by Larry Magid

It’s too early to know if either of these will make a difference, but back-to-back announcements from the California Attorney General and the White House give me some hope that we may finally be entering a period where people can have at least some control over their personal information.

On Wednesday, California Attorney General Kamala Harris announced a deal with Apple, Google, Microsoft, Amazon, Hewlett-Packard, and Research In Motion that would require app developers to abide by California’s existing privacy law (click here for details and my podcast interview with Harris). But the big act came on Thursday when the Obama administration released its Consumer Data Privacy in a Networked World report (PDF) that includes a proposed Consumer Privacy Bill of Rights that the administration plans to send to Congress.

If enacted by Congress, the bill of rights would give users a great deal more control over their personal informatoin and would hold companies accountable to enforcement authorities if they failed to live up to their privacy standards.

So far, the reaction to the proposal is pretty positive. Marc Rotenberg, head of the Electronic Privacy Information Center (EPIC.org) was impressed by the President’s proposals. “I thought it was a great statement, the President expressed a strong commitment to updating and expanding privacy rights for Americans and that has to be very good news,” he said in an interview. Scroll down to listen to entire 9-minute interview.

More to come

This is not the end of the story. Now Congress has to act on the White House’s proposals and companies need to show that they can abide by the recommendations and their own agreements. Congress faces the delicate task of legislating privacy without stifling innovation. I’m quite sure it can be done (I hardly think they’ll put the likes of Google, Facebook and Apple out of business) but it will take cooperation from all stakeholders, a watchful government and an informed user-base to make it all work

EPIC's Marc Rotenberg

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.

The “bill of rights” calls for 

ABC News’ Nightline got to film inside a Foxconn factory in Shenzen, China where Apple’s iPads, iPhones and iPods are made. After many requests by many media companies, the TV network was finally allowed in.  The report, which you can watch below, is far from damning, but it’s hard to know whether the crew was given full and unfettered access to typical conditions.

Factory worker wants us to know …

My favorite line — at the very end — is when anchor  Bill Weir asked  a factory worker (who had never seen a working iPad) “what do you want the people who end of buying this to know about you.” She said, “I want them to know me. I want to know we put a lot of effort into this product and, when they use it, please use it with care.”

I rarely use content from others on this site but I was so impressed by Alexi Kapterev’s 2007 Slideshare presentation “Death by PowerPoint” that I had to share it. I’m not ripping him off, like most Slideshare contributors, Kapterev allows other to embed it into their sites. If you’re one of the millions who worry that your PowerPoint presentations are putting people to sleep, check out his advice:

This post is adapted and expanded from Larry’s San Jose Mercury News from February 20, 2012

Scroll to bottom for short slide show with app privacy tips

by Larry Magid

The recent revelations that some iPhone and Android apps are uploading and storing users’ phone address books without permission is very troubling. It not only violates the privacy of the person using the phone but, potentially, everyone in that person’s address book.

Declan McCullagh over at CNET is reporting that Stanford University researchers have figured out a way to defeat NuCaptcha’s “are you a human” challenge, 90% of the time.

NuCaptcha was launched in 2010 as an alternative to reCAPTCHA and other security products designed to make sure that a human being — not a computer — is filling out a form. NUCaptcha, which uses moving text against a moving  background, is a lot easier for humans to read but apparently, according to the researchers, it’s also pretty easy for a computer to fool. Scroll down to watch a promotional video on what NuCaptcha looks like in action.

A CAPCTHA, which stands for “Completely Automated Public Turing test to tell Computers and Humans Completely Apart) is a test of sorts that helps the site or service operator know a person is actually accessing the site. They are designed to prevent automated systems form sending email, signing up for services or performing other computer related tasks. Catpchas are one way to help cut down on spam and computer generated fraud. Personally, I find them annoying because, frequently, I can’t figure them out.

A typical CAPTCHA from recaptcha.net

A CAPTCHA that crowds symbols together (image from Wikipedia)

An easy way to understand how NuCaptcha works is to watch this short video.

Apple has released a developer preview of the upcoming “Mountain Lion” version of its Mac OS X operating system. The new version, which will be available to customers this summer, borrows some features and apps from its iOS operating system for iPad and iPhone.  CNET’s Kent German had a chance to play with the Mountain Lion preview and filed this report.

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.

to Larry’s 1-minute Tech Talk segment with Kent German

by Larry Magid

The revelations that iPhone developers have uploaded users’ address books without permission raises some very serious issues for the millions of people who use their phones to store personal and business contacts, and — in some cases — trade secrets and other confidential data.

On February 8th, Singapore-based software developer Arun Thampi blogged that Path, an app that lets people create and share their personal journals, “noticed that my entire address book (including full names, emails and phone numbers) was being sent as a plist to Path.”  Path quickly acknowledged the practice, apologized and issued a new version that asks for permission before uploading user data. In its “we are sorry” blog post,  Path CEO Dave Morin said “the use of this information is limited to improving the quality of friend suggestions when you use the ‘Add Friends’ feature and to notify you when one of your contacts joins Path––nothing else.”

Big players poach data too

Later we learned that Path is far from alone. Other companies that have since admitted uploading user data include Foursquare, Twitter, Facebook, Instagram and Voxer, according to The Next Web.

I’m not a big fan of government regulation of tech, but Reps. Henry Waxman (D- Los Angeles) and G.K. Butterfield (D-North Carolina) were on target in their letter to Apple CEO Tim Cook when they asked  “whether Apple’s iOS app developer policies and practices may fall short when it comes to protecting the information of iPhone users and their contacts.”

Not just mobile phones

This breach, which is equally possible on Android phones, is very serious considering the vast number of mobile phone developers in the world.  The companies mentioned in recent press reports about this particular breach seem to have responsibly, though belatedly, addressed the issue, but it causes me to wonder how many other apps are doing this and whether each and every one of those developers are likely to clean up their act.  There are over a half million apps on the iPhone alone and nearly 400,000 Android apps, according to Appbrain with tens of thousands more apps being introduced monthly. And it’s not just mobile apps that concern me. I worry about Facebook and Twitter apps, programs that run on game consoles and of course apps that run on tablets, connected media players and personal computers.

Corporate secrets

In addition to the obvious personal risk of revealing names, phone numbers and street addresses of a person’s entire contact list, there is also a business risk here. Knowing a person’s contacts could be a very useful weapon for a competitor. It could be not only be used to steal potential customer information, but reveal upcoming business deals and alliances.  We already know how Apple reacts when its trade secrets are at risk, companies that rely on Apple products have trade secrets too.

We shouldn’t panic –  I don’t know anyone who’s about to jettison their cell phones — but we should be concerned and we must hold Apple,Google, Facebook and all other platform developers accountable to do all they can to protect users against deliberate or accidental misuse of our personal information.

Apps for Kids

While not directly related to the latest app flap, the Federal Trade Commission on Thursday issued a report  entitled “Mobile Apps for Kids: Current Privacy Disclosures are Disappointing”  The report said that FTC “staff encountered a diverse pool of apps for kids created by hundreds of different developers,” but “found little, if any, information in the app marketplaces about the data collection and sharing practices of these apps.” The report recommends that “App developers should provide this information through simple and short disclosures or icons that are easy to find and understand on the small screen of a mobile device. Parents should be able to learn what information an app collects, how the information will be used, and with whom the information will be shared.”

by Larry Magid

I’m writing from Moscow, where I spoke at Russia’s Safer Internet Day conference last week. Safer Internet Day, which originated in Europe, is celebrated in much of the world, though there are relatively few events in the United States.

While most recent American Internet safety conferences focus on digital citizenship issues such as preventing cyberbullying, most speakers at the Russian event talked about protecting children from undesirable content. There was, however, one panel on digital literacy where my ConnectSafely.org co-director Anne Collier talked about strategies for helping kids learn to treat each other respectfully and to protect their online reputations.

Russia is behind the United States and much of Europe in Internet usage, but it’s growing quickly. In 2009, the World Bank reported Internet penetration in the Russian Federation at 42 percent but the growth curve is impressive. In 2006, it was only 18 percent. One speaker at the conference said it’s now over 50 percent, with even higher usage among youth.

Still, the Internet is new to many people in this former Soviet capitol and it’s common to be afraid of things that are unfamiliar. So my main role as a speaker was to try to put some of the safety concerns into perspective.

I reminded delegates that there was a time when people bought short-term life insurance before they got on an airplane. Those passengers were probably less worried about their car crashing on the way to the airport, even though then, as now, driving was more dangerous than flying.

It’s a bit like that with technology. Bullying, pornography and child molestation have been around forever. But because widespread Internet use is new here, I heard politicians and others worrying aloud about the increased danger of the Net, even though American and European data show that most risks to kids are actually lower online than in the “real world,” and that sexual crimes against children have actually decreased by 58 percent between 1992 and 2008, the very years that huge numbers of U.S. kids got online. I’m not saying the Internet is the reason for the decline, but it certainly didn’t usher in any increase, as some feared it would.

One reason it’s important to put the fears into perspective is because there are lots of people in Russia, and in the United States as well, who want to put limits on Internet content in the name of protecting children. In fact, there is a law on the books in Russia that’s supposed to take effect in September that would require websites to classify themselves by age ratings so Internet service providers could block kids from content that would harm their “health and development.”

It’s not clear even to Internet professionals I spoke with here how this law is supposed to be implemented and whether it will apply just to Russian-based sites, or if ISPs will be required to filter out access to international sites that aren’t rated. One of the criteria bans kids’ access to images of sexual relations between people of the opposite sex. Apparently, the drafters forgot to include images of people of the same sex.

There were also people at the conference proposing that ISPs should be required to block access to certain types of illegal content. If this sounds familiar, think back just a couple of weeks ago to our debate around a pair of U.S. bills that would have done just that for sites with alleged pirated content.

Illegal content would, of course, include child pornography, even though images of children being abused already are illegal in Russia. But it could also include sites that advocate the use of drugs or alcohol, gambling sites and sites that advocate “extremism.” That last category is particularly bothersome to one political activist I spoke with who worries it could be used to block sites that advocate demonstrations against Prime Minister Vladimir Putin or some future regime.

Other countries do ban some extremist content. France and Germany, have laws that prohibit the display of Nazi memorabilia or advocacy of anti-Semitism. Depicting a swastika on an American website may be offensive to most of us, but it’s not illegal.

As I listened to simultaneous translation of the debates, I was reminded of the battles we’ve had in the United States over the past 15 years or so. In 1996, Congress passed the Communications Decency Act, which would have made it a crime for anyone to post content that kids could access that was “patently offensive as measured by contemporary community standards.”

That was mostly overturned by the Supreme Court, and a somewhat less restrictive follow-up attempt, the Children’s Online Privacy Protection Act, was overturned by a federal circuit court. The Supreme Court refused to hear an appeal, which effectively killed that bill as well. We do have a law, the Children’s Internet Protection Act, that requires schools and libraries that receive certain federal funding to use filters and other measures to protect children from inappropriate content. But that doesn’t prevent the posting of the content and only applies to federally subsidized schools and libraries.

One speaker at the conference suggested that sites that promote homosexuality should be blocked, but there is no such provision in the current law and this opinion was not widely shared by others I spoke with. Still, it illustrates how censorship can include value judgments that are not necessarily shared by all members of a society.

This article was revised on February 13th to include data from other studies

A lot has been written about “Facebook addiction.” Indeed some press coverage of a recent study from the University of Chicago suggests that “Facebook and Twitter are more addictive than cigarettes or alcohol.” But a new study published in the journal Cyberpsychology, Behavior, and Social Networking puts a positive spin on the issue. Could it be that, just like eating chocolate, Facebook and Twitter are simply fun and pleasurable?

The word “addictive” doesn’t appear once in the report, ”Why Is Facebook So Successful? Psychophysiological Measures Describe a Core Flow State While Using Facebook,” (PDF) but it does point out that ” the successful spread of SNSs (social networking services) might be associated with a specific positive affective state experienced by users when they use their SNSs account.”

The researchers analyzed users’ skin conductance, blood volume pulse, electroencephalogram (brain waves), respiratory activity and pupil dilation in 30 healthy subjects “during a 3-minute exposure to a slide show of natural panoramas (relaxation condition),” and “the subject’s personal Facebook account” and found that Facebook use correlated with responses from people who are in a positive emotional state. The technical term, surprisingly, is “flow,” which according to the researchers occurs when “people in free-time activities that did not seem to follow the utility-centered motivational theories of the time” experienced “intense engagement and enjoyment.”

So, is this a bad thing? I suppose some people could interpret anything positive that people return to often as addictive, but if “intense engagement and emotional enjoyment” is a bad thing than we have to worry more than just Facebook, Twitter and chocolate. We would also have to include great works of art, beautiful music, great toys, award-winning movies, attractive people and anything else that brings us pleasure.

Users get more than they give

Another study from the Pew Internet & American Life Project, entitled “Why most Facebook users get more than they give” found that people are likely to get more friend requests and “likes” and be tagged more often than they friend, like or tag others. That’s because there are power users on the service who seem to go out of their way to reach out to others, making up for the fact that some of us are not so gregarious.  Even messaging is uneven. On average people in the study send 9 personal messages but received 12.

Generations unite

Just in time for last week’s Safer Internet Day, Microsoft and AARP released a study that found that 83% of those surveyed “consider going online to be a “helpful” form of communication for family members of all ages,” while  30% of grandparents and 29% of teens and young adults agree that connecting online has helped them “better understand” the other.  Nearly two-thirds (63%) of 13-25 year olds said they prefer text messaging to stay in touch but they might have trouble getting older folks to see those messages. Only 31 % of 39-75 year olds agree.  For older folks, email is the preferred means of electronic communication.

For a somewhat personal take on “Growing signs that social media are good for us,” see my ConnectSafely.org co-director Anne Collier’s post at NetFamilyNews.

Disclosure: Larry Magid is co-director of ConnectSafely.org, a non-profit Internet safety organization that receives financial support from Facebook and other Internet companies.

A recent report from Pew Internet & American Life Project entitled “Why most Facebook users get more than they give,” found that women update their status more than men and that people, on average, get more friend requests than they give. And the same is true for liking and tagging.