Latest Carrier IQ Revelations: Franken Steps Up, 141 Million "Products" Have Code

This story is moving fast so I want to get you the latest news regarding the revelations that a secret code (Carrier IQ) was discovered that allows your smart phone (and who knows what else) to not only be tracked at all times, but in fact, every key stroke made is monitored and stored – including the content of text messages. And perhaps most incredible, the ability to opt-out, let alone opt-in, of this kind of “super surveillance” was not made available, as the fact that this code even existed, or was being utilized, wasn’t even shared or made known to the consumer.

Now we discover that since the Carrier IQ story broke last week, we’ve learned that the company’s spying technology is present on 141 million phones, including Androids and iPhones and possibly models made by BlackBerry, Nokia and other manufacturers.

As I touched on last post, this data collected by Carrier IQ represents a virtual treasure trove of information for those seeking to access it, particularly advertisers and the government. And we know how willing the telecom industry was to give up such private information to the government in the past, just as we know how the government used the Patriot Act, not to track and catch terrorists, but rather, to target peace protesters (think Occupy) and suspected drug users/dealers.

But government desire to access this data aside, what about the likelihood that a corporate entity is tracking/recording EVERYTHING you do (i.e. where you shop, when you shop, while you shop, what you search for on the internet, who you talk and text, and what you say and write), then turning that information into a detailed digital profile (98% of Google's profits come from advertising) that they can then sell – for huge profits - to third party advertisers so they can market their products to you more effectively??? 

Thankfully it didn’t take long for privacy stalwart, Senator Al Franken, to demand answers, stating, “Consumers need to know that their safety and privacy are being protected by the companies they trust with their sensitive information. The revelation that the locations and other sensitive data of millions of Americans are being secretly recorded and possibly transmitted is deeply troubling. This news underscores the need for Congress to act swiftly to protect the location information and private, sensitive information of consumers. But right now, Carrier IQ has a lot of questions to answer.” 

In his letter to Carrier IQ President and CEO Larry Lenhart, he writes, “I am very concerned by recent reports that your company’s software—pre-installed on smartphones used by millions of Americans—is logging and may be transmitting extraordinarily sensitive information from consumers’ phones, including:

•           when they turn their phones on;
•           when they turn their phones off;
•           the phone numbers they dial;
•           the contents of text messages they receive;
•           the URLs of the websites they visit;
•           the contents of their online search queries—even when those searches are encrypted; and
•           the location of the customer using the smartphone—even when the customer has expressly denied permission for an app that is currently running to access his or her location.

It appears that this software runs automatically every time you turn your phone on.  It also appears that an average user would have no way to know that this software is running—and that when that user finds out, he or she will have no reasonable means to remove or stop it. 

He goes on to ask a series of pointed questions in which he demands answers by December 14th, including (among many), “Is that data transmitted to Carrier IQ?  Is it transmitted to smartphone manufacturers, operating system providers, or carriers?  Is it transmitted to any other third parties? If Carrier IQ receives this data, does it subsequently share it with third parties? With whom does it share this data?  What data is shared?”

Read the whole list of questions...impressive...disturbing. So let's all mark our calendars...as I'm eagerly awaiting answers to them.

As I also pointed out last post, these revelations reaffirm the need for an opt-in, Do-Not-Track mechanism available to all consumers, whether online or using something like a smart phone. I would also encourage readers to sign and send the Free Press's action alert: “Tell Congress and the Department of Justice: My mobile phone is mine, and I have the right to be free from being spied on. “    

New Smart Phone Privacy Revelations Uncovered

I wasn't planning on following up my last post entitled "Smart Phones and Privacy" with yet another post about the technology and some of its privacy implications. But, after reading this headline "Your Smartphone Is Spying on You"- on the front page of Yahoo no less -  I feel I have little choice.

I'm not going to go over what I just did in my last post, but suffice it to say, I detailed a number of concerns with the technology, including government/law enforcement locational tracking without a warrant or even probable cause as well as law enforcement searching peoples smart phones (also without a warrant).

The context, particularly in light of growing Occupy protests, is important here. We should be wary of giving up more and more information - including location, text messages, and internet searches, to ANYONE, let alone when considering it could fall into the hands of forces that may be seeking to stifle dissent and intimidate (as well as break the law and violate the constitution).

But this article takes the cake!! I know this sounds incredibly Orwellian, but a secret code (Carrier IQ) has been discovered that allows your smart phone to not only track you, but take and keep every keystroke you make - even the content of your text messages. And perhaps most incredible, the consumer is not even given the ability to opt-out, let alone opt-in!). In fact, the consumer doesn't even know this code is in the phone. 

Such information represents a treasure trove of information for all kinds of interests desiring access to it, particularly advertisers and the government. And of course, we know how willing and ready the telecom industry has been to do anything our government wants despite the rights and desires of their customers.

But government aside, what about the basic right to not have EVERYTHING you do recorded (i.e. where you shop, when you shop, while you shop, what you search for on the internet, who you talk and text, and what you say and write), and then have that information turned into a detailed digital profile of you (98% of Google's profits come from advertising), and then have that profile sold on the market for HUGE profits to advertisers so they can market their products to you more effectively??? Its more than our right to privacy that is being violated...its the very idea that we "own" our own private information...and that others can't take it and profit off it without our consent.

So there are two VERY disturbing aspects of this story, from the treasure trove of personal data it offers to a law enforcement, surveillance state apparatus that is becoming increasingly authoritarian, to the "commodity" we, and what we do, has become - but without our control or right to privacy.

If these revelations don't demand an opt-in, Do-Not-Track mechanism available to all consumers, whether online or using something like a smart phone I don't know what does. We should be looking for Congress, and state houses to take this issue up, and start MANDATING that such mechanisms are provided. Perhaps in that sense, this discovery will help this important cause, and legislation that will take it on.

So let's get straight to the article in the Atlantic Wire because I'm practically speechless. Adam Clark Estes reports:

The reason for this invasive Android app seems reasonable enough at face value. Even though it's on most Android, BlackBerry and Nokia devices, most users would never know that Carrier IQ is running in the background, and that's sort of the point. Described on the company's website as software to gain "unprecedented insight into their customers' mobile experience," Carrier IQ is ostensibly supposed to help mobile carriers and device manufacturers gather data in order to improve their products. Tons of applications do this, and you're probably used to those boxes that pop up on your screen and ask if you want to help the company by sending your data back to them. If you're concerned about your privacy, you just tap no and go about your merry computing way. As security-conscious Android developer Trevor Eckhart realized, however, Carrier IQ does not give you this option, and unless you were code-savvy and looking for it, you'd never know it was there. And based on how aggressive the company has been in trying to keep Eckhart quiet about his discovery, it seems like Carrier IQ doesn't want you to know it's there either. … 

This week, Eckhart fired back with a 17-minute long video showing in painstaking detail how much data CarrierIQ collects, effectively undercutting the company's denial. It was even logging contents of text messages! Wired posted the video on Tuesday night and cemented CarrierIQ's status "as one of nine reasons to wear a tinfoil hat." The magazine explains how CarrierIQ even undercuts other companies' security measures...

…

Tracking is creepy. In an Orwellian kind of way, it makes people nervous -- especially Americans -- that the government or the corporations or the system is closing in on them and stealing their freedom. Of course, not everybody feels so strongly about privacy, but as long as you can opt out, it should be fine. This seems be where privacy agnostics as well as advocates both get concerned. Some people don't mind being tracked, but nobody wants to be tricked. Last week, Sen. Charles Schumer spoke out about a program at some malls in Virginia and Southern California that were anonymously tracking shoppers' movements by tracking their cell phone signals, and the only way to opt was by not going to the mall. Schumer did not approve. "Personal cell phones are just that -- personal," the New York senator said in a statement. "If retailers want to tap into your phone to see what your shopping patterns are, they can ask you for your permission to do so." The CarrierIQ software is not dissimilar to the shopper tracking program. In fact, it's arguably worse since it follows you everywhere. In the age of social media, everybody is becoming increasingly aware of and often angry about the amount of private data companies are scooping up with or without their consent. 

This week, the Federal Trade Commission and Facebook came to an agreement that the social network must make all of their new programs opt-in so as not to break the law by violating users' privacy. Even Mark Zuckerberg admitted in a sincere-sounding blog post that his company had "made a bunch of mistakes" on the privacy front in the past. He went on to detail how "offering people control over the information they share online" was a top priority. This is Mark "Privacy Is Over" Zuckerberg we're talking about here. With Facebook reportedly building its own mobile phone platform, wouldn't it be super ironic if people started defecting from the Android army and switching to the Facebook phone in the name of privacy? 

Your move, Google.

Here's the video:

So what to do? Thankfully, it didn't take long for the Free Press's "Save the Internet" campaign to jump on this today and provide us with an opportunity to let Congress and the Justice Department know that we don't appreciate being spied on. Here's some of the language from the action alert (I'll skip the stuff that repeats what I've already included in today's post), with the link to the action page...interestingly, their experts ALSO made the connection I did this reeks of like "wiretapping".

Free Press: Tell Justice Department and Congress You Don't Want to Be Spied On!

Are you being watched? A researcher just discovered a hidden application that records what millions of people write, view and search for on their mobile phones. It sends all of that data to a company no one’s ever heard of. And we have no idea what that company is doing with our information.1

Sounds like 1984. But it’s happening in 2011. Earlier today, Sen. Al Franken demanded answers from the company, Carrier IQ, calling its technology "deeply troubling." We now need a full investigation.2

Tell Congress and the Department of Justice: My mobile phone is mine, and I have the right to be free from being spied on. 

The fact that one company is secretly storing away the data of millions of mobile phone users — without our knowledge, and with no way for us to opt out — is just incredible. You’d expect this sort of thing from the Chinese government — not from a company operating in the present-day U.S.

Take action now to stand up for your mobile freedoms.

This is not only a privacy problem. It’s a democracy problem. Mobile phones have become the ultimate democracy devices. Activists from Cairo to New York City to Los Angeles have used their phones to broadcast images of pepper-spraying cops, handcuffed journalists and squares full of protesters. We must ensure that the most important movements of our time aren’t compromised by data spies with little regard for our free speech or privacy.

Tell Congress and the Department of Justice: Protect mobile phone users from data spies. Investigate Carrier IQ. 

Law professor and former Department of Justice attorney Paul Ohm says that Carrier IQ’s snoopware “is very likely a federal wiretap,” which means that the company could be prosecuted for breaking federal law.4 “Consumers need to know that their safety and privacy are being protected by the companies they trust with their sensitive information,” Sen. Franken said. “ … Carrier IQ has a lot of questions to answer.”

We agree. Let’s get some answers.

Smart Phones and Privacy

I want to follow up yet again on my series of posts on the historic case currently before the Supreme Court that could determine just how much privacy smart phone users can expect in the future. The case in question seeks to determine whether law enforcement should be required to attain a warrant BEFORE tracking a suspect (or alleged suspect) using GPS technology - which all smart phones happen to now have.

Before I get to the article delving into the smart phone aspect of this case, let me provide a brief summary of how we got here: The case in question involved police covertly tracking a suspected cocaine dealer's car using a GPS device for an extended period of time without getting a warrant. Thanks to this tracking, the suspect was initially convicted. But, a ruling by the D.C. Court (by Judge Ginsburg) of Appeals overturned that decision, arguing that the use of a secret GPS tracking device on the man’s vehicle for two months violated the Fourth Amendment’s protection against unreasonable searches and seizures. The idea being, no one wants to feel as if a government agent is following you wherever you go - be it a friend's house, a place of worship, or a therapist's office - and certainly innocent Americans shouldn't have to feel that way.

The problem was that two federal appellate courts had first upheld the use of GPS devices without warrants on the grounds that we have no expectation of privacy when we are in public places and that tracking technology merely makes public surveillance easier and more effective. Now this case is being heard by the Supreme Court.

Now, in some of my past posts I haven't focused on what this ruling could mean to ALL smart phone users, but instead, simply on the way the police tracked this particular suspect (see past posts for more detail). But let's be real, if law enforcement can argue, and win, the right to track someone's whereabouts without a warrant (or even probable cause) using a device implanted in the car, it goes to reason that this would be done in many cases through an individuals smart phone instead.

And of course, this isn't the only area in which privacy and smart phone technology are being debated. This year in California - to the dismay of civil liberties advo­cates - the Governor vetoed SB 914 (Leno). The legislation was a response to a recent California Supreme Court decision (People v. Diaz) allowing police to rummage through all of the private information on a smart phone as part of an arrest, including text mes­sages and e-mails. 

SB 914 would have clarified that an arrestee’s smart phone can only be accessed with a warrant, except in cir­cumstances where there is an immedi­ate threat to public safety or the arrest­ing officer. The bill acknowledged that accessing the detailed, private infor­mation contained on a smart phone is fundamentally different than searching an arrested person’s wallet, cigarettes or pockets. Senator Mark Leno has announced he will bring this legislation back next year. 

Here's more from a BBC News report entitled "How much privacy can smart phone users expect?": 

Millions of us happily invade our own privacy every day on Twitter and Facebook, sharing personal details with the world and broadcasting our location in a way previous generations would have found bizarre. Even those who shy away from social media and new technology in general are not immune. The most basic mobile phones are in constant contact with the nearest mast, sending information about the whereabouts of their users to phone companies, who can later hand that data over to the police, if requested.

… 

There are signs that governments and law enforcement agencies around the world are taking advantage of this increasingly relaxed attitude towards privacy to step up surveillance of citizens. The case currently before the Supreme Court, US vs Jones, hinges on whether police officers should be allowed to plant GPS tracking devices on suspects' cars without a warrant…Lawyers for the Obama administration argued that Jones did not have a "legitimate expectation of privacy" - the standard legal test in the US for the past 45 years - because his car was in a public place.

… 

But law enforcement officers no longer have to physically plant a bug on a suspect's car or person. In the US, they are increasingly using mobile phone tracking software. 

"Police officers can sit in the comfort of their own stations and use this technology to watch not just one person, but many people, over long periods of time," says Catherine Crump, an attorney for American Civil Liberties Union. This is far more invasive than traditional surveillance, she argues. "GPS tracking can actually be quite revealing about who a person is and what they value. It can show where a person goes to church, whether they are in therapy, whether they are an outpatient at a medical clinic, whether they go to a gun range."

… 

But the London force is also reportedly using software that masquerades as a mobile phone network, allowing it to intercept communications and gather data about users in a targeted area, such as a demonstration.

Most civil liberties campaigners do not want the police banned from using new technology and accept that telecoms companies are "not the Gestapo", as Catherine Crump puts it. But, argues the ACLU lawyer: "People should not have to choose between using new technology, which is becoming increasingly commonplace and hard to live without, and giving up their privacy." 

Some believe the moment when that choice has to be made has arrived.

Click here to read more.

Again, my mind goes to social movements and protests and the government's insatiable desire to stifle dissent. These concerns are all the more disconcerting in light of the Occupy protests, and what we already know about how the Patriot Act was used to target peace/anti-war activists. 

No doubt in my mind we are indeed reaching a watershed moment - as highlighted by the current case before the Supreme Court. As technology advances, and becomes a more and more integral part of our lives, so too is the opportunity for authorities, both corporate and governmental, to use it in ways that violate our civil liberties.

Smart phones (and the information we have/use on social media like Facebook and Twitter) represent a clear line in the sand that must be drawn...no government has the RIGHT to track our whereabouts OR access all the information now stored in this technology unless they have a warrant.

Surveillance State Ironies

All the incredible video documenting grotesque police abuse of peaceful protesters across the country provides a bit of irony: Just as we citizens are being increasingly watched by both commercial and governmental interests, so too can we now watch them - and use it to our advantage.

I don't need to go into too much detail regarding our burgeoning surveillance state and our loss of privacy in just about all areas of life. But, consider the bigger picture...as I wrote on this blog in the past, whether its the knowledge that everything we do on the internet is followed and stored, that we can be wiretapped for no reason and without a warrant or probable cause, that smart grid systems monitor our daily in home habits and actions, that our emails can be intercepted, that our naked bodies must be viewed at airports and stored, that our book purchases can be accessed (particularly if Google gets its way and everything goes electronic), that street corner cameras are watching our every move, and that RFID tags and GPS technology allow for the tracking of clothes, cars, and phones (and the list goes on)...what is certain is privacy itself is on life support in this country...and without privacy there is no freedom. I also fear how such a surveillance society stifles dissent and discourages grassroots political/social activism that challenges government and corporate power...something that we desperately need more of in this country, not less.

With that overview, I think its particularly fascinating, and ironic, that "we the people" are so effectively documenting, through smart phones and video cameras, the kinds of law enforcement abuses that we otherwise would not have been able to in the past - and thus would have remained unknown and unpunished.

With this in mind, I found an article by one of my favorite writers - Will Pitt of Truthout - that describes how this "Peoples Surveillance State" is being used, particularly in the documenting of the pepper spray incident at UC Davis. Pitt writes: 

In the aftermath of September 11, there was a big push to create a national surveillance system in the name of national security. Cameras were installed at traffic lights, ostensibly to catch people running red lights and stop signs, but those cameras came with a nifty side benefit: they recorded everyone within reach of the lens in their comings and goings. Cameras were installed at street corners, ostensibly to provide security against crime, but again, you were recorded wherever you went. Bank machines all come with security cameras, and those added to the ever-broadening web of national surveillance. Finally, almost every cell phone now comes with software that, so long as the thing is turned on, can track your every step by triangulating your position via GPS and the cell towers your phone signal bounces off of.

Those with a fealty to the quaint ideals of American civil liberties had, to no great surprise, a big problem with putting this system in place. Combine the concern over having millions of innocent people on camera with the fact that the Bush administration decided to spy on pretty much everyone by way of the NSA because no one had the guts to stop them, and what you had - and have to this day - is a pretty damned paranoid situation where everyone is being watched by The Man. Today, it is almost impossible to be anywhere in America without something tracking you. After this technology had been in place for a few years, it even became fodder for cop shows; half the episodes of "Law & Order: SVU" after 2008 involve catching criminals using this web of eyes and ears. As you can imagine, the bad guys almost never got away.

The basic idea behind setting up this incredibly invasive system, if you listen to its advocates, is that security is paramount in the aftermath of 9/11. There were plenty of people, after the Towers came down, who were very happy to surrender their liberties in the name of security, despite Benjamin Franklin's warning about deserving neither and losing both. Nowadays, the existence of such a system is established fact, leading to yet another bout of cognitive dissonance: those in favor of such a system a few years ago, because it meant the state was looking out for their safety, are now in all likelihood the same people railing against the state with guns on their hips at Tea Party rallies...but that's a brain cramp to be dealt with another day.

The advent of the Occupy movement, the length of time that movement has been able to hang fire, and the vast number of cities in which it is taking place, has led to an astonishingly violent reaction from the very state we are supposedly trusting to watch over our every move. There have been a dozen incidents of gruesome official violence against peaceful, non-violent protesters, including the near-murder of an Iraq war veteran by police in Oakland...violence the likes of which has not been seen in America since the dogs and firehoses days of Birmingham, Alabama.

Last Friday, students at UC Davis in California were subjected to an attack by police that beggars likeness. Here's the thing, though: this time, it's all on film. 

If you haven't seen it yet, what you're looking at is a dozen or so protesters seated with their heads down, arms linked, in peaceful non-violent resistance. An armored UC Davis police officer calmly pulls out a can of pepper spray the size of a fire extinguisher, shakes it up, and hoses these seated students down from one side to the other and then back again. Several of the students subjected to this attack required hospitalization, and there is an unconfirmed report that one of the protesters had a UC Davis cop shove the nozzle of his pepper spray canister into her mouth and then pulled the trigger.

As Pitt also mentions, the result of this video has been millions of hits, calls for the firing of the Chancellor and cops responsible, an investigation of the incident, and even greater resolve in students across the state and country to continue to speak out against ever increasing tuition costs and fee increases (among MANY legitimate complaints). Granted, we will see if justice is served, and we all know that video alone isn't enough to convict even the most glaringly abusive and illegal tactics. Nor does video guarantee real, systemic reforms to what is clearly an increasingly authoritarian, and militarized police force.

But certainly, it VASTLY improves the potential that justice will be realized - and reforms will be instituted. More than anything though, what this kind of peoples surveillance offers is the ability to educate the larger public about what is really going on in this country - particularly when you have the temerity to speak out against "the elites". This education opportunity, and how it might serve to motivate and inspire more people to get involved with their democracy and demand change (as well as make cops think twice about their actions) shouldn't be discounted.

If you want to see what I mean, check out Joshua Holland's Caught on "Camera: Ten Shockingly Violent Police Assault on Occupy Protesters"and consider whether it impacts your opinion on these matters.

The Need for Internet Privacy

I want to alert everyone to a fantastic op-ed in the San Diego Union Tribune by one of my most relied upon privacy experts - Beth Givens of the Privacy Rights Clearinghouse. But, before I share some choice clips, let me provide some backdrop (taken from what I've written on the blog in the past...as there's no reason to reinvent the wheel) on why this has become such an important privacy debate. The fact is, there's been a virtual explosion in data collection, data analysis and use of behavioral marketing on the internet without the requisite privacy protections to go along with it.  Billions of dollars at stake, and your private information is the currency.

We know for instance, and they have been sued for it, companies like Google, Yahoo, Microsoft and other Internet companies track and profile users and then auction off ads targeted at individual consumers in the fractions of a second before a Web page loads.

That in itself, may not be all that threatening to most. But it raises some interesting questions: What kind of control should we have over our own data? And, what kind of tools should be available for us to protect it? What about ownership of our data? Should we be compensated for the billions of dollars being made by corporations from their tracking of us? And of course, what of the government's access to this new world of data storage?

The argument from privacy advocates has largely been that this massive and stealth data collection apparatus threatens user privacy and regulators should compel (not hope that) companies to obtain express consent from consumers before serving up "behavioral" ads based on their online history.

More generally, particularly on the issue of privacy on the Internet, the fact that we have next to no privacy standards as related to these technological innovations and trends is disturbing, and more than enough of a reason for legislation like California's SB 761 (Do Not Track).

The Do Not Track flag is a rather simple concept that's already been built into Firefox and IE9. If users choose to turn on the option, every time they visit a web page the browser will send a message to the site, saying “do not track.”

SB 761 (Lowenthal) would offer consumers such a mechanism, something the bill's sponsor describe as "one of the most powerful tools available to protect consumers' privacy." The mechanism will allow anyone online to send Websites the message that they do not want their online activity monitored.

Certainly one strong point of the legislation is that it is in line with public opinion, as detailed by a poll by Consumer Watchdog last summer that found 80% of Americans support a Do Not Track option. In addition, a recent USA Today/Gallup poll found that most Americans are worried about their privacy and security when they use Facebook and Google.

The fact is, there's no longer any anonymity on the Web. The most personal information about people's online habits is collected and eventually bought and sold, often instantaneously and invisibly. Data collection practices have become a business in themselves, driven by profits at consumers' expense. The Wall Street Journal recently highlighted these practices—which included targeting children—in its groundbreaking series "What They Know."

Now let's get to Beth's thoughts on this subject:

Individuals are increasingly using the Internet as their primary information source, often seeking information on sensitive matters such as finances, health, personal relationships, divorce, sexuality, workplace difficulties and legal conflicts. But few individuals realize the extent to which they are being tracked by companies that create rich profiles of their web-browsing activities. The 2010 Wall Street Journal series, “What They Know,” reported that the nation’s top 50 websites installed an average of 64 pieces of tracking technology onto each visitor’s computer. Tracking tools go beyond the cookies many of us routinely delete. Some companies deploy “Flash cookies” or other “supercookies” that are not only extremely difficult to delete but can also be used to reinstall cookies that a user has removed.

Such data-gathering and profiling activities are largely invisible, except that they can result in the real-time display of behaviorally targeted ads. You might ask, “What’s the harm in receiving ads based on my web-surfing history?” In a legislative primer presented to members of Congress by 10 organizations, including ours, several potentially harmful effects of behavioral tracking and targeting were identified: (1) targeting economically distressed individuals with payday loans and subprime mortgages; (2) sending ads for bogus cures to individuals with serious medical conditions; (3) engaging in discriminatory pricing in which some people are offered products or services at higher prices than others; and (4) targeting children who lack the judgment capacity of adults. Further, profiles compiled originally for the ad industry may be sold to non-advertising third parties such as insurance companies.

Harms aside, let’s not forget, simply, the right to privacy. The definition of privacy that guides my organization’s work is the ability of individuals to control the use of their personal information. Everyone has a different comfort level regarding the collection and use of their personal information. We believe individuals’ choices must be respected, no questions asked.

...

However, studies show that robust profiles generated from anonymous data can be matched with other data sources, offline and online, to determine individuals’ identities. These days, the anonymity argument is largely a myth. Another myth is that young people are not concerned about privacy. These “digital natives” have not known a world without the Internet, so the argument goes, and they are not worried about their personal information being revealed online. However, a 2009 academic survey found there are no significant differences between young adults and older individuals regarding online privacy concerns. While some believe that in a generation or two, concerns about online privacy will vanish, we at the Privacy Rights Clearinghouse are not so quick to accept that argument.

In closing, effective online privacy protection requires a multipronged approach involving policymakers, industry, nonprofits and consumers. It must not be lost to bogus arguments and unfounded myths.

You can read the rest here.

As I have also written before, its not by accident that we are told by the same interests that profit off our information that privacy is dead, and people don't care about it anymore, or that it will "kill business". Well, that's easy to say when you are the ones developing the complicated and difficult to find privacy settings consumers have to deal with - and profiting off our personal information without our consent.

More to the point is the simple, unavoidable fact that consumers should have MORE control, not less, over what information of ours is used, shared, and profited off. This basic principle is at the heart of the ACLU's DotRights campaign.

There remains an interesting dichotomy in all this: While people seem to "care" about privacy on one level, they tend to do very little to actually protect it. Which in my mind, makes easy to use, clear options to protect privacy so paramount. Once people are given such a choice, not only will more people choose to "not be tracked", I think more people will become more AWARE of just how all pervasive such monitoring of nearly everything we do has become."

Cell Phone Providers Urged to Stop Collecting Data on Customer Movements

In light of the current Supreme Court case regarding the GPS tracking of a suspect by law enforcement, I thought the ACLU's letter to the CEO's of the nation's biggest cell phone providers asking that they "stop routinely collecting and storing data on their customers’ daily movements" was worth delving into today too.

The essential argument by privacy advocates, be it the tracking of a cell phone user, or tracking a suspect's vehicle, is that in either case you should not be more susceptible to government surveillance. The idea being, no one wants to feel as if a government agent is following you wherever you go - be it a friend's house, a place of worship, or a therapist's office - and certainly innocent Americans shouldn't have to feel that way. The other major distinction between such constant, all pervasive surveillance, from say, simply following a person or suspect, is just that: its constant, over time, and all pervasive...unlike a simple "tailing" of a person by authorities.

Before I share some of the ACLU letter, I want to go a little into the back story regarding why cell phone tracking should be a concern for all of us. Consider:

• In just a 13-month period, Sprint received over 8 million demands for location information;  
• Michigan police sought information about every mobile phone near the site of a planned labor protest;
• Last spring, researchers revealed that iPhones were collecting and storing location information;
• A few months ago the general counsel of the National Security Agency suggested to members of Congress that the NSA might have the authority to collect the location information of American citizens inside the U.S.
• The FBI has used 'dragnet'-style warrantless cell phone tracking.

And then there's the Patriot Act. The fact remains that we still don’t know how the government might be using the Act, highlighted by recent statements made by US Senators regarding what they termed “secret Patriot Act provisions”. Senator Ron Wyden (D-OR), an outspoken critic of the recent reauthorization, stated, "When the American people find out how their government has secretly interpreted the Patriot Act they will be stunned and they will be angry." As a member of the Senate Intelligence Committee Wyden is in a position to know, as he receives classified briefings from the executive branch.

In recent years, three other current and former members of the US Senate - Mark Udall (D-CO), Dick Durbin (D-IL), and Russ Feingold (D-WI) - have provided similar warnings. We can't be sure what these senators are referring to, but the evidence suggests, and some assert, that the current administration is using Section 215 of the Patriot Act - a provision that gives the government access to "business records" - as the legal basis for the large-scale collection of cell phone location records. 

With that, let's get to what the ACLU urged these CEO's to do (or NOT do):

The fact is our cell phone companies know more about where we are throughout the day than our closest friends. One of the byproducts of the way cell phones work – staying in constant touch with the nearest cell tower – is that our carriers can tell roughly where we are. And over time, that data is getting increasingly accurate.

But the major carriers – AT&T, Verizon, T-Mobile and Sprint – don’t just know where we are from moment to moment. They also retain detailed data about our location for extended periods of time, as we learned recently when we receivedthis document in response to our national public records request on how the authorities are using location data. The carriers also readily share the information they gather with government agencies and law enforcement…We pay them money, they provide us with phone and data services. Being tracked everywhere we go was never part of the bargain…

We don’t know exactly how precise the data the carriers retain is, or how they are using it. Often these days there is often an automatic, reflexive impulse to retain data – any and all. But it also seems that the companies are looking at how to monetize this information as they do with other information they gather.Verizon, for example, recently announced that it was selling location information about its customers. Although it is doing so only on an aggregate basis, that still represents a step closer to sharing our own individual movements, which the carriers are surely tempted to do.

Either way, if we roll over and accept this practice, then we’ll be accepting a world that totalitarian dictators can only dream of: an entire population carrying location tracking beacons that precisely record their every movement. This is not something we should be just taking in stride. It’s not something that we have to accept.

The best protection for privacy is for the carriers to not record our locations, even though the phone reveals them, unless we decide to give permission (and not through the fine print in some boilerplate click-through agreement). We should demand nothing less

.

You can read the ACLU’s letter here and you can join them in making this demand to your carrier too.

Update on GPS Tracking Case Being Debated by Supreme Court

I want to follow up on my last post regarding the historic case before the Supreme Court - for which hearings began yesterday - as to whether law enforcement should be required to attain a warrant BEFORE tracking a suspect (or alleged suspect) using GPS technology.

I've written on this case, and issue, extensively on this blog, so I'm not going to rehash all that now (see last post for a decent summary). Suffice it to say, there is a WHOLE lot riding on this case. 

For today's purposes,  I'm just going to share some excerpts from a variety of news media that covered yesterday's hearings.

As NPR reported:

George Orwell's 1984 was very much on the minds of the Supreme Court on Tuesday, as the justices grappled with a question that pits the use of modern technology in law enforcement against individual privacy interests. At issue is a case testing whether police must obtain a warrant before putting a GPS tracking device on a car to monitor a suspect's movements.

...

Dreeben, in his argument, urged the court to stick to the line it has drawn in the past — no warrant is needed for surveillance of activities conducted on public roads. Chief Justice John Roberts, however, seemed skeptical about applying that rationale to new technologies, asking if the government could "put a GPS device on our cars and monitor us?" Dreeben responded that under the government's theory and the court's precedents, "the justices of this court, when driving on the streets, have no greater expectation of privacy" against a GPS device attached to the car "than they would if the FBI followed them around the clock."


Justice Stephen Breyer struck a more ominous tone, asserting that "if you win this case, then there is nothing to prevent the police or the government from monitoring 24 hours a day the public movements of every citizen in the United States," a scenario that "sounds like 1984." Discussion of Orwell's dystopic novel arose five times during the argument.


Justice Sonia Sotomayor asked Dreeban to explain the difference between the warrantless use of GPS devices and the general search authority that outraged the Founding Fathers and inspired the Fourth Amendment ban on searches without court authorization. Dreeben maintained, however, that putting a GPS device on a car is not a search. And he seemed to suggest that people have different expectations of privacy in an era of technological advances.


That is "too much for me," interjected Justice Elena Kagan, suggesting that people would think their privacy interests are violated by having a robotic device monitoring their movements 24 hours a day.

Read more here.

And this from the New York Times:

On Tuesday, Chief Justice John G. Roberts Jr. said there might be a constitutional difference between discrete pieces of data and the collection of vast amounts of information. “You’re talking about the difference between seeing the little tile and seeing a mosaic,” he said.


But Michael R. Dreeben, a deputy United States solicitor general, said there were no constitutional limits to the government’s ability to track people’s movements in public. He said a device surreptitiously attached to clothing would be permissible so long as it did not convey information from inside a home. He added that the police could track the movements of the justices’ cars without a warrant.


On hearing those statements, Justice Ruth Bader Ginsburg said the “endpoint” of the government’s argument was that “an electronic device, as long as it’s not used inside the house, is O.K.” Mr. Dreeben said that was correct regarding people’s movements in public. Other forms of monitoring — of conversations inside cars, say — were subject to different rules, he said. 


That means, Justice Stephen G. Breyer told Mr. Dreeben, that “if you win this case, then there is nothing to prevent the police or the government from monitoring 24 hours a day the public movement of every citizen of the United States.” And that, Justice Breyer said, “sounds like ‘1984.’ ”
...


Mr. Dreeben said, “The court should address the so-called ‘1984’ scenarios if they come to pass, rather than using this case as a vehicle for doing so.” But Justice Sonia Sotomayor indicated that the scenario might have already arrived. “It wouldn’t take that much of a budget, local budget, to place a GPS on every car in the nation,” she said.

...

Justices Samuel A. Alito Jr. and Antonin Scalia said such arbitrary limits should be imposed by legislatures rather than a court.

Read more here.

And finally, the Washington Post also chimed in:


It is allowed under the court’s own precedents, replied Deputy Solicitor General Michael R. Dreeben, and is no different than if the FBI “put its team of surveillance agents around the clock on any individual and follow that individual’s movements as they went around on the public streets.”

But to many of the justices, something did seem different. In an intense hour-long exchange in which the Big Brother of George Orwell’s novel “1984” was referenced six times, the justices wondered how the dizzying pace of technology has changed a person’s reasonable expectation of privacy.

The justices pondered a world in which satellites can zero in on an individual’s house, cameras record the faces at a crowded intersection and individuals instantly announce their every movement to the world on Facebook. They wondered about the government placing tracking devices in overcoats or on license plates.

...

The court is trying to apply the Constitution’s centuries-old protection against unreasonable searches and seizures at a time when devices such as a GPS can essentially do police officers’ work for them.But the justices also appeared conflicted about where to draw a constitutional line.

Stephen C. Leckar, representing Jones, said police should be required to persuade a judge to issue a warrant for each use of a GPS device. But the justices wondered how that squared with their previous rulings that no warrant is needed when the person being targeted was being monitored in public places.

“If there is no invasion of privacy for one day, there is no invasion of privacy for 100 days,” Justice Antonin Scalia said. 

Alito said Leckar had not shown that using a GPS device was any different from traditional police surveillance.

Read more here.

Obviously there's no way I can get a real "feel" for which way the court may rule. I'm ALWAYS deeply skeptical that the 4 extremists, and the one conservative, will ever rule in favor of the public interest when either corporate interests, or civil liberties, are concerned. Nonetheless, some of the questions posed by Roberts and Alito are at least modestly hopeful. Of course, the real wildcard, Justice Anthony Kennedy, was not quoted in any of the articles I've seen...and he remains the judge I'll be keeping my eye on.

I think today's editorial in the USA Today hit the nail on the head,  "The government's argument is that police don't need a warrant when they track people on public roads where they can be watched by cameras and other drivers — and where police could physically tail them without a warrant.

But of course, the technology changes everything. Even with speed cameras, red-light cameras and a squadron of pursuers, authorities would have a very hard time amassing a record of every place someone travels for 28 days.

The idea is, indeed, Orwellian, not to mention downright "creepy and un-American," to use the words of the chief justice of the 9th Circuit Court of Appeals. At a minimum, police should first have to convince a judge that there's probable cause to issue a search warrant — and use it properly.

The Founding Fathers, brilliant though they were, could not possibly have envisioned GPS technology. But they certainly understood the principles of personal freedom, and two centuries later those haven't changed a bit.

First and foremost, the Constitution they wrote guarantees individual rights against unnecessary government intrusion. Let's hope that when the Supreme Court rules in this case, it does the same.

With that, stay tuned.