Search This Blog

Wednesday, December 22, 2010

Tuesday, December 21, 2010

New Hardware Products

Here at the Lone Wolf we don't just work on software.

Over the last nine months or so I have been working on some ideas for some "old barn" inspired cabinetry.  I have been debating about what to do with this and I have decided to offer for sale a line of custom cabinets, counter and sink tops.

On our property we had an old barn.  It was built in the 1850's and was a "Dutch" style.  There are a lot of these in the neighborhood where we live.   It was getting a bit weathered and there seemed no point in doing a lot of work on it since we did not plan to continue using it as a barn.  So in 2006 we knocked it down.

We decided to use the parts of it in an addition we planned to build to our home.  The goal was to preserve the design and "nature" of the barn while at the same time bringing it into a modern home.  (We had looking into making the barn a house but decided there were too many problems.)

Here is an example of what the counter and sink tops look like.  The counter top is joined, hand-matched oak splits.  Each is about 1" and matched with its neighbor.  The top is basically a custom marine-style finish of tung oil and spar varnish.  The hardware was selected to resemble the colors you would find in vintage 1850's metal.  (The rest of the powder room is not complete as can be seen from the missing trim.)



The base is made from the siding from the old barn we took down on our property.  The wood here is untreated siding that has been exposed to the elements for the last 150 or so years.  The flooring here is tile matched to the style of the base.


Here is another view of the sink top.  I was a bit worried about joining the top and sink but it worked out okay.


There is still a "skirt" that fits between the underside of the top and the base.  I will post a picture of this when my wife completes it.  It will be woven wood strips.  There is also a back splash that is not yet complete. 

The goal in creating this was two fold - create something that would work at its intended purpose as well as be a pleasing art work that brought the old barn into a modern house.

The goal here is to sell something that people would be proud and pleased to have in their homes.  Most of my life involves building things of one sort or another targeted to specific, one time uses and this is really no different.

Ideally potential customers will have hardware (like the Kohler commercial were the wife plops down a faucet and asks the architect to build a house around it) and I will create the rest.

Though this is inspired by the barn I have no compunction about creating other types of cabinetry.  My dad, an architect, was an actual student of Frank Lloyd Wright so I am well versed in all sorts of other types of design.

More on this to come over the next couple of weeks...

Net Neutrality

The new FCC "net neutrality" will be dumped into our laps today.

The FCC Chairman, Mr. Genachowski, wisely decided that the internet was not a "telephone system" and that he would not use his telephone regulatory powers to control it with government regulation.  This was back in May.  Telephone regulation, which has deteriorated along with the use of antiquated "telephone service", was very harsh and focused to a larger degree on tight regulation across the board - the idea being that any "monopoly" had to be tightly controlled by the government to ensure that it treated everyone and everything equally.

What this meant, among other things, wast that the telephone company (the old "Bell System") had to charge rates that the government thought were fair.  These rates included profit so retired little old ladies that owned the stock would get reliable dividends, investment so that there could be things like Bell Laboratories to create new products, service so that there was always a "dial tone" when you picked up the phone and infrastructure advancement so that year after year there would be improving service.

So the "Bell System" could live and grow but it couldn't charge too much to do it.  It had to include in its service areas those in rural, hard to reach areas as well as those in big cities.  This system worked okay for about a century or so.  It created one of the best telephone systems in the world - reliable, relatively cheap and accessible.

All this came to an end in, appropriately enough, 1984, when telephone companies were "deregulated".

The result of deregulation is what you see today - zillions of methods of voice and video communication - most which did not exist in 1984.  Intense competition on features and cost.  Constant innovation and change.

The FCC was in charge of all this prior to 1984 - it was their big claim to fame.

The new "net neutrality" appears to be a problem in search of victims.  No one I know, and I've been a net user since before it was publicly possible to do so (1981), has ever had a problem accessing the internet.  Sure you might have had to use dialup because other alternatives were too expensive, but it was always possible.  For a long time Lexigraph used T1 service - 1 Mbps up and down - connected to your office via phone wires.

The new net neutrality is an obligation of the FCC since one of the FCC's priorities is to ensure the broad spread of technology like the internet across the country.

But the real issue, as I see it, is one of money.  The growing spread of interactive and streaming video is putting a strain on some parts of the internet.  High speed broad band and content like this blog go well together - not much data volume and lots of places for it to go very quickly.

Video is a different story - much more data intense and thus it hogs up much more bandwidth.

So the question becomes very simple.  If I am a cable provider, say, like Comcast, that sells Mr. A internet service is it "fair" that Mr. A acquires Netflix online and streams HD video over my wires to his house to watch movies that he would otherwise get from me.

When just a few Mr. A's did this it wasn't a problem, but as more and more do it, the Comcasts of the world are forced to improve bandwidth to each household.  This costs Comcast money.

One option for Comcast was be, for example, to simply block Netflix.  Comcast actually block BitTorrent sites for a while until they were caught.

Under the new net neutrality Comcast would not be allowed to do this.  Nor could they "slow down" Netflex sites so that the movie quality sucks and no one would want it.

Currently companies like Comcast and Netflix must work out these sorts of issues on their own in a free-market sort of fashion.  For example, Comcast requiring Netflix pay an extra fee for hogging up Comcasts bandwidth.  Presumably the price differential would be covered in the fees Netflix charges its customers.  This is considered to be self-regulation.

The real questions as I see it are this:

1) Companies that need to maintain a bandwidth balance have a reason to do so without the FCC.  Blocking popular sites will results in a hue and cry that will create embarrassment and shame for those involved, and, more importantly, cost them customers.

2) Secret blocking and slowing of sites can and does occur, e.g., Comcast and BitTorrent, but currently there is no "court of last resort" for anyone to go to resolve this; the new net neutrality establishes the FCC as this court.  (In 2008 Comcast demonstrated in court that the FCC did not have the authority to regulate this sort of action.)

3) There is strong pressure for "special interests" on both sides to turn the internet into newer versions of telecommunications, radio, TV and media companies replete with special interest lobbies, special laws, and so forth that I believe must be eliminated for an open internet.

The big win for everyone is a free, open internet.

The big loss for everyone is a free, open internet. 

Why?

Without regulation corporate "robber barons" will take charge and tax and regulate and control the content, speed and access.

With regulation "big government" will constantly meddle in the guise of fairness, ultimately taking charge and taxing and controlling and regulating content, speed and access.

What's really required from the FCC is the "dim mak" (deft touch) approach. 

Leave the playing field open and clear of government intervention and obstacles while maintaining just enough sheriffs in the wings to ride out and stomp out trouble if they see it.  The corporate big boys will want to steer clear of potential trouble and work out their issues on their own.

Yes, I know its fantasy land...

Monday, December 20, 2010

VDP: Violating Privacy?

For the last decade or so Variable Data Printing (VDP) has been the "holy grail" of print and marketing communications.  Find out what it is that people are interested, provide a focused ad that matches their interest, and the chance of a purchase is significantly increased.

About three years ago DirecTV began working on targeted TV ads and has formed a partnership with Starcom MediaVest.  The goal of this adventure is to provide "addressable messaging" at a national level.  The key here is that companies like Proctor & Gamble, General Motors and Coca-Cola what a large platform for variable message marketing.

By large platform they are looking for millions of people.  DirecTV has a customer base of about 19 million subscribers - each, as part of the service, has set-top box capable of delivering a specific message during certain points within its programming.

This, however, does not mean your desktop box is "watching you" and recording your activities.  Though it can and may be for other reasons, for this particular program DirecTV and Starcom are buying third-party address data and using it to drive the program.  So by going with a traditional marketing source for household demographics they can decide whether you will see the dog food ad or the ad for cat litter.

If we compare this to VDP we can see that VDP pales in comparison.  First of all, there is cost.  You can probably purchase local cable ads for as little as $50 USD a spot.  Though you would want a long-running program of multiple spots over time to achieve audience penetration (running the ads frequently enough so that people notice them).  Of course, you can spend millions of dollars running super bowl ads, but that is the exception rather than the rule.  VDP, on the other hand, requires at least $.44 USD/piece in postage alone.  Obviously you must pay to create the ads in either case.

Secondly, and more interesting, large companies want larger ad bases - national based ads with success scalable to millions.  To achieve this with print the cost is insurmountable.

In any case VDP has rolled along for the last decade, albeit relatively slowly when compared with the progress DirecTV plans to make in terms of audience size and scalability. 

During this time no one that I know of ever really made much noise about the privacy issues related to VDP.   While there have always been privacy issues associated with email opt-in and so forth nobody every really thought much about print privacy.  I suspect because variable printing typically involves one of two types of information: account based in which case you are already a customer or demographic "junk mail" based where the piece is generic enough that you don't consider your receipt of it a privacy issue.

In Europe, for example, there isn't the same "junk mail" model - its a crime to mail people unsolicited offers.

Today, however, things are starting to change.  During most of the last decade there was little general public awareness of what information might be "known" about you.  Everybody understood that big mailing databases existed and that you were probably in them - but the information was not considered to violate anyone's privacy to any significant extent.  Certainly you could get yourself removed from most "junk mail" lists if you worked hard enough at it.  (I recall a friend once explaining that he had managed to stop the delivery of the weekly coupon flier to his mailbox - I think it took months - but he accomplished it.)

With the ubiquity of the internet things are not so easy.  First of all, most people don't realize or understand that what they "do" on the internet is not "owned" by them.  What I mean by this is that if you sit at home and browse a catalog the catalog does not collect information about what you are looking at.  On the other hand, if you browse someone else's web site its perfectly legal for them to record everything you do there.

The issue is that the "privacy model" from the catalog world is what the internet user assumes when going on line.  Most people, being non-technical, don't or can't understand the difference.

Secondly, the "feedback loop" that brings a targeted ad back to a customer is much tighter online.  The time scale is smaller and the targeting much tighter.  If, for example, you buy from Amazon you are likely to get an email explaining what others who bought the same thing as you did also bought.  (Recently I bought some router bits and about 10 days later received an email offer to buy other types of router bits that others had also bought.  This is sort of a poor choice on Amazon's part because what you do with the bits is just as important as which bits you buy - and they don't collect info on what you are using them for.)

People notice this.  In a VDP campaign it might be weeks between mailings and a purchase and you are less likely to realize that some private information might be involved.

My guess is that there will be new privacy laws driven by all of this.

More importantly here, things like VDP will be negatively impacted because they will be lumped into the broader "privacy" picture.  This is a shame because VDP has pioneered much of the personalization marketing effort - particularly in areas like casinos. 

I see two things happening. 

One is that there will be a clear distinction between opt-in and "junk" advertising.  Opt-in will cover anything that you agreed to (by email, by clicking "send more information", and so forth).  Junk will be considered anything you did not ask to be involved with.  The Google's of the world will continue to collect data but it will be anonymously unless its opt-in.

Second we will see "privacy laws", like the European junk mail laws come into play on electronic advertising.  Here things will become interesting and there will have to be some means to decide how much privacy "invasion" is too much.  Is my privacy invaded if you show me a cat liter ad instead of a dog food ad?

I suspect that the issue will be this:  If you choose to use electronic and/or non-cash means to purchase things then your information will be fair game.  If you are so adamantly opposed to being "watched" that you only pay cash at Walmart then you will effectively opt out by your actions.

There will be "opt out" and "browse privately" technologies but they will not do much in the long run other than eliminate blatant privacy violations because most people won't be able to distinguish between a generic "ad" and what looks like a generic "ad" targeted specifically at them.

In any case VDP and print will probably sucked into the maelstrom and doing anything that's too "personal" will become a crime.

Friday, December 17, 2010

MERS: Who Really Owns Your Mortgage?

I often write about privacy.  This post is a bit different in that it address something associated with "lack of transparency".

Mortgages and other public documents, as I have written about here before, have in the last few centuries relied on the transparency of being recorded publicly.  This means that when you purchase a home and take out a mortgage the mortgage is recorded in a publicly available book somewhere in your country (at least in the US).  The book records information about you, the property, the terms of the note, and most importantly the mortgage holder.

The mortgage holder would be the bank loaning you the money.  Before the last decade or so this was about all that happened in the county clerks office.  Sometimes the bank would use a service firm to collect payments but the bank was always recorded on the mortgage.

Associated with this process were various fees.  If you have a mortgage you have seen them.  Typically at closing you pay $115 (for example) to the County Clerks office to "record" your mortgage.  "Recording" is the process of putting it into the public book.

More than a decade ago your bank "Home Savings and Loan", or whoever they may be, realized that mortgages could be pooled together to form investments others would buy.  Typically this meant the mortgage holder on the mortgage would change a few times: once when the loan was sold to a broker and again when that broker sold that loan to a Trust or other investment vehicle for investors to buy.  The reason this paper work changed is that each point someone else besides "Home Savings and Loan" effectively took over the mortgage.  These transactions were recorded at the County Clerk's office so that if you failed to make payments it would be easy for the mortgagee (who ever it was at the time) to process the foreclosure.

(Foreclosures typically require the actual mortgagee to be present in court and to prove that they are in fact who is entitled to take the property back.)

None of this was a problem until the industry of creating investments from mortgages took off.  This business involved creating a single investment from thousands of mortgages across the country.  In turn this required the originator of the investment to send minions to all corners of the country to to record changes to mortgages in each and every Country Clerks office to represent the true state of ownership.  This was an expensive and tedious process.

In order to bypass all of this overhead the white paper was circulated at a Mortgage Banking Association meeting in the early 1990's.  This white paper described a system where a "electronic construct" would take the place doing all this paperwork.  Mortgage companies would interact with the "construct" rather than the County Clerk's offices and transferring mortgages around would become very simple.  The "electronic construct" would handle the details and stand in place of the actual mortgagee.

By about 1997 MERS (Mortgage Electronic Recording System) was launched to perform this service.  Initially a bank would close on a mortgage and then assign, through a traditional Country Clerk's office transaction the mortgage to MERS.  MERS created an MID (Mortgage ID) for the mortgage and provided this to the bank.  Now all the banks participating in MERS could exchange mortgages by simply moving around MIDs.

Eventually, around 1999 or so, the banks began having the mortgages recorded in the name of MERS int he first place.  Now MERS here just acts as a "placeholder" for the real mortgage bank.  Though their name was on the mortgage paperwork the intentions was that the relationship was still between you and the originating bank.  MERS could not foreclose, collect payments, etc.  That was the banks job.  MERS job was simply to make trading the mortgage easier and cheaper by eliminating the County Clerk's office and associated fees and tedium of having to update the paperwork as the mortgage traded hands.

Around this time (1999) if a default happened the true owners would show up and effectively "pretentd" to be MERS in any court or legal proceeding associated with the default.  Moody's Investor Service put its "stamp of approval" on this "pretending" idea and the mortgage as an investment market exploded.

In the intervening decade MERS came to be the name on approximately 60 million US mortgages.  With the financial mortgage crisis of 2008 the "pretending" model of foreclosing suddenly became a serious issue.  The issues are (from this paper) "(A) whether MERS owns title to mortgages either as a mortgagee or an assignee; (B) whether MERS has standing to bring foreclosure lawsuits; (C) whether MERS is a "debt collector" for purposes of the federal Fair Debt Collection Practices Act; and, (D) whether MERS has priority against subsequent bona fide purchasers for value (including bankruptcy trustees)."

Now, with millions of loans in foreclosure, a significant problem emerges.  Courts do not like "legal pretending" when someone is going to lose their home.  So, if MERS is on the mortgage as the mortgagee then the court expects that MERS actually owns the mortgage, which it does not.  Sometimes MERS tries to pretend its an "agent" for the real mortgagee but that conflicts with the fact that it is itself listed as the mortgagee.  (You can read about this in detail in the link provided above.)

The bottom line is that MERS is basically just a "placeholder" for a real mortgagee and there is no legal concept to go along with that, i.e., the courts and County Clerk's offices around the country don't recognize this.  They understand a mortgage, a mortgagee, a mortgagor, but not something that is none of these.

This problem creates a second difficulty.  Since MERS isn't the "holder of the mortgage" in any way that a court or legal system recognizes its easy to show that MERS, though it is listed on the mortgage documents, does not have legal standing to foreclose.  This is sort of like Julie borrowing money from Bob, Julie not paying Bob, and Sam coming to collect.  Though Sam might be able to do this if Bob is a loan shark the legal system does not recognize Sam's legal standing between Julie and Bob.

There are Federal laws related to consumer debit and item (C) above comes into play here.  The problem here is that the Fair Debt Collection Practices Act (FDCPA) does not recognize something like MERS.  It says that MERS must either be the debt collector or it is not - it cannot be both.  The problem here is that if MERS "get's away" with being a "placeholder" for the mortgagee then its likely other debt collection services could use the same tactic to circumvent the FDCPA.  This creates a problem for the courts when it treats transactions with MERS.  Too many findings one way or another create problems.

Finally, MERS creates a serious problem for foreclosure.  Mortgage recording in the County Clerk's office creates a legal "backstop" for tracking the ownership of a property.  If a mortgage is not properly recorded then the mortgagee may not have standing in a bankruptcy and could, for example, be considered an unsecured creditor rather than a secured creditor.

Courts take a very dim view of slipshod paperwork and have found mortgages invalid for extremely minor paperwork related details.  If single MERS mortgage were found to have such a flaw it could be argued that all the MERS mortgages in the state (because these are state laws) with the same flaw are equally invalid.

All this said MERS did not cause the 2008 financial crisis but it was certainly a contributing factor.  What part it will play in resolving the crisis from the perspective of mortgages, robo-signing and the rest is still unclear.  Further, MERS is a direct attack on the transparency of printed and direct public records.  You and I cannot access MERS to see where the ownership of our mortgages might be (MERS data is only available to those who "own" it).  This veil of secrecy flies directly in the face centuries of state and federal law which attempts to keep property transaction public and works very hard to ambiguity out of property ownership.

Again, if these were a few mortgages here and there there would not be a problem and the courts would work this out.  Unfortunately, one half of all mortgages are recorded via MERS.

MERS represents the destruction of centuries of legal work to make a fair and clear mortgage system.  It was created to facilitate the creation of investment vehicles who's very value MERS now undermines.  Until recently I had never heard of MERS and no doubt neither had you.

MERS was created by "big Wall Street Banks" - so is it evil? 

Well that's really what's hard to tell.

The investments created in part by MERS are probably paying your retired parents or grandparents bills as part of pensions.

The "poor folks" who government policies at Fannie and Freddie Mac helped to buy homes would probably not have them (provided then are not in default) if it weren't for MERS.

MERS undermines centuries of law and will no doubt leave a lasting and permanent mark on the history of property ownership in this country.

It will no doubt take a full decade or more for this to be resolves (the RIET trust used to resolve the savings and loan crisis from years ago took as long).

The problem here is that everyone is greedy - the home owner, the retiree, the banker, the County Clerk, everyone.  All profited and are are being punished.

Now, for me, who did not participate - is it fair I should be punished?

Thursday, December 16, 2010

The Cyber War for Your Wallet

Last year on black Friday about .1% of all shoppers used their smartphones to compare prices at retail websites according to this WSJ article.  This year that figure increased 50-fold to 5.6%.

Today these apps, provided by retailers like Amazon (see this), allow customers to do an in-the-store price comparison with websites.  In the case of Amazon, an iPhone app called Price Check allows immediate comparisons by simply entering in the product or model numbers.

What does this mean for the days of the circular newspaper or USPS mail flyer?

Nothing good, I'm afraid...

For decades the pricing model of retailers has always focused on offering "loss-leaders" to customers - low-ball pricing on specific items - in order to lure the customers into the stores.  Once there the hope was that the customer would then spend money on other, higher margin items.  This higher margin, of course, would provide profit and cover the cost of the flier or advertising that brought in the customer in the first place.

Its very sad today looking at companies like Vertis that specialize in this sort of printing (from their website) we see they offer printed products like TV books, Magazine inserts, Special sections, TMC wraps, and Sunday Comics.  In my house we do all of our newspaper reading online.  Books are still purchased but that will be changing soon.  We do all of our magazine reading online save for one or two.

From my perspective Vertis doesn't produce a product I will see or use (save for the bundle of weekly shopping ads I throw out once a week).  I'm in my mid-50's.  Imagine how much of what they produce will be seen by my daughter who is 30...  No, it will all be done by smartphones.

So what does this have to do with Amazon iPhone apps like Price Check?

Well, for one thing the "online shopping" phenomena has now passed on from making newspaper and prints ads obsolete to making the basic "loss-leader" retail model obsolete.  The basic "loss-leader" model always relied on the impulsive behavior of shoppers who would tend to purchase something they wanted if they saw it in the store regardless of how they got into the store.  We've all done it to some degree - you go through all the work of getting to the sale or store based on some ad or item you wanted to buy and, while you were there, you bought something you hadn't planned on.  Did you get the best price on that particular item?  No, probably not.  But there was the gratification of knowing you had found something you were looking for.

Now let's think about this model with something like Price Check.  First of all, at least in my experience, there is a "pricing tolerance" window when shopping retail versus online.  This is the "don't care" difference between buying it now in a retail store versus buying online.

What does this entail?  For me this involves comparing:

   - Cost differential "out the door".
   - Cost of shipping.
   - Delay in receiving the item.
   - Likelihood that the item is really in stock.

So, for a $39.95 item that I can buy in the store while I'm there the price will have to be substantially lower on a percentage basis for me to bother ordering it online - particularly if I need the item for some reason (why not just buy it now versus order it online and get it for $34.95 a week from now).

As the price increases this becomes different.  I typically don't buy things that cost more than say $100 USD without planning.  Planning for me involves time and web-based research.  Examining the pros and cons of items, the costs, shipping, deals online, and so forth.  The cost of shipping versus taxes comes into play.  There is also the issue of support and service.

The decision becomes a time-dollars-cost-service model.  Making the purchase retail in a store for me is easier the less the item costs.  As the total cost of the item increases then I tend to buy online unless there is a service-related issue (where will I take the item for service) so long as the online price (including all shipping, taxes, and so forth) the same or less than the retail purchase.  Online stores typically have exchange policies on items where you simply return a DOA product which is a hassle - but not a big one.

Being a musician I have seen this develop over a long period of time.  Where I live there is a big-box music store (Guitar Center) and a locally owned Pianos'n'Stuff.  Over time I have learned that anything I buy online comes from the same warehouses that both retailers use (no one bothers to hide the UPS shipping labels).  So the product is exactly the same from all three places and probably comes from the exact same warehouse.

For music stuff support and hands-on comparison is sometimes important so I will use the locally owned store.  Buying from the big box store is virtually the same as buying online.  As the items become more expensive, though, its tempting to take an online deal over the local store.  What's the threshold for that?  Probably a couple of hundred dollars an a big purchase - that couple of hundred dollars will support the cost of any online purchase issues and so forth.

Now let's look at the big picture for Price Check.

Price Check is a simple calculator that tells you what the difference is between shipping the product to your house versus purchasing it from the retail display in front of you.  The cost difference includes the mortgage, support staff, advertising, etc. etc. that went into creating that big box retail store.  So really you are comparing all of those costs against shipping - probably from the same warehouse.  Which is going to win? 

Well, unless you need the item right now shipping to your doorstep is going to be a lot cheaper.

The next step will be for things like Price Check to begin using location-dependent information from your smart phone.  For example, Amazon will only offer a big discount on some item when you are actually in the big box retailer's store. 

This will become the "treasure hunt" model.  Imagine the scene where customers run from store to store waving their phones around to find that ad for the special deal - and then going home empty handed and waiting for the item to arrive in a few days.  The big box stores will, of course, counter with their own "in store" specials based on location in the store itself (or maybe the parking lot) - I suppose smartphone-based in-store coupons triggered by behavior in the store.

The black Friday stampedes killing shoppers at Walmart will be replaced by random collisions of shoppers, carts and automobiles caused by shoppers too lazy to look up from their smartphones wandering in front of drivers doing the same.

As with most things like this is all a race to the bottom - this time for retailers.

The products are sitting in the same warehouse regardless of where you buy them from.  They are going to ride on a truck somewhere.  Do they go to your house directly or a big, expensive store with lots of overhead where you will have to pay more?

Sadly, this is already impacting big box retailers like Best Buy.  In today's tight economy customers are flocking to better deals elsewhere.

Its only going to get worse because website cut out an entire cost element when you compare purchasing direct versus purchasing through a brick-and-mortar store.  Like the printed ads before them they are destined for the scrap heap of obsolescence.

Wednesday, December 15, 2010

Smilin' Bob: Defending Your Constitutional Rights

We've all seen "Smilin' Bob" on TV - he sells (or rather used to sell) Enzyte - the male enhancement product (according to past advertising).

Well, its seems old Bob has, no pun intended, fallen on hard times.

But, as all good hero's do he's left us with some goodies.  In this case a positive affirmation that your email will require a court order should someone in the government want to see it.

So just how did Bob go from selling Enzyte to constitutional heroics...?

Here's the story.

Smilin' Bob was created by a company called Berkeley Premium Nutraceuticals, Inc. in 2004 as part of an ad campaign to sell Enzyte.  He, along with "Mrs. Bob," appeared all over TV in commercials "cit[ing] a 2001 independent customer study,  which purported to show that, over a three-month period, 100 English-speaking men who took Enzyte experienced a 12 to 31% increase in the size of their penises" according to this legal opinion.

Berkley was created around 2001 by Steve Warshack and his mother, Harriet Warshack.  The company began with humble beginning selling herbal supplements at sporting events.  Eventually the Enzyte product was created and the company went from 15 employees in 2001 to 1,500 employees and $250 milion USD in sales by 2004 when "Smilin Bob" appeared.

Thought this may seem like a modern "rags to riches" story, it really isn't because the huge run up in sales was, according to court documents, based almost entirely on two forms of fraud (see link to legal opinion above).

First of all, the entire concept of Enzyte was based on a "negative opt in" business model.  Ads in print and in other media promised a free sample of Enzyte.  What was not told to the customer was that opting in for the free sample caused you to receive monthly shipments of Enzyte and, most importantly, to have your credit card billed.

Basically the Warshacks spent a lot of time working out ways to avoid telling the customer that what they were really buying was the "opt in".  Over time a complaints rose to alarming levels but the Warshacks continued to work around requirements placed on them by their credit card providers to notify customers that they were opting in to a monthly billing program.

A number of internal emails discuss this issue and how to avoid telling the customers the truth.  For example, sales people had scripts that told customers ti was an opt in but only after a long winded discussion of the fact that the product was not a birth control product nor was it intended to fight disease (basically attempting to get the customer to "zone out" on the pitch by the time the opt in was discussed).

The second problem was that all of the supposed studies that gave Enzyte its 96% customer satisfaction rating were complete fabrications.

The results of all this were convictions of both Steve and Harriet Warshack.  According to the legal opinion "On August 27, 2008, the defendants were sentenced.  [Steve] Warshak received a sentence of 25 years of imprisonment.  He was also ordered to pay a fine of $93,000 and a special assessment of $9,300.  In addition, he was ordered to surrender $459,540,000 in proceeds-money-judgment forfeiture and $44,876,781.68 in money-laundering-judgment forfeiture.  Harriet was sentenced to 24 months of imprisonment, ordered to pay a special assessment of $800, and held jointly and severally liable for the forfeiture judgments."

The Warshacks appealed this conviction on several grounds.  One of them was that the government had seized approximately 27,000 personal emails of the Warshacks during their investigation which constituted a violation of the Fourth Amendment’s prohibition on unreasonable searches and seizure.  The government counter claimed that it relied "in good faith on the Stored Communications Act (“SCA”), 18 U.S.C. §§ 2701 et seq., a statute that allows the government to obtain certain electronic communications without procuring a warrant.  The government also argues that any hypothetical Fourth Amendment violation was harmless."

The three judge panel hearing the appeal found that using the SCA to obtain private emails from an ISP is a clear violation of the Fourth Amendment of the Constitution.  Key to this finding is that 1) the expectation of the Warshacks was that the email was private and 2) email is similar to telephonic and written communications and should be afforded no less protection than those under the Fourth Amendment (warrants are required for obtaining phone and written communications).

Basically the SCA allows the government to ask an ISP to preserve emails it may have in backup or other form.  In this case the appeal judges found that the government had used the SCA as a mechanism to monitor ongoing emails.  The SCA requires a court order for preservation but does not expect government officials to use it to monitor future emails as was done in this case.

The opinion finds that although private emails where captured by the government it was done in "good faith" under various clauses of the SCA and has no direct impact on the legitimate use at trial.

In this light they ruled that email is given the same Fourth Amendment protections as other forms of communications. 

No doubt more cases will be required to bring electronic communications fully into a constitutional framework.  Unfortunately, there well probably be many more "Smilin Bobs" to help that all along.

Tuesday, December 14, 2010

Sell a watch... Go to Jail...

There are many things in the world that we take for granted.

For example, ever buy a CD from someone?  Sell a CD or book or watch?  Check out a library book?  Give a book to a friend.

If so you had better be prepared to become a criminal.  That's right - these actions could now become crimes - at least if you don't pay a royalty to the original foreign artist or get that foreign artist or authors permission.

Until today in the United States there has always been the concept of the "first sale" doctrine under copyright law.  Since things like CD's and books are virtually always copyrighted this doctrine applies.

What it means is that if I, as a copyright holder, create an original work, say a book, and sell that book to you that you, as the purchaser, have the right to later sell my original work to someone else so long as no copies are made in the process.  Basically my rights as the copyright holder only extend to the first sale as far as an ownership interest in the work.  I am still the copyright holder in the sense that you or the person that purchases the book from you is not entitled to make copies of that work.

Under this doctrine the local library can purchase a best seller and legally lend it out to various people without violating the copyright of the book.

We take these rights for granted - but in fact the law surrounding them is not settled.

Yesterday the US Supreme court chose not to hear the following case:

Costco, a large west coast retailer, purchased and sold a number of Swiss Omega Seamaster watches.  Omega has a series of distributors in the US and Omega and requires these distributors to sell the watches for a certain minimum amount of money - in this case about $2,000 USD.  Costco did not purchase the watches it sold directly from Omega's US distributors but instead purchased them on the "gray market" in Europe.

The Costco purchases in Europe were perfectly legal but bypassed the US Omega sales channels.

Omega, on the other hand, knew that this sort of "gray market sale" often happens so it imprinted its copyrighted logo on the back of the Seamaster watches and obtained a US copyright their design.  When Costco sold the watches in its US stores Omega sued Costco for copyright infringement (reselling Omega's copyrighted design of the watch).

Costco claimed as its defense the "first sale" doctrine of Copyright law- effectively saying that once it purchased the watches it was entitled to resell them just as you or I might buy a book and later sell it on ebay.  The "first sale" doctrine in the US says that once you purchase a copywritten work you can freely resell it so long as you do not make copies of it.  Thus most copyright things we, as consumers buy, may be resold by us legally to others, e.g., a book or CD.

The Costco/Omega case was just recently decided by the Supreme court, er, well, rather, not decided.

The 9th District Court ruled that the "first sale" Copyright doctrine does not apply to things that are produced or manufactured outside the US.   So in this case Costco lost to Omega because the watches where manufactured by Omega outside the US.

Costco appealed the case to the US Supreme court.  Justice Kagan was unable to participate having involvement with the case as solicitor general in the Obama administration and recused herself from the case.  Her recusal left the court with a 4-4 decision between the remaining justices.

The 9th District Court decision therefore was upheld (the 4-4 decision being the same as if the US Supreme court never took the case to begin with) and Omega is the winner, at least for now. 

The decision is only effective in the 9th District Court without a Supreme court decision.  (Should another case like this arise the Supreme court may take it to remove ambiguity from the Copyright law and make a country-wide binding opinion.)

So where does this leave you and I?

Well, for one thing if you purchased a CD or book (or computer or car or iPad or anything else) made in a foreign country you may be in violation of copyright law if you sell it.  That's right, you could be sued by the manufacturer or forced to pay royalties.

(The "first sale" doctrine does not apply in, for example, Europe where an artist can be entitled to royalties from each successive sale of his or her work of art.)

Now there is a strong case for things to be decided both ways here.  For example, Costco was able to evade the legal copyright of Omega's watch design by purchasing them through other means and reselling the watches here in direct violation of that copyright.  Similarly, if a European artist is entitled to royalties in Europe no one thinks its legal to bring the work to the US and resell it here to evade paying those royalties.

On the other hand, its probably not practical for you or I to have to research who made the book or CD we are reselling in order to pay royalties.  Just imagine if this were the case - there would be paperwork to complete for any person-to-person sale.  Ebay would probably not be able to exist.  Libraries could not function.

The 9th District Court deemed the "first sale" doctrine to apply only to works "“lawfully made under this title” in Section 109(a) of the Copyright act - which means made in the US.  What about books printed in China but written in the US?  Many items are the products of US companies but manufactured outside the US. 

So what is the solution?

Sadly, I do not believe there is a good one and this ruling may stand.

The US has many copyright treaties with other nations (see this PDF) which is must uphold.  I would imagine that these treaties require that the US respect the copyright laws of, say, European artists, if Europe would be expected to uphold our copyright laws.

I suspect that those that can see a practical way to profit from this will.  For example, I don't see Toyota or Kia going after people who sell their cars - too much bad press.  But others may - say people or companies in Europe who own certain copyrights on painting and images.

Monday, December 13, 2010

Google Wants Your Health Records

I stumbled onto Google Health the other day.

This is kind of a troubling site in many ways.  The site allows me to manage my health information online by setting personal health goals, tracking my progress meeting those goals, sharing my information with doctors, and personalizing my health needs with apps and devices.

As I have written in the past I don't think Google is in this for purely philanthropic reasons even though that's what they imply on the FAQ page where they say "Google Health is available from Google at no charge."  They make it a point to focus on how they will not use your personal information without your consent and not display ads.

Now if you peruse the site you will find that Google does have third party "partners" associated with Google Health.  These appear to be companies like Shopko, Kmart, some Blue Cross insurance providers, Walgreens, various other pharmacy companies.  The FAQ page says that these companies have no financial affiliation with Google but "third party companies that are integrated with Google Health and provide customized services may charge you directly" if you choose to use them.

Now, if yo go to the Google blog here you will see a more interesting profile page.  There you will see a prototypical dashboard and, at the bottom, a list of medications and their interactions - presumably the site somehow knows about pharmacological interactions and alerts you to them.

Later in the blog you will see that device makers (for example, companies that make devices to collect your heart rate while you jog) have been offered an API so that you upload the results of your workout into Google Health.

So what is going on here?

If you look at the partners you will see a number of hospitals listed like the Cleveland Clinic.  Now its hard to imagine what sort of relationship a Google Health user might have with this hospital unless they lived in Cleveland where they could be a patient (see the detail page for Cleveland Clinic).   If you read the profile in detail, though, you start to see what the point of all this really might be.

Suppose, it says, you, a Cleveland Clinic patient are out of town and collapse.  If you've signed up for Google Health you would have been able to load your entire Cleveland Clinic medical history into your Google Health account.  Presumably, then, while they wheel you on the gurney into heart bypass surgery you will somehow manage to blurt out your Google Health login data to the nurse who will no doubt quickly log into your Google Health account, download your medical records onto her Blackberry, and bark out new orders to the attending physician.

Right.

Has anyone really thought about this?

If you have ever dealt with any kind of doctor you know that first and foremost they are not big on using medical data collected by other people besides themselves for big decisions.  My experience is that they always want to run their own tests to confirm what you tell them or what another doctor might have told you.

It seems rather fanciful portable medical records provided in this fashion would inspire much trust.

How long before someone loads up the fact that they are on a drug they would like to be on rather than actually are on in order to obtain a legitimate prescription?

How long before a doctor is fooled into making a decision based on this kind of data which turns out to be wrong because the data is wrong?

How long before lawyers get involved in this?

It seems to me that this is again really just a ploy to try and get you to provide your personal data to them so they can use it for their own gain.  Certainly there is no explicit model for Google to make money with this that's expressed on the site - but as I said earlier don't bet that this is being done out of the kindness of their heart.

Which brings me to an article published in the WSJ regarding Google and "playing favorites".  Read this article and you will see that the old Google buggaboo about favoring its partners and its self over others, including people who are working with Google for advertising.

So what will happen when you use Google Health?

How will you know that Google will direct you to what you should see rather than something it wants you to see?

Friday, December 10, 2010

How Much To Share...?

There's a post at Digital Nirvana about Facebook and its vast database.  The author, Nancy Scott, speculates that Facebook could monetize (sell) its vast collection of data.

I thought a little bit about this.

For the last thirty years or so corporations have spent a vast amount of IT resources (dollars, time, etc.) to develop giant databases of customers information.  Customer information includes a very broad spectrum of things, may of which depend on the company collecting the data.

For example, virtually every company I deal with (cable, phone, electric, and so on) all has my name and address.  Now, a few years ago there might have been slight differences between how my address would have been represented by each company.

The USPS, in implemented ZIP+4 and more consistent mailing discounts over the last 15 years or so have caused most vendors in the US to standardize their addresses in order to save on postage.  Virtually all big companies now mail to ZIP+4 addresses. 

A second wave of this has been happening with electronic bill paying.  Companies like American Express can be paid directly by your bank though on-line bill paying which does not involved anything but an electronic transaction (no physical mailing) which eliminates the cost of postage, billing, etc.

So your "address", if you will, has gone from a simple mailing address to a standardized mailing address to, in the case of electronic bill paying, basically a set of account and bank routing numbers.  These days your bank probably contracts this type of e-payment to a vendor so they are not really even directly involved.

Associated with you, at each company, is more than likely a giant collection of "transactions" that represent what it is that you and the company do.  At the cable company there is probably a vast collection of past bill and payments, for example.  Depending on the industry there may also be exact scans or images of bills and payments, i.e, in banking or finance.

This data is usually hierarchical in the sense that under "you" there may be a "billing" section with "bills" and "payments", there may be a "transactions" section, say showing which movies you rented, for example, and details about this, and so on.

The data about you is more than likely also linked to a vast array of corporate systems that track information about you that you are not allowed to see:  For example, a "service" database that tracks what happens on the corporate end when you make a service call: required parts the company used to fix the problem, travel, hours, time, and so forth.

Now what's interesting about Nancy's post is that it brings to my mind how different Facebook is from these other kinds of databases. 

Facebook uses a different database model than you might find in a corporate database.  Corporate databases typically use some kind of relational or hierarchical database that depends on transactions to store data.  A transaction is a kind of "unit of update" that makes sure that everything in the database that must be changed to reflect new information actually gets changed.

So, for example, imaging that there is a database at the cable company that has your mailing address in one part and a list of cable boxes in your house in another.  Further let's suppose that these two pieces of information are tied together in some way, for example, you might have two houses and some cable equipment in each.

So let's suppose you move from one house to another.  The cable company needs to make sure that both your address and the list of equipment at the house your are currently at "moves" to the new location.  If the database is divided up into two parts, say address and equipment at an address, both parts have to be updated.

You certainly don't want your address to change but your equipment not to change because that might cause a problem when services is required.

To do this in a modern database a "transaction" is required.  The transaction makes sure that either A) both your address and the equipment at that address is updated or B) neither is updated.  That way things never go "out of sync".  Now in the general case things are more complicated than this but this gives you some idea.

On the Facebook side things are somewhat different.  First of all Facebook requirements are somewhat different.  From this we know that in one year Facebook added 200 million new users (there are only about 64 million cable customers all told in the US).  Every week Facebook users upload 2 billion pieces of new content each week.

Facebook does do billing or touch your money - if you post a message to someone or upload a picture and it gets lost due to some IT problem mostly no one really cares - you might get a message that there was a problem and you might have to do it again.

This means that Facebook operates in a non-critical mode, i.e., unlink a bank or corporate company, there is no real consequence to losing a bit of data.  This means that the data in Facebook is not "reliable" in the same way as it is in a bank.

So while Facebook knows a lot about you it does not necessarily who you really are.

Today most corporations require you to provide some sort of ID telling them you're you: a social security number, lease, etc.  There might be hundreds of Tom Smiths and they don't want the wrong one to get a bill for something that they didn't do.

Facebook doesn't really care.  There can be a lot of people or businesses with the same name - no one really cares - either it lets you have the name or not.  Facebook also doesn't require you to be who you really are - you can create fictional IDs and so forth.

So how could these two world be shared?

It would be very complex.  First of all for anyone to use Facebook data they would have to figure out who is actually who relative to their corporate data, i.e., John Smith at 1234 Main Street, Anytown USA and some John Smith on Facebook.  There are lots of John Smith's on Facebook - which seems to organize them by location.

Facebook knows who you are by login info and perhaps by IP or MAC address - the same way Google and others that are "on line" know about you.  This works because neither is charging you money.  The cable company cannot work this way because someone will become angry if they are charged for what someone else has done.

Facebook allows you to advertise by "location, age and interestes."  Not by who you really are.

Instead I think that Facebook, like Google, will simply sell demographics - information about classes of people and what they do.

I don't see businesses using specific Facebook data for anything.

But then again who knows...

Thursday, December 9, 2010

Google: Trespassing For Your Own Good

People like ubiquitous things.  Like the phone company and the power company.  People don't mind monopolies, like the phone and power company, as long as they bring them the service and convenience they expect.

I suppose this is why people like Google.  Its ubiquitous and brings them service and convenience - or so they think...

Take, for example, Google Streetview.  This is a service that allows you to see on your browser what you might see from the window of your car if you were driving on a particular street.  Of course, its free to use.  Christine and Aron Boring, of Franklin Park, PA, recently found out just how much privacy they could expect from Google.

In 2008 the Google Streetview van drove approximately 1,000 feet up the Boring's private road clearly marked as "No Trespassing".  The couple sued Google in Federal Court.  The US Magistrate Judge Amy Hay initially dismissed the lawsuit claiming that the couple did not take reasonable steps to remove the pictures of their house from Google's service and that they were not harmed by the trespassing.  (The Boring's sought $25,000.00 US in punitive damages according to one account.)

The 3rd US Circuit Court of Appeals reinstated the trespassing portion of the case, finding that Google's behavior was not outrageous enough to warrant the punitive damages and requiring the parties to reach a settlement - which they did.  Google paid the Boring's $1 USD and both sides paid their own legal fees.

What's troubling here is that for some reason Google is allowed this behavior.  Recently a blue Jeep pulled up into my driveway.  I went out to see why it was there and the driver informed me he was evaluating my property for the purposes of tax assessment.  I asked him to leave at which point he stated that he would "return to the road".  Instead he remained where he was for several minutes until I went out again to ask him to leave (where I live tax assessment personnel and vehicles do not have the right to be on your property and must leave if you tell them too).

When my property is reassessed I plan to fight it based on this type of Google defense (also here): they have no right to be on my property without my permission - why should they be able to violate my property for their gain?

There has been an on-going issue with Google and page ranking, privacy, streetview collecting email and wifi information, and advertising.  Wikipedia has a large section related to Google and the problems it raises here.

So why to we accept this sort of behavior?

Because, I think, we tend to have a certain amount of "trust" in what seems like a nice, friendly "big brother".  For example, the old Bell phone system monopolized phone service for 70 or so years: there was no choice, no options other than what they gave you, you paid the rate they set.  Fortunately for us, I think, eventually technology overtook the Bell System and other forms of phone service began to proliferate.

In the days of the Bell System people could rely on phone service - even, for example, if you lost power (the Bell System had its own battery power for phone separate from that provided by power companies).  The government also required the Bell System to offer service consistently across all customers because it was a monopoly.

Today's phone environment is far, far different than it was in 1984 when the Bell monopoly was broken up: cell phones, VOIP, Skype, and a variety of other services are vastly different and, in many ways superior, to the old "phone system".

Your power company also operates as a monopoly - again one blessed by the state.   You have no choice about who runs electrical service to you house.  If you use that service you must pay what the monopoly says you must pay.

Google is an arrogant monopoly because that's what we make them into.

They are not like the power or phone company because we have a choice as to whether to use them.  Does anyone now remember Lycos or Alta Vista?  These were two prominent search engines that were the "Google" of their respective days.  Unfortunately they are now long forgotten.

Google knows that their reign as the best monopoly for search will last only as long as we let it.

That's why they are so busy trying to make a new business model (gmail, Chrome, and so forth) for themselves outside of search as I wrote about in the last post. 

They know their reign is limited by the whim of the people using their service.

Wednesday, December 8, 2010

Google Chrome: Integrated Spy Platform?

Google has unveiled its latest technological wonder: A Chrome OS laptop.

Chrome is a Google product designed to make web-based computing a rich and wonderful experience.  Since Google as a company is primarily concerned with delivering products via browsers they have taken it upon themselves to turn the browser into a computer operating system much like Microsoft Windows.

Android, their phone OS, also falls into this category, I think, but for reasons I will get to shortly.

With Chrome Google wants to integrate your gmail, blogger, Google docs, and all your other Google products into a single, integrated user experience - meaning that your mail, your book marks, everything you have in your "web experience" will be integrated by Google into your Chrome laptop.

The point of Chrome is that its all browser, all the time.  Just like with gmail and the rest you must be connected to the internet to make any real use them.  The Chrome OS laptop is, on its own without an internet connection, fairly dumb.  It won't be like Windows or Mac OS where you can do whatever you like when sitting in the woods far from network and cell connectivity.

This idea is not new.  In the past companies have created thin PC's (or thin clients) - the idea being that most of the real work would be done on a server somewhere else and you're PC (now seeming to be a quaint idea in and of itself) would really be just a "display, dumb PC, and network wire".  Geeky types will remember the venerable X Windows system available for Unix in the 1990's - basically the same idea in many ways.

Part of this is also the current "Cloud Computing" crazy pitting Google against Microsoft for the hearts and minds of users - but this is just buzz and noise.

Apparently there will be a Chrome App Store for apps though it will not be compatible with Android.  Now this last point is rather odd.  Why invent Android and Chrome and make them different?  Certainly Apple has gotten this right - one kind of App Store - one kind of app (yes, there are some differences but the hardware and application of iPad and iPhone is somewhat different; but the developer perceives the devices as mostly the same at many levels).  This makes the Apple app purchasing model consistent across all platforms.

Eric Schmidt says that now there will be "a viable third choice for an operating system on the desktop".

But why?

Why is a "third choice" really necessary.  I am sure that Google does not run Microsoft software in their giant server farms - no, then run Linux there because its free.  So the third choice they are already using is apparently not good enough for the rest of us....

Well here is my list of reasons why Google is doing Chrome:

1) Google as it currently stands today is a captive company.  Its primary product being only a sub function (search, mail) of one program (a browser) under any given operating system.  They are basically at the back end of the bus.  You can't lead the troops when your stuffed in the bottom of some grunts backpack.

They have to break out in some meaningful way so that what they do leads: hence Android, Google TV, Google Books, Chrome.

2) To lead you have to distinguish yourself from the other choices, i.e., Microsoft and Apple.  Lord knows there are enough browsers to choose from today and having one more is really, as far as I can see, a complete waste of time.

The Chrome browser is a big yawn as far as I can see - 10% of the market or so.  Firefox is around 20% and IE is around 60%.


To lead Google has to make the browser into something new and wonderful.  They don't control or own Linux so using that would be basically useless from a leadership perspective.

3) Google really wants an integrated platform - not of the usual kind linking documents, browser functions, mail and so on to make your work easier.  Not at all.  What they want is an integrated marketing and tracking platform - on that can track and monitor every keystroke, every browser mouse hover, every ad clicked, every app bought, and so on so they can sell it.

Microsoft and Apple do not have this.  I doubt Apple is really interested in this but I think that Microsoft is.

The future of computing, browsing, etc. in the workplace is going to be about collecting information about what you do so it can be sold to others.

Its the only paradigm that makes sense when looking at Google's entire line of products: Android + apps, Chrome, Google TV, Google Books, and so on.  Though each seams like mighty Google is fighting for your right to privacy, to use free and open software, and the like it really makes no sense that they would do this as a corporation.

No, I think its much more insidious than that.

They stand to gain what financially from Chrome?  Its free after all.  Sure they'll collect some app revenue - but Google's not going to be paying any significant bills with that revenue.

You have to follow the money: Searching, like Chrome, is also free. 

Google only makes money from ads.  They need to expand the ad platform.  To me that's what Chrome is - an integrated spying platform.  Its the only efficient way to collect knowledge about you with your permission.  Google wants to sell that knowledge, processes that knowledge, and track that knowledge. 

The more you give them the less true freedom you will have.

Tuesday, December 7, 2010

Your Personal Data: Available for a Price

In the olden days, maybe 35 years ago, you could screw up and, if need be, head over to a new town and start over.  No one cared too much about your past, your financial status, that sort of thing.  If you showed up for work, did your job, you were usually good to go.

Today there are dozens or perhaps hundreds of companies whose job is to collect every scrap of information about you both public and private.  So you can kiss "starting over" good bye.  So in addition to any internet activity you might engage in there's a good chance your ALL of public and private information is also available online.

Many years ago I owned a company that did work related to the "public information collecting" business.  We didn't actually collect the information but we built software, systems, and procedures to automate the legal newspapers.

Prior to the explosion of the internet legal newspapers were about the only equivalent system for tracking down public information.  In the county where I lived at the time we did this information about mortgages, deeds, court cases, hearings, and so forth were still written into large ledgers by hand (this was around 1992 or so).

We created a system where "the little old ladies" took laptops to the basements of various city and county office buildings.  The laptops had special data entry forms for each of the various books.  When they brought the laptops back to the main office of the legal newspaper they dumped the data into a formatting system that generated galleys for the legal newspaper.

In addition we kept the data in a database that users could search interactively.

Today I am certain that much of the data the companies below sell is collected electronically.  I imagine that there are still some cities and towns where things are done the old way, or at least on paper, still.  So the days of "the little old ladies" collecting data are not entirely lost.  This new data, though, at least from my simple experiments, its seems to be mostly of questionable value.

Some of the companies I did a bit of research on:

Intelius: This company offers an array of background checks, social network checks, reverse phone lookup, tenant and employee screening, and, from their web site "online access to public records such as real estate deeds, lawsuit filings, liens, professional licensing records, and other information filed by individuals and businesses with local, state and federal agencies. ".  They collect public information and though you can request to have your information deleted they will simply replace it with similar public information.

This company owns a ZabaSearch which is a free personal search.

I decided to check out ZabaSearch as its "free". 

I put my name into it.  It coughed up about 110 "free" hits - about 90% were either entirely wrong, partially wrong (wrong address, wrong phone number), or useless links to other people with some of the same initials.  Since I am only one of the people found it would probably be very hard to "correct" this information.

Next I tried my cell phone number.  It correctly found the general area in which I live but that's about it.

Next I tried www.ussearch.com to see what it would do - it was also "free".

This site seemed to do a much better job.  It found the town I live in, it found some relatives, and some other incorrect information about where I did not live and some aliases which I never used.  There was far less "noise" than Intelius.

LexisNexis offers a service called www.knowx.com.  I tried this as well but its a pay sight and does not display anything useful unless I pay real money.

If I was willing to pay for these services I might have gotten more or better information.

Lastly there is the venerable Google search for me.  This turns up a lot - but mostly related to businesses, trade shows, and things like that.  On the image side it mostly turns up wrong data - again you can see that Google's idea of what data is is at best "quaint".  (For example, I did a parody article on my personal blog using pictures of other people when I wrote about marrying Sarah Palin and now Google thinks they are pictures of me...)  Its unlikely that any self respecting county would put its data on line for people to search for free if there was someone out there willing to pay.

Monday, December 6, 2010

Sniffing Out Your Browser History...

Your browser leaves more than a trail of cookies as you blissfully surf the internet.  Inside each browser is a complete set of structures that are used to affect what you see on the screen based on where you've been.

Everyone should be familiar with the "back button" which takes you from the page you are on to the page you were on before.  However, there are a lot more complex things stored in your browser than just the last page you were on.  For example, if you click on any of the links in my blogs your Firefox browser will show that link in purple from that point on - prior to that will display as blue (unless you've bothered to change how Firefox handles this).

While you might think that this colorful past-link information displayed on screen from your browser history is safe from prying eyes you would, unfortunately, be wrong.  Deep inside the JavaScript in your browser is a data structure that holds the past links you've visited.   Normally this information cannot be extracted by a web site directly - your browser history is private and hidden from direct access by web pages.  But by inserting invisible links into a web page and having JavaScript verify their color one can determine if the browser has previously those links.

This mechanism for probing into your private peccadillo's came to light in this recent lawsuit.  David Pitner and Jared Reagan have filed a class action lawsuit against YouPorn and Midstream Media International, NV, a Netherlands corporation for using exactly this scheme to pry into their browser history.

This story and others like have lead a variety of people and companies to create do-not-track-type features for browsers. But this really doesn't go far enough for some people.

Another interesting aspect of this is that browser companies, including Mozilla and Microsoft, are being pressured by the ad industry to not provide "do-not-track" functions.  That's right, even mighty Microsoft has bowed to the pressure of advertisers as noted in the WSJ.  Mozilla also killed a "do not track" facility for Firefox at the behest of the ad industry.

Why is this so?  Why are people so willing to have their every move tracked down to the number of seconds they spend view a given ad or web page.  And, most importantly, what are we getting in exchange for this?

Part of why this goes on would be that most people have no idea that this is going on in the first place.  Most computer uses have no clue what JavaScript is, what cookies are, or anything else technical about their computers.  The internet tracking and ad has been steadily growing for the last twenty years - quietly minding your business - without attracting much notice until fairly recently.

Another part of this is that we are constantly told that without advertising our lives would be crap.  Crap in the sense that no web company would be able to run its business or make money without the annoying targeted ads that appear everywhere.  Personally I don't buy this argument.  You, like me, probably pay for your ISP - whether its Comcast, Versizon, or anyone else.  I also pay for cellphone service.  But that doesn't mean I should see an ad on my cellphone every time I open it up.

The operational assumption is that companies like, for example weather.com or amazon.com, could not operate without these highly targeted ads being constantly displayed or without this data to target their offerings to you.  Again, I don't buy this.  I am certainly willing to pay for things I want and I would imagine other people would feel this way as well.  My life is crap with the stupid dancing mortgage lady on weather.com - crap to the point of me switching to another site just to avoid it.

Another aspect of this which I find especially annoying is that on most pages the ads load first.  So the content I am browsing to see loads last.  This means that before, for example, my weather map loads, I see the dancing mortgage queen.

Part of this is people what to be "in" and "cool" and whatever else they call it these days.  So if I'm twelve years old I can click on ads for the latest clothes or makeup or hair styles.  This is old news to advertisers, but collecting data in effectively real-time is not.  Previously style changed relatively slowly - magazine and TV ads took time to enter the collective mainstream consciousness.  Not so today.

The on-line ad business is a rapidly growing $25 billion dollar business - which is why I think people are afraid to push back.

Tracking you is also legal and will remain so unless enough people complain.

Because of this case and many more just like it, the FTC has become interested on on-line privacy.  This has caused the industry to scurry around and create a facade that they themselves are addressing the problem.  Visiting this  www.aboutads.info site tells you how the triangle-i logo (top of this article) will give you choice in this matter.  There's even a link to a beta "opt out" page.

Now how stupid do they really think we are?

Do you really believe that that foreign companies like YouPorn are simply going to follow along with your choice on the "opt out" page?  Its clear that advertising companies already go to great lengths to track you - including developing nefarious software for exactly that purpose.  No, I think this will merely be a facade for fools to click on to create the illusion of opt out, similar to the national telemarketing "do not call" database.

Friday, December 3, 2010

Leaving Digital Fingerprints...

If its not bad enough that Google is busy making sure it knows who you are and what you think about there's always BlueCava.

BlueCava want's to fingerprint your devices.  Each and every cell phone, computers, TV DVR, Tivo, PDA, iPad, tablet, iPod, and on and on.  This means it will know exactly which device you are using and for what.

But before we get into what BlueCava is up to let's talk about your devices and you and why its so easy to do this.

First off, virtually all devices today use some form of TCP/IP communications protocol to access data over the internet.  TCP/IP is a protocol for devices to communicate.  The devices can be of almost any type so long as they use ethernet.  You'll recall in a recent post ("Are We There Yet") I discussed Xerox PARC, Bob Metcalfe, and ethernet.

Today's internet is really just an extension of this concept invented at Xerox PARC.  Ethernet is a physical communication and connection model for sending data over a wire.  TCP/IP was invented many years ago under DARPA. - Defense/Advanced Research Project Agency.

Long before the internet of today existed many research centers around the country were connected by ARPANET.  This was the first packet-switched network.  It allowed a number of remote research computers to communicate via dedicated communication lines.  It connected ancient computers like PDP-10's and Xerox Sigma systems together with IMP-16 communications processors.

As time when by TCP/IP was developed and tested in the same kind of environment.  This was around 1975.

However, the internet as we know it was not born until the late 1980's when TCP/IP and the physical ethernet invented by Xerox came together in technology used to connect remote as well as office computers.  Prior to this time office networking was done with other technologies like IBM Token Ring or Novell.  The TCP/IP world of communications existed in research facilities around the world but was not common for office or home use.  With the invention of the internet TCP/IP became mainstream.

All TCP/IP communications via ethernet use hardware with a unique address.  TCP/IP is itself somewhat like a party line in that all the devices talk on the same "line".  Each device is kept separate from the others by a unique address call the devices MAC address.  All the ethernet devices in the world, no matter whether they are in a phone, computer, iPad, etc. all have a UNIQUE MAC address.  In addition to a MAC address when you computer connects to the internet it may also have an IP address - which is a unique address assigned by whatever service you use to connect to the internet.  But this address can change from connection to connection so its not guaranteed to uniquely identify your device.

The bottom line is that BlueCava is busy identifying your MAC address (at least this is what I believe).  They call this the "unique DNA" of your computer.  Using this "DNA" its always exactly sure which device is talking to which other device.  That way the MAC address is just like your finger print - only better - because MAC address, unlike finger prints, are guaranteed to be unique (all manufactured network devices are assigned unique blocks of MAC addresses).

There are billions of MAC address and so far BlueCava has identified a few hundred million.

Doing this is trivial because each TCP/IP bit of data that goes around the internet contains your MAC address - practically screaming your name as it bounces around the world.

Why is BlueCava doing this?

This brings us to US Patent 5,490,216.  BlueCava's parent company owns this patent.  (You can see it here at Google/patents by searching for "US Patent 5,490,216")  Basically this is a a patent on licensing software.  The idea is that if you can uniquely identify someone's computer you can easily decide if that person should be allowed to run some specific piece of software. 

This patent has had a life of its own including a $388 million USD verdict for infringement by Microsoft (the case is still pending on appeal).

The bottom line is that this patent is what software licensing is all about.  Uniquely identifying your device and controlling the process that determines if your device can run some specific software.

I wouldn't be surprised if all of this patented technology was used by others, like Google, for the same reasons.  Once this case is decided for the '216 patent others will probably follow.

(Oh, don't worry, ha ha, if you want to "opt out" of all of this.  Supposedly there will be a way.  I'm sure it will work as well as the national "do not call" database.)

So BlueCava will know what devices you have and, no doubt, what you do with them: what sites you visit, when you visit them, what you do there.  This will be not just be limited to BlueCava - they will license technology and systems and data to anyone who wants to buy it: Google, Microsoft, anyone really.

As we discussed with the last post on Google this is all very valuable stuff as far as advertisers are concerned. 

So you've been fingerprinted.  If you're on this blog - we know who you are.  Soon we will know what you do - what your proclivities are, what time of day you read the news, if you sneak a peak at that naughty site your mother told you to never visit, who you call, when you call, how long you talk, what you buy, how you pay for it, how its shipped, what you buy, what your credit score is, and on and on and on.

If you have a cellphone with internet services they can couple your GPS location with this data as well.  Stop off at that "after hours club" last night?  Take a detour via a friends house your spouse doesn't know about?  Don't worry - all this will be available to anyone (like your ex's lawyer) willing to pay the price. 

(Thankfully every cellphone must have GPS these days - so we can all be safer - er, safer from what, exactly?)

Next will come associative software - we know you, now let's find everything linked to you - a picture, a post on Facebook, email, comments on blogs, and on and on and on.

In terms of privacy invasion the KGB and Nazi's certainly have nothing on this wonderful modern technology.

The only difference is this time we are marching willfully toward the slaughter...

Thursday, December 2, 2010

Google: The New Big Brother

I am continually amazed how people seem to love and trust Google for all of the email and document needs.  Gmail has been around for quite a while; Google docs for about four years or so.  There are lots of sites and other places to go for information on Google docs so I am not going to cover that here.  Nor am I going to address whether these programs are really any good or not.

The real question for me has always been why use a giant corporations "free" software?  Hopefully everyone would be smart enough to know by now that "free" really isn't free.  Yet people continually pile into these services as if Google is the best thing since sliced bread.

Not surprising for me I came across this article in the WSJ yesterday: "Google Plots Move from Search to Sales".  In the article its revealed that Google is considering a purchase of a company called "Groupon" to "put Google in the position of selling directly to Internet users".

For those that don't know Groupon is system for matching offers to buyers.  The offers are basically coupons for discounts on a wide variety of things to a group.  From groupon's site: "Groupon features a daily deal on the best stuff to do, see, eat, and buy in more than 300 markets and 35 countries, and soon beyond (read: Space)."  The web site allows business to offer a group of customers via the web a specific deal.  Typically the more in the "group" the better the deal so you are encouraged to "share" the deal with others.

The WSJ article claims that Google is considering offering $5.3 billion USD for Groupon.  Compare this to the entire 2005 transactional print market of $120 billion USD and the 2005 retail direct mail market of $61.1 billion USD and you'll see why this technology matters to Google.

So this brings me back to "free" business offerings like Google docs and gmail.

I wonder what Google will do with the Groupon information if it actually makes the acquisition.  Google, according to the article "would also pick up contact information for about 12 million consumers. Groupon collects credit card information from users, as well as data it uses to personalize its offers, such as their neighborhoods and the kinds of businesses they have bought web coupons from in the past."

So Google will not only have my documents, my spreadsheets, my business information, all my email, all my blogs and all the rest I put into its free services but now it will also have all sorts of information about every business around me and what that business wants me to buy.  As I wrote yesterday this will probably include all the drugs I take via prescription and a huge amount of inferred data about my corresponding health.

First off, what's wrong with everybody?  
Google has been working diligently to create the Utopian Google Universe in which everyone is supposed to live a free and fulfilling digital life.  This is a very Orwellian concept and I am very surprised that people go along with it all, much less willingly.

Clearly if you look at Googles acquisition history its clear they want to snoop into every bit of all aspects of your life and your business.  Users dumping information into this system, like me, should know better.  Google will happily cooperate with anyone with a court order that wants your information - whether you like it or not.

(As I have said before I don't put anything into blogspot other than what you read so I don' care - Google would index it where ever it might be, e.g., Wordpress.)

Secondly, their ad technology is actually pretty dumb.  
I write a lot in these blogs and I also have their "adsense" system on which creates the various ads you see on the upper left of each blog.  I write about a lot of peculiar things and, in doing so, use unusual words.  Of course, adsense, which scans the blogs, generates "related ads" to display.

This is a dumb model because adsense is dumb.  It looks, apparently, only for key words and not for context (this is not surprising to me but that's another story).  So if I write a blog post about "Vitamin D" (as I have here) various vitamin ads appear.  However, if I write bad things about Vitamin D - the same ads appear.  If I think taking Vitamin D is a stupid idea why does adsense try to sell it to me.  Secondly, you will probably see Vitamin D ads appearing in the blog because I am writing about how adsense does such a bad job putting up ads.  

Third, you probably noticed that the text color changed from white to black during the course of this article.  I cannot figure out why and my guess is that it would be a long time before I could actually reach someone who could help me let alone fix it.  Sure I can switch the "HTML" mode but this blogger stuff is pretty flaky and it will likely mess up the rest of what I am trying write and format.

As should be clear from my article on HIPAA I would not be surprised if the Google privacy model allows Google to "profile" you based on what you do, i.e., not use your data directly but instead build a profile about you based on it which they can sell and use however they like.

No, I fear and loathe Google.

No doubt there is a digital Doppelganger of me somewhere in their vast network that is used to simulate what I might purchase.   Based on what I have seen I am quite certain its completely wrong because their stupid algorithms cannot really tell what I am writing about.  

That means that what they are selling to their affiliates about me is also wrong, caveat emptor.

So its a good thing I don't care.

(Check out their privacy center here if you care.)