dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
6799

QuantumPimp
join:2012-02-19

1 edit

QuantumPimp to InvalidError

Member

to InvalidError

Re: CIPPIC has been granted Intervenor Status

said by InvalidError:

So, IPs being "private" sounds like a false sense of security as far as I am concerned... particularly when people are simultaneously logged into FB, GMail, Twitter, DSLR, etc. Every advertiser and middlemen knows your IP and which account it belongs to. They just do not have direct access to the personal info behind that account ID... but much like ISPs, that ID is only one court order/warrant away.

What you say rings true. It is useful to make a distinction between information being private and activities being anonymous. As you suggest protecting anonymity can't be the responsibility of the ISP and may be nigh impossible. There should be no expectation for an ISP to keep activities anonymous. That is a very different topic.

For this particular stream of consciousness I've kept my focus on the ISP. There is an especially high level of trust between the ISP and the customer. There is a correspondingly high expectation to keep proprietary information private (which includes more than just IP to account holder data).

What standards are to be applied by the ISP to prevent third party access to information proprietary to the ISP? An unopposed court order, for example, is a pretty low standard (which for the record TekSavvy has not done but other ISPs apparently have).
JonyBelGeul
Premium Member
join:2008-07-31

JonyBelGeul to sbrook

Premium Member

to sbrook
said by sbrook:

Your name is everywhere. The association between your name and your IP address is not neccessarily private information. For many, the IP is nothing more than like a phone number ... quite public. After all there's no guarantee that the person using your phone is actually you. What this is really about is protecting the innocent from malicious lawsuits. That's not the same as privacy and that is between you and the court. Not the phonebook printer.

No, but yes, but no, however, but no. No, the information requested by Voltage is not public, otherwise they would not request it through the court. But yes, there's no guarantee that the person using your phone is actually you. But no, what this is really about is not protecting the innocents, but protecting one's privacy, governed by laws, which are opposite copyright laws. However, protecting the innocents from false suits is indeed built into privacy laws, which is why we have them to begin with, by virtue of our fundamental innocent-until-proven-guilty legal system. But no, that's not between me and the court, it's between whomever holds my personal information who is then requested to release it, the whole thing governed again by privacy laws.

There is no such thing as an IP-name directory - an IPbook as it were. If you are aware of such, please share with us. It would help set the facts straight.
Expand your moderator at work
JonyBelGeul

JonyBelGeul to QuantumPimp

Premium Member

to QuantumPimp

Re: CIPPIC has been granted Intervenor Status

said by QuantumPimp:

said by sbrook:

Your name is everywhere. The association between your name and your IP address is not neccessarily private information. For many, the IP is nothing more than like a phone number ... quite public. After all there's no guarantee that the person using your phone is actually you. What this is really about is protecting the innocent from malicious lawsuits. That's not the same as privacy and that is between you and the court. Not the phonebook printer.

My understanding is this information is not public otherwise there would be no problem having it published (and without involvement of the courts). It is also why the ISP is involved in this situation as the information is proprietary to them.

The question is to what standard should they be held when releasing proprietary data to a third party? There are legal standards and customer expectations of privacy. My understanding is that legal standards are weak and have minor penalties. As far as I know customer expectations range all over the map. If this becomes an issue then the market will shake out the winning formulae.

Proprietary to them? I disagree. TSI is the legal guardian of our personal information, governed by privacy laws, and by the privacy agreement. TSI is not the legal _owner_ of this information, nor is this information intellectual property. However, were the privacy agreement written differently - for example giving TSI full rights as to its dissemination and monetizing - then it would become intellectual property. But in becoming so, it would put TSI in a hard spot, whereby they could be deemed to facilitate - and even profit from - extortion, through the sale of this information.

As for customer expectations, they are plainly written at length in the privacy agreement.
JonyBelGeul

JonyBelGeul to Perma

Premium Member

to Perma
Forgot to say.

Yay for us, the little people! Thank the judge, and the CIPPIC.
dad_of_3
join:2004-05-31
Ingleside, ON

dad_of_3 to Perma

Member

to Perma
For those that still think TSI should be the ones opposing. Ask any of the 1100 +/- targeted individuals, who they would prefer to have stand up in court for them. I would say the majority would go with the CIPPIC. The question really isn't who should take the opposing position against Voltage, but who is best suited to do so. I would bet dollars to donuts that if the CIPPIC could not or would not be in a position to intervene, TSI would have opposed. It's all just conjecture at this point, so. My theory would of course indicate a well thought out plan, the details of which no one will ever probably know......meh, who cares, as long as the best people for the job, are on the job...
InvalidError
join:2008-02-03

InvalidError to JonyBelGeul

Member

to JonyBelGeul
said by JonyBelGeul:

TSI is the legal guardian of our personal information, governed by privacy laws, and by the privacy agreement.

Except TSI is far from being the only entity that has your information. If you bought downloadable games from Steam, Blizzard, etc., they have your credit details on record along with the IP you logged in from. If you registered for Google Wallet for your Android device, Google has credit card details for that too along with your IP every time you sign in, same goes for every other place you have an account with contact information and links to other accounts.

ISPs may be the simplest and most reliable way to associate an IP with someone but not the only one by a long shot. Each site you register with and sign into is a potential privacy leak.

El Quintron
Cancel Culture Ambassador
Premium Member
join:2008-04-28
Tronna

El Quintron

Premium Member

said by InvalidError:

ISPs may be the simplest and most reliable way to associate an IP with someone but not the only one by a long shot. Each site you register with and sign into is a potential privacy leak.

Agreed, except in context, all of the above have privacy policies that govern the use of your ip, email and PIDs *also* it would rather inefficient for a content holder to hit up something like Steam for my personal details, as Steam has even less reason to divulge this than an ISP would.

So although your claim is true on paper, it has little real world application.

TigerLord

join:2002-06-09
Canada

TigerLord to Perma

to Perma
said by Perma:

So more less, voltage attempted to extort money but most likely will end up paying money.

Music to my ears.

I saw this TED talk yesterday and it made me think of this case. Replace "patent troll" by "copyright troll" and you're pretty much on the mark.

»www.ted.com/talks/drew_c ··· oll.html
InvalidError
join:2008-02-03

InvalidError to El Quintron

Member

to El Quintron
said by El Quintron:

Agreed, except in context, all of the above have privacy policies that govern the use of your ip, email and PIDs

And most of the above also have countless agreements with 3rd-parties sharing various degrees of information, all of which susceptible of leaking information.

I never claimed it was practical but people who are genuinely concerned about their "IP privacy" still need to realize how hopelessly public their IP really is.

El Quintron
Cancel Culture Ambassador
Premium Member
join:2008-04-28
Tronna

El Quintron

Premium Member

said by InvalidError:

I never claimed it was practical but people who are genuinely concerned about their "IP privacy" still need to realize how hopelessly public their IP really is.

Fair enough, I agree that if you want to keep your IP address private you actually have make an effort and not expect service providers to do it for you.
JonyBelGeul
Premium Member
join:2008-07-31

JonyBelGeul to InvalidError

Premium Member

to InvalidError
said by InvalidError:

said by El Quintron:

Agreed, except in context, all of the above have privacy policies that govern the use of your ip, email and PIDs

And most of the above also have countless agreements with 3rd-parties sharing various degrees of information, all of which susceptible of leaking information.

I never claimed it was practical but people who are genuinely concerned about their "IP privacy" still need to realize how hopelessly public their IP really is.

I could go on about dynamic IP's. Suffice to say, dynamic IP's mean IP logs for any other entity except the ISP who assigns them is useless, thus is unlikely to be maintained except by the ISP, if at all.
InvalidError
join:2008-02-03

InvalidError

Member

said by JonyBelGeul:

I could go on about dynamic IP's. Suffice to say, dynamic IP's mean IP logs for any other entity except the ISP who assigns them is useless, thus is unlikely to be maintained except by the ISP, if at all.

Google, Netflix and most other online services maintain open connections with their apps and webpages for as long as you are logged in. Each and every one of those services will get your updated dynamic IP next time you sign in or next time the web page/app restarts its server connections such as DHTML feeds.

Dynamic IPs do not magically prevent this.
JonyBelGeul
Premium Member
join:2008-07-31

JonyBelGeul

Premium Member

said by InvalidError:

said by JonyBelGeul:

I could go on about dynamic IP's. Suffice to say, dynamic IP's mean IP logs for any other entity except the ISP who assigns them is useless, thus is unlikely to be maintained except by the ISP, if at all.

Google, Netflix and most other online services maintain open connections with their apps and webpages for as long as you are logged in. Each and every one of those services will get your updated dynamic IP next time you sign in or next time the web page/app restarts its server connections such as DHTML feeds.

Dynamic IPs do not magically prevent this.

Exactly. Whatever usefulness Google finds with IP's is limited to the current session, thus is unlikely to be logged for any longer than that. In other words, the ability to obtain the same information from another entity is diminished according to the value those other entities give to that same information, and this value is determined by the usefulness. Also, the accuracy of the same information when obtained from other entities is diminished as well, according to the ability of these other entities to maintain an active link with this IP. This ability is primarily determined by the user himself; logins, apps, updaters, open active web pages, etc. In other words, the same information from other entities is inherently inaccurate by virtue of relying on high-level protocols. Even from the ISP itself, the same information is also inherently inaccurate as it's been demonstrated already. If we start with baseline 50% accuracy for ISP source, it's doubtful that when the same information is obtained from another entity, it would be any better than that. More likely, it would be so inaccurate as to be a fluke if anybody is identified this way. Finally, as had been said many times before, confirming the association between an IP and a name does not confirm the identity of the person who did the deed.

You may still have a point that anybody can still be identified through other sources, but that point is significantly weakened now.
InvalidError
join:2008-02-03

InvalidError

Member

said by JonyBelGeul:

Also, the accuracy of the same information when obtained from other entities is diminished as well, according to the ability of these other entities to maintain an active link with this IP. This ability is primarily determined by the user himself; logins, apps, updaters, open active web pages, etc. In other words, the same information from other entities is inherently inaccurate by virtue of relying on high-level protocols.

If you log into a site that opens a DHTML connection at 10:30 and the last recorded activity on the DHTML TCP session occurs at 22:30, the site managing that DHTML feed is pretty much 100% certain the IP was related to your account during that time frame.

As far as logging goes, many services log IP sign-in/sign-off with timestamps for security reasons such as detecting attempts to use stale cookies to restore persistent sessions and managing multiple persistent sessions from multiple browsers/devices.
stevey_frac
join:2009-12-09
Cambridge, ON

stevey_frac to Perma

Member

to Perma
Awesome news!

QuantumPimp
join:2012-02-19

1 recommendation

QuantumPimp to Perma

Member

to Perma
FYI: »www.cira.ca/news/events- ··· 013-cif/

Before the latest drama I had never heard of CIPPIC. Maybe this event can shine the spotlight on similarly useful organizations. OpenMedia appears to be worth monitoring. Family members inclined to give me a gift card for special occasions I've asked to instead donate to CIPPIC. Not much but it's a start.

It is time once again for the Canadian Internet Forum (CIF) national event!

The CIF is Canada's leading event that brings together domestic and international Internet experts to discuss and debate the hot topics that help shape the Canadian Internet landscape.

Event: 2013 CIF National Event
Time and date: 8 a.m. to 5 p.m. (ET), February 28, 2013
Location: Ottawa Convention Centre, Canada Hall 3, 55 Colonel By Drive, Ottawa
Webcast: Register to participate by webcast

This event will also feature a keynote from Privacy Commissioner, Jennifer Stoddart about privacy on the Internet landscape in Canada as well as panel presentations and discussions about digital literacy and policy and governance featuring Steve Anderson from Openmedia.ca, Karen Mulberry from the Internet Society, Tim Denton from the CRTC, Matthew Johnson from MediaSmarts, and journalist Shane Schick.

sbrook
Mod
join:2001-12-14
Ottawa

sbrook

Mod

You'd heard of Michael Geist? You've heard of CIPPIC He founded it!

»en.wikipedia.org/wiki/Ca ··· t_Clinic
funny0
join:2010-12-22

funny0 to Perma

Member

to Perma
oh my what would americans do without all that copyright?
OH RIGHT KILL stuff uh huh uh huh......