Finding My Friends – by “Kojiro M – YLT2012”

Keeping track of friends

When people find out about Apple’s Find My Friends app for the iPhone, they usually say, “That’s pretty creepy.”  They then immediately download the app onto their phone.

Find My Friends takes location sharing to its inevitable conclusion.  You know how it’s always such a pain to have to update your location manually (on Foursquare, Facebook, or Twitter) whenever you arrive somewhere in order to let your online friends know where you are?  Well, Find My Friends solves this problem with a simple solution: it shares your location with your friends, all the time.  That is, if you add a follower on Find My Friends, he will be able to look up where you are at any time of the day, without alerting you that he’s checking up on you.  (I think Google Latitude does the same thing as Find My Friends, but does anybody actually use that?)

The implications of this app are incredible.  To be honest, over the course of the month that I’ve had it, I’ve really enjoyed this app.  I don’t have to text friends about getting to lunch or class at the same time, because I can see if they’re already there.  And no longer can friends just mutter an excuse about “attending to some business” and sneak out of the door on a Thursday night.  Sometimes, I don’t even bother looking up from my phone to see if a friend is sitting across the room from me.  I just look it up on Find My Friends.

All of this sounds like Big Brother’s wet dream.  Who would have thought that people would be not only able, but also willing to share their every movement with others?  Who would have thought that locational privacy would be a commodity that we prize so little?  Will our GPS data really only be used by us?  The sum of our privacy is probably a combination of where we are, what we are doing, and what we are thinking.  Find My Friends makes it seem normal to have people always knowing where you are, and perhaps even, by extension, what you are doing.

To point out the madness, I tried to think up a way to tangibly demonstrate the problem of oversharing.  The result is this video.

To make this video, I followed two of my friends on Find My Friends over the course of 48 hours (Friday, Nov. 30 and Saturday, Dec. 1) by taking regular screenshots on my iPhone.  Then, using Google Street View, I basically made a stop-motion video retracing their steps through New Haven.  In essence, I recreated their day (or at least the time they spent outside) through the information I gleaned from Find My Friends.  You’ll see that I also threw in a few Facebook pictures to illustrate that using other social media, I can add context to their locations as well.

It’s worth noting that Find My Friends doesn’t keep a log of users’ movements, so I had to manually take screenshots in order to keep track of my friends.  If you’re curious, both of the friends are sophomores, one in JE and the other in Saybrook.  I’m not revealing information beyond that, but you can probably infer a few more personal details from their various destinations.

I hope that people come away from this video a bit troubled by how easy it is nowadays to knowingly overshare and make your every movement a public affair.  I certainly came away from this project with that impression.  I also came away from this video with a newfound respect for the editors of stop-motion videos and a lasting hatred of screenshots.

So many screenshots...

The video’s production was hampered by a number of technical limitations.  Google Street View does not cover all of the streets in New Haven, so I had to choose my source material carefully to make sure that nobody had to, for instance, walk all the way down High Street.  In addition, my original intention had been to retrace my friends’ movements over two or three weeks, but I cut it down to two days when it became apparent how impractical that task would have been.  I had also originally intended to follow four of my friends instead of two, but iMovie had no option for a four-way split screen (this says as much about the problems with appliancization as it does about my technical ineptitude).    Finally, the compression artifacts and graininess of the video is due the fact that it was apparently necessary to convert the format of screenshots several times before I could import them into my video.

Finally, it might be worth making note of the blatant copyright infringement in the musical accompaniment of my video.  It seems to me that this video could qualify for fair use on the grounds that it is educational and has no effect on the song’s market value, but we all know that YouTube doesn’t care about fair use.  I’ll just write “No Copyright Infringement Intended” right here.  That should keep those DMCA complaints away.

Privacy as our last piece of bargaining power – by “Maria P – YLT2012”

‘If you use a tech product for free then the product is you…’ ~ Mark Suster

There’s a front end and a back end on the use of the web and current social media. While it’s masked as CRM, or individually targeted marketing so you can get better deals easier and faster, we are currently trading our privacy for free chips, or a $5 deal on brownies.

Foursquare or Twitter are helping us to willingly trade our privacy for a deal. Even if it could be considered a win-win situation, what the majority of users of the web tends to forget is that there are almost no barriers to entry for the cyberspace, as there is no limits to the data that it can actually hold. That’s why Please Rob Me sparked the controversy about geolocation. You are trading your information, which is not private anymore, to get a $5 discount at the cinema, and then you are willingly telling the world that you are not at home so they can come in and rob you.

From the author of Program or Be Programmed “Ask a kid what Facebook is for and they’ll answer ‘it’s there to help me make friends’. Facebook’s boardroom isn’t talking about how to make Johnny more friends. It’s talking about how to monetize Johnnny’s social graph. Ask yourself who is paying for Facebook. Usually the people who are paying are the customers. Advertisers are the ones who are paying. If you don’t know who the customer of the product you are using is, you don’t know what the product is for. We are not the customers of Facebook, we are the product. Facebook is selling us to advertisers.”












From mining to shaping

And you don’t even need to go “fancy” with social media. Nothing is as private as you think anymore. Just knowing how to send emails from the right place at the right time, and you can trigger probes and end up the career of your ex-lover, who happened to be the chief of the CIA, David Petraeus. I would bet General Petraeus wished he was Tom Cruise in Mission Impossible and had the power of send messages that will self-destruct themselves. It still may seem a little futuristic, but privacy is a business both for its excess or its defect. In fact “92% of the nation’s top divorce attorneys say that they have seen an increase in the number of cases using evidence taken from iPhones, Droids, and other smartphones during the past three years.“. And there is a business behind it, freeware or shareware:–heres-how

Even if you are still the kid that wants to make friends, it’s your responsibility to make sure you keep up to date on new privacy policies and how much are you protecting, and how much are you sharing on the web and how. Since advertisers are the users and you are the product, privacy is ultimately becoming currency and source of revenue.

Would you rather share a lot and become “cheap” or just share the necessary, protect your privacy and your “net” value?


A Little Diligence Can Go a Long Way – by “Alexandra N – YLT2012”

Online privacy is a growing concern as people become more and more willing to provide social networks with their personal information.  Many are especially concerned with what social networks do with our personal information, which may (and definitely does) include selling details to companies for use in targeted advertising.  However, I think it is important to take a step back from the behavior of over-zealous advertisers and examine our own online behavior.

Summary of online privacy policies by blogger Dean Shaw (click photo for his blog "Just Stating the Obvious")

Over Sharing

MetaFilter user blue_beetle said it best when he said “if you’re not paying for something, you’re not the customer; you’re the product being sold.”  The next time you receive a service for free, take a step and back and think, “What does the company providing this service get?”  The answer will almost always be advertising deals with other companies. Media attention to social networks selling user data has raised concerns about the ethics behind compiling “dossiers” on consumers.  But while it’s easy to get caught up in companies logging, compiling, and selling our personal information, it’s usually not so easy to recognize our own role in this decrease in online privacy.  Some information, like your browser history or the number of seconds you stared at those boots, is unknowingly given out.  However, we provide the majority of information that goes up on social networks, and it seems we continue to get more and more comfortable with posting increasingly personal information.

It started simply, with profiles that contained a photo, a few favorite things, and connections to people we had actually met.  Now we have entire networks dedicated to sharing a user’s location in real time.  Two such sites are Foursquare and Google Latitude.  For those unfamiliar with these sites, both allow users to share their physical location with other users on their network; Google Latitude even stores histories of locations.  While some users may find this a fun and novel way to interact with friends (by the way I don’t get it…if I’m at restaurant and I’d like a few people to join me, why can’t I just text them?), I find it disturbing that users are so willing to share their exact locations.  So do Frank Groeneveld, Barry Borsboom and Boy van Amstel, the creators of, a site dedicated to re-posting users’ locations. is a website that hopes to alert people to the unintended dangerous of over-sharing personal information

The idea is that if you have posted your location and it’s anywhere but home, your home is currently empty, and now everyone on your network knows it.  What troubles me most is the willingness to share this much information without a second thought.  Admit it, most of us have friends on social networks that we haven’t met or don’t know very well.  If the ability for a company to know every website you visit is a violation of privacy, then the ability of someone to know every place you went last week is certainly a violation too.  And the worst part: we provide that information ourselves.  By over-sharing personal information, we assume some responsibility for the death of online privacy.  I think it’s time we start to recognize that we have a hand in reducing our own online privacy.

In her article “Are We All Asking to be Robbed?” Jenner Grovel makes an excellent point: we can also unknowingly reveal information about our friends.  Grovel writes that many people using sites like Foursquare think nothing of posting a friend’s address when at his or her house.  Not a faceless company, but a trusted friend.  Friends can tag us in pictures, comment on our walls, and easily release our personal information to the world.  It’s time to accept the role we play in violating our own online privacy.  As long as we continue to openly provide so much personal information, others will take advantage of it.

What Can We Do?

Over-sharing is not something people do consciously.  A really simple way to reduce oversharing of your personal information is just to check your privacy settings.  While it is difficult for most people to stop tracking of their online activity, it is relatively simple to reduce releasing your personal information.  For example, say I see this article on my Facebook news feed. (All these pictures are taken from my Facebook)


When I click on this article to read it, the app tells me exactly what it will do with my personal information.


This app is requesting a lot of personal information.  But many social networks like Facebook are making privacy settings more transparent.  It’s now up to me to decide whether I want this app to know my birthday or to be able to track and share what I’m reading. Assuming some responsibility for the distribution of our personal information can help us take back some control.   Further, taking the time to examine privacy policies and settings can sometimes give us information about what a social networking site may do with our information in the future.  This shot was taken from Facebook’s ad settings:

The fact that Facebook feels the need to ask me for this setting tells me that very soon, they plan on letting advertisers use my name and pictures in their ads, presumably to convince my friends that since I like something, they should buy it too.  It only took me four clicks to find this page and prevent advertisers from plastering my friends’ Facebooks with pictures of me endorsing some product.

Fortunately, we are currently seeing an increase in user discretion with personal information.  A survey taken by Princeton Survey Research Associates International in February showed that 63% of people have deleted people from their “friends” lists in 2011, and 56% have deleted others’ comments.

While it’s important that we be concerned about how much of our information businesses take, now is the time to begin reexamining just exactly how much information we give out. It can be difficult for the average user to control how some information (like browser histories) is disseminated to companies.  But we can control the information that we post.

Further Reading:

Top 5 Social Media Privacy Concerns 2012
Princeton Survey Research Associates International Survey
Social Times Infographic for Online Privacy
“Are We All Asking to Be Robbed?” by Jennifer Van Grove
“If You’re Not Paying for It, You’re the Product” by Jason Fitzpatrick
XKCD: Latitude

Trafficking in Consumer Data – by “Andres F – YLT2012”

When you navigate to a website, you’re usually going there to get information. Maybe the news, whether it’s political, sports, cultural, or whatever else it might be. However, something that we don’t often consider is the price at which that supposedly free information comes.

As the title of the author suggests, “if you’re not paying for it, you’re the product.” Simply put, you may think you’re accessing an Internet site for free. However, in reality, those websites might actually be selling access to you, the consumer, the average reader. What exactly are you selling though?

When you’re accessing these websites, you’re selling your search history, your personal information, your tendencies, your preferences, your approach to the internet as a whole. As a result, the companies who place advertisements on the ESPN’s, New York Times’, Facebook’s of the world are paying millions of dollars to gain access to our subconscious, to place their ads strategically to make the most of our attention.


Now, this might be a bit outrageous, but should the companies who aggregate our data, and monitor our Internet traffic actually pay us to monitor our activity? It might seem absurd, but sites such as Google sell advertisements to other companies, making millions of dollars of our shopping tendencies, observing and monitoring the sites we visit.

If they’re profiting from our browsing the Internet, why shouldn’t we? I’ve got some concerns about what I perceive as certain websites trafficking in personal information, which is a very real and pressing problem. It’s one thing to sell access to data traffic, and the websites consumers are accessing. It’s quite another to trade in, and gain from the personal information of your consumers. There might be some fine print in Google’s numerous user agreements that make it “technically legal” for them to disseminate one’s personal data. But how can they actually rationalize it…

Evolving Standards of Creepery – by “Christopher S – YLT2012”


The Internet seems to care less about privacy than it used to. Sure, there’s a minor uproar every time Facebook is called out on releasing some personal data, but the web isn’t the idealistic bastion of anonymity John Perry Barlow declared it as in the 90s. The key phrase here is every time. People make noise for a few days, then go right back to using it.

At first this seems like a lack of interest, but that’s not necessarily what’s going on. It could just as well be a sign that the supposed breach of privacy wasn’t actually a problem, or that it has been fixed. To their credit Facebook has responded well to specific privacy complaints (see this and this). And even if they hadn’t, the information in question wasn’t particularly dangerous – the worst that could happen is that advertisers get your name and some things you’re interested in.

To me the brief uproars show that people do care about privacy, but it hasn’t yet become a real issue. The phrase “if you’re not paying for something, you’re not the customer; you’re the product being sold” contains a grain of truth, but it’s an overly negative way of looking at the situation. It would be more accurate to say that you are paying, just with your personal information rather than cash. To me this is an acceptable arrangement. Advertising is essential to Internet companies, and if they can make more revenue by tailoring ads rather than making them more obnoxious I’m OK with that. As long as people are aware of the transaction, there’s nothing wrong with the Internet working this way.

That people seem to care less than they once did about privacy and other related tech issues isn’t a sign of growing complacency as much as changing attitudes toward technology. There was an issue in the 90s with the “Law of the Horse” on the Internet, the conflict between whether tech issues should be treated as entirely new or if they can be dealt with using existing laws and social norms. We struggle with this today when we complain about online privacy issues even when the Internet gives us more control than we have in the real world (I don’t mean to say that this invalidates the issue; it’s not unreasonable to argue that the Internet should be a place with more privacy).

As a matter of personal preference, I think the Internet should be kept more private than the outside world. I like that ideas can be judged on their own merit without reference to a specific speaker. But as long a privacy policies are clear, there’s nothing ethically wrong going on here. In my view, what has been framed as a legal or ethical issue comes down to what kind of place you think the Internet should be. This is a difficult question, one that I don’t think a lot of people have thought about, but it’s extremely important. That debate might never definitively end (and it shouldn’t), but if we want to answer the privacy question that’s what we need to talk about.

How Do You Feel About Privacy? An Implicit Association Test with the Online World – by “Bobby D”

When Justice Scalia got wind of the online dossier a Fordham Law class had compiled about his personal life using information found online, he was not pleased. “Every single datum about my life is private? That’s silly,” he had previously scoffed. But his tone after the class had done its work was quite different. “This exercise is an example of perfectly legal, abominably poor judgment. Since [the professor] was not teaching a course in judgment, I presume he felt no responsibility to display any,” he remarked after the fact. Harsh, Scalia. Embarrassed?

This change in point of view seems pretty drastic. Whether compiling the dossier was appropriate is an interesting issue, but we took something different away from this incident. Scalia’s heated response posits a question: is what we think about our privacy different from how we actually feel about our privacy?

To investigate further, we designed an Implicit Association Test to examine the implicit and subconscious associations between elements of the online world. Other IATs have yielded controversial results (tl;dr, you’re more racist than you think). The test works by timing subjects’ reaction times in sorting words into two different control categories. The control categories are then combined with two target categories to see which category is more readily associated with which control word. In the case of our experiment, the control words were “safe” and “dangerous.” In the first test, we compared them to “Internet” and “Physical World,” and in the second, “Facebook” and “Google.”

Our experiment produced some interesting results. Most notably, the results highlight the Americans’ widespread wariness of the Internet’s dangers. We hope the results of our experiment will be a useful insight into the minds of Internet users and participants as we continue to forge policy that shapes how we interact with the virtual world. !


Take the test or view our results and analysis at!


Ric Best PC ’14

Bobby Dresser PC ’14

Zack Reneau-Wedeen TC ’14

Ike Silver BK ’14

Legal Questions in a Cloudy Future – by “Ric B”

We're all headed for the sky


Cloud computing is the future, and it may be here sooner than we think. This past June, Google rolled out the Chromebook, its cloud computing clients pre-installed with ChromeOS. The idea is simple: almost everything we can do on our PCs locally, we could also be doing on the internet; on someone else’s computer. Why not strip away all of the excess, and let our computers be small, sexy, and sleek while the heavy lifting is done on “the cloud”?


A Google Chromebook: "Nothing but the Web"
...and a whole host of legal uncertainty

We could start with the fact that well-acquainted internet doomsayer Jonathan Zittrain would blow a gasket over the loss of generativity, as outlined in Chapter X in his “The Future of the Internet”, where X stands for any chapter number in his book. The minute we start letting someone else tell us what we can and cannot do with our computers, we begin to stifle the very innovation that created the Internet as we know it a.k.a. the best thing evar. Is he right? Who knows. This topic has been in beaten to death this course anyway. There are other relevant issues at hand, such as privacy, and I’d like to examine some of the relevant laws and legal questions associated with cloud computing before we plunge headfirst into the future.



This is the Big Issue. The 4th amendment protects us from “unreasonable searches and seizures”. If we recall from Katz v. United States, one component of what constitutes an unreasonable search is whether or not one has a reasonable expectation of privacy. Should I have a reasonable expectation of privacy with my data on the cloud because a Zoho spreadsheet functions just like the excel one on my personal hard drive, or because I’m hosting it on the internet can I not possibly expect privacy? Enter the Stored Communications Acts, part of the 1986 Electronic Communications Privacy Act.


The SCA protects users from warrentless invasions of privacy, or, at least it did in 1986. The SCA stems from a time before the cloud when server space was more expensive, and when all e-mails were downloaded off of the server and onto your hard drive. As such, the SCA  made a distinction between e-mails that were less than 180 days old, and e-mails older than this. An e-mail on the server for 180, it was thought, was thought to be abandoned, and someone could not reasonably expect privacy of their abandoned e-mails. Thus, the government can, under the SCA, freely demand anything off the cloud that older than 180 days. Makes sense 25 years later with cloud computer, when the cloud has replaced users local hard drives, and people use 3rd-party servers for longterm storage of their data, right? Didn’t think so. The good news is, this has been challenged legally, and at least one district court has called the SCA unconstitutional in Warshak v United States. The bad news is, the SCA isn’t the only relevant law at stake…

How the government can do whatever it wants


Enter the PATRIOT Act, a new government doctrine which says, in summary, that government can, with regards to getting information, basically do whatever it wants, whenever it wants, regardless of where the the information is stored. That means anything on any cloud is fair game for the government’s eyes. In fact, under the PATRIOT Act, somehow, the US government can get information off a server stored in Europe without a warrant or consent. Whoa. It’s already stopped one major defense firm in the UK, BAE, from adopting Microsoft’s Cloud 365 service, because they are afraid of the US government stealing state secrets off of the cloud, which is something that could happen under the PATRIOT act. Privacy being basically a notion of the past with this law, let’s move on to other legal issues.


Net Neutrality

The future of cloud computing is dependent on strong network neutrality laws that are not yet in place. If you are relying on the internet to provide functionality for you computer, and the internet becomes restricted, so does the functionality of your computer. For example, imagine that your ISP begins to put out a web productivity suite designed for use on the cloud. Should they choose to prioritize or filter data away from competitors on your Chromebook, not only does your ISP limit what you can do on the internet, they are now limiting the basic functionality of your computer. The idea that you are free to hack a device that you own to make it do whatever you want doesn’t really apply when the functionality of your product requires the ongoing participation of your ISP.



As we know, jurisdiction already makes things legally thorny on the internet. At any given time, you could be accessing data owned Australians hosted on Russian servers from your laptop in America, and it wouldn’t be uncommon. Right now, however, if an French website gets taken down for violating French laws, it might be upsetting to you if you like to visit that website. However, if your French cloud computing service, where you hold all of your data, gets taken down for violating French laws, it could mean the loss of all of your data. You may be bound by local laws with regards to what data you could be allowed to store on your cloud, effectively limiting what kind of data documents you can have. For instance, while in America the first amendment gives you every right to deny the Holocaust, you may not be able to store your papers saying so on cloud services in Germany. In fact, the a paper you had been writing, editing, and storing on a German cloud, could suddenly vanish, and you’d have no way of getting it back. Scary.


In summary…

The Internet is a complicated landscape legally. Cloud computing has many advantages, like making your data more portable, and allowing your computers to be more powerful. While Google would have you believe that using GoogleDocs is just like using Microsoft Word on your computer, and it may feel that way on the surface, legally the two are worlds apart.


...we really, really hope


In an interview two years ago, CEO Eric Schmidt was asked the question “People are treating Google like their most trusted friend. Should they be?”. His response? “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.” Using cloud computing involves not only entering a complicated legal framework, but trusting your 3rd party cloud source, perhaps the way that Hoffa trusted Partin. For the time being, I don’t use GMail, and my programs, e-mail and data are on my personal hard drive. I don’t see that changing any time soon.

Final Project: My Big, Fat, Vaugely Acquainted Network – by “Charlie C”

People are getting smarter about their privacy online. By now we all (hopefully) know to restrict our profiles so that only friends can see our personal information. But after 3, 4, 5+ years of social networking, how many people still know ALL of their Facebook friends? For our final project, we set out to design a fun, interactive website that would work to remind Facebook users of their overly extended networks.


After launching this weekend, we’ve seen over 700 users (Mostly college age students) tag 35,000 friends, and it turns out that the average player only knew 70% of their Facebook friends presented. Now, of course, the term “average user” is very skewed given our user base. Facebook reports that the average user has 130 friends, while our average player has boasted a whopping 880.

We argue that anything under 100% recognition of your “friends” should raise some privacy red flags. Every one of your friends can share your information with third-party apps (in fact it’s this that allows our app to function); we are able to pull all of your friends photos, without their permission–that is, unless they’re smart about their privacy settings.  Even if you can’t bring yourself to defriend a long-lost acquaintance, at the very least you should consider creating managed friends lists with restricted privacy settings.

Results from a round of WhatsHerFace

We also hope to remind people to consider their audience when sharing content. “Friends of Friends” is never a good idea. For the average Facebook user, that’s 17 thousand people you don’t know, and why would they need to see your information anyways? Entire networks are generally a bad idea as well. You have no idea how large those networks can be, and with companies asking alums to Facebook stalk you on their behalf, does all of Yale really need to see you with your solo cups?

You probably think you know all your friends. Maybe you even pruned the list recently. But you had names and faces, and it’s so much easier to identify someone with a name. Try out and you’ll understand just what we mean when whatsherface from freshmen year comes up and you’re forced to think, “Who the hell is that?


Charlie Croom
Bay Gross

The Illusion of Privacy in Web 2.0 – by “Javi S”

As the scope of the Web has continued to increase, so to must our understanding and expectations of privacy in this new era. The last few years has seen an explosion of private information being made public, with millions of people unaware of the scope at which this happening and if they are, blissfully ignorant to the serious consequences this system can have. We are in an era now where even older generations are expected to have a Facebook, a LinkedIn profile, or something of that nature; for younger generations it’s become a staple for social interaction. Sure, there are many positives to this new wave of interaction: for one thing, it connects cultures and societies oceans apart and helps foster understanding and familiarity with people you would otherwise never encounter. The spread of information and networking is a major development in suppressed or emerging countries, as it has in some cases helped them spring free of their captive situations. Running alongside the social media websites are other “social” services; social blogs, social news sites, and social forums, all of which are now linked through plug-ins and information sharing. New technology and services have allowed users to share everything they do throughout the day, ranging from where they eat in the mornings, what news stories they find interesting,  to what jokes and videos they find funny. While all this may at face value seem harmless and just a way to better interact with your friends online(most of whom you already know in person, making this barrier easier to cross) users often forget to think about what the true purpose of all this information might be.


My fellow friends, followers, subscribers, co-workers, stumblers and redditers can ALL know now!

What the information is really about

One of the surprising parts about social media when it was first introduced was the fact that it provided an intuitive, useful service seemingly for free. Thousands of pictures, videos, and files can be uploaded and shared for no cost and unlikely relationships can be formed without the use of subscription based dating services, to name a few examples. As noted here , however, TANSTAAFL(there “aint” no such thing as a free lunch). The price to pay for using these interactive services, is you yourself. The thousands of interactions you make through the Web 2.0—websites accessed and “liked”, places visited and rated, etc—can be brought together into a single digital persona which can be targeted by advertisers or sold to governments, corporations, etc.

How did I miss that caption?


“I always feel like someone is watching me”

The development and connectivity of mobile devices has added a new angle to the debate on how to manage privacy. Our iPods, iPads, iPhone, Blackberrys, Droids, Galaxy’s, etc.,  are all now designed to be functional with the dozens of social services and have even been the framework for new services of their own. While the benefit of this is it allows you to effectively choose the best local services or meet your friends, for example, it opens another door: someone can know exactly where you are and when, opening a Pandora’s box of consequences. The ability to rapidly share information is also effecting public behavior. In the past, the scope of an embarrassing or damaging event could be minimized to a local sphere. Nowadays, anything you do has the possibility of being recorded or tracked and possibly shared with thousands of people

Benefits of Web 2.0

For all the lack of traditional privacy which has become the norm in this new era, and the increasingly little you can do about it, there are a lot of positives to take from Web 2.0. In addition to the increased availability of information and people, the rapid dissemination of information by any actors has lead to increases in governmental transparency, particularly by agents of the government such as the police. One of the first major instances of viral media effecting the public was the Rodney King case, where a video of police brutality on a young African-American male sparked public investigations, lawsuits, and riots. The Rodney King video was captured by a private citizen but publicized by mainstream news, reflecting the fact that the Web at this time was in no position to make a video viral in the same way it can today. Now, nearly everybody carries a device which can record photos or video and many have the ability to instantly upload them to the internet and share with other people. On one hand, it allows people to catalogue every day happenings and funny occurrences, as well as capture embarrassing moments. On the other hand, it has also lead to several, well publicized cases involving police brutality or other forms of misconduct being caught on tape, as well as legal backlash by the establishment claiming these forms of public surveillance are illegal. Recently, Twitter was used as a cornerstone to organize protests in a host of repressive countries such as Tunisia, Libya, Egypt, Syria, Yemen, and many others. In regions like Syria, where media blackouts prevent information for entering or leaving the country, the Web presents the only way to let the world know what is happening.

Philosoraptor, here to answer your daily ponderings.

What Web 3.0 will have in store for users as far as connectivity, interactivity, and its double edged sword privacy, no one can know now. What Web 2.0 presents, however, is the opportunity to reach a middle ground between maintaining an infrastructure to share and store information and a breach of privacy. The ability for users to share personal information should come with the expectation that such information is private and that any use of it has some measure of consent, heralding some of the rules put forth in 1974. It is important for politicians to revisit these privacy rules and update them to a new and evolving landscape, or they risk alienating constituents and losing the battle for privacy all together. At the same time, these laws should not infringe on the free nature of the internet which has made it so unique and successful. The ability for the internet to be used as a public watchdog against corruption, brutality, and repression is one of its key functions and essential to prosperity moving forward.

 Don’t forget!



TMI – by “Tate H”

Throughout your busy day, have you ever stopped to wonder what you had for lunch, where you were 4 hours ago, or what article you read from the Washington Post?  It may shock you, but these small details about your life can actually harm you.

A post on Facebook that says I’m out eating lunch at Pepe’s Pizza, says much more than where I like to order a stuffed crust Hawaiian special.

It implicitly reveals all the places I did not order pizza from, and even worse, it reveals all the other places in the world that I could be at but am not at right now.  I am at Pepe’s Pizza, which means I am certainly not at home.  Seizing his opportunity, any thief with access to this information has a small window of time to rob my home.  Magnifying the situation, what if I post a picture of Stonehenge during the middle of my vacation to Europe from my smartphone?  Leaving the lights on will simply not suffice.

Because of our newfound love for pouring every detail of our lives over the internet, we can now document the smallest details of our day to day routine.  This may not seem like much, but Facebook and the internet reveal much more than what we ate for lunch; they reveal our likes and dislikes, birthplace and current location, employment and interests, and so much more.

This information by itself is not necessarily bad.  If you say on your LinkedIn account that you graduated from Yale University in ’96, earned your Masters in Computer Science from MIT in ’00, and worked at Google from ’03-’05, you probably wanted that information to be accessible, especially to future employers.   However, you fail to realize that that information allows people to see more than your education and work experience.

Our online footprint leaves much more information than we can first imagine.  Privacy settings give us the illusion of control, but these are no more than smoke and mirrors.  They may control who sees your photos and what information non-friends can see, but let’s be honest.  We all have many friends that we have either never met, or only shook hands with once at a party.  We add friends fairly indiscriminately, and we fail to realize what we are showing them.  The Facebook app Take This Lollip easily demonstrates (although exaggerated but still possible) the possible ramifications from posting too much information on Facebook.

For example, let us consider someone who wants to see your transcript, but has no legal right to do so.  Whether it’s a competitive classmate or a nosy parent, they can easily access the information needed to order one directly from the registrar’s office.  Here are Yale’s requirements for ordering a transcript through mail (directly from its website,

Let’s walk through the requirements.  A full name can easily be found on Facebook, LinkedIn, etc.  The actual date of birth can usually be found on Facebook (many people don’t make their birthday private, even to non-friends).  Student ID number does not need to be provided if it is not “available”.  School and year of graduation are both found on Facebook and LinkedIn, and the dates of attendance are likely to be the four years preceding graduation.  The only protection against fraud that the registrar requires is a signature, but is that really secure?  Any Joe-Shmoe working a cash register can see your signature when you sign for a credit card purchase.  The only other requirements necessary to steal a transcript are a temporary address and a small fee.  (And yes, you may pay mail orders in cash, thus hiding the thief’s identity.  Ironic, isn’t it?)

Now for argument’s sake, you may say that process simply takes too much effort for someone to steal a transcript.  Sure, they can do it, but who is actually going to put up with that JUST so they can get someone’s transcript?  And I’d agree; it is somewhat trivial. But it illustrates my point: it is possible and the information is accessible.

However, let’s raise the stakes a little.  What if it were possible for someone to break into your bank account without ever meeting you or without having any physical interaction with you or the bank?  The truth is, it is possible.  Because of our bad habits of presenting information on Facebook and other websites, we are at serious risk of identity theft and some fingerprint-less robberies.

Consider what information an online bank asks for when you log in: only a username and a password.  To a responsible internet-user, this may be enough protection, at least to stay moderately safe.  However, what if you don’t know your password?  The website asks you to submit your social security number and maybe a date of birth.  It will then email your password to your email account, so you can then log in.

A snapshot of Bank of America's website.

We assume that this system protects us from others accessing our account, but does it really?

A social security number (XXX-XX-XXXX) isn’t as secure as you think.  A random sequence of 9 digits is a hard code to crack, but anyone who wants to know your social only needs to guess 2.  That’s right, 2.  So a hacker can essentially break into your bank account once every hundred tries.  This may not sound like much, but entering a social security code 100 times doesn’t take relatively long at all, even considering when the site temporarily shuts down its login after too many failed attempts.

So how are social security numbers chosen?  The first 3 digits are assigned by area.  For example, anyone born in Alaska after 1973 until 2011 will have a social that starts with 574.  Anyone can go on Facebook, see your hometown likely posted next to your name at the top of your profile, and find the first 3 digits with ease.  The middle two digits are labeled the Group Number.  They are harder to predict than the first 3 or the last 4.  The last four digits, which are random, would likely be the most protected part of your social.  Since they are random, no one should be able to guess what your number is.  However, these four numbers are often used on bills and other payment information as identification.  Therefore, someone would only need to steal a bill from your mailbox or email account to have a good shot at cracking your social security number.

These are all simple requirements to fulfill.  It is very plausible that someone can find discover your social security number in less than hour.  Once this is done, the only thing stopping him from hacking into your bank account is a password protected email address, which is probably not the safest thing on the internet.  A simple phishing scam or one email with a misleading link to keystroke capturing software is all it takes to hack an account.  Once inside, the hacker can look at bills that contain the last four digits of a social, find the bank’s email containing its login information, and much, much more.  So, only with a bit of extra computer knowledge and effort, a hacker can find your social security number, hack into your email, and login to your bank account without ever meeting you.  (The government has begun to help the cause by randomizing all digits of social security numbers as of June 25, 2011).

Even worse, if someone were to physically steal your laptop, all those saved passwords on your browser that have offered you the convenience of logging in quickly will allow your personal hacker to steal whatever information you do not want made public.

With all this being said, there are many ways to protect your data and ultimately yourself, but the most secure way to do so is through self-restraint.  HTTPS and SSL encrypted websites may make your data marginally more protected, but you can make sure no one knows your location or birthplace by not posting your location on Facebook.  Even as secure technology becomes more sophisticated to meet the demands of Web 2.0 users, the safest and simplest ways to maintain privacy are not through the “Privacy Settings” page of Facebook, they are maintained through time honored, tried and true web practices.  Create a long password, not a short complicated one.  Log out of websites after you have finished using them.  Do not let your browser save your passwords.  Limit the information you post about yourself.  With these rules of thumb and more, we may maintain our privacy.  Be smart, and don’t let your data destroy you.