Another Illinois Facebook face recognition lawsuit

Gillen v Facebook (Scribd)

Note: BIPA = Biometric Information Privacy Act

I have removed two footnotes in original.

NATURE OF ACTION

1. Plaintiff brings this action for damages and other legal and equitable remedies resulting from the illegal actions of Facebook in collecting, storing and using Plaintiff’s and other similarly situated individuals’ biometric identifiers and biometric information (referred to collectively at times as “biometrics”) without informed written consent in violation of the BIPA.

2. The Illinois Legislature has found that “[b]iometrics are unlike other unique identifiers that are used to access finances or other sensitive information.” 740 ILCS 14/5(c). “For example, social security numbers, when compromised, can be changed. Biometrics, however, are biologically unique to the individual; therefore, once compromised, the individual has no recourse, is at heightened risk for identity theft, and is likely to withdraw from biometric-facilitated transactions.”

3. In recognition of these concerns over the security of individuals’ biometrics – particularly in the City of Chicago, which was recently selected by major national corporations as a “pilot testing site[] for new applications of biometric-facilitated financial transactions, including finger-scan technologies at grocery stores, gas stations, and school cafeterias,” 740 ILCS 14/5(b) – the Illinois Legislature enacted the BIPA, which provides, inter alia, that a private entity like Facebook may not obtain or possess an individual’s biometrics unless it: (1) informs that person in writing that biometric identifiers or information will be collected or stored, see id.; (2) informs that person in writing of the specific purpose and length of term for which such biometric identifiers or biometric information is being collected, stored and used, see id.; (3) receives a written release from the person for the collection of his or her biometric identifiers or formation, see id.; and (4) publishes publically available written retention schedules and guidelines for permanently destroying biometric identifiers and biometric information, see 740 ILCS 14/15(a).

4. In direct violation of each of the foregoing provisions of § 15(a) and § 15(b) of the BIPA, Facebook is actively collecting, storing, and using – without providing notice, obtaining informed written consent or publishing data retention policies – the biometrics of its users and unwitting non-users.

5. Specifically, Facebook has created, collected and stored over a billion “face templates” (or “face prints”) – highly detailed geometric maps of the face – from over a billion individuals, millions of whom reside in the State of Illinois. Facebook creates these templates using sophisticated facial recognition technology that extracts and analyzes data from the points and contours of faces appearing in photos uploaded by their users. Each face template is unique to a particular individual, in the same way that a fingerprint or voiceprint uniquely identifies one and only one person.

6. Plaintiff brings this action individually and on behalf of all others similarly situated to prevent Facebook from further violating the privacy rights of Illinois residents, and to recover statutory damages for Facebook’s unauthorized collection, storage and use of unwitting non-users’ biometrics in violation of the BIPA.

A wrinkle in this lawsuit is that the plaintiff is not, and never has been, a registered Facebook user and therefore could not have agreed to Facebook's terms of service.

The attorney suing Facebook

A lawyer Silicon Valley loves to hate (Seattle Times)

Though one tech financier calls Jay Edelson “a leech tarted up as a freedom fighter,” the Chicago class-action lawyer has had an impact on the privacy issues that the Internet has made so pervasive.

Illinois: More on the Facebook facial recognition lawsuit

Facebook lawsuit calls collection of biometrics data illegal (Biometrics Update)

According to the Illinois Biometrics Information Privacy Act, it is unlawful to acquire biometric data without first providing the subject with a written disclaimer that details the purpose and length of the data collection, and without the subject’s written consent.

Read the whole thing.

Photos aren't simply records of something that happened, mere mementos, anymore. They're search terms and search results. That has implications for both public and private entities who collect and store images of people. Ordinary snapshots are now biometric data.

Now, about those Florida school yearbooks...

This should surprise no one

Facebook base may be better than the FBI facial recognition base — They've had more people feeding it better information with fewer legal barriers.

It's all ID nowadays

If the one word for the 60's was plastics and in the 80's it was all ball bearings, the technology touchstone for the 2010's figures to be identity.



The “i” in the next iPhone will stand for “identity.” (Cult of Mac)

When people hear rumors and read about Apple’s patents for NFC, they think: “Oh, good, the iPhone will be a digital wallet.” When they hear rumors about fingerprint scanning and remember that Apple bought the leading maker of such scanners, they think: “Oh, good, the iPhone will be more secure.”

But nobody is thinking different about this combination. Everybody is thinking way too small. I believe Apple sees the NFC chip and fingerprint scanner as part of a Grand Strategy: To use the iPhone as the solution to the digital identity problem.

NFC plus biometric security plus bullet-proof encryption deployed at iPhone-scale adds up to the death of passwords, credit cards, security badges, identity theft and waiting in line.

Apple loves to solve huge, hitherto unsolved problems. And there is no problem bigger from a lost-opportunity perspective than digital identity.

The Boston Consulting Group estimates that the total value created through real digital identity is $1 trillion by 2020 in Europe alone.

Read the whole thing. Stripped of the Apple-worship, it's an astute post.

The link inside the quote above is in the original and the pdf it links to is highly worth a look, as well. From the executive summary...

Increasingly, we are living double lives. There is our physical, everyday existence – and there is our digital identity. Most of us are likely more familiar with that first life than with the second, but as the bits of data about us grow and combine in the digital world – data on who we are, our history, our interests – a surprisingly complete picture of us emerges. What might also be surprising for most consumers is just how accurate and traceable that picture is.
...
Views on digital identity tend to take one of two extremes: Let organisations do what they need to in order to realise the economic potential of “Big Data,“ or create powerful safeguards to keep private information private. But digital identity can‘t be cast in such black-and-white terms. While consumers voice concern about the use of their data, their behaviours – and their responses to a survey conducted specifically for this report – demonstrate that they are willing, even eager, to share information when they get an appropriate benefit in return. Indeed, as European Commissioner for Justice Viviane Reding remarked, “Personal data is in today‘s world the currency of the digital market. And like any currency it has to be stable and it has to be trustworthy.“ 1 This is a crucial point. Consumers will “spend“ their personal data when the deals – and the conditions – are right. The biggest challenge for all stakeholders is how to establish a trusted flow of this data.

A new type of ID is needed to bind our physical and online selves, payments and hardware. If the tech giants are going to finish off the post office and assume the role of credit card companies, they're going to have to solve the ID problem. If they solve the ID problem, there's really no telling how many other business models they can disrupt.

Hardware & ID Security: PC vs Mobile

Mobile banking to hit 1 billion users by 2017

Fortunately for the consumer, mobile devices often contain technologies such as GPS that track the user’s location, front-facing cameras that can be used for face-recognition, and other biometric tools such as voice recognition technology and in some cases fingerprint technology. In December, Ben Knieff, head of fraud at financial crime and technology specialist NICE Actimize told Banking Technology that mobile banking could eventually become safer than online banking.

“While consumers didn’t like biometrics ten or even five years ago, rising usage of the technology on sites like Facebook has made it more acceptable,” he said. “Consumer sentiment is changing, and I believe there could actually be an opportunity to use some of these technologies to make mobile banking even safer than internet banking is today.”

The whole article is worth reading but two points in the second paragraph quoted above are especially thought-provoking.

That's the first time I've seen the Facebook face recognition issue turned on its head like that. Stories of outrage at the Facebook facial recognition app are easy to find. Whether this has more to do with Facebook's User Agreement policies or biometric technology is a subject for another day, but is it possible that as suggested above, by putting people into contact with the technology the Facebook face rec kerfuffle has made biometrics more acceptable to the networked public?

Another fascinating item in the second paragraph is the notion that mobile banking can be inherently safer than online banking conducted through desktop or laptop computers. We discussed some of the reasons for this in Mobile Devices and Biometric Modalities, but the reasons why authentication via mobile devices may be more rigorous than that using other hardware go beyond biometrics. Mobile devices are quite simply capable of covering all of the factors listed below. In a multifactor authentication model, the more factors that can be determined simultaneously, the higher the confidence in the authentication transaction.
Here they are.

Something you have (tokens: key, prox card, mobile phone, etc.)
Something you know (passwords, PINS, codes, high school mascot, etc.)
Something you are (biometrics: eye, voice, face, fingerprint)
Where you are (location: IP address, cellular signal, GPS, in the bank branch)
When you are (time)

Mobile hardware supports all the factors above and, in the factors with bold face, mobile platform security exceeds the security attributes of PC hardware. Mobiles make better tokens because they aren't often shared, they have blue tooth, near filed communication (NFC), wi-fi capabilities for external signaling and, of course, they're mobile. They support passwords (OK, maybe not quite as conveniently as PC's). Two biometric sensors, the camera and microphone, come stock on all mobiles. They know where you are at all times.

The what time it is question is a draw in the current discussion. Both technologies in question (mobile vs. PC) are equally ignored here because the question of time is answered on the server side; i.e. you can't avoid late fees by setting the clock back on your PC when you make last month's payment online. Payees have their own clocks. I just included it because it's a real factor and there are ID/security applications where an individual is treated differently at different times of the day. Time also comes up in combination with location. Credit cards run fifteen minutes apart in gas stations separated by 1,000 miles raise suspicion.

That's the theory anyway. In theory, mobile hardware can facilitate higher confidence ID authentication. In practice the security vulnerabilities of the PC world are better understood. There are several household names offering services that maintain PC hardware as a virus/trojan/worm free environment. Uptake of similar technologies has yet to take off with mobile hardware. That will change, though, if more people use mobile hardware to handle their finances.

Bikini Detection algorithm raises the stakes in social media

Add bikinis to the list of objects recognizable by computer algorithms.

IPhone app that finds racy Facebook photos raises privacy worries (Los Angeles Times)

“This is a very touchy subject, of course,” Barto said. “Anything that’s readily available on Facebook, that’s what we can search. Those privacy tools on Facebook should be used to control the content that you want to be private.”

The app works in a similar way to the facial-recognition technology found in video chat programs and Facebook’s tag prompts. But instead of identifying faces, Badabing identifies the shape of a bikini. That means in addition to beach photos, the app may return pictures of a T-shirt with the outline of a swimsuit.

Object recognition is really starting to take off.

Related: Biometrics, object recognition and search

First word about the FTC report

I'll have much more to say on the topic, perhaps later today, but the first clutch of analysis of the FTC's findings following the Face Facts workshop is starting to come out.

The best two examples I have seen so far are:
FTC Issues Privacy Guidelines for Facial Recognition Technology (eWeek)
FTC Issues Guidelines for Facial Recognition (Multichannel News)

Brian Prince at eWeek gets, I think, gets at two very important aspects of the FTC's efforts: the degree to which Facebook is the elephant in the room; and the dissenting voice of Commissioner Thomas Rosch who thought releasing the report at all was a mistake.

John Eggerton at Multichannel News gives a down the middle summary of each of the two points of view (pro and con). Then he really gives the dissent the attention it deserves. The quotes from Daniel Castro, senior analyst at the Information Technology & Innovation Foundation, that close the article are highly appropriate.

Face.com Redux? AuthenTec to ditch non-Apple customers in 2013

AuthenTec to reportedly ditch non-Apple customers in 2013 (Apple Insider)

In an email to its customers, which includes Samsung, HP, Dell, Lenovo and Fujitsu, Apple acquisition AuthenTec reportedly said it will no longer be honoring orders come 2013, a source told Korean language website etnews.

The announcement may be an indication of what Apple plans to do with the company and its technology after purchasing the firm in July for $356 million. AuthenTec is well known for its work in fingerprint sensor tech and it was rumored that Apple might be looking to implement the biometric security asset into an upcoming iPhone.

It may be recalled that after Facebook bought Face.com, Face.com's existing customers were left twisting.

This is always a tricky post merger call. Does Apple continue to sell a technology, at a hefty profit, to its competitors? How long would Apple's competitors live with that deal?

Apple seems to have made the call.

Facebook consents to delete face recognition data of EU users

Facebook Agrees to Delete EU Facial-Recogniation Data (Bloomberg)

The owner of the biggest social-networking site has faced several European reviews over concerns a facial-recognition program that automatically suggests people’s names to tag in pictures breaches privacy rights.

Facebook Ireland “agreed to delete collected templates for EU users by Oct. 15” and to seek regulator consent “if it chooses to provide the feature to EU users again,” the Irish Office of the Data Protection Commissioner said in the conclusions to a review today.

Data-protection regulators from the 27-nation EU have been looking into Facebook’s facial-recognition feature.

The theme of the article is consent.

The Facebook Face Rec Saga Continues as EU Reopens Inquiry

Germans Reopen Facebook Privacy Inquiry (NY Times)

Data protection officials in Germany reopened an investigation into Facebook’s facial recognition technology Wednesday, saying the social networking giant was illegally compiling a vast photo database of users without their consent.

Face Rec for Loyalty Programs

Facedeals lets you check in to venues with your face (Wired - UK)

Users will need to have authorised the Facedeals app through their Facebook account. This verifies your most recent photo tags and maps the biometric data of your face. This data is then used to identify you in the real world. It doesn't appear to use Facebook's own recognition technology, supplied by Face.com.

It's not the tech, it's the people: Senate Face Rec Hearings Edition

Here are a couple of news pieces on the hearing of the Privacy Subcommittee of the Judiciary Committee facial recognition and privacy.

Sen. Al Franken reads Facebook the riot act over facial recognition risks (All Voices)

The senator made some pointed criticisms to Facebook's manager of privacy and public policy Rob Sherman. Sen. Franken noted how difficult it is for users to opt out of having their faces recognized by Facebook supercomputers. The privacy settings, he argued, are buried deep in a lengthy and frustrating process. "Right now, you have to go through six different screens to get (to the privacy opt-out)," Sen. Franken complained. "I'm not sure that's 'easy to use'."

Regulation of Facial Recognition May Be Needed, US Senator Says (PC World)

The growing use of facial recognition technology raises serious privacy and civil liberties concerns, said Senator Al Franken, a Minnesota Democrat and chairman of the Senate Judiciary Committee's privacy subcommittee. Franken, during a subcommittee hearing, called on the U.S. Federal Bureau of Investigation and Facebook to change the way they use facial recognition technology.

Biometric information, including facial features, is sensitive because it is unique and permanent, Franken said.

There are real privacy issues surrounding both government biometric surveillance and the transparency of private entities that use biometrics.

Dealing with the particulars of the hearing, though, it seems that if you're mad at Facebook, deal with Facebook and that those worried about the government's respect for the privacy of citizens would be best served arguing for limits to the government's snooping power, regardless of the technical method used. 

See:
Surveillance requests to cellphone carriers surge and Twitter Gives User Info In 75% Of U.S. Inquiries. Google says it complied with about 65% of court orders and 47% of informal requests in the second half of 2011.

Of the methods Facebook uses to extract personal information from users, facial recognition is perhaps the best known.

Of the myriad technologies government uses to track citizens, facial recognition is among the least significant.

That won't always be the case, so it's good to to build consensus on the proper use of a new technology in an open and informed way, but it shouldn't be hyped and used as a distraction from more pertinent privacy issues.

It's not the tech, it's the people.

Facebook Acquires Face.com

Facebook completes Face.com acquisition (Biometric Update)

Awesome News – Facebook Acquires Face.com (Face.com Blog)
They're understandably pleased.

Facebook Buys Facial Recognition Startup Face.com (Forbes)

Terms of the deal were not disclosed though various reports peg the price at $80 million to $100 million. The Israeli startup, which provides automated facial recognition of photos, also has a mobile photo app called Klik.

Face.com has been providing its service to a number of third-party developers and the company said in its blog post that it will continue to support those developers after the acquisition.

Facebook’s Face.com Buy: Clues to Mobile Strategy (CNBC)

Facebook’s albatross — and its biggest opportunity — is its fast-growing mobile user base. Today’s acquisition sheds light on Facebook’s plan to ensure it doesn’t lose mobile users, and to turn those half-billion people into revenue and profits.

Face.com specializes in facial recognition — its technology is used by 45,000 developers. And the company has a special expertise in mobile facial recognition: its Klik app tags people within photos before they’re even taken, while you’re holding your phone up. Google and Apple also offer facial recognition technology to tag people in photos, but Face.com is distinguished by its mobile focus, which could give Facebook users the advantage of quickly tagging friends while uploading on the go.

Of course, some people worry that adding better facial recognition technology is problematic given Facebook's massive data store and track record on privacy...

Facebook acquires facial recognition software company (Computer World)

Sarah Downey, a privacy analyst with pro-privacy software vendor Abine, indicated that the technology was particularly alarming in the hands of Facebook.

"There is nothing more concerning in the privacy sphere than the marriage of Facebook and facial recognition," she said in an email. "Every time you're tagged, Facebook learns more about your face and how it looks with or without glasses, in various lighting, with facial hair, etc. It's one of the few data sources that Facebook has yet to monetize, and the acquisition of Face.com suggests that making money off your face is on their to-do list."

What if? Online Real-Time Searchable Sensor Data

Each of these articles is extremely interesting and when they're read together, they become even more so.

The first one was published in the Washington Post a week or so ago and concentrates on industrial control systems (probably because Stuxnet has been in the news a lot lately). The second article below talks about the development of a search engine that could combine social networking with data collected by sensors that are hooked up to the internet.

Cyber search engine Shodan exposes industrial control systems to new risks (Washington Post)

It began as a hobby for a ­teenage computer programmer named John Matherly, who wondered how much he could learn about devices linked to the Internet.

After tinkering with code for nearly a decade, Matherly eventually developed a way to map and capture the specifications of everything from desktop computers to network printers to Web servers.

He called his fledgling search engine Shodan, and in late 2009 he began asking friends to try it out. He had no inkling it was about to alter the balance of security in cyberspace.

“I just thought it was cool,” said Matherly, now 28.

Smart City Search Engine Uses Sensors (Tech Week Europe)

Researchers at the University of Glasgow are helping build a search engine that will combine data from social networks with real-time sensor information such as recognition of faces in crowds to help users locate individual people or events.

The European-funded project, called Search engine for MultimediA Environment geneRated contenT (SMART), takes advantage of the already widespread presence of sensors such as CCTV cameras and microphone arrays, according to Dr. Iadh Ounis of the University of Glasgow’s School of Computing Science.

The combination of what these two efforts envision — a crawler that finds online devices, an engine that makes them searchable, datamining of social media and real-time access to sensor data — would really be something.

But what would it take for someone sitting at a computer terminal to find and commandeer a surveillance camera, grab an image of my face, run it through a facial recognition search of social media platforms and find out something as simple as my name?

For now, it would be pretty difficult. Without significant help from disparate entities, the challenges associated with such a query are extremely daunting and that will probably be true for the foreseeable future.

A simple facial recognition search of all the photos on (for example) Facebook's servers would be pretty close to useless. The 'book simply has far too many faces. Based upon the (low) image quality from surveillance cameras and the (high) number of Facebook photos, there would be far too many false positives. I'll make an educated guess that the reason Facebook gets the facial recognition results that it does is that it uses its (highly proprietary) knowledge of its users to limit the face rec search only to people that Facebook already believes have a significant likelihood of actually knowing each other. So, without Facebook's help, that random someone sitting at their computer would have a pretty difficult challenge even if their target is a heavy user of social media.

Other challenges apply. Finding a device online is not the same as controlling it. Controlling some functions of a device such as a surveillance camera doesn't necessarily imply that all functions are available to the user. Speed and storage are also issues.

Nevertheless, some challenges, such as the co-operation of service providers, can already be overcome by governments. Others will become easier to overcome as technological progress is made.

What is possible? That's an interesting question. What does it cost? That may be far more important. Stuxnet proved that some amazing things are possible. As for pulling a mini-Stuxnet to see if I'm over-sharing on the social webs, theoretical possibility may not be the most important consideration. A private detective is still the way to go.

But if Moore's law holds and techy things continue get cheaper, better and faster, who knows?

Germany will wait on Irish investigation of Facebook Facial Recognition

German Regulator Suspends Facebook Facial-Recognition Probe (Bloomberg)

A German privacy regulator suspended its probe of Facebook Inc. (FB)’s facial-recognition features pending an Irish audit of how the social-media company handles personal data.

Hamburg’s data-protection authority said it will wait for Facebook to negotiate with Ireland’s privacy regulator before deciding whether Facebook complies with rules for using biometric data in an application that suggests people to tag in photos on the social-networking site.

Consumer Reports: Facebook & Your Privacy

Who sees the data you share on the biggest social network? (Consumer Reports)

A Consumer Reports guide to privacy on Facebook with lots of facial recognition talk. I couldn't embed the video, but it's good, too.

UPDATE:
A sample:

Some people are sharing too much. Our projections suggest that 4.8 million people have used Facebook to say where they planned to go on a certain day (a potential tip-off for burglars) and that 4.7 million “liked” a Facebook page about health conditions or treatments (details an insurer might use against you).

Some don't use privacy controls. Almost 13 million users said they had never set, or didn’t know about, Facebook’s privacy tools. And 28 percent shared all, or almost all, of their wall posts with an audience wider than just their friends.

Facebook collects more data than you may imagine. For example, did you know that Facebook gets a report every time you visit a site with a Facebook “Like” button, even if you never click the button, are not a Facebook user, or are not logged in?

Your data is shared more widely than you may wish. Even if you have restricted your information to be seen by friends only, a friend who is using a Facebook app could allow your data to be transferred to a third party without your knowledge.

Legal protections are spotty. U.S. online privacy laws are weaker than those of Europe and much of the world, so you have few federal rights to see and control most of the information that social networks collect about you.

And problems are on the rise. Eleven percent of households using Facebook said they had trouble last year, ranging from someone using their log-in without permission to being harassed or threatened. That projects to 7 million households—30 percent more than last year.

See also:
Is Facebook using logical access control policies to gather information about its users?

What's Up With Facebook's ID Management/Logical Access Control?

An Exile From the Kingdom of Me (The New Yorker)

Meanwhile, I have sought redress against the charge that I am not who I say I am. I gave Facebook my cell-phone number so they could text me a confirmation code. The text arrived. I tried to log on, and entered the code. To my surprise, Facebook was not assuaged, and gave me another quiz.

Some will interpret the accumulation of obstacles between the user and their Facebook account as reflective of how prevalent unauthorized access to accounts has become. Others will suspect that Facebook is erecting the barriers in order to extract a personal information premium (mobile phone number) in exchange for for removing them.

Is Facebook using logical access control policies to gather information about its users that isn't needed purely for ID purposes? If so, is it likely to annoy Facebook users?

The linked piece is actually more about the ontology of friendship (also a very interesting topic!) than ID and privacy. It is highly thought-provoking and deserving of a quick click-and-read.

EU, Facebook, FaceRec & Consent

Facebook's facial recog bots can't eat your face without your say-so (The Register)
They can taste it, though...

Social networking sites need to obtain users' "informed consent" before suggesting to other users that those individuals feature in photos that they are uploading to the site, an EU privacy watchdog has said.

The Article 29 Working Party said, though, that the networks can process the images legitimately without the consent of those featured in the photos under EU data protection laws in order to assess whether that consent has been given. However, it said that sites processing images in order to verify consent must delete that information "immediately after" that processing is complete.

The above article makes an interesting technical point and hints at an interesting point about privacy.

In order to biometrically determine whether or not someone is in a particular database — such as the database of people who have given consent to be "tagged" — a biometric search must be undertaken. The Art.29 Data Protection Working Party has acknowledged the difference between the search and enrollment functions and probe vs. database images. This is good because, as implied in the article, to fail to make these distinctions would make it impractical to find out if someone had consented to something in the first place without making them express their consent all over again.

There's also an interesting privacy point — Facebook's knowledge about non-facebook users (such as your humble scribe). The sly "spam your friends" button that sends an email to everyone in a new user's email contact list is one way Facebook collects personal information (email addresses) of non-facebook users and begins to turn that data into information when the same email address turns up in multiple Facebook users' contact lists.

The photo tagging feature also allows/encourages Facebook users to add information about non-users to Facebook's database. The Art.29 Data Protection Working Party has recommended a technical solution to the photo-tagging feature's ability to collect information on non-consenting individuals for Facebook's use, which is great. But a 100% solution is as much social as technological.

There's an etiquette to these things. Facebook makes it very, very easy for users to tell Facebook about people who don't use Facebook, but it seems impossible that Facebook could police its users in such a way as to prevent them from violating the privacy of other people. Facebook collects information on non-users, and Facebook can be used to communicate information about non-users without consent. These are two separate issues.

In a final twist, Facebook's very existence may depend upon its users' discretion and restraint in choosing what to post and tag, and Facebook's agility in handling the information. A user may love the facial recognition tagging feature but hate to be outed as the Key West Spring Break wet T-shirt contest winner.

The Privacy Implications of Facial Recognition Technology

Ralph E. Stone has a good facial recognition piece in today's Salem (Oregon) News.

It hits all the high points: A description of the technology; Use in law enforcement; Abuse both potential (law enforcement) and actual (Facebook); Privacy; The legal privacy framework in Europe; and the FTC's interest in the subject in the United States.

Mr. Stone covers much ground in a short piece that is well worth reading.

Other posts on privacy.