privacy law.
The European Commission in December dropped an antitrust case against Microsoft after the software maker took the unprecedented step of agreeing to distribute the browsers of its competitors through its Windows operating system.
Unlike the agreement on browsers, which will be confined to consumers in Europe, Microsoft’s decision to redesign Bing will affect users around the world, including in the United States.
Hendrik Speck, a professor of computer science at the University of Applied Sciences in Kaiserslautern, Germany, said Microsoft’s decision to follow E.U. guidelines would probably be followed by Google and Yahoo, because consumers were increasingly concerned about online privacy amid widespread data theft and rising use of social networks.
“I think it is only a matter of time before Google also decides to change its own procedures, perhaps making them even more strict than Microsoft’s,” Mr. Speck said. “Google and other engines are starting to realize that consumers around the world are placing an increasing value on privacy and that can have business consequences.”
Europe is the world’s largest market for Internet searches, accounting for 32 percent of online queries, according to Comscore. The Asia-Pacific region had 31 percent of searches and North America 22 percent, according a Comscore report in July. Google has a 67 percent share of the global search market, according to Comscore, but a more than 80 percent share in Europe, where Microsoft has just 2 percent of the market.
In 2008, a panel of national privacy regulators from each European Union country asked Microsoft, Google and Yahoo to eliminate all online query data, like a computer’s unique identification number, location and the text typed into search fields, after six months.
The panel, known as the Article 29 Working Group, held a hearing with representatives of the search engine companies last February, and has given each until the end of January to respond.
Like other search engines, Microsoft had been keeping user data for more than 18 months. Last year, it changed its policy to make an individual’s I.P. address anonymous after six months.
So far, only Microsoft has agreed to comply fully with the panel’s request.
In a statement, Google gave no indication it would accept the E.U.’s demands. The company’s global privacy counsel, Peter Fleischer, reaffirmed Google’s policy of making user data anonymous after nine months, saying it struck the proper balance between ensuring user privacy and refining the functioning of its leading search engine.
“Data from our search queries represents a crucial arm in our battle to protect the security of our services against hacks and fraud,” Mr. Fleischer said. “It also represents a critical element allowing us to help users by innovating and improving the quality of our searches.”
Yahoo, which is based in Sunnyvale, California, could not be immediately reached for comment.
While the Article 29 group is only an advisory body at the E.U. level, its members are the ranking privacy regulators from the 27 countries. They hold the power to levy fines nationally or even imprison violators. So far, however, no country has moved to impose sanctions on the companies over the issue.
But after the ratification last year of the E.U.’s Lisbon Treaty, which redistributed some of the decision-making power within the European Union, the European Commission will gain the ability to initiate E.U.-wide privacy regulations.
Mr. Vassallo, the Microsoft executive, said his company’s decision to conform to European requests on data retention was meant to avert the possibility of new regulation.
“It is possible that the European Union will take a position to regulate this one way or the other,” Mr. Vassallo said. “That would need a high level of responsibility from industry.”
John Vassallo, a Microsoft vice president and associate general counsel, said the company would introduce the changes over the next 18 months, aiming to satisfy a European advisory group that had been critical of how search engines collect and retain data on individuals for advertising purposes.
The concession, relatively painless for Microsoft given its tiny share of the global search market — just 3 percent — is yet another example of a U.S. technology giant’s changing its way of doing business to suit stricter European concepts of antitrust and privacy law.
The European Commission in December dropped an antitrust case against Microsoft after the software maker took the unprecedented step of agreeing to distribute the browsers of its competitors through its Windows operating system.
Unlike the agreement on browsers, which will be confined to consumers in Europe, Microsoft’s decision to redesign Bing will affect users around the world, including in the United States.
Hendrik Speck, a professor of computer science at the University of Applied Sciences in Kaiserslautern, Germany, said Microsoft’s decision to follow E.U. guidelines would probably be followed by Google and Yahoo, because consumers were increasingly concerned about online privacy amid widespread data theft and rising use of social networks.
“I think it is only a matter of time before Google also decides to change its own procedures, perhaps making them even more strict than Microsoft’s,” Mr. Speck said. “Google and other engines are starting to realize that consumers around the world are placing an increasing value on privacy and that can have business consequences.”
Europe is the world’s largest market for Internet searches, accounting for 32 percent of online queries, according to Comscore. The Asia-Pacific region had 31 percent of searches and North America 22 percent, according a Comscore report in July. Google has a 67 percent share of the global search market, according to Comscore, but a more than 80 percent share in Europe, where Microsoft has just 2 percent of the market.
In 2008, a panel of national privacy regulators from each European Union country asked Microsoft, Google and Yahoo to eliminate all online query data, like a computer’s unique identification number, location and the text typed into search fields, after six months.
The panel, known as the Article 29 Working Group, held a hearing with representatives of the search engine companies last February, and has given each until the end of January to respond.
Like other search engines, Microsoft had been keeping user data for more than 18 months. Last year, it changed its policy to make an individual’s I.P. address anonymous after six months.
So far, only Microsoft has agreed to comply fully with the panel’s request.
In a statement, Google gave no indication it would accept the E.U.’s demands. The company’s global privacy counsel, Peter Fleischer, reaffirmed Google’s policy of making user data anonymous after nine months, saying it struck the proper balance between ensuring user privacy and refining the functioning of its leading search engine.
“Data from our search queries represents a crucial arm in our battle to protect the security of our services against hacks and fraud,” Mr. Fleischer said. “It also represents a critical element allowing us to help users by innovating and improving the quality of our searches.”
Yahoo, which is based in Sunnyvale, California, could not be immediately reached for comment.
While the Article 29 group is only an advisory body at the E.U. level, its members are the ranking privacy regulators from the 27 countries. They hold the power to levy fines nationally or even imprison violators. So far, however, no country has moved to impose sanctions on the companies over the issue.
But after the ratification last year of the E.U.’s Lisbon Treaty, which redistributed some of the decision-making power within the European Union, the European Commission will gain the ability to initiate E.U.-wide privacy regulations.
Mr. Vassallo, the Microsoft executive, said his company’s decision to conform to European requests on data retention was meant to avert the possibility of new regulation.
“It is possible that the European Union will take a position to regulate this one way or the other,” Mr. Vassallo said. “That would need a high level of responsibility from industry.”
FTC Probes Facebook's EPIC Privacy Fail
A privacy watchdog's criticisms of Facebook appear to have captured the attention of the Federal Trade Commission.
In a letter dated Jan. 14, David Vladeck, head of the FTC's Bureau of Consumer Protection, told the Electronic Privacy Information Center that its complaint about recent privacy changes at Facebook "raises issues of particular interest for us at this time."
Vladeck added that he has asked an official to arrange a followup meeting with EPIC, but also said he can't currently confirm or deny whether the FTC has opened an investigation. FTC investigations are not public until the agency either issues a complaint or closes the matter.
The FTC's consumer protection chief also said in his letter to EPIC that the commission plans to focus on privacy issues raised by social networks at the next roundtable, scheduled to be held in Berkeley, Calif. on Jan. 28.
"As the amount of personal information shared on social networking sites grows, and the number of third parties and advertising networks with access to such information grows, it is important that consumers understand how their data is being shared and what privacy rules apply," Vladeck wrote. "The Commission staff believes it is critical that companies provide transparency about how this data is being handled, maintained, shared, and protected, and what steps consumers may take to control the use of their information."
Last month, EPIC and nine other groups filed a complaint alleging that Facebook's new privacy settings constitute an unfair and deceptive change in terms. The groups say that Facebook's decision to institute the new controls violates users' expectations and diminishes their privacy. The new settings classify a host of data as "publicly available information" -- including users' names, profile pictures, cities, networks, lists of friends and pages that people are fans of.
EPIC late last week filed a supplemental complaint that mentions Vladeck's letter. The new papers also highlight recent statements made by Facebook CEO Mark Zuckerberg and an anonymous employee.
In an interview earlier this month, Zuckerberg said that new social norms justified the company's decision to change its privacy settings. "People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people," he said. "We view it as our role in the system to constantly be innovating and be updating what our system is to reflect what the current social norms are."
In addition, a Facebook employee allegedly said recently that users' messages are stored in a database regardless of whether users attempt to delete them. "We track everything. Every photo you view, every person you're tagged with, every wall-post you make, and so forth," the employee allegedly added.
EPIC alleges that these public statements demonstrate that Facebook engages in unfair and deceptive trade practices.
The new filing also questions a new iPhone synching feature that transfers users' iPhone contacts to Facebook, even when the phone contacts are not Facebook friends with the users. "Some Facebook users and non-Facebook users have consciously chosen not to provide Facebook with their contact information. This choice is rendered meaningless with the sync function of the application, because information from all phone contacts will be transferred to Facebook if the sync function is enabled on an iPhone," EPIC alleges. "There is no privacy setting on Facebook that allows Facebook users to prevent having their information shared in this way."
Facebook spokesperson Andrew Noyes said that EPIC's latest filing "offers little or no new information to substantiate the claims they make."
In a letter dated Jan. 14, David Vladeck, head of the FTC's Bureau of Consumer Protection, told the Electronic Privacy Information Center that its complaint about recent privacy changes at Facebook "raises issues of particular interest for us at this time."
Vladeck added that he has asked an official to arrange a followup meeting with EPIC, but also said he can't currently confirm or deny whether the FTC has opened an investigation. FTC investigations are not public until the agency either issues a complaint or closes the matter.
The FTC's consumer protection chief also said in his letter to EPIC that the commission plans to focus on privacy issues raised by social networks at the next roundtable, scheduled to be held in Berkeley, Calif. on Jan. 28.
"As the amount of personal information shared on social networking sites grows, and the number of third parties and advertising networks with access to such information grows, it is important that consumers understand how their data is being shared and what privacy rules apply," Vladeck wrote. "The Commission staff believes it is critical that companies provide transparency about how this data is being handled, maintained, shared, and protected, and what steps consumers may take to control the use of their information."
Last month, EPIC and nine other groups filed a complaint alleging that Facebook's new privacy settings constitute an unfair and deceptive change in terms. The groups say that Facebook's decision to institute the new controls violates users' expectations and diminishes their privacy. The new settings classify a host of data as "publicly available information" -- including users' names, profile pictures, cities, networks, lists of friends and pages that people are fans of.
EPIC late last week filed a supplemental complaint that mentions Vladeck's letter. The new papers also highlight recent statements made by Facebook CEO Mark Zuckerberg and an anonymous employee.
In an interview earlier this month, Zuckerberg said that new social norms justified the company's decision to change its privacy settings. "People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people," he said. "We view it as our role in the system to constantly be innovating and be updating what our system is to reflect what the current social norms are."
In addition, a Facebook employee allegedly said recently that users' messages are stored in a database regardless of whether users attempt to delete them. "We track everything. Every photo you view, every person you're tagged with, every wall-post you make, and so forth," the employee allegedly added.
EPIC alleges that these public statements demonstrate that Facebook engages in unfair and deceptive trade practices.
The new filing also questions a new iPhone synching feature that transfers users' iPhone contacts to Facebook, even when the phone contacts are not Facebook friends with the users. "Some Facebook users and non-Facebook users have consciously chosen not to provide Facebook with their contact information. This choice is rendered meaningless with the sync function of the application, because information from all phone contacts will be transferred to Facebook if the sync function is enabled on an iPhone," EPIC alleges. "There is no privacy setting on Facebook that allows Facebook users to prevent having their information shared in this way."
Facebook spokesperson Andrew Noyes said that EPIC's latest filing "offers little or no new information to substantiate the claims they make."
Monday, January 18, 2010
FCC Urged To Preserve Internet 'Payola' Ban
Among the flurry of last-minute comments submitted to the Federal Communications Commission about its proposed neutrality rules was a ringing endorsement of new regulations by legal expert Tim Wu, who coined the term net neutrality.
In his 10-page filing, Wu argues that neutrality promotes free speech online and urges the FCC not only to ban Internet service providers from blocking Web sites, but also outlaw online "payola," including deals for prioritized service.
"It is the absence of the fee paid to reach others that is the defining feature of the Internet as an open speech platform, and as a kind of subsidy to non-profit or low-income speakers," writes Wu, a professor at Columbia Law School. "That means a net neutrality rule may succeed in its speech goals to the extent it preserves the traditional ban on payola, whatever form such demands may take. Critically, payola schemes can be framed as fees for 'prioritized' service."
Wu was just one of thousands of commenters who flooded the FCC last week with arguments regarding its proposal to enact rules requiring ISPs to allow consumers to access all lawful content and to refrain from discrimination.
Wu added that "by design and tradition" speakers on the Internet "have never paid extra fees to reach listeners."
"Once you are 'on' the Internet, every user can, generally, reach every other without paying another, extra fee," Wu writes. "It is underappreciated how important that fact is to the Internet as a speech platform. Blogs could not exist in a world of payola."
Critics of the proposed regulations, including telecom giant AT&T, say new rules are unnecessary because the FCC issued a policy statement in 2005 that already requires ISPs to allow users to access all lawful content and application. AT&T and other critics also specifically oppose a blanket nondiscrimination rule, arguing that some types of pay-for-prioritization deals would benefit consumers and businesses.
"By forbidding such agreements, the proposed strict "nondiscrimination" rule would deny consumers the benefit of many performance-sensitive IP applications in that it would ban the technologies needed to provide those applications in a cost-efficient manner," AT&T said last week in its 255-page filing. "For example, the rule could foreclose emerging multicast arrangements for the efficient distribution of real-time, high-definition video to many different viewers simultaneously over the Internet."
AT&T also argues that any regulations should apply to all online "information service providers," including search engines, which "play a gatekeeper role that substantially influences consumers' Internet experiences."
The company specifically names Google, saying that it "shapes how consumers actually experience the Internet more than any given broadband provider possibly could."
For its part, Google filed comments supporting the FCC's proposed rules, including a proposal that would ban prioritization deals. "Paid prioritization opens the door to broadband providers picking winners and losers in the market," Google writes. "While broadband providers' own services and incumbent players who can afford to pay will get access to a special 'fast lane,' start-up innovators, small businesses, non-profits, individual users, and many other players will be effectively consigned to the 'slow lane.' "
Google also argued that the principles set out in the 2005 policy statement should be codified -- pointing out that their legal status is uncertain. The FCC sanctioned Comcast in 2008 for violating neutrality principles by throttling peer-to-peer traffic, but Comcast appealed, arguing that the FCC has no authority to enforce principles that have never been codified. An appellate court recently heard arguments in the case, but has not yet issued a decision.
In addition to its own filing, Google also filed a joint letter with the telecom Verizon, in which the companies outlined areas of agreement. "It is essential that the Internet remains an unrestricted and open platform, where people can access the lawful content, services, and applications of their choice," the companies said. "To us, this means that when a person accesses the Internet, he or she should be able to connect with any other person that he or she wants to -- and that other person should be able to receive his or her message."
In his 10-page filing, Wu argues that neutrality promotes free speech online and urges the FCC not only to ban Internet service providers from blocking Web sites, but also outlaw online "payola," including deals for prioritized service.
"It is the absence of the fee paid to reach others that is the defining feature of the Internet as an open speech platform, and as a kind of subsidy to non-profit or low-income speakers," writes Wu, a professor at Columbia Law School. "That means a net neutrality rule may succeed in its speech goals to the extent it preserves the traditional ban on payola, whatever form such demands may take. Critically, payola schemes can be framed as fees for 'prioritized' service."
Wu was just one of thousands of commenters who flooded the FCC last week with arguments regarding its proposal to enact rules requiring ISPs to allow consumers to access all lawful content and to refrain from discrimination.
Wu added that "by design and tradition" speakers on the Internet "have never paid extra fees to reach listeners."
"Once you are 'on' the Internet, every user can, generally, reach every other without paying another, extra fee," Wu writes. "It is underappreciated how important that fact is to the Internet as a speech platform. Blogs could not exist in a world of payola."
Critics of the proposed regulations, including telecom giant AT&T, say new rules are unnecessary because the FCC issued a policy statement in 2005 that already requires ISPs to allow users to access all lawful content and application. AT&T and other critics also specifically oppose a blanket nondiscrimination rule, arguing that some types of pay-for-prioritization deals would benefit consumers and businesses.
"By forbidding such agreements, the proposed strict "nondiscrimination" rule would deny consumers the benefit of many performance-sensitive IP applications in that it would ban the technologies needed to provide those applications in a cost-efficient manner," AT&T said last week in its 255-page filing. "For example, the rule could foreclose emerging multicast arrangements for the efficient distribution of real-time, high-definition video to many different viewers simultaneously over the Internet."
AT&T also argues that any regulations should apply to all online "information service providers," including search engines, which "play a gatekeeper role that substantially influences consumers' Internet experiences."
The company specifically names Google, saying that it "shapes how consumers actually experience the Internet more than any given broadband provider possibly could."
For its part, Google filed comments supporting the FCC's proposed rules, including a proposal that would ban prioritization deals. "Paid prioritization opens the door to broadband providers picking winners and losers in the market," Google writes. "While broadband providers' own services and incumbent players who can afford to pay will get access to a special 'fast lane,' start-up innovators, small businesses, non-profits, individual users, and many other players will be effectively consigned to the 'slow lane.' "
Google also argued that the principles set out in the 2005 policy statement should be codified -- pointing out that their legal status is uncertain. The FCC sanctioned Comcast in 2008 for violating neutrality principles by throttling peer-to-peer traffic, but Comcast appealed, arguing that the FCC has no authority to enforce principles that have never been codified. An appellate court recently heard arguments in the case, but has not yet issued a decision.
In addition to its own filing, Google also filed a joint letter with the telecom Verizon, in which the companies outlined areas of agreement. "It is essential that the Internet remains an unrestricted and open platform, where people can access the lawful content, services, and applications of their choice," the companies said. "To us, this means that when a person accesses the Internet, he or she should be able to connect with any other person that he or she wants to -- and that other person should be able to receive his or her message."
Friday, January 15, 2010
Web analytics expert warns against 'risky' use of Flash cookies
US— Flash cookies are emerging as a more reliable web audience measurement alternative to traditional HTTP cookies – but a leading analytics expert has warned companies they risk trouble if they use these “super-cookies” to override consumer privacy preferences.
While many web users are au fait with HTTP cookies and how they are used for measuring website traffic, there is little public awareness of Flash cookies, or ‘local shared objects’ (LSOs) as they are technically known, says Eric Peterson.
This lack of awareness means few people know how to manage and delete Flash cookies as they are not stored on a person’s computer in the same place as HTTP cookies.
Peterson, the CEO of consultancy Web Analytics Demystified, says Flash cookies also appear to be “impervious” to the private browsing modes recently deployed by Firefox, Microsoft and Apple.
Though this makes Flash cookies a more reliable means of accurately counting website visitors, Peterson says: “The use of Flash LSOs is unfortunately a risky business. There is strong evidence that more and more companies are using LSOs in direct conflict with consumer preferences and existing systems designed to control access to information and protect a user’s privacy online.”
LSOs first emerged as a way for Adobe’s Flash player to keep track of a user’s personalised settings – audio levels, for instance – across different browser sessions and even different browsers.
Their use as measurement tool has come about as high consumer awareness of HTTP cookies has led to high cookie deletion rates, meaning websites are often placing more than one cookie on each computer – thus inflating unique browser figures.
Peterson says: “While there are many appropriate and beneficial uses for Flash LSOs… it is increasingly clear that in some cases the data contained in the Flash object are being used for consumer tracking purposes.” This in itself wouldn’t be a problem – except Peterson notes that “disclosure about the use of Flash LSO for tracking purposes is rare on the internet today”.
Aside from the disclosure issue, Flash cookies have also been found to be used to re-spawn HTTP cookies where they have been deleted by a web user – clearly going against web users’ wishes not to be tracked.
Peterson says: “With the attention given to consumer privacy on the internet at both individual and government levels, we believe that companies making inappropriate or irresponsible use of the Flash technology are very likely asking for trouble (and potentially putting the rest of the online industry at risk of additional government regulation).”
In a report commissioned by media auditor BPA Worldwide, Peterson recommends that companies do not use Flash to reset browser cookies, that the use of LSOs is properly disclosed and that site visitors are given the option to disable LSOs.
While many web users are au fait with HTTP cookies and how they are used for measuring website traffic, there is little public awareness of Flash cookies, or ‘local shared objects’ (LSOs) as they are technically known, says Eric Peterson.
This lack of awareness means few people know how to manage and delete Flash cookies as they are not stored on a person’s computer in the same place as HTTP cookies.
Peterson, the CEO of consultancy Web Analytics Demystified, says Flash cookies also appear to be “impervious” to the private browsing modes recently deployed by Firefox, Microsoft and Apple.
Though this makes Flash cookies a more reliable means of accurately counting website visitors, Peterson says: “The use of Flash LSOs is unfortunately a risky business. There is strong evidence that more and more companies are using LSOs in direct conflict with consumer preferences and existing systems designed to control access to information and protect a user’s privacy online.”
LSOs first emerged as a way for Adobe’s Flash player to keep track of a user’s personalised settings – audio levels, for instance – across different browser sessions and even different browsers.
Their use as measurement tool has come about as high consumer awareness of HTTP cookies has led to high cookie deletion rates, meaning websites are often placing more than one cookie on each computer – thus inflating unique browser figures.
Peterson says: “While there are many appropriate and beneficial uses for Flash LSOs… it is increasingly clear that in some cases the data contained in the Flash object are being used for consumer tracking purposes.” This in itself wouldn’t be a problem – except Peterson notes that “disclosure about the use of Flash LSO for tracking purposes is rare on the internet today”.
Aside from the disclosure issue, Flash cookies have also been found to be used to re-spawn HTTP cookies where they have been deleted by a web user – clearly going against web users’ wishes not to be tracked.
Peterson says: “With the attention given to consumer privacy on the internet at both individual and government levels, we believe that companies making inappropriate or irresponsible use of the Flash technology are very likely asking for trouble (and potentially putting the rest of the online industry at risk of additional government regulation).”
In a report commissioned by media auditor BPA Worldwide, Peterson recommends that companies do not use Flash to reset browser cookies, that the use of LSOs is properly disclosed and that site visitors are given the option to disable LSOs.
Wednesday, January 13, 2010
Facebook CEO: Privacy Policies Continue to Adapt to Social Norm
After facing a myriad of privacy concerns from users and other groups, Facebook’s (News - Alert) founder and CEO said that sharing information online is the new “social norm” and that the company’s privacy policies continue to evolve to coincide with what users’ comfort-levels are.
Last month, the company announced that it was calling on its more than 350 million users to review and update their privacy settings – what company officials called “a first among major Internet services.”
“When we first started Facebook in my dorm room in Harvard [in 2004], people asked me why would I want to have any information at all on the Internet,” the 25-year-old Zuckerberg said at the annual Crunchies awards ceremony sponsored by TechCrunch. “But the social norm has evolved over time.”
“We focused a lot on the past few years on helping our users spread Facebook worldwide,” and that effort is still continuing Zuckerberg said.
“A lot of companies would be trapped by the conventions and their legacies of what they’ve built, doing a privacy change for 350 million users is not the type of thing that a lot of companies would do,” Zuckerberg said.
“People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people ... We view it as our role in the system to constantly be innovating and be updating what our system is to reflect what the current social norms are.”
Facebook’s current privacy model revolves around “networks” such as communities for schools, companies or regions. However, some of the regional networks like Australia and Turkey now have millions of members, which is why Facebook is moving toward a more personalized model of control, company officials said. Regional networks will be removed and replaced with four basic control settings: “friends,” “friends of friends,” “everyone” and “customized,” which apply uniformly to all users worldwide.
Last month, the company announced that it was calling on its more than 350 million users to review and update their privacy settings – what company officials called “a first among major Internet services.”
“When we first started Facebook in my dorm room in Harvard [in 2004], people asked me why would I want to have any information at all on the Internet,” the 25-year-old Zuckerberg said at the annual Crunchies awards ceremony sponsored by TechCrunch. “But the social norm has evolved over time.”
“We focused a lot on the past few years on helping our users spread Facebook worldwide,” and that effort is still continuing Zuckerberg said.
“A lot of companies would be trapped by the conventions and their legacies of what they’ve built, doing a privacy change for 350 million users is not the type of thing that a lot of companies would do,” Zuckerberg said.
“People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people ... We view it as our role in the system to constantly be innovating and be updating what our system is to reflect what the current social norms are.”
Facebook’s current privacy model revolves around “networks” such as communities for schools, companies or regions. However, some of the regional networks like Australia and Turkey now have millions of members, which is why Facebook is moving toward a more personalized model of control, company officials said. Regional networks will be removed and replaced with four basic control settings: “friends,” “friends of friends,” “everyone” and “customized,” which apply uniformly to all users worldwide.
Google rethinks China
It once hoped to change China with its search engine, but Google may wind up effecting more change by closing it down.
They are perhaps the most repeated, misunderstood, and beloved three words to ever be associated with Google: "don't be evil." Those words, highlighted in the company's initial public offering in 2004, underscored how differently Google wants to be thought of compared with the average corporation.
This has always been a company with a moral pulse, one that in its early days attracted a certain sort of idealistic engineer who truly believed the world could be made a better place by a responsible corporation that efficiently spread information and technology around the world.
Yet Google is also one of America's largest and richest public companies, and obsessed with growing even larger. Operating on a global scale can require even the nicest businesses and companies to rub shoulders with governments that don't share the values of Silicon Valley.
The collision of those two forces led Google into what the company founders may eventually come to consider as its worst decision: to self-censor search results in China for almost four years in hopes of improving overall access to information. The company did an about-face Tuesday, declaring that unless the Chinese government allows it to offer an uncensored search engine inside of China, it will shut down its operations in the country.
Google originally justified its decision to censor results in 2006 as a way of helping the Chinese people. Simply offering Google.com from outside of China made the search engine subject to The Great Firewall of China and hurt performance but didn't require Google to police itself. Opening an office inside of China would require it to follow local laws regarding the dissemination of information on the Internet, but Google believed it could improve access to information in China just by being present with a fast and comprehensive search engine.
There was also a financial incentive, of course. China has the most Internet users in the world, with stunning growth over the past decade and much more in store, given that only 25 percent of the country is currently using the Internet.
But Google never seemed to be fully comfortable with its decision. Co-founder Sergey Brin told The Guardian in 2007 that Google's actions resulted in a "net negative," an engineer's way of saying that Google had lost more than it had gained in pursuing business opportunities in China.
Google lost the respect of many U.S. and European citizens, who were amazed at the way the company was able to justify compromising its lofty principles in the name of profit. It lost a little of its idealism in deciding that it had to work with a government that many consider one of the largest offenders of human rights on the planet in order to grow its business. And it lost the battle: Google had just 14.1 percent of the search market in China during November 2009, compared with Baidu's 62.2 percent, according to ComScore.
Saddled with a struggling business and a queasy stomach, Google now hopes to regain the moral high ground. It's extremely unlikely that the Chinese government will permit an uncensored search engine in China, especially after being so publicly implicated as the force behind the attacks on the accounts of Gmail users whose main offense was speaking out against that government (Google refused to point its finger directly at the Chinese government, but security researchers have linked the most recent attacks with previous attacks on U.S. companies believed to come from agents of that government).
Back in November, CNET asked Google CEO Eric Schmidt about the "don't be evil" credo and how it applied to Google now that the company has grown into such a large business. He said that "don't be evil" allows Google employees to stand up and play The Evil Card without repercussions, forcing a discussion about whether Google is choosing the right course of action during tricky decisions.
Without prompting, Schmidt brought up Google's decision to enter China as an example of how that process works. "Certainly, the China decision, which was very controversial at the time, but I think ultimately, the right one for us, is another example of a tortured internal discussion, which ultimately came to roughly, the right outcome," he said.
The discovery of cyberattacks originating from China against Google seems to have finally tipped that debate for Google. It's now clear that Google believes it erred in making the decision to get in bed with the Chinese government back in 2006, regardless of whether that revelation comes from business reasons or moral reasons.
Google has now put American Internet information companies doing business in China in a very difficult position: stay and appear to their home crowd to be agents of the Chinese government after Google's strong rebuke, or leave and miss out on the land grab that is the Chinese Internet market. And the end result of all this could be that the Chinese government emerges with even stronger control over the Internet if domestic firms with fewer reservations about censorship or surveillance take their place.
Google could have changed the way Internet companies work in China Tuesday. It once hoped for something much more.
They are perhaps the most repeated, misunderstood, and beloved three words to ever be associated with Google: "don't be evil." Those words, highlighted in the company's initial public offering in 2004, underscored how differently Google wants to be thought of compared with the average corporation.
This has always been a company with a moral pulse, one that in its early days attracted a certain sort of idealistic engineer who truly believed the world could be made a better place by a responsible corporation that efficiently spread information and technology around the world.
Yet Google is also one of America's largest and richest public companies, and obsessed with growing even larger. Operating on a global scale can require even the nicest businesses and companies to rub shoulders with governments that don't share the values of Silicon Valley.
The collision of those two forces led Google into what the company founders may eventually come to consider as its worst decision: to self-censor search results in China for almost four years in hopes of improving overall access to information. The company did an about-face Tuesday, declaring that unless the Chinese government allows it to offer an uncensored search engine inside of China, it will shut down its operations in the country.
Google originally justified its decision to censor results in 2006 as a way of helping the Chinese people. Simply offering Google.com from outside of China made the search engine subject to The Great Firewall of China and hurt performance but didn't require Google to police itself. Opening an office inside of China would require it to follow local laws regarding the dissemination of information on the Internet, but Google believed it could improve access to information in China just by being present with a fast and comprehensive search engine.
There was also a financial incentive, of course. China has the most Internet users in the world, with stunning growth over the past decade and much more in store, given that only 25 percent of the country is currently using the Internet.
But Google never seemed to be fully comfortable with its decision. Co-founder Sergey Brin told The Guardian in 2007 that Google's actions resulted in a "net negative," an engineer's way of saying that Google had lost more than it had gained in pursuing business opportunities in China.
Google lost the respect of many U.S. and European citizens, who were amazed at the way the company was able to justify compromising its lofty principles in the name of profit. It lost a little of its idealism in deciding that it had to work with a government that many consider one of the largest offenders of human rights on the planet in order to grow its business. And it lost the battle: Google had just 14.1 percent of the search market in China during November 2009, compared with Baidu's 62.2 percent, according to ComScore.
Saddled with a struggling business and a queasy stomach, Google now hopes to regain the moral high ground. It's extremely unlikely that the Chinese government will permit an uncensored search engine in China, especially after being so publicly implicated as the force behind the attacks on the accounts of Gmail users whose main offense was speaking out against that government (Google refused to point its finger directly at the Chinese government, but security researchers have linked the most recent attacks with previous attacks on U.S. companies believed to come from agents of that government).
And after playing defense throughout 2009 against governments and citizens concerned about its growing power, Google has now created a situation where privacy advocates and human-rights activists are applauding the company for taking a principled stand against the Chinese government.
Back in November, CNET asked Google CEO Eric Schmidt about the "don't be evil" credo and how it applied to Google now that the company has grown into such a large business. He said that "don't be evil" allows Google employees to stand up and play The Evil Card without repercussions, forcing a discussion about whether Google is choosing the right course of action during tricky decisions.
Without prompting, Schmidt brought up Google's decision to enter China as an example of how that process works. "Certainly, the China decision, which was very controversial at the time, but I think ultimately, the right one for us, is another example of a tortured internal discussion, which ultimately came to roughly, the right outcome," he said.
The discovery of cyberattacks originating from China against Google seems to have finally tipped that debate for Google. It's now clear that Google believes it erred in making the decision to get in bed with the Chinese government back in 2006, regardless of whether that revelation comes from business reasons or moral reasons.
Google has now put American Internet information companies doing business in China in a very difficult position: stay and appear to their home crowd to be agents of the Chinese government after Google's strong rebuke, or leave and miss out on the land grab that is the Chinese Internet market. And the end result of all this could be that the Chinese government emerges with even stronger control over the Internet if domestic firms with fewer reservations about censorship or surveillance take their place.
Google could have changed the way Internet companies work in China Tuesday. It once hoped for something much more.
Adobe Hole May Have Been Used in Google Attack
It's an eventful day. Just as Adobe released an important new version of Acrobat, the company has also revealed that "...a sophisticated, coordinated attack..." was mounted "...against corporate network systems managed by Adobe and other companies..." At the same time, Google has revealed that a coordinated attack was mounted against their systems.
Both companies say that the attacks were unsuccessful. Adobe says that the investigation will take some time and that they will cooperate with the other companies and relevant governments.
Google's revelation of the attacks against them is much more detailed and interesting. The attacks turned out to be a coordinated attack on 20 companies in a variety of industries. But it gets worse: According to Google the primary goal of these attacks was to compromise the GMail accounts of human rights activists.
Enough is enough for Google it seems, and they have resolved not to censor their search results for their servers in China anymore. This may lead to the end of their business in China, but hurray for Google either way, and let's hope that other companies are as bold as they are about this.
Both companies say that the attacks were unsuccessful. Adobe says that the investigation will take some time and that they will cooperate with the other companies and relevant governments.
Google's revelation of the attacks against them is much more detailed and interesting. The attacks turned out to be a coordinated attack on 20 companies in a variety of industries. But it gets worse: According to Google the primary goal of these attacks was to compromise the GMail accounts of human rights activists.
Enough is enough for Google it seems, and they have resolved not to censor their search results for their servers in China anymore. This may lead to the end of their business in China, but hurray for Google either way, and let's hope that other companies are as bold as they are about this.
Google May Totally Withdraw From China
The press is abuzz this morning over the news that Google (GOOG) could pull out of China over a hacking attempt. The Wall Street Journal explains that the large-scale cyber attack “has been under way for weeks.” The paper continues, “Google said it suffered a ‘highly sophisticated and targeted attack on our corporate infrastructure originating from China’ in mid-December, which it said resulted in ‘the theft of intellectual property.’
The company said it found evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human-rights activists.” The attack may be the last straw for Google in China, since the search engine has begrudgingly put up with Chinese censorship policies for a while. The Times notes, “Since arriving here in 2006 under an arrangement with the government that purged its Chinese search results of banned topics, Google has come under fire for abetting a system that increasingly restricts what citizens can read online.”
Conan O’Brien has publicly announced that if The Tonight Show gets pushed back until after midnight, he won’t be the host. The New York Times explains, “Less than a week after NBC told him it intended to move his ‘Tonight Show’ to a new time, 12:05 a.m., Mr. O’Brien said he would not agree to what he considered a demotion for the institution of ‘The Tonight Show’—and his own career—by going along with the network’s plan to push him back a half-hour to make room for his most recent predecessor, Jay Leno.”
The Washington Post reports that President Obama will announce “a plan to impose a new fee on the nation's biggest financial firms” tomorrow. The fee, which has been under consideration since the summer, is a means of more quickly recovering federal bailout money. The paper says that, according to officials, “The fee could return as much as $120 billion worth of losses to the U.S. Treasury from the $700 billion Troubled Assets Relief Program, or TARP, which was designed to rescue the firms during the economic crisis.” However, critics have already spoken out against the fee, which they argue could ultimately get passed along to bank customers.
The Post also reports that the FDIC is moving forward with a proposal to punish banks that engage in what it considers perilous pay practices. The paper explains, “The FDIC, which collects fees from all banks to repay depositors in failed banks, is considering a plan to reduce the fees paid by companies that take specified steps such as paying bonuses in the form of stock that cannot be sold immediately. Banks that don't comply would face higher fees, on the theory that bankers paid solely for short-term results will take greater risks, increasing the chances of a bank failure.”
The New York Times reports that in an e-mail sent out to a few Goldman Sachs (GS) clients yesterday, an executive confessed that the firm doesn’t always give its clients complete trading information. The paper says, “In an e-mail message to select clients, Thomas C. Mazarakis, the head of Goldman’s fundamental strategies group, acknowledged that his unit often provided investment ideas that the firm had already traded on. Sometimes Goldman has even taken the opposite approach, betting against particular instruments that the group has recommended.”
GM is betting that truck sales are going to pick up once again. The Wall Street Journal reports that the auto company is planning “a major update of its full-size pickups” that could cost up to $1 billion. The business decision could be considered an affront to the government administration that bailed out GM and has been promoting the national adoption of smaller, less fuel-dependent vehicles. Still, the paper says, “administration officials said Tuesday that any decision by GM to move more heavily into trucks was the company's own business, and that neither the Treasury nor the White House was involved.”
And finally, the New York Times reports that Nintendo (NTDOY) and Netflix (NFLX) are teaming up. The paper says, “Nintendo is bringing Netflix’s online streaming video service to its Wii gaming console, the most popular in the industry, the companies plan to announce Wednesday. The service lets subscribers choose from a catalog of generally older movies and television shows and watch them instantly.”
The company said it found evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human-rights activists.” The attack may be the last straw for Google in China, since the search engine has begrudgingly put up with Chinese censorship policies for a while. The Times notes, “Since arriving here in 2006 under an arrangement with the government that purged its Chinese search results of banned topics, Google has come under fire for abetting a system that increasingly restricts what citizens can read online.”
Conan O’Brien has publicly announced that if The Tonight Show gets pushed back until after midnight, he won’t be the host. The New York Times explains, “Less than a week after NBC told him it intended to move his ‘Tonight Show’ to a new time, 12:05 a.m., Mr. O’Brien said he would not agree to what he considered a demotion for the institution of ‘The Tonight Show’—and his own career—by going along with the network’s plan to push him back a half-hour to make room for his most recent predecessor, Jay Leno.”
The Washington Post reports that President Obama will announce “a plan to impose a new fee on the nation's biggest financial firms” tomorrow. The fee, which has been under consideration since the summer, is a means of more quickly recovering federal bailout money. The paper says that, according to officials, “The fee could return as much as $120 billion worth of losses to the U.S. Treasury from the $700 billion Troubled Assets Relief Program, or TARP, which was designed to rescue the firms during the economic crisis.” However, critics have already spoken out against the fee, which they argue could ultimately get passed along to bank customers.
The Post also reports that the FDIC is moving forward with a proposal to punish banks that engage in what it considers perilous pay practices. The paper explains, “The FDIC, which collects fees from all banks to repay depositors in failed banks, is considering a plan to reduce the fees paid by companies that take specified steps such as paying bonuses in the form of stock that cannot be sold immediately. Banks that don't comply would face higher fees, on the theory that bankers paid solely for short-term results will take greater risks, increasing the chances of a bank failure.”
The New York Times reports that in an e-mail sent out to a few Goldman Sachs (GS) clients yesterday, an executive confessed that the firm doesn’t always give its clients complete trading information. The paper says, “In an e-mail message to select clients, Thomas C. Mazarakis, the head of Goldman’s fundamental strategies group, acknowledged that his unit often provided investment ideas that the firm had already traded on. Sometimes Goldman has even taken the opposite approach, betting against particular instruments that the group has recommended.”
GM is betting that truck sales are going to pick up once again. The Wall Street Journal reports that the auto company is planning “a major update of its full-size pickups” that could cost up to $1 billion. The business decision could be considered an affront to the government administration that bailed out GM and has been promoting the national adoption of smaller, less fuel-dependent vehicles. Still, the paper says, “administration officials said Tuesday that any decision by GM to move more heavily into trucks was the company's own business, and that neither the Treasury nor the White House was involved.”
And finally, the New York Times reports that Nintendo (NTDOY) and Netflix (NFLX) are teaming up. The paper says, “Nintendo is bringing Netflix’s online streaming video service to its Wii gaming console, the most popular in the industry, the companies plan to announce Wednesday. The service lets subscribers choose from a catalog of generally older movies and television shows and watch them instantly.”
Baidu.tw Wasn't Hacked To Show Google, Doesn't Even Belong To Baidu
Lots of interesting commentary in the wake of Google's bombshell blog post from yesterday about its decision to stop censoring its search results and possibly withdrawing from the Chinese market all together after being hit with severe cyber attacks on its core infrastructure. You can follow the conversation on Techmeme, but there's one item that just hit the news aggregator that I felt compelled to set straight.
Thomas Crampton correctly notes that Baidu.tw, supposedly owned by Chinese search leader Baidu, is currently getting forwarded to the Google Taiwan homepage (albeit only when you put www in front of the domain name). But it's false to assume that the site was hacked: the domain name never directed to a Baidu property and is even entirely out of the company's control. There's a number of ways you can tell.
Just to be clear, I'm not criticizing Crampton here. After all, the Baidu.com domain name was hacked just yesterday so his assumption isn't that far-fetched.
However, a simple WHOIS search reveals that the domain name isn't owned by Baidu but by another entity, either an individual or an organization. The identity (Zheng Xiaodo) and contact details that were given for registration are likely fake, and I seriously doubt the owner really lives in China.
The person who registered Baidu.tw, back in 2005, has used the generic contact e-mail address for at least 99 other domain names in the past. He or she signed up for a webmail account on Chinese portal 21cn.com, an ISP under ownership of a holding called Century Dragon Information Network, which can be perfectly done by anyone outside of the country.
Furthermore, this person used Malaysian registrar (Web.CC) to secure the domain name, and the nameservers that are currently configured for the Web address are also located in Kuala Lumpur, capital of Malaysia. For its other domain names, Baidu uses its own nameservers. It also uses taiwan.baidu.com for its Taiwan operations, although the site is currently offline.
Also, when you look at the cache for Baidu.tw, you can see that just a couple of days ago the domain led to Szhot.com, another domain name registrar.
Finally, when you go to Baidu.tw right now and click around (apart from the top menu), you'll see that there was simply a change in domain name record settings, likely following the flurry of news about Google's China stance and the role Baidu plays in all this from yesterday.
In conclusion: Baidu.tw was not hacked; someone is just trying to play a number on Baidu.
Thomas Crampton correctly notes that Baidu.tw, supposedly owned by Chinese search leader Baidu, is currently getting forwarded to the Google Taiwan homepage (albeit only when you put www in front of the domain name). But it's false to assume that the site was hacked: the domain name never directed to a Baidu property and is even entirely out of the company's control. There's a number of ways you can tell.
Just to be clear, I'm not criticizing Crampton here. After all, the Baidu.com domain name was hacked just yesterday so his assumption isn't that far-fetched.
However, a simple WHOIS search reveals that the domain name isn't owned by Baidu but by another entity, either an individual or an organization. The identity (Zheng Xiaodo) and contact details that were given for registration are likely fake, and I seriously doubt the owner really lives in China.
The person who registered Baidu.tw, back in 2005, has used the generic contact e-mail address for at least 99 other domain names in the past. He or she signed up for a webmail account on Chinese portal 21cn.com, an ISP under ownership of a holding called Century Dragon Information Network, which can be perfectly done by anyone outside of the country.
Furthermore, this person used Malaysian registrar (Web.CC) to secure the domain name, and the nameservers that are currently configured for the Web address are also located in Kuala Lumpur, capital of Malaysia. For its other domain names, Baidu uses its own nameservers. It also uses taiwan.baidu.com for its Taiwan operations, although the site is currently offline.
Also, when you look at the cache for Baidu.tw, you can see that just a couple of days ago the domain led to Szhot.com, another domain name registrar.
Finally, when you go to Baidu.tw right now and click around (apart from the top menu), you'll see that there was simply a change in domain name record settings, likely following the flurry of news about Google's China stance and the role Baidu plays in all this from yesterday.
In conclusion: Baidu.tw was not hacked; someone is just trying to play a number on Baidu.
Friday, January 8, 2010
FCC Seeks More Time To Craft Broadband Plan
Federal Communications Commission Chairman Julius Genachowski has asked Congress for an extra month to complete drafting a blueprint to improve broadband availability and adoption in the U.S.
Genachowski told leading lawmakers on Thursday that the commission has engaged in an "unparalleled" process to develop a national broadband plan. "It has included over 50 public workshops and field hearings, more than a dozen public notices, and significant hours devoted at commission meetings to provide the public with updates," Genachowski said in letters to key House and Senate members. "The additional time will enable the FCC to continue to obtain input from key stakeholders and more fully brief Commissioners and the House and Senate Committees on aspects of the plan as it comes together."
Congress tasked the FCC with formulating a broadband plan last year as part of the $7.2 billion broadband stimulus bill.
A recent interim report by an FCC task force disappointed some broadband advocates. That report discussed allocating spectrum for broadband, giving tax breaks to employers who subsidize broadband and reforming the government-run Universal Service Fund, among other matters. But some advocates say the FCC should also require networks to allow their lines to be used by competitors.
Genachowski told Congress on Thursday that the four-week extension will not affect the FCC budget for the plan.
Genachowski told leading lawmakers on Thursday that the commission has engaged in an "unparalleled" process to develop a national broadband plan. "It has included over 50 public workshops and field hearings, more than a dozen public notices, and significant hours devoted at commission meetings to provide the public with updates," Genachowski said in letters to key House and Senate members. "The additional time will enable the FCC to continue to obtain input from key stakeholders and more fully brief Commissioners and the House and Senate Committees on aspects of the plan as it comes together."
Congress tasked the FCC with formulating a broadband plan last year as part of the $7.2 billion broadband stimulus bill.
A recent interim report by an FCC task force disappointed some broadband advocates. That report discussed allocating spectrum for broadband, giving tax breaks to employers who subsidize broadband and reforming the government-run Universal Service Fund, among other matters. But some advocates say the FCC should also require networks to allow their lines to be used by competitors.
Genachowski told Congress on Thursday that the four-week extension will not affect the FCC budget for the plan.
Wednesday, January 6, 2010
Survival Guide To The FTC For Advertisers And Bloggers
Since the new FTC disclosure requirements went into effect December 1, there's been no shortage of commentary. I've seen discussions on big government, fears of a new reign of terror over the blogosphere, and grumblings about inconsistent treatment between social and traditional media.
But if we step back to consider things, we'll see that not much has actually changed. These regulations are just cementing what common sense told us all along - when it comes to compensation or incentives, there's no difference between cash and gifts.
For too long, people have been playing by different rules. Some bloggers have claimed to never accept payment for posts; likewise brands have claimed they never pay for posts. On one hand, they might be true statements. But on the other (and more accurate) hand, these same people have provided or received expensive products, coupons, gift cards, points, trips...and a parade of gifts has marched through this space.
The regulations bring clarity and level the playing field - two positive things. At the end of the day, the path to complying with the new guidelines doesn't need to be such a dark and ominous road. It's a great opportunity (yes, opportunity) to know who you're working with and increase your credibility.
The guide for bloggers
Good blogging is about building trust with your audience. It's about establishing your voice, making connections, and delivering content and ideas that resonate with your readers. In truth, your objectives aren't that different from the FTC. With these disclosure guidelines, the FTC is trying to protect the best interest of consumers. And you should be too - after all, they're your readers.
Now's a good time to make sure you're working with people and companies that allow you to maintain your credibility and trust with readers. Ask each advertiser how they'd like disclosure to be communicated (since the only guidelines given by the FTC are to make them 'clear and conspicuous'). And then make sure you follow the disclosure requirements for each opportunity.
For any uncertainty or grey areas, always err on the side of transparency. Maybe you truly aren't sure if a gift constitutes an incentive for a recommendation or coverage. Assume that it does. While most discussions about consequences have been focused on the advertisers, there's no get out of jail free card for bloggers. The FTC can still come after rogue bloggers that they consider deceptive.
It's wise to create a general disclosure policy to supplement the individual disclosures placed in each post, video, tweet, etc. If you're interested in working with larger companies and brands, having an established policy will reassure them that you're a professional who knows and follows the rules.
The guide for advertisers
For advertisers, the key to successfully navigating the disclosure waters can be summed up in a single word - compliance. If you're working with a digital marketing, PR firm or other agency, you need to be intimately aware of their policies, guidelines, and procedures. And if you're dealing with bloggers directly, you've got to have your own policies and procedures in place.
Questions to ask a firm (or to ask within your own org) include:
At the end of the day, technology will have to play a role with these larger programs. Companies rely on automation to manage their compliance with a range of other regulations - from Sarbanes-Oxley to customer privacy and HIPAA. And just because it's called 'social' doesn't make social media any less serious than other industry or any less subject to industry regulations.
And maybe that's just another way to look at December 1 - these new regulations are simply recognizing the validity of this space. Blogs and tweets are serious business, and are now treated as one.
by Ted Murphy
But if we step back to consider things, we'll see that not much has actually changed. These regulations are just cementing what common sense told us all along - when it comes to compensation or incentives, there's no difference between cash and gifts.
For too long, people have been playing by different rules. Some bloggers have claimed to never accept payment for posts; likewise brands have claimed they never pay for posts. On one hand, they might be true statements. But on the other (and more accurate) hand, these same people have provided or received expensive products, coupons, gift cards, points, trips...and a parade of gifts has marched through this space.
The regulations bring clarity and level the playing field - two positive things. At the end of the day, the path to complying with the new guidelines doesn't need to be such a dark and ominous road. It's a great opportunity (yes, opportunity) to know who you're working with and increase your credibility.
The guide for bloggers
Good blogging is about building trust with your audience. It's about establishing your voice, making connections, and delivering content and ideas that resonate with your readers. In truth, your objectives aren't that different from the FTC. With these disclosure guidelines, the FTC is trying to protect the best interest of consumers. And you should be too - after all, they're your readers.
Now's a good time to make sure you're working with people and companies that allow you to maintain your credibility and trust with readers. Ask each advertiser how they'd like disclosure to be communicated (since the only guidelines given by the FTC are to make them 'clear and conspicuous'). And then make sure you follow the disclosure requirements for each opportunity.
For any uncertainty or grey areas, always err on the side of transparency. Maybe you truly aren't sure if a gift constitutes an incentive for a recommendation or coverage. Assume that it does. While most discussions about consequences have been focused on the advertisers, there's no get out of jail free card for bloggers. The FTC can still come after rogue bloggers that they consider deceptive.
It's wise to create a general disclosure policy to supplement the individual disclosures placed in each post, video, tweet, etc. If you're interested in working with larger companies and brands, having an established policy will reassure them that you're a professional who knows and follows the rules.
The guide for advertisers
For advertisers, the key to successfully navigating the disclosure waters can be summed up in a single word - compliance. If you're working with a digital marketing, PR firm or other agency, you need to be intimately aware of their policies, guidelines, and procedures. And if you're dealing with bloggers directly, you've got to have your own policies and procedures in place.
Questions to ask a firm (or to ask within your own org) include:
- Do you have a code of ethics? What is your disclosure policy?
- How do you educate your blogger network on these policies?
- How do you monitor compliance?
- How can you determine if proper disclosure has been incorporated or not?
- Is each and every post checked for disclosure?
- How do you document that disclosure has been incorporated?
- Do you know when each post goes live?
- Do you monitor each post to ensure all claims represent accurate and typical results?
At the end of the day, technology will have to play a role with these larger programs. Companies rely on automation to manage their compliance with a range of other regulations - from Sarbanes-Oxley to customer privacy and HIPAA. And just because it's called 'social' doesn't make social media any less serious than other industry or any less subject to industry regulations.
And maybe that's just another way to look at December 1 - these new regulations are simply recognizing the validity of this space. Blogs and tweets are serious business, and are now treated as one.
by Ted Murphy
Monday, January 4, 2010
Marketers Have Fresh Way to Follow You Online
Privacy junkies will tell you that the best way to preserve online anonymity is to delete your cookies. They're the bits of computer code embedded in Web browsers that remember the sites you visit and help admen target you for pinpoint marketing. Escape is simple. Click "clear recent history" or "delete cookies" in a browser's "Tools" menu and the crumb trail is erased. But marketers have a new tracking tool, and it's tougher to beat. Meet the "Flash cookie."
Developed by Adobe Systems, Flash is the programming language that makes it possible to watch videos, see ads and play videogames within a Web page. It also lets you leave a digital chess tournament mid-game and pick up later where you left off. It acts like a hard drive, storing data online and not on the browser, so it won't be erased when consumers clear cookies.
No wonder marketers love it. Online advertising trades on the depth of information that cookies provide to pitchmen. Search travel sites for airline tickets to Hawaii and you'll be seeing a lot more ads for hotels near Waikiki Beach. Each action you take online draws a sharper and more useful profile of you. Delete your cookies and you're a lot less valuable. Flash cookies keep that from happening.
According to a recent study by the University of California, Berkeley, eight companies, including San Francisco's Quantcast and Clearspring (which works with marketers such as Kia Motors and Virgin America), used Flash's indelible memory to remember the cookies consumers erased from 31 of the Web's top 100 visited sites.
The Federal Trade Commission isn't amused. Chairman Jon Leibowitz says he's contemplating rules that would penalize companies that track consumers without consent or adequate transparency. His rationale: If people delete cookies, there's a reason. Congress may also step in. Representative Rick Boucher (D--Va.) is writing a bill requiring companies to notify users about online cookies and ad targeting.
Marketers argue there's no need to worry. "The industry has provided many ways to opt out of tracking," says Michael Zaneis of the Interactive Advertising Bureau. The IAB recently launched a public service campaign, featuring "advertising is creepy" ads that link to directions on clearing a browser.
The fight could end before it begins. Adobe, the world's largest maker of design and content-sharing software, says 2010 editions of Flash will feature a "private browsing mode" to let consumers troll the Web without having their actions recorded.
The paranoid need not wait. To crush Flash cookies, right-click (or control-click on a Mac) in any Flash application (such as a YouTube video) running in your browser. The "Advanced" button in the "Privacy" tab will take you to more information on how to change your settings and turn the cookies into crumbs.
By Laurie Burkitt
Developed by Adobe Systems, Flash is the programming language that makes it possible to watch videos, see ads and play videogames within a Web page. It also lets you leave a digital chess tournament mid-game and pick up later where you left off. It acts like a hard drive, storing data online and not on the browser, so it won't be erased when consumers clear cookies.
No wonder marketers love it. Online advertising trades on the depth of information that cookies provide to pitchmen. Search travel sites for airline tickets to Hawaii and you'll be seeing a lot more ads for hotels near Waikiki Beach. Each action you take online draws a sharper and more useful profile of you. Delete your cookies and you're a lot less valuable. Flash cookies keep that from happening.
According to a recent study by the University of California, Berkeley, eight companies, including San Francisco's Quantcast and Clearspring (which works with marketers such as Kia Motors and Virgin America), used Flash's indelible memory to remember the cookies consumers erased from 31 of the Web's top 100 visited sites.
The Federal Trade Commission isn't amused. Chairman Jon Leibowitz says he's contemplating rules that would penalize companies that track consumers without consent or adequate transparency. His rationale: If people delete cookies, there's a reason. Congress may also step in. Representative Rick Boucher (D--Va.) is writing a bill requiring companies to notify users about online cookies and ad targeting.
Marketers argue there's no need to worry. "The industry has provided many ways to opt out of tracking," says Michael Zaneis of the Interactive Advertising Bureau. The IAB recently launched a public service campaign, featuring "advertising is creepy" ads that link to directions on clearing a browser.
The fight could end before it begins. Adobe, the world's largest maker of design and content-sharing software, says 2010 editions of Flash will feature a "private browsing mode" to let consumers troll the Web without having their actions recorded.
The paranoid need not wait. To crush Flash cookies, right-click (or control-click on a Mac) in any Flash application (such as a YouTube video) running in your browser. The "Advanced" button in the "Privacy" tab will take you to more information on how to change your settings and turn the cookies into crumbs.
By Laurie Burkitt
Subscribe to:
Posts (Atom)