Eczema buy atenolol sale is an umbrella term for chronic skin conditions that cause buy generic diovan dry, scaly, or itchy skin patches. However, experts suspect that cheap gentamicin eye drops the cause may relate to the reactivation of the varicella-zoster cheapest cialis online virus or an immune disorder. A lipoprotein panel — which buy cheap gentamicin eye drops online some people call a lipid panel or profile — measures cheap diclofenac internet cholesterol levels in the blood. Although an increase in fiber order mirapex lowest price dosage intake can help aid digestion, it is possible for a viagra free delivery person to consume too much fiber. People use a different accutane medication option from the conventional one, such as using relaxation measures purchase clozapine best price professional to improve headaches, rather than pain relief medication. Comparing schizoid buy generic diflucan no prescription usa personality disorder (SPD) versus avoidant personality disorder (AvPD) shows similarities generic gentamicin eye drops and differences. The Centers for Disease Control and Prevention (CDC) xalatan prescription note that a person who has hyperuricemia without gout symptoms generic remeron does not require treatment. When a person enrolls in a purchase generic pamoate prescription delivery Medicare Advantage plan, they will still have to pay the original.

The swine flu panic is going to be electronically mediated in a way no previous threat to public health has been. Flu information sites have sprung up in which news stories and data are being aggregated — the Flu Wiki Forum and Wikia’s Flu Wiki, which has a nice Google map mashup showing where the cases are.

The intrepid and slightly paranoid (I know he won’t mind my saying so) Chris Soghoian has another angle in his post on Swine Flu and the Threat to Privacy. Eight students from one New York City school are suspected of having contracted this strain of influenza while on a school trip to Mexico. If they were suspected terrorists, the government would by this time have gotten their cell phone carriers to turn over lists of all the people they had telephoned recently. It would be easy enough — yes, this is true — to ask the carriers to turn over lists of the names of all people with cell phones that had been within 100 feet of one of the students’ cell phones during their Mexico trip or thereafter. Now stored cell phone geolocation information isn’t that precise, so the data request would probably yield a lot of false positives — people in the same general area but not that close.

The information may well have been collected already. And that may well be exactly the right thing to do. After all, the first rule of epidemics is that controlling them becomes exponentially harder if they are allowed to spread; you don’t wait until they are severe before reacting. Do we know? If the data has been collected, do we have any confidence that it isn’t going to be repurposed, and that it will be discarded eventually?

Today’s news brings a nice juxtaposition.

A new law in South Korea would require those who run web sites to get and retain identifying information about the people who post on their sites. Google, which has been criticized in the past for complying with the demands of authoritarian regimes for information about its users, took the extreme step of disallowing all YouTube uploads and comments in Korea. Bravo — this will cost Google some market share, and may put pressure on the government. (Or perhaps not. YouTube is not the leading video site in Korea.) The government feels dissed and is saying as much to Google.

But today also reminds us that sometimes people using the Internet really are criminals and we are glad they are leaving electronic fingerprints behind. A series of assaults on women around Boston was solved very quickly because the alleged perpetrator was incautious enough to send an email from his home to one of his victims. Detectives obtained his IP address from the ISP and started to surveil his house. Security videos at the several crime scenes showed him tapping on his Blackberry; that was another good source of electronic forensics. (How many people could have used the same Blackberry from the three locations at the same times as the video camera showed this gentleman keeping busy?)

The two stories are not incompatible. Such records could be kept for a few weeks for police purposes and then discarded so they won’t be used for mischievous purposes later. Societies lose something by keeping data, and also lose something by deleting it. It’s just a question of making the right tradeoffs.

AT&T has announced that it is teaming up with the Recording Industries Association of America to fight illegal music downloading. Subscribers to AT&T Internet service will have their traffic monitored, and will receive warning letters if their activities are suspicious. This is the other shoe dropping after the RIAA’s announcement in December 2008 that it would no longer go after individual downloaders (mainly young, music-loving individuals) with draconian threats. It’s the roll-out of a plan that has long been expected: the RIAA, unable to staunch the leakage of bits by using legal methods to punish the guilty or educational methods to persuade the population at large, has instead persuaded a private corporation to presume all of its customers guilty and worthy of unwarranted surveillance. The only surprise, perhaps, is that a major ISP is leading the way.

Bad as the RIAA’s previous system of extortion letters was, this is, in its way, even worse. The odds were heavily stacked against anyone alleged to have downloaded a song illegally, and the private police force the RIAA hired was beyond the scrutiny of the people it was policing. But at least there was some reason to believe that someone had downloaded something before the demand letter went out. The RIAA might get wrong who and what, but the letters were, presumably, triggered by actual events.

Not so with the new program. Now, apparently, all customers will watched all the time. It is as though the RIAA had worked out a deal with FedEx to open all packages looking for compact disks, and to send a warning letter if you seemed to be receiving too many of them.

[AT&T executive Jim] Cicconi told attendees of the Leadership Music Digital Summit that the notices, which are sent via e-mail, are part of a “trial.” AT&T wants to test customer reaction, he said.

I hope any AT&T customers out there will freely offer AT&T their reactions, and I hope those reactions are furious. Surveillance is not OK and no one should put up with it.

There seems to be some confusion on the part of the various spokespeople about what AT&T may or may not do about terminating accounts. Of course they don’t want to drive business to other ISPs — but many locations do not have competing ISPs in the first place.

In any case, the fundamental problem is that broadband services should be treated as common carriers. The fact that the ISPs own the “wires” should not give them the right to pick and choose who uses the wires, on the basis of private surveillance and unproven allegations. They can’t legally do it on their long distance lines, and they shouldn’t be able to do it on their Internet service either.

A standard philosophical posture taken on privacy issues is that choice is what counts. If you have a choice between sharing information and not sharing it, the burden of responsibility shifts to you from the entity (usually a corporation) that collects the information. If you don’t like the way your information is being shared, you have only yourself to blame.

Hogwash. It all depends on the default: Do they share UNLESS you tell them not to, or do they share ONLY IF you explicitly tell them it’s OK? Almost no one ever changes the default — because, practically speaking, almost no one ever reads the fine print in which the default is stated. So most people have to depend on the ethics and good taste of the company, and that is rarely enough.

Though these are old saws — read the part of Blown to Bits where we discuss Sears Holding Company — rarely does one ever see a case quite as egregious as what David Weinberger describes about Verizon. Not only is the opt-out barely whispered, it is almost impossible to find and to make functional, even if you follow Verizon’s instructions exactly. A short, quick, funny, and infuriating read. And maybe I’m wrong about this being rarely seen — maybe it’s just that few of us have the patience to do what David did to chase it down.

Cable television networks are beginning to experiment with targeted advertising. Cablevision is trying out an indirect method. They buy data about their customers from Experian, which aggregates data about individuals for use in credit checking, etc. Once Cablevision knows that there’s no one over 30 at your address, or that you’re a single woman of 45, it can avoid showing you the “I’ve fallen and I can’t get up” ads. As Marc Rotenberg of EPIC agrees, there isn’t really any privacy breach here, yet. But the article continues,

[A competing technology] uses data from remote controls to follow what a person is watching, then matches that with ratings information and program guides to infer that person’s gender and age. It can use census data or data sources like Experian for further refining. Then, it shows an appropriate commercial.… Eventually … the company will be able to identify who is watching based not just on what they are viewing, but also how they watch it: whether they channel change frequently or not at all, or immediately turn to CNN or to Bravo. That will help it show the right ads in households where multiple people watch television.

Watching me watching you, as the song says.

There has been a lot of anxiety about the ease with with web sites can invite vicious, defamatory comments, and allow the people making the comments to remain completely anonymous. If the speaker is the person who controls the site, he or she can be sued. But what about the anonymous contributors? Do their free speech rights trump the rights of the maligned parties to seek compensation for the damage these comments do to them? Should the site operators be required to disclose the IP addresses from which the comments were posted, or other identifying information the operators may possess?

A decision by the Maryland Court of Appeals sets a very high bar for breaking through the anonymity and compelling the site to disclose the identity of the commenters. It’s a standard that could be reached, but it is going to be awfully hard. Here is what the plaintiff has to do:

1. Notify the anonymous poster that the poster is the object of a subpoena (by, for example, posting a message on the same site).
2. Identify to the court the exact statements made by the anonymous poster
3. Show in what way each statement caused damage to the plaintiff.
4. Provide specific information to support each claim.

At that point, the judges need not order the disclosure. First they need balance the damage done to the plaintiff by the anonymous speech against the anonymous defendant’s First Amendment rights.

The decision matches a standard set in 2002 by a New Jersey court, and seems to be part of a pattern in which courts are giving great deference to the right to anonymous speech on the Web.

Oncer again, in the name of protecting America’s children from exploitation, Congress is considering a massive increase in data collection about the activities of you, me, and everyone else. Specifically, the SAFETY Act (click for the full text) would require that

A provider of an electronic communication service or remote computing service shall retain for a period of at least two years all records or other information pertaining to the identity of a user of a temporarily assigned network address the service assigns to that user.

That means not just your Internet Service Provider at home, but Starbucks. And the beneficiaries would be not just police looking for pedophiles, but the recording industry looking for people who downloaded music in an airport lounge.

As we have said before (here and here, for example), the Internet threats to child safety have been mischaracterized and exaggerated, and spending resources on programs like this draws resources away from places where they are badly needed, helping troubled children from troubled families. Bills like this are transparent attempts to exploit the child safety issue to ramp up government data collection about innocent citizens, data that will be repurposed and abused once it has been collected. It’s the kind of Big-Brother surveillance proposed in the UK, as we discussed last fall.

Stop this madness. There is zero evidence that this is a sensible solution to the problem the bill claims to be aimed at, and it is an unconscionable invasion of our rights to privacy.

Well, we don’t really know, but a case alleging that was just¬†decided in favor of Google.¬†Aaron and Christine Boring claimed that their privacy had been violated when the Google camera car photographed their house, and asked for a bunch of money. Unfortunately for them, they had an awful case. They presented no evidence they’d been damaged, and they also made no effort to hide their street address when they filed their lawsuit (something that’s easy to do if you are worried about that information being made public). For privacy zealots, not the case with which you want to go forward. It sets a precedent that will make it at least a bit harder for any other plaintiff to prevail.

Frankly, I can’t get excited about this as a privacy violation. But I have to acknowledge that it’s a little weird that people can be sitting in Rwanda looking at what kind of car I drive and whether I keep my bushes trimmed.

It’s always sobering to read those “I agree” documents you have to click on to register for a Web service. Almost no one ever does.

Facebook’s has always given it blanket rights to do what it wishes with the stuff you post on your Facebook page, including

to (a) use, copy, publish, stream, store, retain, publicly perform or display, transmit, scan, reformat, modify, edit, frame, translate, excerpt, adapt, create derivative works and distribute (through multiple tiers), any User Content you (i) Post on or in connection with the Facebook Service or the promotion thereof subject only to your privacy settings or (ii) enable a user to Post, including by offering a Share Link on your website and (b) to use your name, likeness and image for any purpose, including commercial or advertising, each of (a) and (b) on or in connection with the Facebook Service or the promotion thereof.

There’s more, about how Facebook can transfer those rights, and so on. What’s new today is that the agreement used to say that you could take back ownership of the data if you closed your account. No more. Now they own it forever, even if you decide you want to take it back.

So if you are, say, a college student foolish enough to post a stupid picture of yourself drunk or half-naked, and then you think better of it, and in fact think better of the whole Facebook idea and close your account, and in ten years you are running for Congress, Facebook will be perfectly within its rights to scan its records of dead accounts and sell the rights to that photo to the Associated Press, or People Magazine.

Would they do that? No way to be sure. Rationally we might choose to think that would be a stupid thing to do from a business standpoint, as it would discourage others from using the site. But such decisions are not always made rationally. And why would they be changing their policy now if they don’t anticipate doing exactly this in the future?

Added 8:30 PM 2/16: Mark Zuckerberg has blogged about this. He defends Facebook’s “philosophy” and what it would do “in reality” (as opposed, I guess, to what it has the legal right to do):

In reality, we wouldn’t share your information in a way you wouldn’t want.

Indeed, in reality, Facebook would probably realize what a losing long-term business proposition it would be to sell your drunken photos of yourself to the media.

Which is why, when Facebook did “in reality” launch Beacon and shared information in a way many Facebook users did NOT want, it quickly did an about-face. There seems to be push-back assembling again, though in the case of this change, no one can right now detect any difference.

Is there really no way to draft the legal language so it matches the reality of Facebook’s presumably good intentions?

Here is news on both of yesterday’s posts.

First, it appears that the anti-net-neutrality, pro-ISP-censorship language did not make it into the Senate version of the Stimulus bill. But Public Knowledge reports that Senator Feinstein is still hoping to include it in the “compromise” (who knew that a compromise could include things in neither bill between which it is a compromise?) and urges you to again let your voices be heard. (Here, by the way, is the actual amendment. The reference to “reasonable” network management practices is a dead giveaway that what the ISPs will do will not be reasonable — just as Senator Feinstein calling this an “uncontroversial amendment” is a good signal that it’s highly controversial!)

On the vehicle tracking front, today’s Herald makes clear that the Commonwealth is just exploring Oregon’s system. A GPS keeps LOCAL track of where the car is moving around and occasionally uploads the MILEAGE TOTAL, not the trajectory, perhaps when the vehicle is at a gas station. There are lots of privacy problems with this technology, and I am disappointed that Governor Patrick seems not to care. But at least we have a little better picture now what he’s talking about.