OTTAWA — Canada’s privacy watchdog says Internet phenomenon Facebook breaches the law by keeping users’ personal information indefinitely — even after members close their accounts.

Privacy Commissioner Jennifer Stoddart says the popular social networking site should hang on to the data only for as long as truly necessary.

In a report Thursday, Stoddart urged Facebook to remedy the problem, one of several serious privacy shortfalls she discovered.

Facebook, which has nearly 12 million Canadian users, allows people to keep in touch with friends and family by updating their personal pages with fresh messages and photos.

Stoddart said although Facebook provides information about its privacy practices, it is often confusing or incomplete.

“It’s clear that privacy issues are top of mind for Facebook, and yet we found serious privacy gaps in the way the site operates,” Stoddart said in a statement.

For example, the “account settings” page describes how to deactivate accounts but not how to delete them, which actually removes personal data from Facebook’s computer servers.

Stoddart wants Facebook to wipe the information in deactivated accounts after a reasonable length of time.

The report also raises concerns about the sharing of users’ personal information with the almost one million third-party developers around the globe who create Facebook applications such as games and quizzes.

Facebook lacks proper safeguards to prevent these developers from seeing users’ profile information, the investigation found.

Stoddart calls for more transparency to ensure the site’s Canadian users have knowledge they need to make meaningful decisions about how widely they share personal information.

The privacy commissioner will review Facebook’s actions after 30 days to gauge progress. She can take the case to the Federal Court of Canada to have her recommendations enforced.

She launched a probe of Facebook in response to a complaint last year from the Canadian Internet Policy and Public Interest Clinic.

The clinic, based at the University of Ottawa’s law faculty, alleged numerous violations by the high-profile site.

The Full Report can be found Here:

http://www.priv.gc.ca/cf-dc/2009/2009_008_0716_e.cfm

If you are the kind of person who can’t help but look when you drive by an accident scene, DMFail is for you. The site, which has been all the rage on Twitter for the last few days, shows direct (private) messages that were sent improperly on Twitter and are therefore public.

If you want to send another Twitter user a message that only she or he sees, you type [D + username + message]. But a lot of people accidentally type DM (for Direct Message) instead of D, and when that happens you pay the price of having your message pop into your Twitter stream for everyone to see.

DMFail grabs all those messages and reprints them on its site for everyone to see, which can be quite a horrible experience for the people involved. Thus the accident scene analogy.

It would be fairly trivial for Twitter to change things so that DM also sends a private message, but so far they haven’t. On average, a couple of messages per hour over all of Twitter end up hitting DMFail.

Direct messages on Twitter don’t seem to be all that secure in general. They’re available to third parties through the API, for example, and there has been at least one case where confusion led to making some direct messages public.

Anyhow, from now on I’m just going to start all my Twitter messages with DM. I suggest you do the same.

By Nate Anderson | Published: December 11, 2008 – 11:07AM CT

The idea for a virtual world focused on the Islamic lifestyle began five years ago, when CEO Mohamed El-Fatatry moved from Dubai to Finland in order to attend university. Raised in Dubai, El-Fatatry wanted wider horizons and a chance to see more of life. American universities were generally expensive, so El-Fatatry sat down at his computer, Googled for “media technology studies in Europe,” and found a Finnish university as his third hit. Finland offers free higher education, even for foreigners, so El-Fatatry applied, enrolled, and only then headed to his new country for the first time.

With €300 and an uncertain future, he took a job delivering newspapers to make some extra cash as he studied. The entire journey was a trip into the unknown for El-Fatatry, but after doing it, he found that he now had the “guts” to take more risks. By 2006, he had created the Internet startup Muxlim, a social networking and community site for Western Muslims.

Living in Finland was the first time El-Fatatry had been in a Muslim-minority country, and the experience taught him more about the importance of community. Muxlim tries to reach not “westernized Muslims” who have resettled from Islamic countries, but fully western Muslims in America and the UK, the kind of people who love football and watch Heroes. And, while the site does feature areas to discuss theology, the focus isn’t on religion per se, but the Islamic “lifestyle” that includes food, clothing, and entertainment (like CBC’s Little Mosque on the Prairie, for instance).

After two years of operation, Muxlim now has venture funding, employs 20 people, reaches hundreds of thousands of users, and has 65 to 70 percent of its audience logging in from the US and the UK. Not bad for a Finnish startup with a young CEO.

The specific idea to add a virtual world as a new community feature arose in 2007, and Muxlim hired an artist to do a mockup that was later published on the site. It proved so popular that development was farmed out to a Finnish design house; after six months of work, the beta of “Muxlim Pal” launched to testers this week.

It’s a simple virtual world at this point, one where visitors can drop in on the beach cafe, the arena, Muxlim offices, and more, but the only thing to do at the moment is chat with other people in each area. The world is Flash-based, runs on Amazon’s cloud computing infrastructure, and looks quite slick. El-Fatatry tells us that the current deployment is an extremely beta test of the technology that is nowhere near his vision of the final product, but the company wants feedback from users as it continues to develop Muxlim Pal.

Several things separate Muxlim Pal from other worlds like Second Life. For one thing, it’s family friendly; you won’t see two furries engaging in some extremely intimate behavior here, and the plan is to empower community members to flag offensive speech and actions on their own. After enough complaints, a volunteer moderator will step in and make a decision about the content in question.

A more subtle but also more interesting change is that the character one controls in Muslim Pal isn’t an “avatar” who represents the user; it is more of a virtual friend (as the world’s title suggests) that the user controls. El-Fatatry tells us that some basic Sims-like features are coming soon to the world, including meters for spirituality, health, etc, that change as the character interacts with the world. But demoting the spirituality level of a real person seemed potentially offensive, hence the decision to make the virtual characters into friends.

Apart from some architectural design elements, the world itself isn’t especially Islamic (though characters will be able to do their prayers and wear headscarves). El-Fatatry says the site is open to anyone, and he has no desire to “segregate” Muslims inside their own virtual community center. Muxlim is currently integrating Facebook Connect, for instance, and it encourages members to use any social tools on the web.

Within hours of opening its virtual doors this week, though, Muxlim Pal was already hit by “griefers” of the sort well known to virtual worlds users and online gamers. 10 people “had an intent to disrupt the site” and caused problems for half an hour or so before being booted.

But El-Fatatry says that the biggest problem was popularity; with widespread media coverage of the launch, “thousands upon thousands” of people started logging in, but few were site regulars. Muxlim wants initial feedback from its community members, since the world is meant only as an extention of the site’s community features, not a standalone destination. Feedback from thousands of non-community members would be less helpful in guiding development, so Muxlim now requires users to be a part of its community for at least three weeks before gaining access to Muxlim Pal.

Just like any business, Muxlim needs to make money. Most of the site is blanketed in traditional advertising (“Some insurance policies appear complete… but are they halal?”), but Muxlim Pal also provides a way to purchase “coins” that can be used to upgrade a character’s clothing and possessions. The US Muslim market alone has an estimated $170 billion purchasing power, so El-Fatatry is convinced that he is tapping a lucrative market while providing a valuable community at the same time.

It’s an improbable story, a Finnish company run by an English-speaking, Dubai-born CEO who aims to reach British and American Muslims. But Muxlim has seen terrific success so far in its two-year history, and the attention given to Muxlim Pal suggests that the ride will continue for some time.

By Julian Sanchez | Published: December 11, 2008 – 05:10AM CT

By Julian Sanchez
| Published: December 05, 2008 – 10:01AM CT

Stacy Snyder, a federal court has ruled, won’t be teaching kids the three Arrrrs
any time soon: They’ve rejected Snyder’s claim that her First Amendment
rights were violated when a MySpace photo showing her engaged in a bit
of boozy buccaneering, as well as posts complaining about her
relationship with a supervisor, cost the former Millersville University
student a teaching degree.

In 2006, Snyder had been a student teacher at Conestoga Valley High
School in Pennsylvania, as required by both Millersville’s teaching
curriculum and the state’s teacher certification guidelines. Her
performance reviews often complained of Snyder’s lack of
professionalism—and her shaky grasp of the subject matter she had been
assigned to teach.

But the final straw for the school came when they saw that Snyder’s
MySpace account—which she had mentioned to students on several
occasions—contained a photo of the grog-swilling Snyder in a pirate
hat, captioned “drunken pirate,” as well as posts alluding to her
fraught relationship with her supervisor. They called Snyder at home
and told her to walk the plank out of their student teaching program.
Since she’d failed to complete her student teaching practicum,
Millersville denied Snyder a teaching degree, instead shuffling some
credits around to award her a BA in English.

Snyder took the school to court, and while judge Paul Diamond of the
District Court for the Eastern District of Pennsylvania promptly
dismissed her due process claims, as well as several statutory claims,
he allowed her to press the argument that the denial had violated her
First Amendment right to free expression.

On Wednesday, however, the judge tossed that claim as well. Snyder,
Diamond found, “was an apprentice more akin to a public
employee/teacher than a student” during her time at CV High. As such,
the First Amendment protects her speech about matters of “public
concern”—she couldn’t be barred from the student-teaching program for
expressing an unpopular political opinion—but not personal MySpace
postings the school found to be unprofessional. Moreover, once the
school had declined to certify her completion of the program,
Millersville administrators had no authority to override the degree
requirements to award Snyder a teaching diploma.

A warning to prospective public employees, then: it may be that on the
Internet, nobody knows you’re a dog. But they are apt to find out if
you’re a drunken pirate.

By Nate Anderson | Published: December 04, 2008 – 09:35PM CT

Now that the official Amazon Mobile iPhone app is here, it’s easier than every to check prices from anywhere, even while shopping in retail stores. And the company’s clever new “Amazon Remembers” service will use humans to identify product pics snapped with the iPhone, even if they include shoes worn by the person sitting next to you on the subway.

Both are Good Things, but can too much of a Good Thing turn a little sour on the tongue?

Don’t even try to hide it

I confess there have been occasions when I went to a retail store, learned about and handled products, then went home and ordered them less expensively over the Internet. After getting a laptop and an EVDO card, the practice went at time a bit further; I would retreat to the parking lot, check online deals, and make a buying decision there in the front seat of the car. But actually scanning the Internet for lower prices while standing in the store?

The practice might feel a bit like being caught reading a dirty novel in the back of the library stacks (“Can I help you with anything?” “Uh, no, just looking, thanks! Please go away!”) but Amazon wants to make it mainstream. In the official App Store description of its new iPhone app, the company suggests it can be used for “comparing prices on Amazon and 9,000 other merchants to those in the retail store you are visiting.”

It’s certainly a consumer-friendly idea, though one wonders if it will cause that throbbing vein on the necks of Best Buy and Borders execs to throb a bit more quickly. For Amazon to explicitly suggest that shoppers take advantage of bricks-and-mortar stores—an expensive investment that Amazon has purposely not made—and then use the benefit derived from those stores to order the product cheaply online, well, that’s a pretty straightforward declaration of war.

Retailers certainly can’t be pleased with idea of all those 1-click iPhone orders going to Amazon even as customers stand in their stores, fondling their merchandise. Not antagonizing your customers is the first rule of business, but it’s not real hard to imagine some stores approaching heads-down iPhone users with a crisp, “May I help you, ma’am?”

Amazon Remembers, so snap away!

Once, while rumbling through the darkened tunnels of the Prague Metro, the train pulled up to a station stop, the doors opened, and a man with a monkey on his shoulder stepped inside. It doesn’t look so odd when written down in print like that, so let me say it again: he had a live monkey. On his shoulder. On the Prague Metro.

I did what anyone would do—waited until he turned away (the monkey continued to level its creepy simian gaze at me) and snapped a surreptitious photo. I mean, the dude had a monkey! On his shoulder! On the Metro!

I bring this up only to point out that snapping pictures without permission of people at close range in public places is generally something of a taboo; at the least, it can be shockingly impolite. (Though when you have a monkey! on your shoulder! on the Metro! I’d say you’re fair game.) Which is why Amazon’s new “Amazon Remembers” feature sounds potentially unsettling.

So many chances for shopping

Amazon Remembers uses the iPhone camera to snap images, which are uploaded to the cloud and farmed out to humans for identification with Amazon products. Cool enough when the product is a book cover, of course, but what if it’s an article of clothing currently worn by someone sitting next to you on the subway? We are treading in the deep waters of etiquette here.

Amazon has no problem with the practice, though. In its official App Store description, the company suggests that people start snapping away in public. “Seeing if Amazon Remembers can find a pair of shoes for sale like the one the person sitting next to you is wearing,” it offers. Perhaps I’m betraying my own sense of personal space here, but I would not feel pleased to see people holding out their iPhones to photograph the label on my jeans, the brand of my shoes, or the cut of my scarf when I’m riding the El from Oak Park to the Loop.

Pirates of the Amazon

Oddly enough, this week also saw the release of some software that does the same thing to Amazon that Amazon encourages iPhone users to do to other retailers. “Pirates of the Amazon” is a Firefox extension that compares Amazon products with items available on The Pirate Bay; when it finds a match, the add-on creates a “download 4 free” button directly on the Amazon product page. Clicking it retrieves the file using BitTorrent.

It’s not the same thing, of course, being utterly illegal, immoral, and generally piratical (which is sort of the point). It’s also not currently available, with the site displaying a “The Ship was hit. We’re offline” message at the moment.

Personally, if I had to draw behavioral lines around various practices, I wouldn’t be a “Pirate of the Amazon,” but I would use the Amazon iPhone app to price check stores—and I’d return to the parking lot to do it. Why? For the same reason I wouldn’t tell my dinner hosts that their instant mashed potatoes reminded me of caulk in a bowl, though I might make the observation to my wife in the car on the way home.

As for Amazon Remembers, snapping standalone objects is fine and useful, but taking pics of someone’s shoes, laptop case, watch, hat, or gloves in public feels a bit too much like being a paparazzi. If someone sitting beside me in a coffee shop started snapping iPhone pictures of my jeans, I can’t imagine liking it a whole lot, but neither can I really imagine people walking up to strangers all over the country and asking, “Hey, do you mind if I take this picture of your pants with my phone?” and getting a positive result.

There are no black and white lines here, though, just shades of grey; how would you handle these issues?

Published: November 29, 2008 HARRISON BROWN, an 18-year-old freshman majoring in mathematics at M.I.T., didn’t need to do complex calculations to figure out he liked this deal: in exchange for letting researchers track his every move, he receives a free smartphone.

Now, when he dials another student, researchers know. When he sends an e-mail or text message, they also know. When he listens to music, they know the song. Every moment he has his Windows Mobile smartphone with him, they know where he is, and who’s nearby.

Mr. Brown and about 100 other students living in Random Hall at M.I.T. have agreed to swap their privacy for smartphones that generate digital trails to be beamed to a central computer. Beyond individual actions, the devices capture a moving picture of the dorm’s social network.

The students’ data is but a bubble in a vast sea of digital information being recorded by an ever thicker web of sensors, from phones to GPS units to the tags in office ID badges, that capture our movements and interactions. Coupled with information already gathered from sources like Web surfing and credit cards, the data is the basis for an emerging field called collective intelligence.

Propelled by new technologies and the Internet’s steady incursion into every nook and cranny of life, collective intelligence offers powerful capabilities, from improving the efficiency of advertising to giving community groups new ways to organize.

But even its practitioners acknowledge that, if misused, collective intelligence tools could create an Orwellian future on a level Big Brother could only dream of.

Collective intelligence could make it possible for insurance companies, for example, to use behavioral data to covertly identify people suffering from a particular disease and deny them insurance coverage. Similarly, the government or law enforcement agencies could identify members of a protest group by tracking social networks revealed by the new technology. “There are so many uses for this technology – from marketing to war fighting – that I can’t imagine it not pervading our lives in just the next few years,” says Steve Steinberg, a computer scientist who works for an investment firm in New York.

In a widely read Web posting, he argued that there were significant chances that it would be misused, “This is one of the most significant technology trends I have seen in years; it may also be one of the most pernicious.”

For the last 50 years, Americans have worried about the privacy of the individual in the computer age. But new technologies have become so powerful that protecting individual privacy may no longer be the only issue. Now, with the Internet, wireless sensors, and the capability to analyze an avalanche of data, a person’s profile can be drawn without monitoring him or her directly.

“Some have argued that with new technology there is a diminished expectation of privacy,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center, a privacy rights group in Washington. “But the opposite may also be true. New techniques may require us to expand our understanding of privacy and to address the impact that data collection has on groups of individuals and not simply a single person.”

Mr. Brown, for one, isn’t concerned about losing his privacy. The M.I.T researchers have convinced him that they have gone to great lengths to protect any information generated by the experiment that would reveal his identity.

Besides, he says, “the way I see it, we all have Facebook pages, we all have e-mail and Web sites and blogs.”

“This is a drop in the bucket in terms of privacy,” he adds.

GOOGLE and its vast farm of more than a million search engine servers spread around the globe remain the best example of the power and wealth-building potential of collective intelligence. Google’s fabled PageRank algorithm, which was originally responsible for the quality of Google’s search results, drew its precision from the inherent wisdom in the billions of individual Web links that people create.

read more…

Today’s the day that Facebook makes their big press push for their Facebook Connect service, which was first announced last May. The NY Times has a story giving a broad overview of Connect as well as competing services from MySpace (Data Availability) and Google (Friend Connect).

All three services are platforms for third party sites (Digg, Twitter, Citisearch, CBS, whatever) to let users sign in via their favorite social network instead of the normal approach. Some profile information flows with the sign in, which the sites can keep for a period of time. And activity that occurs on the site – Twitters written, Digg stories voted on, restaurant reviews on Citysearch, etc.) can optionally flow back to the user’s activity stream.

What the third party sites get out of these services: easy sign in for users, particularly new users. They can also use the profile data to help users create accounts at their site with little data input. The activity stream information published on the social networks includes links back to their sites. And one of the most interesting features, for Facebook Connect partners: sites can request friend lists from Facebook to help them make more connections on their own services. Digg CEO Jay Adelson recently gushed over the potential of Facebook Connect for his service.

Facebook also gives Connect partners most of the same tools as their application developers to promote their services via the news feed, invites, etc.

But the real value goes to the social networks. These services make users begin to think about their identity in terms of their MySpace profile, or Facebook login as they use it to sign into their favorite services. That makes it even more likely the users will maintain their profiles on those services, add friends, etc.

MySpace in particular wants to own user identities. Their MySpace profile is their name online, which is why they’ve embraced OpenID so completely in recent months. Data Availability and OpenID are two parts to a single strategy.

Facebook is probably less concerned with identity – there is no branded URL for users, for example. But they do want to own the definitive profile for an individual and, more importantly, their social graph. Knowing who you are and who your friends are is the key to their yet-unrealized business model.

And the biggest win of all is this free flow of data back to the social networks, which quite nicely fills out a user’s profile for advertising purposes.

Facebook is moving ahead alone with Connect, using proprietary standards for login and data sharing. They’ve also prohibited Google from trying to get in the middle of things with their Friend Connect service. MySpace, by contrast, is using mostly open standards in their approach, and is working closely with Google to make sure the services work properly together.

The battle for partners is intense. MySpace announced Twitter as a launch partner, but rumor is that Twitter is actually integrating with Facebook first (there’s no reason they can’t offer both, and they probably will). MySpace also announced Yahoo and eBay as launch partners. To date, though, they’ve only launched with Flixster and Eventful.