Google’s acquisition of DoubleClick raises many major privacy concerns. Throughout the late 90’s DoubleClick was the boogyman of the privacy community. More recently Google has taken on that mantle. The combination creates an information harvesting juggernaut.

Google is in a position to see the search terms, and thus focus of interest, of the vast majority of Internet users. Most users start most searches or web expeditions with a Google search. Their logs contain a fairly complete history of the interests of their users going back for years.

DoubleClick has a view of user activity after the search across thousands of websites. Banner and other website ads are not actually hosted on the websites on which they appear. DoubleClick serves the content from their servers, and handles any clicks on the ads. Importantly, DoubleClick can gather your information even if you don’t click on the link. Simply viewing the ad is enough for them to cookie you, to gather your IP address, and store that along with the URL you are viewing.

Combined, this enables the creation of a database most searches along with most subsequent web surfing activities. Nearly ubiquitous Internet monitoring by a single entity will be a reality after this merger. Having both the search information and the surfing activity give the answer to both the what and why of a users actions. The merged data is much more powerful than the individual components, and serve to fill in the gaps in each other’s coverage.

Ironically, even Microsoft is talking about the privacy risks of this merger. Redmond | News: Microsoft Warns of Google-DoubleClick Danger

The Electronic Privacy Information Center (EPIC) has gone so far as to file a complaint with the FCC.

I have been following a number of stories like this,Congress Follows Email Trail - WSJ.com, about the Whitehouse use of RNC controlled email accounts to discuss the firings of federal prosecutors. The law appears quite clear. Official Whitehouse email is a document that must be retained. Discussions of firing federal prosecutors sounds official to me. Therefore the Whitehouse was wrong to use outside email addresses to keep the discussions secret.

I am not comfortable with the law in the first place. Email and other electronic communication media like chat and IM are often used more like casual conversation than formal memos. Few would argue that the President’s every word should be recorded at all times. It would make discussion and debate next to impossible. In the process of thinking through an issue one may consider many potentially unpopular ideas, if only for the purpose of argument. Free and unconstrained give and take generally leads to be best understanding and decisions. Free and unconstrained debate can not take place with the world looking over your shoulder and scrutinizing every word.

If we accept that email and chat are used like conversation to hash out ideas, then it is very damaging to the process to place heavy recording and monitoring requirements on it. At the same time, having no oversight substantially reduces accountability. It might even facilitate corruption.

This really shows in a microcosm the greater question of general communications privacy vs. law enforcement access. It is a hard balancing act because there is very little middle ground. Basically you are either monitored or not. Having monitoring of a random half of the messages is going to make everyone unhappy.

April 2, 2007 - Fortify Software Documents Pervasive and Critical Vulnerability in Web 2.0

It looks like, in addition to the privacy risks of voluntarily revealing information through Web 2.0 sites, weaknesses in the most common frameworks will enable malicious attackers to gather even non-public data from these sites.

Web 2.0 generally refers to web sites that are either web applications or are based on community content. In either case they involve the users uploading substantial amounts of possible sensitive personal information to the sites. I predict that a great deal of damage may result from this in the long run.

As a followup to my discussion of risks of online tax filing, here is an article on security weaknesses at the IRS. Report: IRS bungles may imperil data
It does not appear that this is particularly connected to online filing, but rather an overall laxness in their security.

In talking to David Utter of SecurityProNews I happened to mention a risk of Twitter that I think has been overlooked. Twitter can put you at physical risk because it can let a stalker or robber know when you are at home or away, and if you are alone or vulnerable. You can read his article on our conversation here

The Motley Fool has a nice blog post on issues involved in electronic filing of tax returns.

There are a couple of important points to be made here. First of all…

• The IRS has all your information and it will be in digital format (accessible by computer);
• You are exposed to some points of vulnerability when filing electronically, rather than on paper;
• The information on your PC is vulnerable to theft (whether you send it electronically or just use tax software);
• Your information is vulnerable on the Internet-accessible servers to which you upload your data; but
• On the flip side of the coin, paper returns are subject to loss, theft and mishandling as well, both in transit and within the IRS.

It is somewhat similar to using a credit card. You can risk online theft when conducting an e-commerce transaction, or real-world theft when handing over your card to a minimum wage worker over a store counter. Risks exist both ways.

At this time I think the jury is out on which is safer, but, for the record, I file electronically.

I was just sent a link to an improved attack on WEP for WiFi. WEP (Wired Equivalent Privacy) is no such thing. Erik Tews, Andrei Pychkine and Ralf-Philipp Weinmann at the technical university Darmstadt in Germany have a paper and proof of concept implementation of an improved attack on WEP. This attack should be able to compromise WEP security in under a minute under normal conditions with an inexpensive laptop.

In reality over half of deployed wireless nodes have no security enabled at all, so WEP is certainly an improvement on that. A much better solution exists called WPA. It is available on almost all WiFi devices, and should be used wherever possible. While WPA is not perfect, there are no efficient attacks against WPA, however experts are still not confident in its security. If you have a high security application, stick with a wire, and/or use a strong VPN within the WiFI connection. I am a belt and suspenders kind of guy, so I like to use multiple layers of security whenever possible.