Posts Tagged ‘privacy’

Privacy alert: Twitter disclosed email addresses when people sent DMs (UPDATED)

Friday, June 19th, 2009

UPDATE, 3 p.m. Pacific time: Twitter appears to have fixed the bug, and DMs from before June 11 do not appear to be affected.  But anybody you sent a DM to between June 11 and June 18 now has the email address you’re using on your Twitter account.

FYI – when you send a DM, the receiver CAN SEE YOUR EMAIL ADDRESS from the DM sent via email. BE AWARE!!! @twitter #security #fail

– ChicagoBungalow about 18 hours ago on Twitter

For those who aren’t on Twitter, a DM is a “direct message”, twitterspeak for a private message between two people.  When you receive a DM, Twitter notifies you via email.  And sure enough, just as ChicagoBungalow said, if I send you a DM, if you look at the email header information, you’ll see that the “Sender” field has an address like

This field is hidden by default — in gmail, you need to select “Show original” to see it — but once you find it, it doesn’t take a rocket scientist to figure out what account name I used to sign up on Twitter.

If I want somebody to have my email address, I’ll send it to them.  I don’t want Twitter giving it out for me. And most especially, I don’t want Twitter doing it behind my back.


PS: I updated this post several times to clarify the description; thanks to all for the feedback, and @NiteStar for the gmail instructions.

Day Two, Recap Part 2 (via 4hours)

Thursday, June 4th, 2009

Mark Belinsky, co-director of the nonprofit Digital Democracy, and a guest blogger for the conference writes from the cloud on the second part of the second day of the conference.

He covers privacy, censorship and circumvention as well as laws on cloud computing and some research. READ MORE!

Word Cloud of Popular Words at CFP09

Twittering in the Trenches: Monday’s Social Networking Workshop

Sunday, May 31st, 2009

The Twittering in the Trenches Workshop is Monday, June 1, 9am-5pm (eastern). Please join us online or in person

In 1995 I went to my first Computers, Freedom, and Privacy (CFP) conference. I was completely boggled: every issue that was discussed had at least three compelling sides to it. I was also inspired because I could really see how the Net could be great for building communities.  Even back then it seemed that the Net was about building bridges and communities.

I remember David Brin speaking about surveillance cameras (no cell phone cameras yet), how ubiquitous they were going to become, and how we had to turn them to our advantage. I remember very smart, tech-savvy, civil libertarians like John Gilmore and Mike Godwin on panels with representatives from the White House and the FBI debating the use of cryptography, free-speech, and privacy issues. The techies stated that the Net was going to be a place where we would have the ability to share knowledge widely, without regard to geographical location, and where we would have more freedom to discus topics than in traditional media.  We could reshape our reality; old-fashioned laws wouldn’t hinder us, technology would finally give power to ordinary people.  It was exciting stuff.

I also remember the White House representative responding, almost in angry frustration, that we may have won the first round of the crypto wars, but that they’d be back and he Net wouldn’t be a “lawless” place — meaning that the status quo would be regained.

Of course, he was right. Now we have CALEA, the Patriot Act, Carnivore and its successors, draconian copyright laws, and a host of other privacy-invading tools that governments can use against people.

So here we are again in 2009.  The same kind of power is there on social network sites – on Facebook, MySpace, Tribe, Second Life, Free-Association, LiveJournal, and all the rest. Unlike Usenet and other ways of communicating on the Net a la 1995, social networks now are quite usable for us non-technical people, and the interfaces are pretty and inviting.  It’s never been easier to communicate with friends, family, and colleagues online.

Retro is a “no go” when Privacy Rights are Involved

Thursday, May 28th, 2009

What do disco music, eight-track audio systems and beta videocassette tapes all have in common? They’re all examples of technologies and fads that have come and gone since the Privacy Act of 1974 was last updated.

Looking at the list above it’s painfully obvious that federal privacy standards, written during a time when “storage facility” literally referred to file cabinets, are overdue for an update in the digital era.  While the basic framework of the Privacy Act has held up well over the past 35 years, changes need to be made to insure that the advent of new technologies do not threaten to undermine the protections that have been put in place.

Today, the Center for Democracy & Technology unveiled an in-depth proposal to update the federal Privacy Act and related federal privacy policy to address the challenges of the digital age. The announcement came as part of a panel discussion featuring government and privacy leaders that coincided with the release of the National Institute of Standards and Technology’s federal Information Security and Privacy Advisory Board’s report on its findings on government privacy rules. ISPAB has also called for significant changes to the existing federal privacy framework.


“Virtual Strip Search”: Whole Body Imaging Campaign

Sunday, May 24th, 2009

The Transportation Security Administration (TSA) recently made some surprising changes to the way whole body imaging is to take place at airports across the nation.

Prior to the changes, the TSA had said that whole body imaging, aka ‘the virtual strip search’, would be used only as a secondary screening tool, and that even then, it would be voluntary. Passengers would still have the choice between going through a virtual strip search and a pat down search. That is about to change. The TSA has announced that whole body imaging will be phased in as a replacement for primary screening, i.e. the metal detectors, and it will cease to be voluntary.

As a result of this announcement, many privacy and civil liberties groups have launched a campaign against the use of these machines as the primary method of screening (see links below).

As ACLU lawyer Chris Calabrese says: “A choice between being groped and being stripped, I don’t think we should pretend those are the only choices. People shouldn’t be humiliated by their government in the name of security…”


Computers, Freedom, Privacy, and NEWS! A weekly news roundup.

Thursday, May 21st, 2009

The tubes are ablaze with buzz about government accountability and access as launches today. Craig Newmark, who will be speaking at CFP blogs, “This is a genuinely big advance in grassroots democracy.”

Speaking of Newmark, Craigslist filed suit against the South Carolina AG “seeking declaratory relief and a restraining order with respect to criminal charges he has repeatedly threatened against craigslist and its executives.” Oddly enough, South Carolina Attorney General Henry McMaster has declared the action a victory.

The University of Michigan has changed the terms of its Library of the Future Project with Google. According to the new agreement, U of M will now get a digital copy of every book on its shelves. Sherwin Siy of Public Knowledge will be joined by Alex Macgillivray, on CFP’s panel about the Google Book Deal.  Macgillivray led negotiations for the original deal.

The Committee to Protect Journalists released a list of the “10 Worst Countries to be a Blogger.CFP will have bloggers from two of the “worst” countries listed in attendance to discuss what it’s like first hand.

Highschool Hackers: Get ready!  The Pentagon wants to tap your talent. But be careful with your Facebook–there’s been another phishing attack.

In other government news, President Obama and former Vice President Cheney don’t agree on what should be kept secret.  CFP’s opening keynote will feature Susan Crawford of the Obama Administration, who will speak about policies in areas involving technology and liberty.  Also, a panel led by the ACLU’s Mike German will explore whether government secrecy makes sense in the internet age.

We’d love to hear about the news related to CFP topics that you’re interested in! Please share your links and ideas in the comments!

CFP Buzz at CATO

Wednesday, May 20th, 2009

Jim Harper of the Cato Institute is blogging about CFP.

The Computers Freedom & Privacy conference is consistently one of the most interesting and forward-looking privacy conferences. This year, it’s at George Washington University in Washington, D.C. June 1-4.

helped organize it this time, though by no means does the event skew libertarian.  What it does is bring together people of all ideologies to discuss common concerns about the present and future state of privacy.

I’ll be speaking on a panel called “The Future of Security vs. Privacy” on Tuesday, June 2nd.   Here’s the program page. And here’s the registration page if any of this whets your appetite.

PrivacyCampDC 2009 Announced and Scheduled for June 20th

Tuesday, May 19th, 2009

PrivacyCampDC 2009

Computers Freedom and Privacy 2009 isn’t over, and yet we are already discussing how to keep the discussions, learning’s, friendships and new ideas alive and vibrant once the conference closes June 4th and everyone returns home.

How can you continue to learn about what it is that you deeply care about?

How can you maintain the new and old friendships that you’ll make during the CFP 2009 conference once we have all returned to our real lives?

Well, if you are in the Washington, D.C. area you are in luck as a group of privacy folks have begun to self organize a BarCamp (unconference) around Privacy and Government Policy:  PrivacyCampDC 2009.

If you are not familiar with the BarCamp model (some of us older folks are familiar with “open space technology”) it does take a little getting used to.  BarCamps are organized by a small group of volunteers, paid for by sponsors (we are looking for more), and then the agenda is set by the attendees on the day of the event.  Seriously.  Really.