Sunday, August 18, 2013

"Terms and Conditions May Apply": the risks of Internet use for ordinary people is more than I thought; misinterpreted posts can put you in jail

How many of us read the fine print before using Internet services?  We don’t have much choice but to accept them, but that could ultimately be dangerous, according to a new documentary by Cullen Hoback, “Terms and Conditions May Apply”, from Variance Pictures (also Hyrax, Topiary, Roco).  
The biggest threat most computer users is still probably hackers and criminals, but the likelihood of corporate misuse of information, which is much more pervasive than most users realize, seems to increase, and most of all is the risk of government misuse, which has more recently attracted attention because of the Wikileaks and Snowden NSA scandals.
We meet some interesting characters:  Barrett Brown, from Hacktivists;  Max Schrems, a handsome Austrian law student with accent-free English who launches litigation, and toward the end, Mark Zuckerberg himself (not Jesse Eisenberg or Ashton Kutcher), chased down by reporters near his new Palo Alto home, right after the film has displayed his notorious “The ‘trusted me’” email. 

There has been a lot of talk in the media about “metadata” or “pen register” surveillance, but the film presents at least three cases where ordinary people were detained or investigated for apparent threats in social media, all discovered by intelligence or police text-trolling software, from materials given to law enforcement by service providers.  In one case, a man in Ireland was detained at LAX for days because of a supposed threat made on Twitter.  In another, the NYPD visited a man just a few days after he had moved into a new apartment because of a Facebook posting.  In still another, a man in Britain was detained as a possible security threat because of the 2011 Royal Wedding based on out-of-context interpretation of a social media post.  It was not clear whether these posts had been intended for everyone, or had been whitelisted for just friends or followers, in which case the police really would have been reading private content.  The film did not mention the case of a teenager in Texas prosecuted for a misread Facebook threat (Internet Safety blog, July 3, 2013. 

The film also points out a problem with metadata snooping: police could misinterpret a consumer’s search engine requests or purchases.  A writer might be searching to learn about how a terror attack could come about in a novel, not in real life.  The film also mentions (as does Daniel Solove in his 2011 book “Nothing to Hide” (reviewed July 23, 2013 on the Books blog) that when personal or activity information is held by a third party, there is no Fourth Amendment protection from searches. 
A person has “nothing to hide” until he or she does, the film says.  One quick refutation comes from the fact that people sometimes have their credit scores lowered because other customers of the establishments where they use their credit cards have poor repayment histories.  
I wondered if electronic searching could have caused my 2005 incident when I was a substitute teacher (“BillBoushka”” blog, July 27, 2007).  But it sounds unlikely that public school systems  would have been having contractors run Internet searches to match up the names of teachers with all possible troubling word combinations, and even if something popped up, it would need to be interpreted.  Of course, in the film, people were detained just on the basis of automated Internet background investigations (triggered possibly by intelligence activity) without concern for context.

The film gives an interesting anecdote about Mark Zuckerberg at Harvard, not included in “The Social Network”.  That is, Mark’s buddies in the dorm asked him, “Why would an individual want a personal website, anyway”, sometime in the early fall of 2004.  I wonder if Zuckerberg knew about me and my “” and “” sites and my “Do Ask Do Tell” sites and even my participation as a COPA litigant (under Electronic Frontier Foundation) on the theory that COPA could destroy the “free entry” system for Internet self-publishing.  (The bigger dangers have come from SOPA, and now the proposal to weaken the CDA Section 230 concerning downstream liability of service providers – itself a potentially good topic for documentary film .)  The reason he might have known is that there had been some controversy over Harvard’s banning military recruiters in 2003, when Zuckerberg was a freshman, over “don’t ask don’t tell”, and so he would have heard about it.  With any curiosity at all, he could well have found me by search engines and realized what one person could do.  But what he would add was social context – the idea that some publishing is layered within certain communities (like schools) or lists of people.   Privacy settings are predicated on nuances in the way these white-lists work.  

The film also makes a good point on the fact that “terms and conditions” are often the most troublesome with “free content”.  But any paid hosting service will have a TOS or “acceptable use policy”.

The official site is here.
I saw the film at the West End Cinema in Washington DC late on a Sunday afternoon before a small audience, but I had missed the chance for director QA yesterday to see “Jobs” first. 

No comments: