The Wall Street Journal reports that China is the latest country to require cellphone users to prove their identity when signing up for service. Several countries have considered such legislation. In the United States, there is legislation under discussion in the Senate that would require people to present ID when buying a prepaid mobile phones and would require companies to keep the information on file. Mexico, Vietnam, Spain and Japan are all seeking to identify some types of cellphone users and create databases.

Often, governments say this is a way to improve security, as only those with nefarious purposes (kidnappers, blackmailers) would need to have mobile phones that are not linked to their identities. This argument ignores that there are legitimate reasons for people to use prepaid cellphones anonymously: whistleblowers speaking to journalists or government prosecutors, or domestic violence victims who seek to avoid tracking by their abusers.

The Journal reports:

China began implementing a long-discussed measure that requires cellphone users to register by name when setting up an account, prompting concerns over privacy in the world’s largest mobile market. Read more »

The federal Chief Information Officers Council has released a report (pdf) detailing recommendations for a cloud computing privacy framework. Cloud computing is when you upload, store and access your data at an online service owned or operated by others. Millions of consumers use cloud computing services such as Web-based e-mail, online photo or video databases, or Internet calendar services.

The lack of control of your data is a substantial problem, as is the question of the physical location of the data and which country’s laws your personal information are subject to. (Read a previous post for more on the privacy issues connected with cloud computing.)

In “Privacy Recommendations for the Use of Cloud Computing by Federal Departments and Agencies,” the federal CIOs say:

While [cloud computing] provides a flexible solution for complex information technology needs, cloud computing poses additional privacy challenges to those using the “cloud.” Federal agencies need to be aware of the significant privacy concerns associated with the cloud computing environment where [personally identifiable information (PII) ] will be stored on a server that is not owned or controlled by the Federal government. That solution may result in holding or processing data without complying with Federal privacy requirements in a multi-jurisdictional environment. The framework below provides guidance on the privacy considerations posed by moving computer systems that contain PII to a Cloud Computing Provider (CCP). [...] Read more »

On Wednesday, Apple CEO Steve Jobs introduced a new social-networking service focused on music called Ping and he included a discussion of privacy, which the New York Times reports on:

Apple moved quickly to allay potential concerns about information privacy on Wednesday when it introduced Ping, its music-focused social-networking service for the 160 million users of its iTunes service.

Speaking at an event in San Francisco, Steven P. Jobs, Apple’s chief executive, promised the company would include straightforward and simple privacy controls. Anyone will be able to follow bands, and users will be able to say whether anyone can follow them or only people they approve. Read more »

In the latest issue of the MIT Technology Review, Danah Boyd (a social-media researcher at Microsoft Research New England and a fellow at Harvard University’s Berkman Center for Internet and Society) writes an opinion column discussing why privacy isn’t dead.

Privacy is not in opposition to speaking in public. We speak privately in public all the time. Sitting in a restaurant, we have intimate conversations knowing that the waitress may overhear. We count on what Erving Goffman called “civil inattention”: people will politely ignore us, and even if they listen they won’t join in, because doing so violates social norms. Of course, if a close friend sits at the neighboring table, everything changes. Whether an environment is public or not is beside the point. It’s the situation that matters.

Whenever we speak in face-to-face settings, we modify our communication on the basis of cues like who’s present and how far our voices carry. We negotiate privacy explicitly–”Please don’t tell anyone”–or through tacit understanding. Sometimes, this fails. Read more »

The Wall Street Journal takes a look at the privacy risks that can arise from people voluntarily donating their DNA for research or other reasons. There have been several recent controversies over the unknowing use of individuals’ DNA reasons beyond what was stated when the samples were taken. Arizona State University recently settled a lawsuit by the Havasupai Indians. DNA samples that were given to university researchers to study the tribe’s high rate of diabetes were also used — without their consent, tribe members say — “to study many other things, including mental illness and theories of the tribe’s geographical origins that contradict their traditional stories,” reported the New York Times.

A few months ago, Texas announced that, as part of a lawsuit settlement agreement, it would destroy five million blood samples taken from babies and used for research without their parents’ consent. The blood was originally gathered to screen for birth defects. The Texas Tribune later revealed that Texas officials also “were turning over hundreds of dried blood samples to the federal government to help build a vast DNA database.”

The Journal reports:

At the Minnesota State Fair [...] you can stop by the University of Minnesota’s building and give samples of your and your children’s DNA for the university’s Gopher Kids Study.

As the Minneapolis Star Tribune reports, researchers are collecting information, including the genetic kind,  to see if the fair is an effective way to recruit and stay connected with study subjects. (Families are told to return for follow-up for the next two years.) Eventually researchers want to recruit thousands of kids in an attempt to study “what genes are involved in making a child grow and develop normally,” according to the study’s website. Read more »

In April, there were reports that Northern Arizona University had plans to use wireless ID card reader technology — the description sounds like radio frequency identification (RFID) technology — to track student attendance in classes. I don’t think it’s a good idea to force student attendance at a college via electronic tracking. Part of the point of going to college is for young adults — and most university students are over 18 and legally adults — to learn they must be disciplined in their decision-making. If you don’t sleep in or show up on time to class or work, then you get punished with failing the test or firing — you are forced to live with the consequences of your actions.

Arizona Public Radio reports that Northern Arizona University has implemented the electronic-tracking program for its students: “When students flash their ID cards near a scanner, a light turns green, and they get checked off on an attendance report.” This means that students can easily hand their ID cards to a friend and skip class — which negates the point of the system that is funded by taxpayers. “The university received $85,000 in federal stimulus funds for its new “electronic attendance” pilot project. The school has installed scanners outside 20 large lecture halls,” APR reports.

There is student opposition to the tracking program; 2,000 have signed a petition against it. “I don’t see why we need to be told what to do anymore,” says junior Rachel Brackett. “I feel like it’s a move toward that — treating us as though we were juveniles.” “She also doesn’t like how the school could track where she is in a ‘Big Brother way.’” APR reports.