Vestiges of Dutch Colonialism in the New World

Saint Eustatius Harbor circa 1750

Despite my best efforts at over-dramatization, and some inclination toward satire, I could not bring myself to title this post without any regard for accuracy. I did spin some sensationalist gems that I can’t resist sharing. I discarded these candidate titles due to their obvious discrepancy with reality:

• Kingdom of the Netherlands: Autonomy or subjugation for vassal states Bonaire, Saba and Saint Eustatius?
• Landscape of imperialism in the twenty-first century: Historically significant changes in sovereignty in the Netherlands Antilles.

Or most misleading and untruthful of all:

• Turmoil revisits Dutch West Indies half a millennium after rout of Spanish Armada!

Birth of Nations

In fact, the Netherlands Antilles ceased to exist as of October 2010. Curacao and Saint Maarten are now autonomous nations, governing themselves. The three islands Bonaire, Saba, and Saint Eustatius became municipalities in the Kingdom of the Netherlands. Residents now have the same benefits and rights as Dutch citizens.

While browsing the GeoNames site a few days ago, I first learned of the transformation of the Netherlands Antilles.  It motivated today’s post, whose primary topic is privacy considerations for social networking. Location sharing (and associated geodata) is part of the privacy issue.

I was evaluating an alternative micro-blogging platform, identi.ca. It is a status.net project. identi.ca is like that mainstay of micro-blogging, Twitter. The two platforms even have a certain measure of cross-compatibility. In terms of branding, good choices were made: identi.ca is a partner, or possibly a subsidiary, of laconi.ca. laconi.ca is the perfect name for a communication medium restricted to 140 characters or less!

identi.ca is conceptually similar to the highly anticipated Facebook alternative, Diaspora. Both Diaspora and identi.ca are open source projects. For the user, the relevant issue is that both assure a higher level of privacy. The design model for Facebook, and many other social networking applications, is that very little information will be retained on the client side. Most everything goes to a server-side repository. It is irrelevant whether user data resides in the cloud, or the Facebook data center. Neither is under the control of the user.

identi.ca and Diaspora are different in that they do not require users to relinquish all personal data. One way to do this is by running one’s social network on one’s own server, thus avoiding the concerns of information misappropriation, be it intentional or accidental. Running one’s own server does not sound very feasible for most people, and in fact, the shift to client side is probably more subtle e.g. greater reliance on the user’s browser.

Google Buzz provides an example of accidental over-sharing.  In the early days of Google Buzz, the full power of Open Social API was unleashed without forewarning users. This was accidental, and Google didn’t profit from the mishap. Google Buzz was irresponsible for not first offering opt-out to segregate some or all account contacts from participation.  The issue was promptly remedied. Unfortunately, despite the rapid redress and that there was no revenue stream associated with the disclosure of information (unlike the copious chronology charts of Facebook’s information peddling showcased in the Wall Street Journal), Google’s temporary disclosure of information about users to each other had a very negative impact on acceptance, usage and success of Google Buzz.

Identi.ca includes a location identification option using GeoNames data.  Tie-in to the Dutch West Indies follows:

Flag of Curacao

Three new countries came into being after the dissolution of the Netherlands Antilles in October 2010… ISO assigned the code BQ to the three BES islands … Read More via GeoNames

Discretion is the Better Part of Valor

This paraphrased list of “Do and Don’t” was targeted specifically to secure exchange of sensitive financial information. However, these are generally applicable suggestions for law-abiding people who don’t want to blather their personal business all over the internet:

1. Don’t email directly from work.
2. If emailing using work resources does not violate your employer’s network security policies, use a web mail provider that offers SSL encrypted browsing. Ever heard of hushmail.com?
3. Don’t use your employer’s resources for personal communications of a sensitive nature e.g. to your attorney.
4. Use robust encryption, such as PGP keys for email (PGP = Pretty Good Privacy?)
5. If you use Instant Message, a secure chat client will give peace of mind.

How to [ Read/ Tip Off ] Zero Hedge Without Attracting The Interest Of [ Human Resources / The Treasury / Black Helicopters ]

Also recommended for those considering front-running of frozen orange-juice futures.

Social Web Pathology Part 1

Share and Share A-like

Note: this is an updated version of my April 28th post on the theme of Social Web Pathology.

I’ve been pondering the theme of “Social Web 2.0 Pathology: Are We Connected Yet?”, and will introduce it with this mild example. Today’s post will then assess recent developments in our vanishing degrees of separation.

The date of this graphic was April 16, 2010 thus it does not contain the very consequence-laden “Like” button. Facebook announced the release of the Like button to the World Wide Web domains-at-large at the F8 conference on April 22.

There is a recent development, and it should encourage advocates of the individual’s right to privacy. U.S. Congressman Charles Schumer has an awareness of the potential for abuse via social networking, due to accelerated data sharing.  He seems to have focused his concerns around the announcement at F8 of Facebook’s Open Graph and Like button data collector. Media coverage by wire services such as Reuters – Schumer vs Facebook was prompt: Congressman Schumer explicitly stated his concern over negative impact on the consumer’s right to privacy. Shortly after, Schumer was joined by other lawmakers, who proposed a sweeping internet privacy bill on May 4, 2010, indicating grave concern over the potential risks due to information disclosure resulting from participation in social networks. Not surprisingly, Facebook was mentioned by name, as it has been on the leading edge of the social media innovation.

What abuses might result from the Like button, and by whom? The abusers could be hackers aka crackers. Their method of infiltration might include harvesting of newly accessible personal data (mostly due to recent trends in over-sharing) using social engineering techniques. Alternatively, the traditional exploits involving unauthorized elevation of privilege would remain viable. Such is now facilitated by easier password breaking due to a larger pool of availale data. This becomes more straightforward as we tie ourselves closer and tighter together, along with our most critical identifying information via Social Networking sites and applications.

The other source of abuse might be from Facebook itself, due to sharing of user’s personal information with third-parties. FB announced policy that users will no longer have an opt-out feature available, regarding disclosure of certain basic identifying data.

Maybe the need to prove to one and all that “I have the most friends”, a sort of Web 2.0 version of Thorstein Veblen’s concept of “status seeking” and “conspicuous consumption”, will be reined in (see Professor Veblen’s Theory of the Leisure Class, 1899). While the impulse is present in most of us, many resist the temptation. FB was well-designed, though, because it seems to have overwhelmed common sense for even the most reticent of us. Similar observations could be applied to the rise of Farmville. With 86 million players, this game that seems primarily motivated by guilt (Professor Howard Linn wrote a paper on the subject shortly before his death earlier this year) has spread like wildfire. We will hope that Congressional scrutiny will slow the onslaught of the Like button, and hold it in check until the consequences are more carefully considered. 

We Revoke Our Right to Privacy with Assist From Facebook

At the annual Facebook F8 event yesterday, Facebook announced several powerful applications to expand the reach of the Web 2.0’s social networking model. New product announcements included Open Graph application software and inclusion of location-based services for greater social web inter-connectivity. The debut of the highly anticipated “Like” button on sites external to Facebook was also disclosed. In fact, Facebook stated that it already has established partnerships with approximately 30 highly visible websites including Yelp and Microsoft. Senior Facebook developers successfully demonstrated some of the potential uses to marketing and business users as well as individuals.

In light of this event, I’d like to share some of my concerns regarding the effect of increased information disclosure on us. The legal and contextual basis for my concern is drawn from a prescient feature article via BBC News. The following excerpt regarding erosion of privacy due to online activity is solid background material. It is followed by my own comments, as motivated by yesterday’s F8 activities.

How Online Life Distorts Privacy Rights for All by Zoe Kleinman, BBC News, 8 Jan 2010

People who post intimate details about their lives on the internet undermine everybody else’s right to privacy, claims an academic. Dr Kieron O’Hara [a senior research fellow in Electronics and Computer Science at the University of Southampton] has called for people to be more aware of the impact on society of what they publish online. “If you look at privacy in law, one important concept is a reasonable expectation of privacy,” he said. “As more private lives are exported online, reasonable expectations are diminishing.”

The rise of social networking has blurred the boundaries of what can be considered private, he believes – making it less of a defense by law. We live in an era that he terms “intimacy 2.0″ – where people routinely share extremely personal information online. “When our reasonable expectations diminish, as they have, by necessity our legal protection diminishes.”

This is the article’s most critical point: “People who post intimate details about their lives on the internet undermine everybody else’s right to privacy… When our expectations diminish, by necessity our legal protection diminishes…”

The negative effects associated with such a loss of privacy are significant. Contemplate an analogy, between the social web’s escalating trend toward over-sharing and the risk scenario implicit in the herd immunity effect of inoculation to prevent infectious disease.

Start by considering our rapidly growing social web. Achieving today’s level of coverage and confidence in the security of our private information was not achieved easily nor quickly. Certain rights, such as protected health information laws under HIPAA, were only legislated during the past five or ten years. However, in this sudden outpouring of social web-motivated information disclosure, we might destroy all that our predecessors, and ourselves, have fought to achieve over a span of decades or centuries.

Now consider immunization against contagious disease. Note that metaphorical comparison to disease is not overstatement: In a worst case scenario, the threat to personal privacy or infrastructure security due to unprecedented levels of network connectivity is dire. We’ll use the non-controversial example of polio, for which immunity is achieved at the community level. Decades of time and effort were required to wipe out incidence of this disease. However, by choosing not to protect oneself (or one’s children), the entire community is made more vulnerable, not just those who choose not to immunize. The immuno status of the “herd” can be compromised by a small number of now unprotected individuals.

The phrase “going viral” with the spread of social web information is in fact just as sinister as the original epidemiological context from which it was derived.

That is why nearly everyone who works in information security—be it computers, telephony, healthcare, or in financial or IT audit— seems leery of Facebook services. Every time I scan news feeds from InfoSec Island, Wired.com, or DEFCON, I notice references to the latest Facebook scam, exploit, user vulnerability etc. The data security and information technology community appear to be of one mind about Facebook: no system safeguards, no matter how stringent, can protect users who choosing to divulge information by over sharing.

I conclude with a link to visual editor and journalist Robb Montgomery’s advice about how to guard your privacy and enjoy your time more securely on Facebook.

Thoughts about Emotional Data in Wiredset Blog

Foursquare User Numbers Soar

The title of the article Data Driven Experiences: Emotional Data, by Mark Ghuneim is fascinating, however, I’m concerned about address-level sharing of geo-spatial information as part of social networks.

FourSquare is a phone application that has seen soaring popularity since the 2010 SXSW event in Austin,Texas in March. Details of how the application works can be found at the Foursquare.com site. I was dismissive initially. It seemed little more than a way of telling others where you are at the moment, maybe make a restaurant recommendation, and earn very cute badges based on level of activity.

Activity is measured by the user’s “check-in” to a location, which is received and time stamped via mobile device by FourSquare and further validated by GIS-type service. Of course there is the element of competition by earning badges and becoming “Mayor” of a location. FourSquare also offers users a less blatant way of informing friends, and possibly everyone else, that you shopped at a great new clothing boutique, or went dancing at an upscale club over the weekend. Better yet, if you made an appearance at not merely one nightclub but three, in a single evening! FourSquare would be very effective for that. Why? Well, the app is new and not yet hacked or gamed by savvy users, it is far more credible than heresay and not subject to human error.

Foursquare activity @ SXSW 2010, Austin TX

At first glance, FourSquare and similar didn’t seem terribly compelling. Merely more of the popularity contest and conspicuous consumption effect? Well, I didn’t foresee much potential for widespread appeal for another social networking phenomena, different but novel in its own way: the Facebook game, Farmville… and I was so very wrong.

Foursquare Logo

Businesses will certainly find value from subscriptions to FourSquare user data feeds. Geo-spatial data based social network applications, described by the more general term of LBS, location-based services, are attracting attention in unexpected ways.

For example, FourSquare advocates introduce the alluring idea that it actually enriches the lives of users with a collectively magnified knowledge base of the world to draw on, leading to a higher level of engagement with everything.

However, I believe that most possible benefits are far outweighed by the risks of over sharing. The most obvious negative consequence is increased vulnerability, impacting personal, family and property security. Note that FourSquare does have a posted privacy policy , about which I am not informed enough to comment.