How to avoid the app trap: Path, iOS and protecting your sources

Amid a flurry of privacy breaches and proposed spy laws, has storing your contact book in a digital format simply become untenable if you have sources you desperatly need to protect?

This question has been on my mind repeatedly over the last two weeks, following news about new spy laws and how various apps steal all the contacts you have stored on your smartphone.

For my part, I wasn't too surprised about the "revelations" about apps such as Path stealing your contact book. Testing new apps has been a regular part of my job for the last year and half, and I always check what access demands they make (and they tend to be extensive).

As a result, I've found myself using my old-school contact book more and more in that period. It's pretty standard for an app to ask or demand access to the contacts stored in your phone and in various apps you have on your phone (Gmail, Twitter, Facebook etc), your location etc so journalists need to think through what apps they use, what contacts they store in their smartphones or both very carefully.

I'm reminded of Charles Arthur's excellent article "They've got your number" from a few years back, which admittedly looked at how new legislation might affect journalists' ability to protect their sources - but the challenges are many of the same as with the new app trap.

I've written more extensively on this topic in Norwegian following the Path-revelation here, but here's a collection of recent links I've come across since writing that post: 

I must admit I feel a kind of cynical resignation over all this, what's your take?

Food for thought on a Sunday

"Oh, I don't read HER. It's not that I don't like her, it's just that she makes me think too much," a journalist friend told me back when I had just graduated from City.

He'd been in news reporting for a decade or more already by then, while I, even though I'd started my media career as a columnist when I was 18, had done precious little of day-to-day news reporting.

And I must admit I found his statement absurd: how can an a writer make you think too much? Isn't it always a good thing if a writer makes you think a lot? Since then I've come to appreciate, albeit very reluctantly, that at least it's perfectly possible to get so busy you don't have time to read writers that make you think a lot - which is a pity, a big loss and detrimental in the long run if you keep running out of time to do so.

These last few weeks I have been too busy with work to do much of this kind of reading - not too busy to read and think, but too busy to really contemplate all the things I'd like to, so here's a few posts that I'd really like, and will return to, to contemplate some more:



Has Facebook reverted to lies to tempt us into foolish behaviour?

Here's a thing that has puzzled me lately: most times I've logged into Facebook I've been met by Facebook ads claiming this or that friend of mine on the network has used Facebook Friendfiender, urging me to follow their lead.

The thing that's puzzled me about this is that a substantial portion of my Facebook friends are very savy when it comes to technology and privacy. Quite a few of them are journalists well versed in how to protect their privacy and their sources online, and I just couldn't imagine any of these giving Facebook access to their email boxes and -contacts by using Friendfiender. Others are privacy and/or anti-surveillance campaigners, I could't quite see them using Friendfiender either. So when Facebook claimed my FB-friend Leo Plaw, a web developer and artist, had used Friendfiender I shot him an email to double-check. Here's his reply:

"Thanks for heads up. Facebook is lying. FB has become the sneakies bunch of weasels. Blog that one."

Maybe I should start double-checking every time Faceboook claims one or more of my FB-friends have used Friendfinder. This sort of advertisement woud be against the law under Norwegian jurisdisction as it's misleading. I wonder, how does it hold up under US jurisdiction?

"Facebook's Beacon is spyware"

From Henrik Torstenssons Weblog: 'Facebook's Beacon program, where Facebook's partner sites automatically report your activity on their sites to your Facebook account, doesn't pass my smell test. What Facebook has built in Beacon is spyware. If Facebook doesn't redesign Beacon, making it opt-in and far more transparent than today, I will be very surprised if this doesn't lead to either a member backlash or regulation by lawmakers.

An example of how Beacon works: Click on Play Now and Joost will report your action to Facebook and unless you actively say no, your activity will end up in your newsfeed.'

More food for thought on the same issue from Ethan Zuckerman, "Facebook changes the norms for web purchasing and privacy", and from David Weinberger, "Facebook's privacy default" (via Rebecca MacKinnon)

A Swedish journalist's axis of evil: Facebook, MySpace and Gmail

The privacy issues connected with how these popular services collect and store their users' personal information for commercial purposes, make Swedish journalist Hanne Kjöller suggest we boycott them (via Media Culpa):

Kjöller writes (in Swedish): "Too old? Probably. I don't see the point with the website Facebook. But there are others who do. Business men and American terrorist hunters for example."

By the way, isn't that a strange phenomenon? Leading journalists that write negative articles about new media technologies that they don't understand, but understand well enough to bash on a prime location in the paper. I suggest that you either get a better understanding of the technology/service/website first, or refrain from writing about it all together.

Anyway, I think that the age factor might, unintentionally, be where she hits the nail. According to a study by Pew Internet "two-thirds of teens with profiles on blogs or social-networking sites have restricted access to their profiles in some fashion, such as by requiring passwords or making them available only to friends on an approved list." In other words, young people who are savvy online networkers are aware of the risks with being too open and act accordingly.... (read the full post over at Media Culpa).

I must admit I'm sceptical towards the trend that Kjöller questions myself, or some of its faces anyway. Being restrictive about how much information you leave for anyone to access is sensible, but if the service provider is able to pass on all your information, restrictions on access or not, to third parties, those restrictions don't help you much.

Is it a problem that people use the information you leave behind e.g. on MySpace to decide if you are in target group for razor blades or Barbie dolls? Well, yes and no. Age (being a minor or not) is one consideration, and who the service provider can pass the information on to (if it can be required to pass it on to the government) is another...

I wouldn't call it an axis of evil, far from, and if we should boycott Facebook, MySpace and Gmail on this rationale, we should, in the interest of fairness, start by boycotting Google.

Web 2.0 guru Tim O'Reilly has said that contrary to what most people think, Web 2.0 is about controlling data that people leave behind on the web and about the databases that are created as a result of this (in this Wired article, I'm paraphrasing him here).

I'm a bit uneasy about such a scenario, or some of its possible implications. It's great to get spot-on recommendations from Amazon, but, ultimately, I'm scared, perhaps a bit paranoid, I'll end up Scroogled...

All free, at the modest price of your privacy

Targeted marketing comes in so many forms these days. And to think I was a bit worried about this trend when there's services like Pudding Media (from Valleywag, via Adriana's Furl feed):

There's a new Skype competitor, dubbed ThePudding, on the Web. And ThePudding is completely free*. All you have to do is agree to let Pudding Media listen in on your calls. To compensate users for the breach of privacy, the company claims, "ThePudding uses breakthrough technology that makes your conversations fun and interesting." In other words, anyone using ThePudding will be served contextual ads based upon topics overheard in your conversation! It's like Google's Gmail, but for talking. Remember when we were freaked out by the idea of Google scanning our email to pick out relevant ads? And how we all got over it?

That's what Pudding Media CEO Ariel Maislos would have you believe, anyway. He explains, "The trade-off of getting personalized content versus privacy is a concept that is accepted in the world." Besides the firm is targeting youths, who judging from their MySpace and Facebook habits, aren't concerned with privacy. In other words, targeting the young and the weak.

Bloggers as journ papparazi

As a side note to the discussion of bloggers acting as journalists: Gawker, the New York celebrity gossip blog, has put its Gawker Stalker feature, also hailed as a pioneering example of citizen journalism, into map form. It works on the formula that zealous readers report sightings of celebrities around Manhatten, of course drawing a lot of flag from celebrities and their publicists over how this puts them in danger from all the nutters out there... read more about the arguments in the FT, or check it out for yourself at GawkerStalker.

Of course, on Bloggers Blog I found a much better name for these dutiful citizens: Blogarazzi