What’s “digital signage”? Most people have heard of the term connected with billboards or other screens that have cameras (and facial-recognition technology) to watch people watching ads in order to improve their marketing. The digital signs log data such as gender, approximate age and how long someone looks at an advertisement. This is supposed to help build a better billboard — one that is tailored specifically to the individual standing in front of it. However, the data-gathering and surveillance practices raise substantial privacy questions.

One example of digital signage advertising is the Castrol project in the UK. The oil company bought the car registration data of millions of motorists. Then, the company set up giant digital billboards that scanned UK motorists’ license plates, ran the plates through a database and instantly displayed on the billboards what the best oil would be for that specific driver’s car. The license-plate scanning technology allowed each car to be read as if it were tagged with data, and that tagged data interacted with the intelligent computing technology in the billboard, allowing for advertising targeted to that specific driver. There was a public uproar, and the company quickly ended the project.

The advertising industry is aware of the significant privacy questions raised by the use of digital signage. POPAI (a digital signage industry association) released “Best Practices: Recommended Code of Conduct for Consumer Tracking Research,” but these best practices are not enough. Privacy and consumer groups have released two new sets of privacy protection frameworks for the digital signage industry. Read more »

Security expert Bruce Schneier has an opinion column at CNN about surveillance cameras:

Pervasive security cameras don’t substantially reduce crime. This fact has been demonstrated repeatedly: in San Francisco, California, public housing; in a New York apartment complex; in Philadelphia, Pennsylvania; in Washington; in study after study in both the U.S. and the U.K. Nor are they instrumental in solving many crimes after the fact.

There are exceptions, of course, and proponents of cameras can always cherry-pick examples to bolster their argument. These success stories are what convince us; our brains are wired to respond more strongly to anecdotes than to data. But the data are clear: CCTV cameras have minimal value in the fight against crime. Read more »

Orin Kerr at the Volokh Conspiracy and Julian Sanchez and Jim Harper (of Cato and the Tech Liberation Front) take a look at the Fourth Amendment search-and-seizure questions behind the Pennsylvania Webcam case. Recap: In a class-action lawsuit — Robbins v. Lower Merion School District (pdf) — in Pennsylvania, the Robbins family alleged that the Lower Merion School District misused Webcam-enabled laptops it issued to students in order to remotely peep into the students’ homes, take photographs and violate their privacy. The school district has denied violating anyone’s privacy, claiming the Webcams were only turned on in case of lost or stolen computers. The FBI and local officials are investigating. The Stryde Hax blog has an excellent breakdown of the technology that the school district used to remotely control Webcams in 2,300 laptops it issued to students.

Kerr’s argument: “The schools violated the Fourth Amendment rights of students when they actually turned the cameras on when the computers were at home. On the other hand, the schools did not violate the federal statutory surveillance laws.” Read his post for details concerning the case as related to the federal and state wiretap acts, the Stored Communications Act, the Computer Fraud and Abuse Act and the Fourth Amendment.

Then, head over to the Tech Liberation Front, where Sanchez and Harper are also debating the Fourth Amendment issues in this case. Read more »

The Stryde Hax blog has an excellent breakdown of the technology that the Lower Merion School District in Pennsylvania used to remotely control Webcams in 2,300 laptops it issued to students. (Short recap: In a recent class-action lawsuit — Robbins v. Lower Merion School District (pdf) — in Pennsylvania, the Robbins family alleged that the Lower Merion School District misused Webcam-enabled laptops it issued to students in order to remotely peep into the students’ homes, take photographs and violate their privacy. The school district has denied violating anyone’s privacy, claiming the Webcams were only turned on in case of lost or stolen computers. The FBI and local officials are investigating.)

Stryde takes a close look at Michael Perbix, a network technician for the school district, and his support of remote-activation technology:

Mr. Perbix has a large online web forum footprint as well as a personal blog, and a lot of his posts, attributed to his role at Lower Merion, provide insight into the tools, methods, and capabilities deployed against students at LMSD. [...] Read more »

IDG News Service reports on another crackdown on Internet freedom by China. In January, U.S. Secretary of State Hillary Clinton made a speech calling for global Internet freedom, linking it with other basic freedoms (worship, assembly, expression). Last year, the New York Times reported that the Chinese government secretly ordered news Web sites to require individuals to use their real names and identities when commenting on the sites. In 2008, Xinhua News Agency (which is controlled by the Chinese government) reported that China started photographing and identifying users of Beijing’s Internet cafes.

China has been seeking to require censorship software (called Green Dam-Youth Escort) be preinstalled on computers sold in the country. But, the software was plagued both by technical problems and bad publicity from privacy and civil liberties restrictions. China decided to postpone the mandatory preinstallation, but some computer makers are forging ahead anyway.

Now, IDG reports:

Web site owners in China will have to start submitting personal photos to register their sites with the government under new trial regulations, China’s latest move in an Internet clampdown focused on porn.

The regulations, issued by China’s Ministry of Industry and Information Technology, are part of an ongoing effort by the ministry to create records for all Web sites in the country. They come amid a wide-ranging campaign against online porn in which China has also shut down thousands of Web sites and suspended registration of new Internet domain names by individuals. The campaign has even had an effect outside of China, where companies that sell domain names have been blocked from offering domains that end with the .cn country code. Read more »

“Three Google executives were convicted Wednesday of violating Italian privacy laws in a ruling that the company denounced as an ‘astonishing’ attack on freedom of expression on the Internet,” while a fourth executive was cleared, the New York Times reports. To recap: In September 2006, a video showing a disabled boy being harassed by classmates that was uploaded to Google Video’s Italian site. Google removed the video in November 2006 within 24 hours of a removal request being made. Last year, Italian authorities charged all four Google executives with defamation and three with failure to comply with Italian data privacy code.

The Google executives were found guilty of violating the Italian privacy code, but not of defamation. The three convicted are: Peter Fleischer, Google’s chief privacy counsel; David Drummond, senior vice president and chief legal officer; and George Reyes, a former chief financial officer. They could have faced a year in jail, but were given six-month suspended sentence. Senior product marketing manager Arvind Desikan faced only the defamation charge, so was cleared.

Richard Thomas, the United Kingdom’s former Information Commissioner, said the Italian court’s decision gave privacy laws a “bad name,” the BBC reports. “It is like prosecuting the post office for hate mail that is sent in the post … I find it worrying that the chief privacy officer who had nothing to do with the video has been found guilty. It is unrealistic to expect firms to monitor everything that goes online,” Thomas said.

In a posting on its official blog, Google said:

In essence this ruling means that employees of hosting platforms like Google Video are criminally responsible for content that users upload. We will appeal this astonishing decision because the Google employees on trial had nothing to do with the video in question. [...] Read more »