Index:

1 – introduction professor zeynep article

Dia-positivo 3: introduz o autor do article – zeynep tufekci (professor
na universidade de columbia e escritor para jornais como o the atlantic,
the new york times, wired.

2 – article - problems
Dia-positivo 4 – it highlights how user data is collected by companies
without any limits, transparency or consent – going around privacy laws
with legal tricks.
This information is used to 1 promote products and services –2 to
control, monitor and influence – 3 predict human behaviour – 4 or even
sell to third parties
Examples used in: 1 obscurity billions of people carry pocket computer
that leave constant footprints
2 an uber executive had admitted to tracking (…) one journalist who
reported on the company
3 «he “paid a company $ 160 to get a week’s worth of aggregate
data on people who visited more than 600 planned parenthood facilities
around the country” »
4 “companies were caught selling their customers’ real-time
location data”

Dia-positivo 5 – in this slide, josé illustrated that technology follows us

everyday in our day to day, any piece of hardware can access portals of
software that are always connected to either a search engine, location
tracker or something that can register any data on you. He illustrates how
even when not using these devices – while on standby – data can still be
collected on you (through smart watches that can monitor your sleep and
health). Anywhere you go, your data can be collected, via your personal
devices, at home or in the city/outside.
With modernization and the technology revolution – cities have become
“smart”. José says that even the simple things such the weather – is
monitored with devices that store data. Water quality monitoring, fire
detection, video surveillance of public spaces, traffic monitoring apps,
public transport.
Dia positive 6 – what type of data is collected

dia-

positivo 7

dia-
positivo 8
3 – discussion on the topic of privacy diapositivo 9

Diapostitivo 10

Diapositivo 11
diapositivo 13

Diapositivo 15

I don’t question what happens after, I look

at what it
gives me –
a satisfaction in
front of the interface. And why this is a problem – the fact that we don’t
know, the basis of how the internet works and the how value creation
happens in the digital space, which is with your data and with your
information it is what it’s making your relationship with all the companies
which provide you the services through these devices, very asymmetric.
They know everything about you. You know nothing about them

Over 130 years ago, a young lawyer saw an amazing new gadget and had a
revolutionary vision — technology can threaten our privacy.
“Recent inventions and business methods call attention to the next step which
must be taken for the protection of the person,” wrote the lawyer, Louis
Brandeis, warning that laws needed to keep up with technology and new means
of surveillance, or Americans would lose their “right to be let alone.”
Decades later, the right to privacy discussed in that 1890 law review article and
Brandeis’s opinions as a Supreme Court justice, especially in the context of new
technology, would be cited as a foundational principle of the constitutional
protections for many rights, including contraception, same-sex intimacy and
abortion.
Now the Supreme Court seems poised to rule that there is no constitutional
protection for the right to abortion. Surveillance made possible by minimally-
regulated digital technologies could help law enforcement or even vigilantes
track down women who might seek abortions and medical providers who
perform them in places where it would become criminalized. Women are urging
one another to delete phone apps like period trackers that can indicate they are
pregnant.
But frantic individual efforts to swat away digital intrusions will do too little.
What’s needed, for all Americans, is a full legal and political reckoning with the
reckless manner in which digital technology has been allowed to invade our
lives. The collection, use and manipulation of electronic data must finally be
regulated and severely limited. Only then can we comfortably enjoy all the good
that can come from these technologies.
***
Brandeis’s concern about technology’s threat to liberty was stoked by the
introduction, two years before his article, of a Kodak camera that was small
enough to carry, cheap enough to afford, worked at the press of a button, and
came loaded for 100 shots. This new portability meant that intrusions that
would once have been impractical, were now easy.
The Constitution doesn’t mention cameras or wiretapping or cellphones or
electronic data or artificial intelligence. But it does talk about protection of
beliefs (First Amendment), the sanctity of the home (Third), the right against
unreasonable searches of persons, houses, papers and effects (Fourth) and
protection against self-incrimination (Fifth). Those were some of the pillars
upon which Brandeis rested his argument that laws need to enforce our liberty
against intrusion, even as technology morphed its shape.
In 1928, as a Supreme Court justice, Brandeis dissented from the majority that
allowed the government to listen in on suspects’ telephone conversations
without warrants. Brandeis pointed out that opening and reading a sealed
envelope required a warrant, so wiretapping should also require a warrant.
In the latter half of the century, though, the court began to catch up with the
need to more broadly protect privacy, and regulate technology.
Editors’ Picks

This Silly Museum About Crabs Has Serious Things to Say

I Just Arrived in London. Can I Come to Dinner?

 ‘Maestro’ Won’t Let Leonard Bernstein Fail

In legalizing the right to contraceptives, in Griswold v. Connecticut in 1965, the

court brought up the profound privacy violations that would arise from
enforcing a ban: “Would we allow the police to search the sacred precincts of
marital bedrooms for telltale signs of the use of contraceptives? The very idea is
repulsive to the notions of privacy surrounding the marriage relationship,”
Justice William O. Douglas wrote in his opinion for the majority, which also
articulated the protection of privacy as a constitutional right.
Griswold was cited as precedent eight years later in Roe v. Wade, extending
constitutional protection to abortion. Once again, the court highlighted privacy,
not the importance of reproductive choice, as a right. Laws against same-sex
intimate relationships would be struck down on similar grounds.
Other privacy protections were enacted, as well. In 1970, rules were made to
regulate the use of information on creditworthiness. The Privacy Act of 1974
established protections for personally identifiable information that was
collected or held by federal agencies. The government tightened oversight for
wiretaps in 1967 and then in 1977, requiring warrants for domestic wiretaps.
But in the decades since then, there has been an explosion in technological
advances and surveillance capabilities. So many more transactions and activities
are carried out over digital networks, and billions of people carry pocket
computers that leave constant footprints. All this can be scooped up by a vast
apparatus of surveillance, to be analyzed by powerful computational techniques,
along with images from cameras on streets, phones and satellites.
Legislators around the world have largely allowed all this to proceed, with the
United States lagging even more.
Fears of how law enforcement and anti-abortion vigilantes could use such data
to hunt down those who run afoul of new laws have illuminated a terrifying
rabbit hole of privacy abuse.
After the Supreme Court’s draft opinion that could overturn Roe was leaked, the
Motherboard reporter Joseph Cox paid a company $160 to get a week’s worth of
aggregate data on people who visited more than 600 Planned Parenthood
facilities around the country. This data included where they came from, how
long they remained and where they went afterward. The company got this
location data from ordinary apps in people’s phones. Such data is also collected
from the phones themselves and by cellphone carriers.
That this was aggregated, bulk data — without names attached — should be of
no comfort. Researchers have repeatedly shown that even in such data sets, it is
often possible to pinpoint a person’s identity — deanonymizing data — by
triangulating information from different sources, like, say, matching location
data on someone’s commute from home to work, or their purchases in stores.
This also helps evade legal privacy protections that apply only to “personally
identifiable information” — records explicitly containing identifiers like names
or Social Security numbers.
For example, it was recently revealed that Grindr, the world’s most popular gay
dating app, was selling data about its users. A priest resigned after the Catholic
publication The Pillar deanonymized his data, identified him and then outed
him by tracking his visits to gay bars and a bathhouse.
Phone companies were caught selling their customers’ real-time location data,
and it reportedly ended up in the hands of bounty hunters and stalkers.
In 2014 BuzzFeed News reported that an Uber executive had admitted to
tracking at least one journalist who reported on the company. In 2012, the
company had also posted data analyses on its blog revealing possible one-night
stands people were having in major cities. In criticizing such practices in a piece
I co-wrote at the time, I pointed out that such methods could also track visits to
Planned Parenthood offices.
Very few companies would boast about such things anymore. But clearly, such
data could be used to identify, for example, women meeting to arrange for
access to abortion pills, and other women who might travel to get these pills or
seek support.
To deflect these dangers, people are advised to leave their phone behind or use
“burner” phones, or turn off certain settings.
None of these options works well.
For one thing, turning off settings in apps doesn’t stop the phone or the
cellphone company from continuing to collect location data. It’s also not
that reliable. I have turned off location tracking many times in reputable apps
only to be surprised to notice later that it turned itself back on because I clicked
on something unrelated that, the fine print might reveal, turns location tracking
back on.
I gave up — and I have been coding since I was a tween, have a degree in
computer programming, have worked in the software industry, and have been
reading and writing about privacy and technology for my whole adult life. My
impression is that friends with similar professional profiles have given up, too.
Using burner phones — which you use and discard — sounds cool but is difficult
in practice. Matt Blaze, a leading expert on digital security and encryption, said
that trying to maintain a burner phone required “using almost everything I
know about communications systems and security,” and he still wasn’t sure he
had completely evaded surveillance and identification.
How about leaving your phone behind? Let me just say, good luck.
Even if you don’t carry a digital device and only use cash, commercially available
biometric databases can carry out facial recognition at scale. Clearview AI says it
has more than 10 billion images of people taken from social media and news
articles that it sells to law enforcement and private entities. Given the ubiquity
of cameras, it will soon be difficult to walk anywhere without being
algorithmically recognized. Even a mask is no barrier. Algorithms can recognize
people from other attributes as well. In China, the police have employed “gait
recognition” — using artificial intelligence to identify people by the way they
walk and by body features other than their face.
Protections you think you have may not be as broad as you think. The
confidentiality that federal health privacy law provides to conversations with a
doctor doesn’t always apply to prescriptions. In 2020, Consumer Reports
exposed that GoodRX, a popular drug discount and coupons service, was selling
information on what medications people were searching or buying to Facebook,
Google and other data marketing firms. GoodRX said it would stop, but there is
no law against them, or any pharmacy, doing this.
That data becomes even more powerful whenmerged. A woman who regularly
eats sushi and suddenly stops, or stops taking Pepto-Bismol, or starts taking
vitamin B6 may be easily identified as someone following guidelines for
pregnancy. If that woman doesn’t give birth she might find herself being
questioned by the police, who may think she had an abortion. (Already, in some
places, women who seek medical help after miscarriages have reported
questioning to this effect.)
I haven’t even gotten to all the data collected on billions of people by giant
technology platforms like Facebook and Google. “Well, don’t use them,” you
might say. Again, good luck.
In 2019, when Kashmir Hill — now a reporter at The New York Times — tried to
cut Google out of her online life, she found it everywhere. Apps like Lyft and
Uber, which relied on Google maps, and Spotify, which relied on Google Cloud,
wouldn’t work. The Times loaded very slowly (trying to load for Google
analytics, Google Pay, Google News, Google ads and a Doubleclick, and then
waiting for them to fail before proceeding). By the end of a week, her devices
had tried to communicate with Google’s servers more than 100,000 times. Hill
tried this for other big five tech companies too, and found them similarly hard to
avoid.
There are many calls to boycott Facebook, but the reality is that it is much
harder than many realize to fully avoid it. First, a large number of civic and local
activities, particularly for disadvantaged people, are available solely through
Facebook. Some important patient groups, for example, exist only on Facebook.
I’ve even encountered situations where school districts sent updates on active
shooter alerts on Facebook.
When my grandmother in Turkey was ill, the only app her caretaker knew how
to use to communicate with me was a Facebook product. Telling people to not
use these powerful platforms if they don’t want to be unreasonably surveilled is
blaming the victim.
Facebook doesn’t just collect data on its two billion users, and it also doesn’t just
collect it from what those people do while using its products. Billions of web
pages (including those of The New York Times) and mobile apps contain code
from the company — tracking pixels — that collect detailed
data, and communicate them back to Facebook. They try to match this to
existing Facebook users, but keep it even for nonusers, creating what’s called
“shadow profiles.” Google’s tracking, too, is all over the web and in many apps
through its ubiquitous ad products. “Just don’t use it” doesn’t get people too far.
Now let’s get to the truly scary stuff.
In his dissent against letting wiretaps operate without a warrant, Brandeis wrote
how, when the Constitution was written, “force and violence” were once the only
means by which a government could compel self-incrimination, but that
governments now had more effective means “than stretching upon the rack, to
obtain disclosure in court of what is whispered in the closet.”
Increasingly, though, artificial intelligence can use surveillance data to infer
things that aren’t even whispered.
About a decade ago, The Times reported about a father whose teenage daughter
suddenly started getting promotional materials for baby items from Target. The
angry dad went to a Target store and got an apology from the manager, only to
learn after confronting his daughter that … she was pregnant. Maybe it was
something overt, like the girl purchasing a pregnancy test. However,
increasingly, such predictions are made by analyzing big data sets with
algorithms (often called “machine learning”) that can arrive at conclusions
about things that aren’t explicitly in the data.
For example, algorithmic interpretations of Instagram posts can effectively
predict a person’s future depressive episodes — performing better than humans
assessing the same posts. Similar results have been found for predicting future
manic episodes and detecting suicidal ideation, among many other examples.
Such predictive systems are already in widespread use, including for hiring,
sales, political targeting, education, medicine and more.
Given the many changes pregnancy engenders even before women know about
it, in everything from sleep patterns to diet to fatigue to mood changes, it’s not
surprising that an algorithm might detect which women were likely to be
pregnant. (Such lists are already collected and traded). That’s data that could be
purchased by law enforcement agencies or activists intent on tracking possible
abortions.
Many such algorithmic inferences are statistical, not necessarily individual, but
they can narrow down the list of, well, suspects.
How does it work? Even the researchers don’t really know, calling it a black box.
How could it be regulated? Since it’s different, it would need new thinking. As of
yet, few to no laws regulate most of these novel advances, even though they are
as consequential to our Fourth Amendment rights as telephones and wiretaps.
***
Despite what my concerns might lead some to believe, I am not a technophobe.
Like many others who study privacy and technology, I’m often an early adopter
of tech, and get enthusiastic for its many potential uses.
But I’m also a sociologist studying authoritarianism, and our digital
infrastructure has become the infrastructure of authoritarianism.
When I started saying this awhile back, many people would tell me that I was
conflating the situation in China with that of Western countries where such
surveillance is usually undertaken for commercial purposes and we have limits
to what governments would want to do. I always thought: If you build it, they
will come for it. Criminalization of abortion may well be the first wide-scale test
of this, but even if that doesn’t come to pass, we’re just biding our time.
Many of our existing legal protections are effectively outdated. For example, law
enforcement can obtain emails, pictures or any data you stored in the cloud
without a warrant, and without notifying you, so long as it is older than six
months. This is because when the initial law on email privacy was drafted in
1986, online, or what we now call cloud, storage was very expensive and people
downloaded or deleted their email regularly. So anything older than six months
was considered abandoned. Almost three decades later, it simply means years of
personal digital history — which didn’t exist when the law was drafted — are up
for grabs.
This doesn’t mean we should snuff out digital technology or advances in
algorithms. Even if it were possible, it wouldn’t be desirable. The government
should regulate these technologies so we can use them, and enjoy their many
positives, without out-of-control surveillance.
***
Congress, and states, should restrict or ban the collection of many types of data,
especially those used solely for tracking, and limit how long data can be retained
for necessary functions — like getting directions on a phone.
Selling, trading and merging personal data should be restricted or outlawed.
Law enforcement could obtain it subject to specific judicial oversight.
Researchers have been inventing privacy-preserving methods for analyzing data
sets when merging them is in the public interest but the underlying data is
sensitive — as when health officials are tracking a disease outbreak and want to
merge data from multiple hospitals. These techniques allow computation but
make it hard, if not impossible, to identify individual records. Companies are
unlikely to invest in such methods, or use end-to-end encryption as appropriate
to protect user data, if they could continue doing whatever they want.
Regulation could make these advancements good business opportunities, and
spur innovation.
I don’t think people like things the way they are. When Apple changed a default
option from “track me” to “do not track me” on its phones, few people chose to
be tracked. And many who accept tracking probably don’t realize how much
privacy they’re giving up, and what this kind of data can reveal. Many location
collectors get their data from ordinary apps — could be weather, games, or
anything else — that often bury that they will share the data with others in vague
terms deep in their fine print.
Under these conditions, requiring people to click “I accept” to lengthy legalese
for access to functions that have become integral to modern life is a
masquerade, not informed consent.
Many politicians have been reluctant to act. The tech industry is generous, cozy
with power, and politicians themselves use data analysis for their campaigns.
This is all the more reason to press them to move forward.
In his seminal dissent against warrantless wiretapping, Brandeis quoted an
earlier justice, noting, “Time works changes, brings into existence new
conditions and purposes. Therefore, a principle, to be vital, must be capable of
wider application than the mischief which gave it birth.”
That core principle of liberty, the right to be free of intrusions and surveillance
of this scope and scale, needs to be defended against the new technologies that
have undermined it so gravely.
Otherwise, as Brandeis quoted in his dissent, “rights declared in words might be
lost in reality.”