Cyberprivacy

ProPublica's Julia Angwin reported this week on how marketers' tracking of customers is getting more intrusive: "Online marketers are increasingly seeking to track users offline, as well, by collecting data about people's offline habits—such as recent purchases, where you live, how many kids you have, and what kind of car you drive."

Angwin goes on to explain how it works: after sharing your e-mail address with a store, a marketer locates customers online when they use their email addresses to log into websites, then a marketer tags customers' computers with a tracker, and then when customers arrive at the website of the same story they will see a site customized to them.

Navi Pillay, the United Nations human rights chief who has been asked by the international membership organization to prepare a report on protection of the right to privacy, said that international action led to the end of apartheid in South Africa and that it can again lead to the end of massive surveillance of online activity, The Guardian reports. The experience of international action on apartheid "inspires me to go on and address the issue of internet [privacy], which right now is extremely troubling because the revelations of surveillance have implications for human rights … People are really afraid that all their personal details are being used in violation of traditional national protections," Pillay said.

The United Nations adopted a resolution, sponsored by Brazil and Germany in the wake of the revelation that the United States was eavesdropping on leaders in those countries, supporting the protection of Internet privacy, the BBC reports. The non-binding resolution affirms that '"the same rights that people have offline must also be protected online,'" the BBC further reports.

The hope of such non-binding international measures is that they will influence international norms.

Philip Alston, writing in Just Security, asks if the United Nations let the United States off the hook regarding Internet privacy. While the language of a United Nations resolution was watered down at American urging, Alston argues that there is good news in a resolution that is set to be adopted by the full UN this month. Among other good points, "by basing itself on the formulations of the right to privacy included in both the Universal Declaration of Human Rights and the International Covenant on Civil and Political Rights, the resolution implicitly rejects the US line that privacy rights derive only from a specific treaty which the US in turn insists has no extra-territorial implications," Alston writes. 

A United Nations committee has advanced a resolution sponsored by Brazil and Germany to make the right to privacy against unlawful surveillance applicable to anyone in the world, The Washington Post reported. The two countries sponsored the measure after revelations of monitoring  by the United States of Brazilian President Dilma Rousseff and German Chancellor Angela Merkel.

The resolution is expected to pass the United Nations General Assembly too, The Post further reported. While the resolution is not binding law, General Assembly resolutions " reflect world opinion and carry political weight," The Post also reported.

The largely symbolic resolution was watered down though. The Post reported: "The key compromise dropped the contention that the domestic and international interception and collection of communications and personal data, 'in particular massive surveillance,' may constitute a human rights violation."

Both Brazil and German, which have been the subjct of American surveillance, are seeking to "apply the right to privacy, which is enshrined in the International Covenant on Civil and Political Rights (ICCPR), to online communications," Foreign Policy reports. The United States, however, is pushing back, "to kill a provision of the Brazilian and German draft which states that 'extraterritorial surveillance' and mass interception of communications, personal information, and metadata may constitute a violation of human rights," Foreign Policy further reports.

Separately, Reuters reports that a "draft U.N. resolution that some diplomats said suggested spying in foreign countries could be a human rights violation has been weakened to appease the United States, Britain and others ahead of a vote by a U.N. committee next week." The initial draft would have had the General Assembly declare it is "'deeply concerned at human rights violations and abuses that may result from the conduct of any surveillance of communications, including extraterritorial surveillance of communications,"' but the draft now proposes the General Assembly declare it is '"deeply concerned at the negative impact that surveillance and/or interception of communications, including extraterritorial surveillance and/or interception of communications, as well as the collection of personal data, in particular when carried out on a mass scale, may have on the exercise and enjoyment of human rights,'" according to Reuters.

The Federal Trade Commission is set to regulate connected devices that share consumer data. Or as GigaOm more pithily says it: the Internet of Things. Why does this matter? GigaOm reports: "There are two issues at play here, one being the privacy of consumer data and the other being the security of the networks delivering that data. The privacy issue, however, also contains a security dimension since the devices can share things that affect a person’s safety — such as where they live and whether or not they are home."

Moreover," EPIC, the Electronic Privacy Information Center, argues that the privacy implications of connectivity start with the devices, which could allow a person to be tracked continuously across a variety of networks," GigaOm also reports.

GigaOm's Stacey Higginbotham argues for a middle ground between stifling a new industry and consumer privacy.

The European Parliament voted to suspend a data-sharing agreement with the United States that allows access to financial transactions for the purposes of tracking the financing of terrorists, GigaOm reported, although only the European Commission can actually suspend the agreement.

Edward Snowden's leaks exposed that the National Security Agency has been tapping the SWIFT database of international transactions "directly in order to extract information, thus breaking the terms of the agreement with the EU. The intelligence agency has apparently also been illegally accessing credit card transaction data in Europe, the Middle East and Africa," GigaOm also reported.

The Washington Post reports on how the National Security Agency is sweeping up contacts lists in Americans' e-mail accounts and instant messaging accounts. For example, "during a single day last year, the NSA’s Special Source Operations branch collected 444,743 e-mail address books from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, 33,697 from Gmail and 22,881 from unspecified other providers, according to an internal NSA PowerPoint presentation," The Post reported. Over the course of a year, that would be millions of accounts. Is this contact information being paired with the already-revealed collection of nearly every record of phone calls made in the United States?

Even Americans who aren't living or working abroad are having their contact information collected because "data crosses international boundaries even when its American owners stay at home. Large technology companies, including Google and Facebook, maintain data centers around the world to balance loads on their servers and work around outages," The Post also reported.

On an amusing note, spam is just as annoying for spies as it is for the rest of us. "Spam has proven to be a significant problem for the NSA — clogging databases with information that holds no foreign intelligence value," The Post also reports.