Articles in other Publications

UK to start fingerprinting ALL passengers on domestic flights

Kaliya Young · March 9, 2008 · Leave a Comment

This was on Slashdot today…and in the Telegraph:

For the first time at any airport, the biometric checks will apply to all domestic passengers leaving the terminal, which will handle all British Airways flights to and from Heathrow.
The controversial security measure is also set to be introduced at Gatwick, Manchester and Heathrow’s Terminal 1, and many airline industry insiders believe fingerprinting could become universal at all UK airports within a few years.
All four million domestic passengers who will pass through Terminal 5 annually after it opens on March 27 will have four fingerprints taken, as well as being photographed, when they check in.
To ensure the passenger boarding the aircraft is the same person, the fingerprinting process will be repeated just before they board the aircraft and the photograph will be compared with their face.
BAA, the company which owns Heathrow, insists the biometric information will be destroyed after 24 hours and will not be passed on to the police.
It says the move is necessary to prevent criminals, terrorists and illegal immigrants trying to bypass border controls.
The company said the move had been necessitated by the design of Terminal 5, where international and domestic passengers share the same lounges and public areas after they have checked in.
Without the biometric checks, the company says, potential criminals and illegal immigrants arriving on international flights or in transit to another country could bypass border controls by swapping boarding passes with a domestic passenger who has already checked in.

Keen attacks the "identity dog's" right to exist.

Kaliya Young · March 9, 2008 · 1 Comment

In my home town paper the headline was Disconnect 1st Amendment from Internet hatemongers. The LA times version was Douse the Online Flamers: Faceless Internet sadists who ruin reputations don’t deserve full free-speech protection. Written by Andrew Keen the Cult of the Amateur guy – who wrote the book to get attention and blogs himself .
It begins with our little friend the “identity dog“.

THE CARTOON isn’t as amusing as it once was. “On the Internet, nobody knows you’re a dog,” one Web-surfing canine barked to another in that 1993 classic from the New Yorker. Back then, of course, at the innocent dawn of the Internet Age, the idea that we might all be anonymous on the Web promised infinite intellectual freedom. Unfortunately, however, that promise hasn’t been realized. Today, too many anonymous Internet users are posting hateful content about their neighbors, classmates and co-workers; today, online media is an increasingly shadowy, vertiginous environment in which it is becoming harder and harder to know other people’s real identities.

It goes into depth about several cases where anonymous online speech was harmful to people online.
And ends with him too..

All three of these cases indicate that the U.S. Supreme Court soon might need to rethink the civic value of anonymous speech in the digital age. Today, when cowardly anonymity is souring Internet discourse, it really is hard to understand how anonymous speech is vital to a free society. That New Yorker cartoon remains true: On the Internet, nobody knows you’re a dog. But it is the responsibility of all of us — parents, citizens and lawmakers — to ensure that contemporary Web users don’t behave like antisocial canines. And one way to achieve this is by introducing more legislation to punish anonymous sadists whose online lies are intended to wreck the reputations and mental health of innocent Americans.

I just finished reading Daniel Solove the Future of Reputation.
It goes in to great detail about the different forms that violations of privacy and reputation can happen and what the law has had to say about it.
One of the most important things to remember is that Virtue of Anonymity this is covered on page 139 of the chapter on Free Speech, Anonymity and Accountability (PDF).

The saga ofArticle III Groupie demonstrates how easy it seems to be anonymous on the Internet. A person can readily create a blog under a pseudonym or can post anonymous comments to blogs or online discussion groups. According to a survey, percent ofbloggers use pseudonyms rather than their real identities. Anonymity can be essential to free speech. As the Supreme Court has noted: “Anonymous pamphlets, leaflets, brochures and even books have played an important role in the progress ofmankind. Persecuted groups and sects from time to time throughout history have been able to criticize oppressive practices and laws either anonymously or not at all.”60 Anonymous speech has a long history as an important mode of expression.
Between 1789 and 1809, six presidents, fifteen cabinet members, twenty senators, and thirty-four congressmen published anonymous political writings orused pen names. It was common for letters to the editor in local newspapers to be anonymous. Ben Franklin used more than forty pen names during his life. Mark Twain, O. Henry, Voltaire, George Sand, and George Eliot were all pseudonymous authors. Indeed, James Madison, Alexander Hamilton, and John Jay published the Federal Papers under the pseudonym Publius. Their opponents, the Anti-Federalists, also used pseudonyms.62
Anonymity allows people to be more experimental and eccentric without risking damage to their reputations.63Anonymity can be essential to the presentation ofideas, for it can strip away reader biases and prejudices and add mystique to a text. People might desire to be anonymous because they fear social ostracism or being fired from their jobs. Without anonymity, some people might not be willing to express controversial ideas. Anonymity thus can be critical to preserving people’s right to speak freely.

He goes on to talk about the problems that non-accountable anonymous speech can create.
One page 148 he gets to Balancing Anonymity and Accountability. It covers “John Doe” Law suits and the Issues around Section 230 immunity – that ISP’s and other hosters like Yahoo! or even me on my blog are not responsible for what others say in online spaces we provide. The and cases that Keen points to are the result of the failing to find a way to apply Section 230 immunity well.
Solove proposes asks “What Should the Law Do?”

Although existing law lacks nimble ways to resolve disputes about speech and privacy on the Internet, completely immunizing operators of websites works as a sledgehammer. It creates the wrong incentive, providing a broad immunity that can foster irresponsibility. Bloggers should have some responsibilities to others, and Section 230 is telling them that they do not. There are certainly problems with existing tort law. Lawsuits are costly to litigate, and being sued can saddle a blogger with massive expenses. Bloggers often don’t have deep pockets, and therefore it might be difficult for plaintiffs to find lawyers willing to take their cases. Lawsuits can take years to resolve. People seeking to protect their privacy must risk further publicity in bringing suit.
These are certainly serious problems, but the solution shouldn’t be to insulate bloggers from the law. Unfortunately, courts are interpreting Section 230 so broadly as to provide too much immunity, eliminating the incentive to foster a balance between speech and privacy. The way courts are using Section 230 exalts free speech to the detriment ofprivacy and reputation. As a result, a host ofwebsites have arisen that encourage others to post gossip and rumors as well as to engage in online shaming. These websites thrive under Section 230’s broad immunity.
The solution is to create a system for ensuring that people speak responsibly without the law’s cumbersome costs. The task ofdevising such a solution is a difficult one, but giving up on the law is not the answer. Blogging has given amateurs an unprecedented amount ofmedia power, and although we should encourage blogging, we shouldn’t scuttle our privacy and defamation laws in the process.

He concludes

FREEDOM ON BOTH SIDES OF THE SCALE
Words can wound. They can destroy a person’s reputation, and in the process distort that person’s very identity. Nevertheless, we staunchly protect expression even when it can cause great damage because free speech is essential to our autonomy and to a democratic society. But protecting privacy and reputation is also necessary for autonomy and democracy. There is no easy solution to how to balance free speech with privacy and reputation. This balance isn’t like the typical balance ofcivil liberties against the need for order and social control. Instead, it is a balance with liberty on both sides ofthe scale—freedom to speak and express oneselfpitted against freedom to ensure that our reputations aren’t destroyed or our privacy isn’t invaded.
As I have tried to demonstrate in this chapter, a delicate balance can be reached, but it is not an easy feat. In many instances, free speech and privacy can both be preserved by shielding the identities ofprivate individuals involved in particular stories. With the Internet, a key issue for the law is who should be responsible for harmful speech when it appears on a website or blog. Much speech online can be posted by anybody who wants to comment to a blog post or speak in an online discussion forum. Commentators can cloak themselves in anonymity and readily spread information on popular blogs and websites. The law currently takes a broadly pro–free speech stance on online expression. As a result, it fails to create any incentive for operators ofwebsites to exercise responsibility with regard to the comments ofvisitors.
Balancing free speech with privacy and reputation is a complicated and delicate task. Too much weight on either side ofthe scale will have detrimental consequences. The law still has a distance to go toward establishing a good balance.

Andrew Keen is an ‘attention seeker’ (I had a ruder phrase in here but thought better then to publish it)- he is writing to be provocative, get attention and called upon to play the role of the ‘other side’ in a community that is experimenting with a range of forms of openness that challenge traditional or entrenched ‘expertise, authority and hierarchy’. Those threatened by emergence of power via new technologies ‘like’ what Andrew has to say. I think it is irresponsible for Andrew to call to the end of the First Amendment’s protection of Anonymous speech online because some small percentage of people are hurt by this – clearly there needs be some evolution in the law and the practices that we have to balance privacy and freedom.

Your 'dead' but you are not really dead.

Kaliya Young · March 2, 2008 · Leave a Comment

From Slashdot:

According to MSNBC, thousands of U.S. citizens have wrongfully been declared dead, due to an average of 35 data input errors per day by the Social Security Administration (SSA). Many other agencies rely on the data provided by the SSA, such as the IRS. People who have been wrongfully declared dead face many problems, such as rejection of tax returns, cancellation of health insurance, and closure of bank accounts. The article states, ‘Input of an erroneous death entry can lead to benefit termination and result in financial hardship for a beneficiary.’ Apparently it is far easier to declare a person’s death than it is to correct the mistake. It continues, ‘Social Security says an erroneous death record can be removed only when it is presented with proof that the original record was entered in error. The original error must be documented, and the deletion must be approved by a supervisor after “pertinent facts supporting reinstatement” are available in the system.'”

From MSNBC:

In all, Social Security officials had to “resurrect” 23,366 people from January 2004 to September 2005. In other words, over a period of 21 months, Social Security was presented with irrefutable evidence that it had been “killing” more than 1,100 people a month, or more than 35 a day.

Garbage in, garbage out
The problem begins at the Social Security Administration, keeper of most of the records tabulating deaths in the United States. Like other government agencies, the IRS, with whom Todd has most recently tangled, relies upon Social Security’s database, said Dan Boone, a spokesman for the IRS.
When Social Security determines that an eligible current or future beneficiary has died, it closes the person’s entry in its Case Processing and Management System, or CPMS.
The system is only as good as the data it receives. Sometimes, that isn’t very good.
Todd, for example, was killed when someone in Florida died and her Social Security number was accidentally typed in. Since then, her tax returns have repeatedly been rejected, and her bank closed her credit card account.
“One time when I [was] ruled dead, they canceled my health insurance because it got that far,” she said.
Toni Anderson of Muncie, Ind., expired when someone in the government pushed the wrong button, making the records declare that it was she, not her husband, John, who died Nov. 8.
Social Security even sent this letter: “Dear Mr. Anderson, our condolences on the loss of Mrs. Anderson.”

Commentary:
This is just one of a huge set of issues that arise from massive government databases that are maintained by people (who make mistakes). It a reminder that the ‘massive government database in the sky that determines who is and is not ‘alive’ or ‘dead’ is or is not a person is not going really the answer to identity problems – increasing reliance on them could make things worse.
Daniel Solove makes this point that bureaucracies don’t take care of people’s information well because they are data systems full of abstractions.
Bob Blakley talks about the fact that

Privacy is not about keeping personal information secret. It’s about ensuring that people who handle personal information respect the dignity of the individuals to whom that information refers.

Killing people in government databases before they are dead is not dignified.

Death in first person shooter games

Kaliya Young · February 25, 2008 · Leave a Comment

I wonder if this applies to the death of an online persona too?
We shall see….
From Slashdot:

“Brandon Erickson has an interesting post about an experiment on players’ emotional reactions to killing and being killed in a first-person shooters (FPS) with a group of students who played James Bond 007: Nightfire while their facial expressions and physiological activity were tracked and recorded moment-to-moment via electrodes and various other monitoring equipment. The study found that “death of the player’s own character…appear[s] to increase some aspects of positive emotion.” The authors believe this may result from the temporary “relief from engagement” brought about by character death. “Part of this has to do with the intriguing aesthetic question of precisely how the first-person-shooter represents the player after the moment of death,” says Clive Thompson. “This sudden switch in camera angle — from first person to third person — is, in essence, a classic out-of-body experience, of exactly the sort people describe in near-death experiences. And much like real-life near-death experiences, it tends to suffuse me with a curiously zen-like feeling.” An abstract of the original article, “The psychophysiology of James Bond: Phasic emotional responses to violent video game events” is available on the web.” Obnoxiously this alleged scholarly research is not available for free, so we’ll just have to speculate wildly what it says based on the abstract.

Multiple roles in school learning systems – patent upheald

Kaliya Young · February 25, 2008 · Leave a Comment

This claim made me wonder if there was any prior art in the Liberty work that might apply. Or if this would affect any identity system that allowed for multiple roles for people.
From Slashdot:

Blackboard, the dominant learning management system (LMS) maker, has won its initial suit against Desire2Learn. Blackboard gets $3.1 million and can demand that Desire2Learn stop US sales. (We discussed Blackboard when the patent was issued in 2006) This blog provides background on the suit. Blackboard has been granted a patent that covers a single person having multiple roles in an LMS: for example, a TA might be a student in one class and an instructor in another. You wouldn’t think something this obvious could even be patented, but so far it’s been a very effective weapon for Blackboard, badly hurting Desire2Learn and generating a huge amount of worry for the few remaining commercial LMSs that Blackboard has not already bought, and open source solutions such as Moodle (Blackboard’s pledge not to attack such providers notwithstanding).”

There are a lot of donkey's in my neighborhood (and I know who they are)

Kaliya Young · February 13, 2008 · 1 Comment

The Huffington Post had a new feature on their website the FundRace. It is an interactive map of the whole country that lets you search addresses, zip codes, cities, names, occupations and employers to find out who is giving to political candidates.
This is the map of my neighborhood. My husband and I are talking about sending Obama some money. If we had – we would be on this map. I am not sure how I feel about that.
When Brian first showed me the map – It was shocking – in another time and place this is a map to fuel Mob violence against neighbors. I thought of this in part because of what is going on in Berkeley with thousands of out of town ‘troop’ supporters showed up in town to show their displeasure with the Berkeley City council resolution regarding the armed forces recruiting center in downtown. Emotions are high in the city at what are day long processes. Those out of towners could use something like this to ‘target’ people who had contributed to campaigns they did not approve of.
If we are going to have this kind of radical transparency we are also going to have to have a mature society that manages to keep wacky group behavior under control.
COMMENT FROM MARY HODDER:

Hey Kailya,
agreed! although that info has always been available, locally and easily, it wasn’t online, which now makes getting it super easy.
the issue is that our personal addresses, searchable with our names, are now online, and that is new and different. those of us with private addresses are now findable if we participate in campaign donations.
my advice is to get a po box or a mailing address and just use that.
but it is a new level of exposure that is strange.
mary

Is it time to commit Yahoo! (Flickr) suicide?

Kaliya Young · February 1, 2008 · 1 Comment

Learning about the MSFT – Yahoo! bid makes me ill.
From the NYT:

The bottom line: Yahoo will get sold to Microsoft.
Why my confidence? Because Microsoft is paying more than anyone else would be willing to pay for Yahoo. The bid is $44.6 billion, or $31 a share, in cash and stock. Thursday, Yahoo closed at $19.18, a market value of $25.6 billion. If you take out the value of Yahoo’s holdings in other public companies—which the company estimates to be worth $14 billion or $10 a share—that means that Microsoft is offering to pay more than double the value of Yahoo’s existing business.
This bid makes sense for Microsoft from the point of view of strategic survival. Its search and Internet operations are not getting traction. By far, its best option is to combine with Yahoo to create the dominant No. 2 in online advertising and Internet search. But even combining two big players probably doesn’t pan out from a pure dollars and cents point of view.

You know- I started using this cool little site Flickr – then it got sold to Yahoo! (bad enough) now it looks like it will be sold to MSFT. It really is a bit much for me to take.
I really don’t like MSFT – I had an IBM PC and could never “bond with it” or get it to work well for me – I was glad when I lost it. The next machine I got in college was a mac and I have been happy ever since. I don’t use their online tools AT all.
The thing that is so sad about all this is that Yahoo! for a while was the darling of the Valley – they bought the coolest web 2.0 startups. It felt like we were all cheering them on and then ‘nothing happened’ either to the products or their over all reality. My sense it that heart of the issue is that Yahoo! is an ‘older company’ and has the patterns of that kind of world. My sense is that It is bloated with bureaucracy and fiefdoms and the old way of doing things.
MSFT is even worse. At dinner last night we were talking about how they failed to ‘do the right thing with IE’ complying with web standards because their own products – Word, Excel etc. when you say ‘make HTML’ make bad HTML that renders ok in IE but not in other browsers. So being web standards compliant well isn’t good for them. If I was their boss I would just say go with the web standards – get that world of geeks to start trusting you and liking you that you don’t make their world more difficult by having to make sure every thing they make renders on your browser with extensive tweeks to make it work.
That inability to play nice in the web world is not really good for the web of for people. I thought Ray Ozy was supposed to fix all this?
Putting two companies together – both with ‘older’ cultures does not give you hip new web that people want to use. It just means they will fight between them in ways that are likely not productive for either and don’t get you good web tools/products that get them what they think the need which is Eyeballs. You know maybe they should think about their ‘relationships’ with their customer more. I had a relationship with Flickr (where they messed up was ‘forcing’ me to integrate that account with my YahooID) – I have one with other companies I use and am faithful to – 37Signals, WordPress, Twitter.
Having just ‘bashed’ MSFT. I must restate publicly that the people from MSFT that I know personally and have been working in the identity space are good folks and that MSFT has been a great contributor to the work of the identity community. The remarks about MSFT are not directed at them or their efforts around identity at all.

Fighting all the terrorists at home?

Kaliya Young · January 16, 2008 · 1 Comment

A friend sent me this article “The Internet Must Die” today. I was a bit shocked by the legislation it highlighted H.R. 1955 the “Violent Radicalization and Homegrown Terrorism Prevention Act of 2007”.

it’s coming up for a vote in the Senate early this year. If it passes, which seems likely, a Bush signature is a given

Yes the article itself is on the hysterical side. This is what the Huffington Post said about the legislation late last year:
One would have thought that the systematic dismantling of the Constitution of the United States would have been enough to satisfy even the most Jacobin neoconservative, but there is more on the horizon, and it is coming from people who call themselves Democrats. The mainstream media has made no effort to inform the public of the impending Violent Radicalization and Homegrown Terrorism Prevention Act. The Act, which was sponsored by Congresswoman Jane Harman of California, was passed in the House by an overwhelming 405 to 6 vote on October 24th and is now awaiting approval by the Senate Homeland Security Committee, which is headed by Senator Joseph Lieberman of Connecticut. It is believed that approval by the committee will take place shortly, to be followed by passage by the entire Senate.
Harman’s bill contends that the United States will soon have to deal with home grown terrorists and that something must be done to anticipate and neutralize the problem. The act deals with the issue through the creation of a congressional commission that will be empowered to hold hearings, conduct investigations, and designate various groups as “homegrown terrorists.” The commission will be tasked to propose new legislation that will enable the government to take punitive action against both the groups and the individuals who are affiliated with them. Like Joe McCarthy and HUAC in the past, the commission will travel around the United States and hold hearings to find the terrorists and root them out. Unlike inquiries in the past where the activity was carried out collectively, the act establishing the Violent Radicalization and Homegrown Terrorism Prevention Commission will empower all the members on the commission to arrange hearings, obtain testimony, and even to administer oaths to witnesses, meaning that multiple hearings could be running simultaneously in various parts of the country. The ten commission members will be selected for their “expertise,” though most will be appointed by Congress itself and will reflect the usual political interests. They will be paid for their duties at the senior executive pay scale level and will have staffs and consultants to assist them. Harman’s bill does not spell out terrorist behavior and leaves it up to the Commission itself to identify what is terrorism and what isn’t. Language inserted in the act does partially define “homegrown terrorism” as “planning” or “threatening” to use force to promote a political objective, meaning that just thinking about doing something could be enough to merit the terrorist label. The act also describes “violent radicalization” as the promotion of an “extremist belief system” without attempting to define “extremist.”
As currently envisioned, the Commission will not operate in perpetuity. After the group has done its work, in eighteen months’ time, a Center of Excellence for the Prevention of Violent Radicalization and Homegrown Terrorism will be established to study the lessons learned. The center will operate either out of the Department of Homeland Security or out of an appropriate academic institution and will be tasked with continuing to monitor the homegrown terrorism problem and proposing legislation and other measures to counter it.
As should be clear from the vagueness of the definitions, the Violent Radicalization and Homegrown Terrorism Prevention Act could easily be abused to define any group that is pressuring the political system as “terrorist,” ranging from polygamists, to second amendment rights supporters, anti-abortion protesters, anti-tax agitators, immigration activists, and peace demonstrators. In reality, of course, it will be primarily directed against Muslims and Muslim organizations. Given that, there is the question of who will select which groups will be investigated by the roving commissions. There is no evidence to suggest that there will be any transparent or objective screening process. Through their proven access both to the media and to Congress, the agenda will undoubtedly be shaped by the usual players including David Horowitz, Daniel Pipes, Steve Emerson, and Frank Gaffney who see a terrorist hiding under every rock, particularly if the rock is concealing a Muslim. They and their associates will undoubtedly find plenty of terrorists and radical groups to investigate. Many of the suspects will inevitably be “anti-American” professors at various universities and also groups of Palestinians organized against the Israeli occupation, but it will be easily to use the commission formula to sweep them all in for examination.

Government data linked together…

Kaliya Young · January 15, 2008 · Leave a Comment

From Slashdot:

a story from The Guardian about FBI interest in connectivity between its own database resources and those abroad. It’s spearheading a program labeled ‘Server in the Sky’, meant to coordinate the police forces of the United States, the United Kingdom, Canada, Australia, and New Zealand to better fight international crime/terrorist groups. The group is calling itself the International Information Consortium.
“Britain’s National Policing Improvement Agency has been the lead body for the FBI project because it is responsible for IDENT1, the UK database holding 7m sets of fingerprints and other biometric details used by police forces to search for matches from scenes of crimes. Many of the prints are either from a person with no criminal record, or have yet to be matched to a named individual. IDENT1 was built by the computer technology arm of the US defence company Northrop Grumman. In future it is expected to hold palm prints, facial images and video sequences.”

2007 a year of Data Breaches

Kaliya Young · December 31, 2007 · Leave a Comment

In Wired:

Foley’s group lists more than 79 million records reported compromised in the United States through Dec. 18. That’s a nearly fourfold increase from the nearly 20 million records reported in all of 2006.
Another group, Attrition.org, estimates more than 162 million records compromised through Dec. 21 – both in the U.S. and overseas, unlike the other group’s U.S.-only list. Attrition reported 49 million last year.
“It’s just the nature of business, that moving forward, more companies are going to have more records, so there will be more records compromised each year,” said Attrition’s Brian Martin. “I imagine the total records compromised will steadily climb.”

Australian – ID Plan Srapped…

Kaliya Young · December 27, 2007 · Leave a Comment

This just off slashdot today:

“The proposed Australian ‘Access Card’, a universal ID that would be required for any Australian wishing to use Medicare, Centrelink, the Child Support Agency, or Veterans’ Affairs, has been scrapped by the incoming Rudd Labor Government. The card would have contained an RFID tag with the person’s name, date of birth, gender, address, signature, card number, card expiration date, and Medicare number, but there were also provisions to add more personal data later on. It seems that Rudd Labor is not eager to copy the American REAL ID Act.“

From the Ars Technica article:

Encrypted information contained within the card’s RFID chip would have included a person’s legal name, date of birth, gender, address, signature, card number, card expiration date, and Medicare number. Provisions were also included that would allow additional information deemed to be necessary for either “the administration or purposes of the Act.”

The Australian Privacy Foundation was one of the main groups behind the opposition to the plan.

Outside Digital Realm: Food Shortages Expected this year

Kaliya Young · December 26, 2007 · Leave a Comment

A friend of mine sent me this article. Granted it is from a website with a left leaning perspective – it draws on information from UN, US and other government agencies from around the globe. I am posting it because sometimes I think we forget we live on a planet, with weather, that grows food.

Severe Food Shortages, Price Spikes Threaten World Population
Worldwide food prices have risen sharply and supplies have dropped this year, according to the latest food outlook of the United Nations Food and Agriculture Organization. The agency warned December 17 that the changes represent an ³unforeseen and unprecedented² shift in the global food system, threatening billions with hunger and decreased access to food.
The FAO¹s food price index rose by 40 percent this year, on top of the already high 9 percent increase the year before, and the poorest countries spent 25 percent more this year on imported food. The prices for staple crops, including wheat, rice, corn and soybeans, all rose drastically in 2007, pushing up prices for grain-fed meat, eggs and dairy products and spurring inflation throughout the consumer food market.
Driving these increases are a complex range of developments, including rapid urbanization of populations and growing demand for food stuffs in key developing countries such as China and India, speculation in the commodities markets, increased diversion of feedstock crops into the production of biofuels, and extreme weather conditions and other natural disasters associated with climate change.
Because of the long-term and compounding nature of all of these factors, the problems of rising prices and decreasing supplies in the food system are not temporary or one-time occurrences, and cannot be understood as cyclical fluctuations in supply and demand.
The world reserves of cereals are dwindling. In the past year, wheat stores declined 11 percent. The FAO notes that this is the lowest level since the UN began keeping records in 1980, while the US Department of Agriculture (USDA) has reported that world wheat stocks may have fallen to 47-year lows. By FAO figures, the falloff in wheat stores equals about 12 weeks worth of global consumption.

It continues….

UK Data Loss

Kaliya Young · November 23, 2007 · Leave a Comment

In case you are not paying attention this week in identity news – The UK lost massive amounts of PII for its citizens.
Here are two good articles – Christian Science Monitor:
Computer files on 7.25 million families – everyone with children under 16 – have been missing ever since they were sent on two compact discs through the domestic mail system a month ago by Her Majesty’s Revenue and Customs.
SFGate – SF Chronicle
This one is a summary of a range of coverage of the incident.
Kim calls it an Identity Chernobyl.
Kim Cameron that has more context about reports written earlier about the risks of centralizing information about children big databases.
Ben Laurie who lives in the UK has comments on the scans of correspondence by the National Audit Office about the lost data.

Bob has article up on Forum One

Kaliya Young · November 23, 2007 · Leave a Comment

Bob Blakley had a great “live” interview on Forum One.
It builds on the interview that I had a few weeks ago with them. The format is quite interesting – many people ask questions by typing them and you type your answers at the time of the interview.
Bob highlighted – The most serious question we’re facing – and really it trumps all the others – is “how do identity providers make money”?
Johannes picks up on this serious problem and explains why they pulled back from their public OpenID provision.
Bob is asked what is the biggest threat to identity?

That’s a really interesting question. In the past, we had the sense that our identities arose from our status as human persons. I think the biggest threat to our identities today is that as a society we might fall into the trap of reversing this relationship, and come to believe (or at least act as if we believe) that our status as persons derives from possessing an electronic “identity” – that is, a record in a database.
If this happened we’d be in danger of becoming “unpersons” whenever someone erased our identity record in the database.

I worry about this happening. I have since first really experiencing being an entry in a database when I was a student at UC Berkeley.

The Up's and Down of electronic surveillance litigation

Kaliya Young · November 7, 2007 · 1 Comment

Creapy Creapy from Slashdot:

The US government is seeking unprecedented access to private communications between citizens. ‘On October 8, 2007, the United States Court of Appeals for the Sixth Circuit in Cincinnati granted the government’s request for a full-panel hearing in United States v. Warshak case centering on the right of privacy for stored electronic communications. … the position that the United States government is taking if accepted, may mean that the government can read anybody’s email at any time without a warrant.

On the ‘up side’ from the Washington Post:
The AT&T whistle blower Mark Klein is

in Washington this week to share his story in the hope that it will persuade lawmakers not to grant legal immunity to telecommunications firms that helped the government in its anti-terrorism efforts.
“If they’ve done something massively illegal and unconstitutional — well, they should suffer the consequences,” Klein said. “It’s not my place to feel bad for them. They made their bed, they have to lie in it. The ones who did [anything wrong], you can be sure, are high up in the company. Not the average Joes, who I enjoyed working with.”

His story as articulated by the post is as follows:

The job entailed building a “secret room” in an AT&T office 10 blocks away, he said. By coincidence, in October 2003, Klein was transferred to that office and assigned to the Internet room. He asked a technician there about the secret room on the 6th floor, and the technician told him it was connected to the Internet room a floor above. The technician, who was about to retire, handed him some wiring diagrams.
“That was my ‘aha!’ moment,” Klein said. “They’re sending the entire Internet to the secret room.”
The diagram showed splitters, glass prisms that split signals from each network into two identical copies. One fed into the secret room, the other proceeded to its destination, he said.
“This splitter was sweeping up everything, vacuum-cleaner-style,” he said. “The NSA is getting everything. These are major pipes that carry not just AT&T’s customers but everybody’s.”
One of Klein’s documents listed links to 16 entities, including Global Crossing, a large provider of voice and data services in the United States and abroad; UUNet, a large Internet provider in Northern Virginia now owned by Verizon; Level 3 Communications, which provides local, long-distance and data transmission in the United States and overseas; and more familiar names such as Sprint and Qwest. It also included data exchanges MAE-West and PAIX, or Palo Alto Internet Exchange, facilities where telecom carriers hand off Internet traffic to each other.
“I flipped out,” he said. “They’re copying the whole Internet. There’s no selection going on here. Maybe they select out later, but at the point of handoff to the government, they get everything.”
Qwest has not been sued because of media reports last year that said the company declined to participate in an NSA program to build a database of domestic phone-call records out of concern about its legality. What the documents show, Klein contends, is that the NSA apparently was collecting several carriers’ communications, probably without their consent.
Another document showed that the NSA installed in the room a semantic traffic analyzer made by Narus, which Klein said indicated that the NSA was doing content analysis.

What does 'federally approved secure licenses" mean?

Kaliya Young · October 27, 2007 · 1 Comment

My Husband Brian who forwards me articles from the mainstream press about identity sent me this article Feds Strike ID Deal Over NY Licenses
Saturday’s agreement with the Homeland Security Department will create a three-tier license system in New York. It is the largest state to sign on so far to the government’s post-Sept. 11 effort to make identification cards more secure.
Why Can’t they Here Us? Identification Cards don’t make us m ore secure. They infringe on our rights.
Article continued…

Under the compromise, New York will produce an “enhanced driver’s license” that will be as secure as a passport. It is intended for people who soon will need to meet such ID requirements, even for a short drive to Canada.

A second version of the license will meet new federal standards of the Real ID Act. That law is designed to make it much harder for illegal immigrants or would-be terrorists to obtain licenses.
A third type of license will be available to undocumented immigrants. Spitzer has said this ID will make the state more secure by bringing those people “out of the shadows” and into American society, and will lower auto insurance rates.

Cory Doctorow IF google went evil

Kaliya Young · September 22, 2007 · Leave a Comment

THESE ARE ALL FROM A FICTIONAL ARTICLE at Radar – worth reading here are some highlights if you are in a rush….

He should have seen it coming, of course. The U.S. government had lavished $15 billion on a program to fingerprint and photograph visitors at the border, and hadn’t caught a single terrorist. Clearly, the public sector was not equipped to Do Search Right.

“We brokered a compromise with the DHS,” she said, reaching for the milk. “They agreed to stop fishing through our search records, and we agreed to let them see what ads got displayed for users.”

This isn’t P.I.I.”—Personally Identifying Information, the toxic smog of the information age—”It’s just metadata. So it’s only slightly evil.”

Airport DHS scrutiny is a gating function. It lets the spooks narrow down their search criteria. Once you get pulled aside for secondary at the border, you become a ‘person of interest’—and they never, ever let up. They’ll scan webcams for your face and gait. Read your mail. Monitor your searches.”

“The courts won’t let them indiscriminately Google you. But after you’re in the system, it becomes a selective search. All legal. And once they start Googling you, they always find something. All your data is fed into a big hopper that checks for ‘suspicious patterns,’ using deviation from statistical norms to nail you.”

“Now you’re a person of interest, Greg. You’re Googlestalked. Now you live your life with someone constantly looking over your shoulder. You know the mission statement, right? ‘Organize the World’s Information.’ Everything. Give it five years, we’ll know how many turds were in the bowl before you flushed. Combine that with automated suspicion of anyone who matches a statistical picture of a bad guy and you’re—”

The Stasi put everything about you in a file. Whether they meant to or not, what Google did is no different.

“We call it the Googlecleaner. It goes deep into the database and statistically normalizes you. Your searches, your Gmail histograms, your browsing patterns. All of it. Greg, I can Googleclean you. It’s the only way.”

We have reason to believe you’re in violation of the Computer Fraud and Abuse Act, Specifically, exceeding authorized access, and by means of such conduct having obtained information. Ten years for a first offense. Turns out that what you and your friend did to your Google records qualifies as a felony. And oh, what will come out in the trial…all the stuff you whitewashed out of your profile, for starters.”

NYTimes covers my comments on CFP Panel

Kaliya Young · May 12, 2007 · Leave a Comment

For those of you coming from the NYTimes wanting to explore this middle ground I invite you check out the Vendor Relationship Management project that Doc Searls is leading. We will be talking about it at the Internet Identity Workshop that I am facilitating next week.

“Her solution is essentially to give consumers ownership of their data and the power to decide whether or not to share it with marketers”

Lets just be clear this is not ‘my solution’ but a solution that must be found in a marketplace with a huge diversity of stake holders to help make it real and to balance things out. It is one advocated by Attention Trust and being worked on by the Vendor Relationships Management project.
To date there are very limited ways for me to express my preferences to the market place and get information regarding products and things I might like to buy (and only information about those things not just being ‘targeted’ by advertisers). There are also limited ways that people can work together – to aggregate their purchasing power to make new choices – to express demand before a product is even made and sold. These are the sorts of possibilities that I hope can become more real.
To me it is quite interesting that the New York Times is covering Online Ads vs. Privacy because this past week they made a commitment to do deeper data mining of the people who come to their website to ‘improve’ the advertising.
This reporter/social media thing seems to be working. I was quoted for my audience participation in a session at CFP in an article that appeared in Wired. I was linked to and subsequently wrote about my experience of the panel and the point I was trying to make that there was a middle ground. This reflection in my blog was then picked up in the NYTimes.

From the article:
FOR advertisers, and in many ways for consumers, online advertising is a blessing. Customized messages rescue advertisers from the broad reach of traditional media. And consumers can learn about products and services that appeal directly to them.
But there are huge costs, and many dangers, warns Jennifer Granick, the executive director for the Stanford Law School Center for Internet and Society (wired.com). To approach individuals with customized advertising, you have to know who they are. Or at least, you have to gather enough personal information about them that their identity could be easily figured out….
Even if that is true, people like Kaliya Hamlin still say that collecting data about the online activities of individuals can amount to an invasion of privacy. Ms. Hamlin, known as The Identity Woman, is a privacy advocate and consultant. “My clickstream data is sensitive information,” she told Mr. Zaneis, “and it belongs to me.”
On her blog, though, Ms. Hamlin wrote that she found the whole affair frustrating. It was, she wrote, the “angry, progressive anticonsumer guy vs. the super-corporate marketing guy.”
The answers, she wrote, lie somewhere between those positions. “The ‘activist types’ tend to deny that we are people who actually might want to buy things in a marketplace,” she wrote. “The ‘corporate types’ tend to think that we always want to have ‘advertising’ presented to us at all times of day or night because we ‘want it.’ Neither view is really right.”
Her solution is essentially to give consumers ownership of their data and the power to decide whether or not to share it with marketers (kaliyasblogs.net/Iwoman) [[ Note to the NYTimes reporters – if you quote a blogger from their blog posts you should link to the actual blog post you are quoting not just the blog itself]]

Again regarding my identity – I am not sure I would describe myself as a ‘privacy advocate’ but rather an end-user advocate, for transparancy, disclosure and passionate about open standards.

Mike Jones is Self-Issued

Kaliya Young · April 13, 2007 · Leave a Comment

Mike Jones has started blogging on Self-Issued. This is an exciting development to have him join the “identosphere”