Tag Archives: privacy

“This is him here”: Laura Kuenssberg and the ethics of social linking

2 Replies

This is him here

This week Twitter got angry.

Again.

It was angry because BBC political editor Laura Kuenssberg identified the father of a sick baby who confronted the prime minister as a political activist, embedding one of his tweets in her own.

Then it was angry because people were attacking a journalist for doing her job.

Somewhere between the heated accusations and counter-accusations, however, there was an important lesson to be learned — and a reasonable discussion to be had.

It is a lesson about understanding very different online cultures, about new journalistic practices, and an emerging  dimension of journalistic ethics that few reporters have truly gotten to grips with. Continue reading

Got a new laptop? Here’s how to maintain your privacy from the start

8 Replies

When you get a new laptop – with no cookies on it! – it’s a great opportunity to start afresh and protect your privacy online by default. As I recently got a new laptop here’s what I did as I set it up…

Start from scratch – no importing of settings/applications

Many laptop setup wizards offer the option to import applications, documents or other elements from your existing laptop. I didn’t do this, partly because I didn’t want to bloat my new laptop with anything that wasn’t necessary (and if you use cloud storage then you can download from there anyway), but largely because I wanted to check the settings of each application as I went – this is much easier to do if you’re installing them.

Browsers – install them all

I use at least four different browsers: Safari, Chrome, Firefox and Opera. (You might also want to install Tor for particular use cases, although I’m not going to cover it here).

It’s useful to have different browsers partly because they offer different functionality, but also because it allows you to separate different activities. For example: Continue reading

Facebook launch a new safety for journalists initiative – but there’s something they’re not mentioning…

3 Replies

facebook security

Facebook has launched a new initiative in partnership with a number of journalism organisations to help journalists “protect their accounts and themselves on Facebook.”

The Facebook Safety for Journalists page covers 10 steps that journalists should take, ranging from password protection to abuse and harassment. Continue reading

Research on information security in local newspapers – the published version

Leave a reply

Pie chart: 88% of respondents did not know what their employers were doing about information security

Previously on OJB I posted about some ongoing research I was conducting into whether security practices in local news organisations had changed in the wake of the Snowden and RIPA (UK surveillance powers) revelations.

Now the full research paper has been published in the academic journal Digital Journalism, as part of a special edition on Journalism, Citizenship and Surveillance Society. The abstract pretty much sums it up:

“Despite reports of widespread interception of communications by the UK government, and revelations that police were using surveillance powers to access journalists’ communications data to identify sources, regional newspaper journalists show few signs of adapting source protection and information security practices to reflect new legal and technological threats, and there is widespread ignorance of what their employers are doing to protect networked systems of production. This paper argues that the “reactive” approach to source protection that seeks to build a legal defence if required, is no longer adequate in the context of workforce monitoring, and that publishers need to update their policies and practice to address ongoing change in the environment for journalists and sources.”

Other highlights of the edition include:

Hello Allo: the first 12 things I learned about Google’s new chat app

3 Replies

very-true-indeed

Google’s new chat app Allo is out in the UK, and I’ve been playing around with it.

There are two key artificial intelligence (AI) features that stick out in the app: firstly, the ability to interact with bots (the Google Assistant, which I’ve written about in a second post here), and secondly the way the app suggests responses while you chat.

I took screenshots during my first conversations using the app to see how the AI algorithms were set up before it had begun to learn much from my behaviour. Here are the highlights… Continue reading

Google knows what you did last summer: how to use the My Activity page to make it forget

1 Reply
Google My Activity news

Google knows what I was reading last summer

If you use an Android phone, the Chrome browser, or even just YouTube, you may at some point have been surprised by how much Google knows about you. If you haven’t, take a look at Google’s new My Activity feature.

Rolled out this week, the feature allows you to see the videos Google knows you’ve watched; the searches you’ve typed in ( and ‘sound search‘ too); the images you’ve looked for – and which ones you viewed; video search. Continue reading

Welcome to journalism. Now delete your history.

5 Replies

Yesterday an 18-year-old journalism student told me he’d deleted his entire Twitter history using TweetDelete. The same day I noticed that another had changed his Twitter username to remove a reference to Newcastle United.

I was not an innocent bystander – I have to admit: I’d sort of advised them to do this…

Full circle in five years

Some history: I’ve been training journalists and student journalists to use Twitter for almost five years now, and have seen an enormous shift in that time.

In those early classes – between 2008 and 2010 – the difficulty was getting people to write more informally: almost no one had a Twitter account, so they approached it as a professional tool, with professionalism very much in mind.

By the third year, however, things were starting to change. By then around half would typically have pre-existing Twitter accounts, and many were using them in a personal capacity. The problem was not using Twitter in the first place, but how to combine the professional with the personal. “Should I have a different account for personal use?” Yes, I used to say.

Now I don’t.

There’s no such thing as a personal Twitter account

I no longer suggest having separate professional and personal accounts because, aside from the difficulty of running two accounts, frankly there is no such thing as a truly personal, even private, account if you are a journalist.

Some manage the balance: Joanna Geary, who maintains @guardianJoanna and @joannaGeary, springs to mind. But Joanna is able to do that because her ‘personal’ account is barely distinguishable from her ‘work’ account: she acts professionally; she talks about things that interest many of the same people who follow her ‘professionally’.

Joanna, in other words, is the exception.

In the movement from one audience (close friends) to another (strangers who may be judging our credibility as reporters) the harsh truth is that we will be judged unfairly against a standard we never anticipated.

And so I ended up showing TweetDelete to a class of 18-year-olds.

And I only had to mention SnapChat, and sexting for them to get it.

Welcome to the world of permanence. Please keep an eye on your past. For the sake of convenience, you may want to delete it (at least TweetDelete will give you an archived copy).

Note: Ross Hawkes has a fascinating exercise on the same subject: he will find tweets by members of the class and present them back to the class with the name removed. What would they think? “But it’s out of context!” Exactly.

Related: Why you might not ever get a job again… if you swear a lot on the internet

Launch of new survey on the legal experiences and views of journalists and online publishers

Leave a reply

A new survey for journalists, bloggers and online publishers, which can be found at this link, aims to collect information about their experiences of and views on libel and privacy law

A system of arbitration is at the heart of Lord Justice Leveson’s recommendations, and different versions are included in the the government’s draft Royal Charter and the industry’s own proposals [PDF].

The suggestion is that an arbitration service could deal with libel and privacy complaints that would otherwise go to court.

Last minute amendments to the Crime and Courts bill (now Act) would allow for bloggers to opt into the regulatory arbitration system and receive costs benefits.

Additionally and separately, recommendations have also been made for Mediation and Early Resolution in defamation disputes.

However, there is very little solid data about the nature and quantity of legal claims made against the media, including small bloggers. Because the majority of libel claims, for example, are believed to be resolved out of court, there is no complete record of disputes.

In short, little is known about bloggers’ and journalists’ actual legal experiences and opinions.

In an effort to build a better picture and to help inform the development of new alternative dispute resolution mechanisms, I am launching a survey as the final part of my doctoral project at the Centre for Law, Justice and Journalism (CLJJ), City University London.

This questionnaire is open to all types of journalists and online writers who expect their readership to be predominantly based in England and/or Wales.

Please take part and share your experiences and encourage your colleagues and friends to participate as well.

All data will be collected anonymously with no identification of organisations or individuals.

The questionnaire can be found here:

Many thanks for your help! If you have any questions you can email me: (judith.townend.1@city.ac.uk) or tweet  (@jtownend).

About the project

This survey is part of Judith Townend’s doctoral project at the Centre for Law, Justice and Journalism (CLJJ), City University London. The research project, which has been given ethical approval by the CLJJ, explores how journalists and online writers are affected by libel and privacy law, as well as other social and legal factors. It will draw attention to the issues faced by online writers and journalists, and help inform the development of resources in this area.

About this questionnaire

  • The questionnaire is open to all types of journalists and online writers who expect their readership to be predominantly based in England and/or Wales.
  • It should take between 10 and 30 minutes to complete, depending on your experiences and views. Some questions require an answer so you can be taken to the next relevant question.
  • All data will be collected anonymously with no identification of organisations or individuals.
  • The information you have submitted will included in a final report to be published in 2013/14, which may be used for future online and print publications.
  • Please contact Judith Townend with any questions, or to obtain the final results.

Contact details:

Judith Townend, c/o Peter Aggar, Centre for Law, Justice and Journalism, City University London, Northampton Square, London EC1V 0HB, Tel: +44 (0)20 7040 8167

E-mail: judith.townend.1@city.ac.uk

Online security for journalists: never assume you’re secure

10 Replies
image from xkcd

image from xkcd

With news last week of the New York Times and Washington Post being hacked recently, The Muckraker‘s Lyra McKee looks at internet security.

“They were able to hack into the computer and remotely access my Facebook account, printing out a transcript of a private conversation. Then they told me who I’d been talking to over the past week and who was on my contacts list. They’d hacked into my phone. When they first told me they could hack into computers and phones, I didn’t believe them. So they showed me.”

I was sitting at the kitchen table of one of Northern Ireland’s few investigative journalists. He was shaken.

In thirty years of reporting, Colin (not his real name) has seen things that would leave the average person traumatized. A confidante of IRA terrorists, he has shaken hands with assassins and invited them into his home for a chat over a cup of tea – as he had done with me that night.

A few weeks previous, during one visit from a source, the subject of hacking had come up. Continue reading

Leveson: the Internet Pops In

2 Replies

The following post was originally published by Gary Herman on the NUJ New Media blog. It’s reproduced here with permission.

Here at Newmedia Towers we are being swamped by events which at long last are demonstrating that the internet is really rather relevant to the whole debate about media ethics and privacy. So this is by way of a short and somewhat belated survey of the news tsunami – Google, Leveson, Twitter, ACTA, the EU and more.

When Camilla Wright, founder of celebrity gossip site Popbitch (which some years ago broke the news of Victoria Beckham’s pregnancy possibly before she even knew about it), testified before Leveson last week (26 January 2012) [Guardian liveblog; Wright’s official written statement (PDF)] the world found out (if it could be bothered) how Popbitch is used by newspaper hacks to plant stories so that they can then be said to have appeared on the internet. Anyone remember the Drudge report, over a decade ago?

Wright, of course, made a somewhat lame excuse that Popbitch is a counterweight to gossip magazines which are full of stories placed by the PR industry.

But most interesting is the fact that Wright claimed that Popbitch is self-regulated and that it works.

Leveson pronounced that he is not sure there is ‘so much of a difference’ between what Popbitch does and what newspapers do – which is somehow off the point. Popbitch – like other websites – has a global reach by definition and Wright told the Inquiry that Popbitch tries to comply with local laws wherever it was available – claims also made more publicly by Google and Yahoo! when they have in the past given in to Chinese pressure to release data that actually or potentially incriminated users and, more recently, by Twitter when it announced its intention to regulate tweets on a country-by-country basis.

Trivia – like the stuff Popbitch trades – aside, the problem is real. A global medium will cross many jurisdictions and be accessible within many different cultures. What one country welcomes, another may ban. And who should judge the merits of each?

Confusing the internet with its applications

The Arab Spring showed us that social media – like mobile phones, CB radios, fly-posted silkscreen prints, cheap offset litho leaflets and political ballads before them – have the power to mobilise and focus dissent. Twitter’s announcement should have been expected – after all, tweeting was never intended to be part of the revolutionaries’ tool-kit.

There are already alternatives to Twitter – Vibe, Futubra, Plurk, Easy Chirp and Blackberry Messenger, of course – and the technology itself will not be restrained by the need to expand into new markets. People confuse the internet with its applications – a mistake often made by those authorities who seek to impose a duty to police content on those who convey it.

Missing the point again, Leveson asked whether it would be useful to have an external ombudsman to advise Popbitch on stories and observed that a common set of standards across newspapers and websites might also help.

While not dismissing the idea, Wright made the point that the internet made it easy for publications to bypass UK regulators.

This takes us right into the territory of Google, Facebook and the various attempts by US and international authorities to introduce regulation and impose duties on websites themselves to police them.

ACTA, SOPA and PIPA

The latest example is the Anti-Counterfeit Trade Agreement (ACTA) – a shadowy international treaty which, according to Google’s legal director, Daphne Keller, speaking over a year ago, has ‘metastasized’ from a proposal on border security and counterfeit goods to an international legal framework covering copyright and the internet.

According to a draft of ACTA, released for public scrutiny after pressure from the European Union, internet providers who disable access to pirated material and adopt a policy to counter unauthorized ‘transmission of materials protected by copyright’ will be protected against legal action.

Fair use rights would not be guaranteed under the terms of the agreement.

Many civil liberty groups have protested the process by which ACTA has been drafted as anti-democratic and ACTA’s provisions as draconian.

Google’s Keller described ACTA as looking ‘a lot like cultural imperialism’.

Google later became active in the successful fight against the US Stop Online Piracy Act (SOPA) and the related Protect Intellectual Proerty Act (PIPA), which contained similar provisions to ACTA.

Google has been remarkably quite on the Megaupload case, however. This saw the US take extraterritorial action against a Hong Kong-based company operating a number of websites accused of copyright infringement.

The arrest of all Megaupload’s executives and the closure of its sites may have the effect of erasing perfectly legitimate and legal data held on the company’s servers – something which would on the face of it be an infringement of the rights of Megaupload users who own the data.

Privacy

Meanwhile, Google – in its growing battle with Facebook – has announced its intention to introduce a single privacy regime for 60 or so of its websites and services which will allow the company to aggregate all the data on individual users the better to serve ads.

Facebook already does something similar, although the scope of its services is much, much narrower than Google’s.

Privacy is at the heart of the current action against Google by Max Mosley, who wants the company to take down all links to external websites from its search results if those sites cover the events at the heart of his successful libel suit against News International.

Mosley is suing Google in the UK, France and Germany, and Daphne Keller popped up at the Leveson Inquiry, together with David-John Collins, head of corporate communications and public affairs for Google UK, to answer questions about the company’s policies on regulation and privacy.

Once again, the argument regarding different jurisdictions and the difficulty of implementing a global policy was raised by Keller and Collins.

Asked about an on-the-record comment by former Google chief executive, Eric Schmidt, that ‘only miscreants worry about net privacy’, Collins responded that the comment was not representative of Google’s policy on privacy, which it takes ‘extremely seriously’.

There is, of course, an interesting disjuncture between Google’s theoretical view of privacy and its treatment of its users. When it comes to examples like Max Mosley, Google pointed out – quite properly – that it can’t police the internet, that it does operate across jurisdictions and that it does ensure that there are comprehensive if somewhat esoteric mechanisms for removing private data and links from the Google listings and caches.

Yet it argues that, if individuals choose to use Google, whatever data they volunteer to the company is fair game for Google – even where that data involves third persons who may not have assented to their details being known or when, as happened during the process of building Google’s StreetView application, the company collected private data from domestic wi-fi routers without the consent or knowledge of the householders.

Keller and Collins brought their double-act to the UK parliament a few days later when they appeared before the joint committee on privacy and injunctions, chaired by John Whittingdale MP.

When asked why Google did not simply ‘find and destroy’ all instances of the images and video that Max Mosley objected to, they repeated their common mantras – Google is not the internet, and neither can nor should control the websites its search results list.

Accused by committee member Lord MacWhinney of ‘ducking and diving’ and of former culture minister, Ben Bradshaw of being ‘totally unconvincing’, Keller noted that Google could in theory police the sites it indexed, but that ‘doing so is a bad idea’.

No apparatus disinterested and qualified enough

That seems indisputable – regulating the internet should not be the job of providers like Google, Facebook or Twitter. On the contrary, the providers are the ones to be regulated, and this should be the job of legislatures equipped (unlike the Whittingdale committee) with the appropriate level of understanding and coordinated at a global level.

The internet requires global oversight – but we have no apparatus that is disinterested and qualified enough to do the job.

A new front has been opened in this battle by the latest draft rules on data protection issued by Viviane Reding’s Justice Directorate at the European Commission on 25 January.

Reding is no friend of Google or the big social networks and is keen to draw them into a framework of legislation that will – should the rules pass into national legislation – be coordinated at EU level.

Reding’s big ideas include a ‘right to be forgotten’ which will apply to online data only and an extension of the scope of personal data to cover a user’s IP address. Confidentiality should be built-in to online systems according to the new rules – an idea called ‘privacy by design’.

These ideas are already drawing flak from corporates like Google who point out that the ‘right to be forgotten’ is something that the company already upholds as far as the data it holds is concerned.

Reding’s draft rules includes an obligation by so-called ‘data controllers’ such as Google to notify third parties when someone wishes their data to be removed, so that links and copies can also be removed.

Not surprisingly, Google objects to this requirement which, if not exactly a demand to police the internet, is at least a demand to ‘help the police with their enquiries’.

The problem will not go away: how do you make sure that a global medium protects privacy, removes defamation and respects copyright while preserving its potential to empower the oppressed and support freedom of speech everywhere?

Answers on a postcard, please.