Privacy Online

Privacy has become a dirty word; it stands for a paradox, a poor joke, and an aspect of life that has undergone a significant paradigm shift since the impingement of the Internet on our lives.
 The paradox here is that we seem to volunteer up our personal data quite freely, imprinting our tiny slice of cyberspace with our thoughts, feelings, likes and dislikes, yet we maintain a proclivity towards conjuring up grand sentiments of anger and fear when our perceived rights to privacy online are violated.
 The poor joke is that we are constrained by the irrelevance of choice; the compounding losses associated with opting out of social media, media sharing platforms, and whatever other online niches we might be intrigued by.
 The significant shift alludes to the way in which the handling of our personal data has undergone a transformation from when we used to selectively divulge personal information at the behest of government agencies, or private corporations, to be stored in a physical medium, to the way in which we can now transform those bland forms and contracts into pieces of digital information, to be stored, copied, downloaded, uploaded, manipulated, and transferred, in an instant.

Privacy is messy, complex, and fluid; we can examine the individual's right to seclusion, or the right to decide when, how, and to whom, your personal information is communicated, or we could consider the legalistic slant, of defining privacy as a right with the individual at the crux of the data, enabled with the choice to volunteer access and control to others. Ought we to consider privacy as a moral obligation, or as a societal norm? Should we apply existing laws to protect privacy online or should we simply leave it in the hands of the end-user?
Regardless of which approach we choose to begin the process of conceptualizing privacy, we can agree on a few basic values of privacy.

I would argue that privacy is a 'democratic' good, similar to the way in which the ancient Romans held wine to be a 'democratic' good; that is to say that every individual, regardless of socio-economic status, origin and environment, ought to enjoy the same benefits and pitfalls of the good. Just as a lowly born pleb might find himself inebriated after his third amphora of wine, the noble patrician would too feel the pangs of a hangover post alcoholic revelry. All users online ought to be afforded the same level of privacy online; that is to say that they ought to be able to decide when to volunteer up personal information, be safe in the knowledge that that information will not be sold or revealed to unseen forces, be afforded security via the ability to change and update that information, and not have an altered Internet browsing experience because of that information's presence on the server.

I would also argue that privacy is linked to autonomy, so that each individual user should be able to upload personal information, choose a pool of people to share that information with, and then restrict all undesirable forces from viewing and colonizing that information. If we allowed others to manipulate the information we've volunteered, we lose our ability to operate as self-interested autonomous actors, thus stripping away what decades of development in liberal-democratic nations have hoped to achieve in terms of liberty and freedom of thought, speech and expression.

Privacy online ought to be viewed as an intimate relationship between the user and the user's chosen set of entities to view that information. Just as we are constrained from installing wiretaps on our neighbors phone lines, we must see the same type of decency afforded to individuals online; to exploit loopholes on social media sites, or be the victim of an uninformed sale of personal information to ad agencies, it would be beneficial to instead allow only the user him/herself to decide on when to press ahead with sharing information with the world at large.

Inherent Tensions on the Internet

When Mr. Bungle first initiated his despicable sexual violation of female avatars on LambdaMoo, little did he know that he would be the catalyst to discourse regarding the boundary between cyber life and real life; at the outset of his cyber rape was the creation of the @boot function (to kick lowlifes off of the server) and a voting system, centered around the implementation of what users specifically wanted to see on LambdaMoo.

The LambdaMoo cyber rape, the first 'rape' in cyber space, has become a hallmark of Internet and new media studies, as it was something wildly offensive and never-before-seen on the world wide web. A decade or so later, and cyber rape and cyber-bullying are now mainstream issues to be dealt with by students of Internet governance; with one of the most recent and tragic events being the suicide of Amanda Todd, compelled by relentless cyber-bullying.

What compels a human being to act in such an anti-social manner? The fault lies with both the tool and the user; the Internet affords us the ability to act as anonymous actors, and the latent, or repressed, fantasies of mankind are allowed space to breathe, develop, and experiment. Academic Martha C Nussbaum states that "the internet is a self-enclosed, self-nourishing world that is remarkably resistant to the reality outside." However, there is a spill-over effect; when media posted online has a real-world consequence (as seen in the suicide of Amanda Todd).

Levmore argues that the Internet is a far less regulated place than any other institution, and that whilst we can physically remove denigrating media in the real world, such items can be hosted online indefinitely. Levmore also argues for the reformation of section 230 of the United States Code, where such reformation would allow content hosts to take down any material deemed inappropriate. However, this then is in tension with the free speech argument of the Internet, that the Internet has been, and should always be, a forum for unfettered expression.

This leads us to the inherent tension on the Internet; the struggle between what it represents and what it allows. If we are to use the Internet as a forum for free speech, ought not all speech be permitted? Who is to judge what is permissible or not, and by what stick would they measure suitability? Who has jurisdiction to prosecute offenders and ought we to create more fora of non-anonymous communication?

The spillover effect of media posted online ( this can be real life details such as home addresses, phone numbers, education details) must not be left out of consideration when lawmakers get around to amending legislature, but the degree to which the offender is penalized might stir up a storm of debate on the very nature and purpose of the internet (as seen when the DMCA is debated).

Heartbleed

For 2 years Heartbleed, aka CVE-2014-0160, has been affecting the way websites protect information, allowing access to secret, or proprietary data (such as login and credit card information, as well as metadata). When news of its existence hit the mainstream consciousness, a mad scramble toward understanding and subverting the bug was underway, with mass media coverage, online bug-check tools, and an attempt to patch up the exploit.

But what is Heartbleed and what does it attack? How does a coding error allow access to personal information and even enable to NSA to do their work with even more devious ease?

It is important to understand that Heartbleed is not a malicious line of code, floating around the Internet; it is an exploit made possible by coding errors in the OpenSSL design. OpenSSL is a protocol that allows for the basic cryptographic functions of the transport layer security (TLS) protocol. Basically, it allows the transport layer of the Internet, the code that allows us to connect to websites, servers, each other over VOIP applications, chat to one another, even write and post blogs, to function.
Coders are currently working to produce version 1.02 of the OpenSSL protocol that cleans up the issue, but as of now, the bug allows for hackers to send a 'heartbeat', a small packet of data, that prompts the recipient computer to respond with a line of data. This line of data could be any type of personal information, and thus the Heartbleed bug became a silent backdoor exploit for nefarious hackers and surveillance agencies.

While most users will be unable to do anything about the bug, the only afforded safeguard is to change all passwords and check back with your most frequented websites for news of a fix. The real uphill battle is for website owners, who must now wait on a fix in the OpenSSL protocol.