Going after Wikileaks causing more problems

The ancient Polynesians navigated the Pacific using the moon, stars and motion of the waves. As the ripples from the Wikileaks scandal travel around the planet I wonder if we can chart a course that brings us to greater privacy and security by seeing the way various governments, agencies and businesses react to them.

Last week we learned that the U.S. government tried to force Twitter to release user information on people who had been associated with Wikileaks. Wikileaks fought back, and has been widely praised for it. Wired's Threatlevel blog even stated that Twitter's response should be the industry standard when such requests are made.

As ripples move across the water they strike object and bounce back. In the Privacy Inc blog at CNET Declan McCullagh reports that a group of European politicians is protesting the U.S. subpoena of information from Twitter. Along with concerns that EU privacy rules may have be broken by the subpoena's, there is concern over the fact that one of the accounts subpoenaed belongs to a member of Iceland's national parliament. That does not please the government of Iceland, which summoned U.S. Ambassdor Luis Arreaga to a meeting at their foreign ministry.

Wikileaks did not steal the information it is releasing. By the governments own admission most of the data shouldn't have been classified, and nobody believes any of it is more than embarrassing. There was a similar case in the '70's that determined journalists releasing secrets were covered by the First Amendment. Is going after Wikileaks and Julian Assange worth causing international incidents? To have a trial that will probably go in Assange's favor?

Is this an attempt to catch and punish a wrongdoer or just to cover somebody's embarrassment?

Apple patenting "traitorware"

Julie Samuels of the Electronic Frontier Foundations (EFF) "Deeplinks" blog has a lot to say about Apple's recent application for a patent on "Systems and methods for identifying unauthorized users of an electronic device." It doesn't sound too bad, does it. How do we identify someone who's stolen our $500 iPhone or our $1500 laptop? Use Apples newest development in user identification and monitoring, of course!

This technology is waaaay beyond what would be necessary to tell whether a device is stolen or not. With this "traitorware" as the EFF is calling it, Apple can collect and store biometric data on you, tell if the device has been jailbroken (and take action if it has), alert the appropriate parties of where the device is ... here's the EFF's partial list of what Apple's proposed system can do:

• The system can take a picture of the user's face, "without a flash, any noise, or any indication that a picture is being taken to prevent the current user from knowing he is being photographed";
• The system can record the user's voice, whether or not a phone call is even being made;
• The system can determine the user's unique individual heartbeat "signature";
• To determine if the device has been hacked, the device can watch for "a sudden increase in memory usage of the electronic device";
• The user's "Internet activity can be monitored or any communication packets that are served to the electronic device can be recorded"; and
• The device can take a photograph of the surrounding location to determine where it is being used.

In other words, Apple will know who you are, where you are, and what you are doing and saying and even how fast your heart is beating. In some embodiments of Apple's "invention," this information "can be gathered every time the electronic device is turned on, unlocked, or used." When an "unauthorized use" is detected, Apple can contact a "responsible party." A "responsible party" may be the device's owner, it may also be "proper authorities or the police."

There is no need for Apple, or anyone, to gather that much information about you as a purchaser of their products. This is information that can be used to steal your identity. We're not talking about a single biometric identifier - that would be bad enough. Apple want to gather your picture, voiceprint and heartrhythm at least, and maybe more. They want to monitor your internet usage - and log not just where you go, but record the actual data packets that are being sent to and from your device. They want to monitor memory usage for patterns that may indicate the device has been jailbroken - even though jailbreaking is legal.

With this patent application Apple is reaching far beyond any information they have a right or a need to gather. Pray the patent is denied and that Apple doesn't try to change it and reapply. This is an idea whose time will never come.