How Private Are Your Tax Records?

hrblock.jpgIn “How private are your tax records? You’ll be surprised,” Bob Sullivan illustrates why the “opt-in/opt-out” way of discussing privacy is so destructive:

Any information you give to a company that helps you prepare your taxes can be sold to anyone else. Only a single signature on a permission slip stands between you and the complete loss of your privacy. While that seems shocking -– aren’t tax records sacred? — this isn’t new. The IRS says it’s a long-standing practice.

Worse yet, the government and the nation’s tax preparers are steering you to use one of these third-party tax preparation companies. Anyone who wishes to file a return electronically — the only rational way to file in the 21st century — must use a private company to do so. And that private company has the right to share everything it knows about you.

We Make A Bad Situation Worse” graphic from mlcsmith.

Congratulations, Professor Ian!

professor-ian-goldberg.jpgI’m very happy to report that Ian Goldberg has accepted a position, starting in the fall, at the University of Waterloo. I had the privilege of working with Ian while he was Chief Scientist and Head Cypherpunk for Zero-Knowledge Systems, and he spans academic and practical computer security in a way that’s all too rare. He’s looking for outstanding Master’s degree candidates in security and privacy.

If you’re interested, send mail to iang at cs dot uwaterloo dot ca. [Corrected. Canadian Universities are all too cool to use .edu.]

Congratulations to both Ian and the University of Waterloo, who gains an outstanding addition to their faculty.

[Photo by Kat Hanna.]

Destructive Chaos

Sorry about the unavailability over the last (unknown time period)
My DNS registrar, Joker.com was under DDOS attack. If you’re reading this, you either have a cache, or the attack has been mitigated in some way.
We now return you to your regularly scheduled list of stolen laptops, lost backup tapes, and who knows, maybe even a Friday Star Wars Security post sometime soon.

Laptop theft

The Register has been on Ernst & Young’s case. The latest Exclusive! talks about a laptop stolen in early January, and how we now know it had info on BP employees, along with those from IBM and others.
The article also observes that:

It’s difficult to obtain an exact figure on how many people have been affected by Ernst & Young’s security lapse given that it won’t say anything on the subject.

The number, as we reported 10 days ago, is 84,000.
The figure was reported to the New York State Consumer Protection Board by E&Y on February 10, 2006.
The laptop contained, according to E&Y’s report to New York officials:

files relating to a number of Ernst & Young corporate clients, and that these files contained various personal information relating to employees of those clients. [Ernst & Young] also determined that the laptop contained a separate file with the names and Social Security numbers of individuals for whom Ernst & Young provided services.

That letter goes on to explain that E&Y is working with their corporate clients to notify the relevant individuals impacted by the disclosure of the corporate files, and is itself notifying the individuals whose information was in the other file.
This may explain why, in an earlier report to NY’s Consumer Protection Board, AG’s office, and the Office of Cyber Security and Critical Infrastructure Coordination, Goldman Sachs described a loss of info by E&Y which exposed info on about 9000 Goldman employees and dependents. It seems that this loss was due to the same laptop theft.
IANAL, so I can’t say whether the legal responsibility to notify those potentially affected lies with E&Y’s corporate clients or with E&Y. Perhaps the shortage of information on this has something to do with that aspect of this particular incident.

I’m Sure I Don’t Want to Continue

are-you-sure-you-want-an-alternative.jpg
When I try to drop files in the Trash, the Finder gives me this awful[1] dialog box. I really don’t want to delete files immediately, and am not sure why it wants to. Does anyone know what I do to fix this?

[1] It’s awful for two reasons: First, it gives me no advice on what’s causing this, or what I can do to fix it, and second, it uses “OK/Cancel,” rather than “Delete/Keep/Adjust Trash Settings.”

[Update: Ok, its not awful. It's comprehensible, but not up to Apple's usual standards. Also, according to "Prevent local files from being deleted immediately" on MaxOSXHints, if you delete ~/.Trash, this can happen. I seem to recall using the command 'srm -rf ~/.Trash/' yesterday, and could it's conceivable that I forgot the trailing slash. Now while it makes perfect sense that 'rm foo' and 'rm foo/' are different, its an odd interaction between the UNIX side of OSX and the pretty bits.]

You can’t buy publicity like this!

UCSB has a project to digitize wax cylinder recordings. They have thousands cataloged, with the majority downloadable as mp3s. It’s awesome.
Naturally, I wanted to see what software they used. Being archivists, they of course go into great detail, including this gem:

We’d like to use this space as a soapbox to say that Cleaner XL is one of the worst pieces of software we’ve ever used, with numerous bugs, a bad interface, and constant crashes.

Honesty like this is delightful to see.

Sprint “Security”

sprint.jpg
So the other day, I called up Sprint, my illustrious cell phone provider, to make some changes to my service plan. The very nice agent asked me to identify myself with either the last 4 digits of my SSN or my password. Now, I’ve never set up a password for use over the phone and I said to myself (self I said) “they couldn’t possibly mean the password I use on their website.” so I told the agent the lat 4 digits of my SSN. He then proceeded to actually tell me the password that I had set on their website. So remember folks, if you ever want more information on a sprint customer, all you need is their cell phone number and the last four digits of their SSN. Sprint will helpfully provide your password in return. Oh and you don’t even need to forge caller-id since they don’t seem to care what number you call from.
[Edit: fixed broken link to SSN-Finder, thanks Tim]

Many Meanings of Privacy

privacy.jpgI regularly talk about how privacy has many meanings, but haven’t put those in a blog posting. Since this blog has more readers than most of my talks have attendees, I figure it’s a sensible thing to blog about. The point of this list is to illustrate the dramatically different things people mean when they say privacy. (Incidentally, this leads to much angst.) So here’s a partial list. I’ll start with some traditional meanings:

  • Lots of land with trees and shrubbery
  • Curtains & Venetian Blinds
  • Unlisted Phone #s
  • Swiss bank accounts
  • Nudity
  • Gut feelings

Some more modern meanings that people use today:

  • Spam, telemarketers
  • ID theft, CC theft
  • Cookies
  • Total Information Awareness
  • CAPPS II
  • Do Not Call lists
  • Abortion

What cryptographers mean:

  • Unobservability
  • Untracability
  • Cryptography
  • Blinding

What privacy policy experts might mean:

  • Fair Information Practices and Data Protection Laws
  • Right to be left alone
  • Data shadows
  • Informational self-determination
  • “Lie and get away with it”
  • “The Presentation of Self In Everyday Life”
  • “The Unwanted Gaze”
  • “No Place to Hide”
  • “The Digital Person”

These many meanings lead to a lot of misunderstandings. You might also enjoy browsing the photos people have tagged “privacy” on Flickr. Since I value your privacy, I’d love to hear your suggestions for more.

Oh, I’m using privacy in the informational self-determination sense, and asking you to make a choice about exposing your thoughts (in the sense of “Privacy and Social Freedom.”) Wasn’t that obvious?

Finally, the photo titled “‘The pride of youth is in strength and beauty, the pride of old age is in discretion.’ Democritus” is by -ViDa-.

[Update: Having read this, I discovered the bottom bit of Dan Solove’s blog post, “A Taxonomy of Privacy.” I hadn’t read to the bottom, because I have the PDF sitting in my queue of things to read. So I was mortified to read:

I suggested that privacy must be understood contextually, and that it consists of a multitude of different yet related things. But I left open a very important question — just what are those different yet related things? My new article, A Taxonomy of Privacy, builds on this argument and provides a taxonomy of what these different yet related things are.

D’oh!