Bell’s 56 categories for ad targeting

in Canada privacy and surveillance

BACKGROUND: On May 5th I sent Shaw Communications and Bell Mobility each a request for the personal information they have on me as per the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA). I used Citizen Lab research Chris Parson’s form letter which made it easy. You can read about the weird results from Shaw at the links below:

It was easy, and I learned a lot. You should do it too!

Reply from Bell

On July 10th I recieved my privacy report from Bell Mobility. The report was expected within 30 details but I received an email extending the deadline, and then adjusting that extension. I am unsure if a claim can be made here.

Bell's correspondance Bell replies on May 8th, May 27th and Jun 12th. Click to enbiggen.

I have been a subscriber for just 2 years, and only subscribe to their mobile services — no television or internet. The package was about 40 pages with a 2 page intro letter and a 2 page glossary of technical terms. The glossary is pretty necessary since the rest of the package was all screen caps of Bell’s customer management application. That’s right, they showed me exactly what their reps see, going through every menu and tab, redacting only the names and other identifiers of the agents I have dealt with. It was all pretty routine and as expected. The only interesting thing about these screencaps is it looks like Bell is still using Win 95. ;-)

There was one omission: there were no references to Bell’s controversial Relevant Ads program. So I emailed the Privacy Officer who promptly replied with the following:

My apologies, it was an oversight on my part, I inadvertently did not include the information related to the Relevant Ad Program in your information package. I have attached it for your information.

Orwellian?

in big data privacy and surveillance

The US PCAST report puts forward the following scenario to illustrate how privacy mores change over time, and what the future could be like if digital natives fully trust in the cloud. They admit that “Taylor’s world seems creepy to us”, but they want to demonstrate that “In such a world, major improvements in the convenience and security of everyday life become possible.”

Taylor Rodriguez prepares for a short business trip. She packed a bag the night before and put it outside the front door of her home for pickup. No worries that it will be stolen: The camera on the streetlight was watching it; and, in any case, almost every item in it has a tiny RFID tag. Any would‐be thief would be tracked and arrested within minutes. Nor is there any need to give explicit instructions to the delivery company, because the cloud knows Taylor’s itinerary and plans; the bag is picked up overnight and will be in Taylor’s destination hotel room by the time of her arrival.

Taylor finishes breakfast and steps out the front door. Knowing the schedule, the cloud has provided a self‐ driving car, waiting at the curb. At the airport, Taylor walks directly to the gate – no need to go through any security. Nor are there any formalities at the gate: A twenty‐minute “open door” interval is provided for passengers to stroll onto the plane and take their seats (which each sees individually highlighted in his or her wearable optical device). There are no boarding passes and no organized lines. Why bother, when Taylor’s identity (as for everyone else who enters the airport) has been tracked and is known absolutely? When her known information emanations (phone, RFID tags in clothes, facial recognition, gait, emotional state) are known to the cloud, vetted, and essentially unforgeable? When, in the unlikely event that Taylor has become deranged and dangerous, many detectable signs would already have been tracked, detected, and acted on?

Indeed, everything that Taylor carries has been screened far more effectively than any rushed airport search today. Friendly cameras in every LED lighting fixture in Taylor’s house have watched her dress and pack, as they do every day. Normally these data would be used only by Taylor’s personal digital assistants, perhaps to offer reminders or fashion advice. As a condition of using the airport transit system, however, Taylor has authorized the use of the data for ensuring airport security and public safety.

Alluring.

Quarterly review: FY14Q2

in books film review

Each quarter I do a quick roundup of the book and film reviews that I do on Goodreads and Letterboxd. These reviews are too short and too off-the-cuff to be included with the more indepth reviews I do on this site. Below are the highlights of the quarter.

Books

Although I am still a few books ahead of schedule on my 2014 Goodreads reading challenge I have slowed down my pace a bit. I haven’t been listening to audiobooks as much this month since I have had a lot of World Cup related podcasts to keep up with, specifically The Ramble and The Guardian’s World Cup Football Daily. In fact, the only short reviews I have written are the following:

★★★★☆ Red Moon Rising: Sputnik and the Rivalries that Ignited the Space Age

★★★☆☆ Superheroes!: Capes, Cowls, and the Creation of Comic Book Culture

★★★☆☆ Extraordinary Canadians: Marshall McLuhan

I have a forthcoming review of Astra Taylor’s The People’s Platform: Taking Back Power and Culture in the Digital Age coming out in print this summer [UPDATE: Here is my contributor link at the Literary Review of Canada. They haven’t made the article publicly available on the net, yet]. Also, I intend to write a post about the changing view of startup/tech culture in novel form soon as a threeway review of Douglas Coupland’s Microserfs (1995), JPod (2006) and Dave Eggers’s The Circle. So, more to come from me in the next quarter.

Film

This quarter I watched a lot of crappy action films (which is a guilty pleasure of mine). It was an amazing quarter in the sense that I saw and enjoyed both Captain America: Winter Soldier and X-Men: Days of Future Past. They were great but by far the best film I saw was Captain Phillips. However, I only felt the need to comment on the following films:

★★★½☆ The Raid

★★★½☆ The Fault in Our Stars

★½☆☆☆ G.I. Joe: The Rise of Cobra

Shaw follow up

in Canada privacy and surveillance

Upon receiving some strange results when I asked Shaw Communications about what information they had on me, I followed up with their investigations unit to see if they were aware that they had released information about other people in my privacy request for information. Here are the relevant bits of the email:

Upon investigation we have determined that Service Calls are tied to the service address, not the customers themselves. We have changed our process to ensure Service Calls per customer are sent upon request, rather than all historical Service Calls tied to that service address.

Excellent. I am glad they are changing their process, though I have no idea how we can ensure this change will actually happen.

Upon further investigation regarding the trouble ticketing details you received from your neighbor, we found that there was a data entry error … The staff responsible for the error has been re-trained and additional flags have been put in place within Trouble Ticketing and on the associated account(s) to notify others of this error. This should ensure this does not occur again in this case.

Another win. Hopefully the staff fully recovered from “re-training” … ;-)

One other note for those interested, the privacy officer informed me that “Information may be retained for a minimum of 7 years”. Seems long, but that is a term dictated by the company, not by PIPEDA.

Well, I am glad that just a few minutes of work on my part identified bugs in Shaw’s system so that they can improve their operations. I am sure you have heard of Linus’s Law, one of the principles of Open Source, “that given enough eyeballs, all bugs are shallow.” Imagine if every person in the country wrote their telecom providers, imagine how many bugs we might find, and then imagine the better and more privacy-protecting processes that would come out of such a letter-writing campaign? We should not depend solely on government regulators to audit the carriers, not especially when there is such a simple tool for the public to audit. So I encourage you, take five minutes and send off the form letters Chris Parsons has prepared for you in his post: Responding the the Crisis in Canadian Telecommunications.

PS. I am still waiting on Bell Mobility’s results, which I will post as soon as they come in.

[UPDATE July 11, 2014] Here is Bell’s response.

Hack startups — The state of ink-stained disruption

in media startups

Two of the scariest areas in startupland are healthcare and education. These are monolithic, highly regulated sectors with long sales cycles — not particularly prone to “disruption.” In this year’s Kleiner Perkins annual internet trends report, Mary Meeker argues that these two sectors might be at an inflection point. I remain sceptical.

Another sector with hundreds of years of history and entrenched players is investigative journalism. Newspapers have been struggling since their heyday in the 1980s. Revenues are down, churnalism is up, and there are less employed reporters out there chasing down leads.

Newsroom employment over time in the US

Something needs to change, but since most revenue still comes from print, newspapers are loth to experiment too wildly. In effect, newspapers are prisoners of their own business model.

Within journalism, investigative reporting is the most difficult to produce because of the capital required and the long turn-around times involved. In our instant-gratification-mediascape, investigative journalism has fallen by the wayside. What was once a valuable service, subsidized by the the inefficiencies of bundled media empires, is now withered and cut as media behemoths look to slim down in the face of internet disintermediation. This is happening across the board of public interest content — just look at the troubles at the CBC.

I don’t think it can be argued that investigative journalism should be done away with. It is a valuable institution for our democracy — the venerable Fourth Estate. (The Fifth Estate is an extension, not an evolution). Thus, with an established pain (ie. the need to know what is going on in the halls of power) and a market (ie. every citizen), the opportunity for startup disruption is obvious, non? There are certainly a lot people tackling this problem.

AngelList has 194 companies under the ”Journalism” market. Most fall under a few categories:

Many are solving the problems of “information overload” (through curation) or distributed workforces (through publishing platforms) but as far as I could tell, none are focused on solving the business problem of funding long-term, quality reporting. Paywalls and online advertisements do not suffice.

One solution is lots of money. Pierre Omidyar, the billionaire founder of eBay, started First Look Media with some interesting new ideas on how to fund real journalism (I encourage you to watch the video). Last year, Jeff Bezos of Amazon purchased The Washington Post. We are still unsure of how WaPo will change.

I am one of the few people that is actually willing to pay for content. I have subscriptions to a few established news outlets (Foreign Affairs, Globe and Mail, The Economist etc) and I have even supported some startups in the space. I backed Matter (later acquired by Medium) which tries to solve the problem of terrible science and technology reporting. They had a community-based editorial board where members could vote for allocating commissions.

Another outlet I have used in the past is Atavist. They have an interesting model in that they are a product company that commissions longer pieces to feature its platform. The non-fiction pieces can sometimes approach investigative journalism. The business model is subscriptions and micropayments, and the selling of their publishing platform Creativist.

Most recently I have discovered a Canadian startup Ricochet Media. I heard about them on Jesse Brown’s Canadaland podcast. Ricochet is trying to square the circle of funding independent, investigative journalism in Canada. Like Beacon, Vourno and Contributoria they are going with a crowd-funding model. Like Matter they have a community-driven editorial process. They are trying to get off the ground by crowdfunding themselves on IndieGogo. We shall see how they do.

Journalism is a “hard problem.” Some have argued that it has been failed by the market because you cannot treat citizens as consumers. Some say public-interest journalism should be considered a public good. If this is true, traditional startups will have trouble disrupting anything due to their market-first orientation. There could be some business model innovation that could work, or maybe a SocEnt solution. It might come down to [shudder] consumer education and teaching people to pay for valuable things. I don’t know the answer, but this is a sector that I am deeply interested in and hope we get a solution soon.

Reset the Net

in internet privacy and surveillance

I added SSL to this site earlier this year. I have committed to adding HSTS and PFS.

This stuff should all be default and would be great if hosting providers like Namecheap (my provider)offered this as a package out of the box. We shouldn’t have to pay to protect ourselves online, especially for such simple steps.

What your telecom provider knows about you

in Canada privacy and surveillance

Last April The Star reported that in 2011 alone, the Canadian government asked telecoms and social media companies to turn over user data on Canadians 1.2 million times. An interesting sidenote: the telecoms are charging the government for the privilege. Jesse Brown covered this in a number of Canadaland podcasts including an excellent one with Chris Parsons — a postdoc at of the Citizen Lab — entitled “Your Telecom Provider is Selling your Information to the Government”. One of the topics Chris talks about is his excellent form-letter for requesting your data from telecom providers under PIPEDA. You can find the letter plus all the contact information for the privacy officers of a number of telecom providers in Canada in this post: Responding the the Crisis in Canadian Telecommunications.

I decided to send my letters on May 5th and see what I got back. I use two telecom providers in Canada: Bell Mobility and Shaw Communications.

Bell responded on May 8th with an acknowledgement of my request. 19 days later, on May 27th they followed up informing me they couldn’t meet the PIPEDA-imposed time limit of 30 days, “because of the extent of the information requested.” I wonder if they are penalized for missing the deadline?

Bell's correspondance

Shaw never acknowledged my letter. But just yesterday a package arrived for me. It was the full results from Shaw!

As you can see above, what they are willing to release is the following:

  1. Current subscriber information;
  2. Account notes;
  3. E-mail addresses associated to account;
  4. Copies of available service calls;
  5. Trouble ticketing notes;
  6. Transaction Records;
  7. Outbound call records for previous month; and
  8. Current IP address(es).

Incoming calls require a court order, says the letter, and “a fee is associated with provision of this documentation.”

I was hoping for some advertising/DPI type information, but that seems a no go. I was not expecting the package to be very thick, since I only use Shaw to connect to the internet and have only been with them for less than 2 years. Here are the results:

The first category was pretty innocuous, what you would expect. The second was pretty sparse, but had some unknown redactions:

Shaw's customer notes on me

The yellow bar is my own redaction… it is just my house address. Not even sure what the other stuff could be. I especially like the third note from May 1st:

REDACTED /. REDACTED

Only my current email showed up for category 3, which is interesting I guess. For #6, they only showed me Transactions back to February. Maybe they can only show the most recent 5 transactions? Since I only use Shaw for internet access the sections on “Webspace Accounts”, “Pay Per View Purchases” and “Call Records” were all blank.

Sections 4 and 5 are where things get interesting. There are records of service calls to my address from 2007. Since I only moved in there during 2012, it is interesting that I get to see what previous tenants have had done. Furthermore, there is a carriage house on my property — a separate home on the same lot, with someone else living in it — and I got copies of email queries with the tenant in there.

Interesting to see that Shaw records seem to be attached to physical locations and not unique account numbers. Doesn’t seem like good, privacy-first design to me.

Once I get my information from Bell, which should be more substantial, I will report back. In the meantime, please consider sending your own form letter to your telecom providers. It only takes a minute. Get the details at: Responding the the Crisis in Canadian Telecommunications.

Postscript June 5, 2014

I followed up with Shaw and they replied with some changes to their policy. Read the results.

[UPDATE July 11, 2014] Here is Bell’s response.

Quarterly review: FY14Q1

in books film review

Each quarter I do a quick roundup of the book and film reviews that I do on Goodreads and Letterboxd. These reviews are too short and too off-the-cuff to be included with the more indepth reviews I do on this site. Below are the highlights of the quarter.

Books

As for books, so far I have had an amazing first quarter and am 6 books ahead on my 2014 Goodreads reading challenge with the pleasure of reading FOUR 5-star books!

★★★★☆ Homeland

★★☆☆☆ Automate This: How Algorithms Came to Rule Our World

★★★☆☆ Journey to the Center of the Earth

★★★★★ Among Others

★★★☆☆ A Wizard of Earthsea

★★★★★ The Hard Thing About Hard Things

★★☆☆☆ Doomsday Book

I would like to give a special mention to The Origins of Political Order by Francis Fukuyama. I rated this book 5-stars but have held off on a review, since it is the first of a two-volume set. I would like to say that it has been a very influential book on me, and I mentioned it in my review of Morozov’s To Save Everything.

Film

Although I saw 7 films this quarter, not even one garnered a review. You can see all of them on my Letterboxd film diary.

Ignite SF

in travel

During our month in San Francisco last year we were lucky to catch Ignite San Francisco 8. We had a great time that night. IgniteSF just put up the videos this month, so I thought I would share some of my faves from that evening. Each talk is just 5 mins long. There were about 15 talks that night in total.

Julia Grace - Money, Cryptography and Scandal: A modern tale of mathematics.

Serena Wales - How to Win at Bar Trivia

Emily Wright - The Journey of the Urban Flush

Jennifer Kuczenski - Engineering Lessons from Folding

Rick Prelinger - Lost Landscapes of San Francisco D

This final talk from Rick Prelinger made me pick up tickets to go see a full “performance” of the Lost Landscapes of San Francisco show at The Internet Archive, which I detailed in this post.

Turning humans into robots

in big data

John Foreman, himself a data-scientist, writes a (somewhat rambling but) funny and self-aware essay on machine learning:

Data Privacy, Machine Learning, and the Destruction of Mysterious Humanity

I highly recommend you read it. Keep an eye for two coinages: “data-driven probabilistic determinism” and “data-laundered discrimination”. Machine learning is one side of the argument here. For the other side I also recommend the book Big Data: A Revolution That Will Transform How We Live, Work, and Think

Here are a few juicy quotes from Foreman’s essay:

Our past data betrays our future actions, and rather than put us in a police state, corporations have realized that if they say just the right thing, we’ll put the chains on ourselves.

The promise of better machine learning is not to bring machines up to the level of humans but to bring humans down to the level of machines.

“A human being is a deciding being,” but if our decisions can be hacked by corporations then we have to admit that perhaps we cease to be human as we’ve known it.

A little bit of Huxley there, and reminiscent of Tim Wu who called us humans “comfort-seeking missiles”:

… for most of us, our technological identities are determined by what companies decide to sell based on what they believe we, as consumers, will pay for. … Comfort-seeking missiles, we spend the most to minimize pain and maximize pleasure. When it comes to technologies, we mainly want to make things easy. Not to be bored. Oh, and maybe to look a bit younger.

The imagery of the WALL-E at the end of Foreman’s essay is an appropriate warning.