Peter Swire answers questions from Facebook users on internet privacy
What are your thoughts on mobile privacy? – Shaun Dakin
So the future of computing is really about mobile computing—people access Facebook, social networks, and a lot of other things using their smartphones. Now, one thing you want is if you want to find out where the gas station is when you’re driving or where the coffee is when you need your coffee. But you don’t want to have a permanent record of everywhere you’ve gone. What that means for mobile privacy is that you don’t want the government tapping into that database of where you’ve been all the time. And there’s been some good litigation that says the government should get something like a search warrant before they look at your tracking. But we have to figure out, as these new things happen, what the best practices are going to be. One of the answers is going to be that we don’t keep that tracking information for too long. So the idea here is maybe this day, this week, this month, in order to figure out what Peter likes, we can track where Peter is. But then you should anonymize that or delete it from the database after that. That way you get the services—the coffee you want or even a coupon—but you don’t get the tracking for the rest of your life.
Should I be worried about accessing highly personal/confidential information when using public wifi? – Robert Parker
Unfortunately you should be concerned about using your most personal data when you’re at a public wifi spot. Public wifi’s basically broadcasting to anybody who wants to listen in the radio what it is you’re saying. So what are some things you can do about it? One thing is that a lot of times your smartphone is actually safer for doing it than a laptop would be because it’s using your phone connection. That’s something you can check about how you’re connecting to the Internet. A second thing is that you should change your passwords periodically. So what happens is today maybe you have a password, maybe it gets sniffed. But if you change it every 30 days, every 60 days, 90 days, then those bad guys can’t come back to you over and over again. If you make it through the 30 days and they haven’t done anything wrong then they can’t do anything wrong with it later on. That’s a pain in the neck. People don’t like to change passwords. But it’s something you should consider. Another thing is that once you have what’s called SSL or what’s called HTTPS—that’s secure, that’s encrypted, and you’re a lot better off. Banks and some other high-security folks actually have a first password. But then they lock up the things that you really do with a second password once you’re in a secure connection. So if you’re doing that secure connection you’re a lot safer, and you should change your first password pretty often.
With all signs pointing toward the demise of net neutrality, how does this relate to Internet privacy? – Benjamin Ulrey
So net neutrality has been this debate about how fast things will get downloaded over Internet. Will one website get faster downloads than others? And will the phone company or the cable company get to charge for it? Internet privacy is not about speed of downloads—it’s about how much they get your data and do things with it. And so those are really separate debates, but the line-up of companies might turn out to be similar. So the telephone companies and the cable companies, up until now, they’re subject to wiretap laws, they’re subject to cable privacy laws. They don’t get to play with the data that’s coming through every email, every web traffic. But you can imagine them pushing for that in the future. And if they did that we’d see the same line-up as net neutrality—where the people in the middle who see everything could be trying to get an advantage over everyone else. If that happens that could lead to big privacy problems. I hope that doesn’t happen.