That's not to minimize the shocking nature of these revelations -- the idea that spies around the world may be accessing within minutes any private information they want, is troubling -- merely to note that the picture we have of what is going on remains frustratingly vague. And that, of course, is an argument for more transparency from the authorities, both in the US and elsewhere, about what is really happening to our personal information when we go online, and who has access to it.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

You may have seen stories in the news about a top secret order Verizon allegedly received to produce certain calling information to the U.S. government.

We have no comment on the accuracy of The Guardian newspaper story or the documents reference, but a few items in these stores are important. The alleged court order that The Guardian published on its website contains language that:

• compels Verizon to respond;
• forbids Verizon from revealing the order's existence; and
• excludes from production the "content of any communication . . . or the name, address, or financial information of a subscriber or customer."

Verizon continually takes steps to safeguard its customers' privacy. Nevertheless, the law authorizes the federal courts to order a company to provide information in certain circumstances, and if Verizon were to receive such an order, we would be required to comply.

The technology companies, which participate knowingly in PRISM operations, include most of the dominant global players of Silicon Valley. They are listed on a roster that bears their logos in order of entry into the program: “Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.” PalTalk, although much smaller, has hosted significant traffic during the Arab Spring and in the ongoing Syrian civil war.

Dropbox , the cloud storage and synchronization service, is described as “coming soon.”

The PRISM program is not a dragnet, exactly. From inside a company’s data stream the NSA is capable of pulling out anything it likes, but under current rules the agency does not try to collect it all.

Analysts who use the system from a Web portal at Fort Meade key in “selectors,” or search terms, that are designed to produce at least 51 percent confidence in a target’s “foreignness.” That is not a very stringent test. Training materials obtained by the Post instruct new analysts to submit accidentally collected U.S. content for a quarterly report, “but it’s nothing to worry about.”

Even when the system works just as advertised, with no American singled out for targeting, the NSA routinely collects a great deal of American content.

"In America, there's a sense of fairness that's culturally true for all of us," Schmidt said. "The lack of a delete button on the Internet is a significant issue. There is a time when erasure is a right thing."

“This generation is going to give you massacres in the domestic environment and in the work environment,” he predicted, with unrestrained outrage, after ticking off a sobering list of mass murders -- particularly those that have occurred on school grounds and university campuses -- which have plagued American society in recent years.

“There is a generation of vicious, vicious killers out there,” he told his audience. “The video games are their trainers. They’ve been playing Grand Theft Auto every spare moment since they were six years old.”

His views were no more subtle when he turned his sights to the international scene. A dozen years after the 9/11 terrorist attacks, the energetic and charismatic speaker sees life-threatening threats emanating from Pakistan, Russia, North Korea and Iran. What will the next 9/11 look like, he wondered aloud, before answering his own rhetorical question: “We’re going to get nuked.”

1. 2012 - 3 incidents, 9 killed
2. 2002 - 14 incidents, 15 killed (note: the beltway sniper is counted as 11 separate incidents, which is stupid. This number should be 3 incidents total.)
3. 1992 - 2 incidents, 1 killed
4. 1982 - 6 incidents, 3 killed
5. 1972 - 7 incidents, 6 killed
6. 1962 - 1 incident, 44 killed
7. 1952 - 0 incidents, 0 killed

Now, my use of 2012 as a starting point certainly is convenient in leaving out 9/11, but it's useful to note that outliers don't dominate the statistics. I should also note that this list ignores Pearl Harbor as the site of a terrorist attack, which seems incorrect in a way. The idea isn't that we can't be concerned about terrorism of any kind, be it Islamic fundementalist or the home-grown Aryan Nation variety, but if you make it your business to go around scaring people like Grossman does, you shouldn't leave out the more comforting facts simply because it is inconvenient to your narrative.

The next generation is not one of killers, this generation is not having to deal with terrorism in a way never before required, but it may be true that the media is more like Grossman and less like myself in that they enjoy scaring you for profit. Beware the man or woman who makes simple proclamations, because they're usually forgetting to tell you something.

The Veronica Mars and Zach Braff projects have brought tens of thousands of new people to Kickstarter. 63% of those people had never backed a project before. Thousands of them have since gone on to back other projects, with more than $400,000 pledged to 2,200 projects so far. Nearly 40% of that has gone to other film projects.

We’ve seen this happen before. Last year we wrote a post called Blockbuster Effects that detailed the same phenomenon in the Games and Comics categories. Two big projects brought tons of new people to Kickstarter who went on to back more than 1,000 other projects in the following weeks, pledging more than $1 million. Projects bring new backers to other projects. That supports our mission too.

The feds need to publish chargemaster and Medicare pricing for the most frequent outpatient procedures and diagnostic tests at clinics—two huge profit venues in the medical world. But an even bigger step toward transparency would be collecting data that Medicare doesn’t have: exactly what insurance companies pay to the various hospitals, testing clinics and other providers for various treatments and services.

After all, as the hospitals themselves concede in downplaying their chargemasters, these insurance prices are the ones that affect most patients.

And that is one price list where there is close to zero transparency.

So even if insurance companies don't want to participate, Brill writes, states could crowdsource price information from patients:

...state pricing centers could gather the information from patients who volunteer, in exchange for a promise that their names won't be used, to submit their Explanations of Benefits. After all, a hospital or insurance company can't claim a patient can be prohibited from talking about or making public his or her own bill.

With respect to changing incentives for creators, distributors, and users, research could help determine

• how the expenses involved in creative expression and distribution differ across sectors and the role of copyright in generating revenues to offset those expenses;
• under what circumstances sources of monetary and/or non-monetary motivation outside of that provided by copyright are effective in motivating creative activity;
• the motivations of various types of users and potential users of creative works, including both infringers and lawful users; the effects of enhanced enforcement remedies on promoting creativity, technological innovation, and freedom of expression; and
• how the costs of distributing creative content are affected by social media and other new technologies.

With respect to the enablers of and impediments to voluntary licensing transactions in copyrighted works, research would help determine

• the significance of transaction costs as barriers to utilization of copyrighted works;
• the extent of problems involving orphan works (whose owners cannot be identified), user-generated content, and collaborative and iterative works;
• what are successful arrangements for managing transaction costs;
• the roles of public and private institutions in facilitating licensing;
• the relationship of transaction costs to legal rules such as compulsory licenses; and
• changes in transaction costs with new technological and business developments.

With respect to the enforcement challenges, research could help determine

• how much is spent by governments and private parties on copyright enforcement;
• against whom enforcement efforts are targeted and what remedies are sought and granted;
• the results of enforcement efforts in terms of compensation, prevention, education, and deterrence;
• how the effectiveness of enforcement efforts is changing with the expansion of digital networks;
• the costs and benefits of current enforcement methods vis-a-vis those associated with proposed new enforcement methods;
• the relative vulnerability of different business models to infringement; and
• the costs and benefits of fair use exceptions and the Digital Millennium Copyright Act (DMCA) safe harbors.

In assessing the balance between copyright protection and the statutory exceptions and limitations to copyright research could help determine

• the costs and benefits of copyright exceptions and limitations in terms of the economic outputs and welfare effects of those individuals, businesses, educational institutions, and other entities that rely on them;
• how copyright and the various categories of limits and exceptions interact with innovative and/or disruptive technologies and platforms; and
• what adverse effects, if any, exceptions and limitations have on copyright holders and their potential to generate economic outputs and welfare effects.

Eventually, research will help inform decisions about key aspects of copyright policy, including

• the appropriate scope of copyright protection;
• the optimal duration of the copyright term;
• the best arrangements for correcting market imperfections that inhibit voluntary licensing;
• appropriate safe harbors and fair use exceptions to copyright;
• effective enforcement remedies for infringing use and the best arrangements for correcting deficiencies in enforcement mechanisms;
• the advisability of reintroducing a formal registration requirement; and
• the advantages and disadvantages of reshaping the copyright regime with different rules for different media.

When it comes to statistical data regarding content piracy, the complexity of the data and its abundance is utterly mind boggling. The data channels are scattered across geographical borders and scientific dimensions. The nature of the matter effects the data gathering process, resulting in datasets with chaotic orders and unclean results sets.

It is of grave importance, regardless of the challenge, to understand the trends and fashions behind content piracy as a thriving organism . Furthermore, appreciation of statical [sic] data regarding content piracy can be advantageous from a business intelligence point of view.

This section is regularly and automatically kept up to date.

One question we sometimes get is: Under CISPA, which government agencies can receive this data? For example, could the FBI, NSA, or Immigration and Customs Enforcement receive data if CISPA were to pass?

The answer is yes. Any government agency could receive data from companies if this were to pass, meaning identifiable data could be flowing to the Bureau of Alcohol, Tobacco, Firearms and Explosives, the National Security Agency, or even the Food and Drug Administration.

Moreover, Apple's system will fail, just as all the other approaches to "protecting content" have failed. Anything involving copy protection is regarded as a challenge by certain people; it's not a question of "if" the particular scheme employed by Apple will be broken, but "when". And there's another, deeper reason why such attempts won't ever work. As Moglen explained to me all those years ago:

The switch that most threatens that pipe is the one at the end. If the switch closest to your eyeball and your eardrum is under your complete technical control, the whole rest of the aqueduct can be as leak-proof as they like, and it won't do them any good. And the switch is under your control, of course, if the software is free software.

While there's free software, the data pipe will always be leaky.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Rep. Gohmert: I was curious. Doesn't Google sell information acquired from emails to different vendors so that they can target certain individuals with their promotions?

Google lawyer whose name I didn't catch: Uh, no, we don't sell email content. We do have a system -- similar to the system we have for scanning for spam and malware -- that can identify what type of ads are most relevant to serve on email messages. It's an automated process. There's no human interaction. Certainly, the email is not sold to anybody or disclosed.

Gohmert: So how do these other vendors get our emails and think that we may be interested in the products they're selling.

Google lawyer: They don't actually get your email. What they're able to do is through our advertising business be able to identify keywords that they would like to trigger the display of one of their ads, but they don't get information about who the user is or any...

Gohmert: Well that brings me back. So they get information about keywords in our emails that they use to decide who to send promotions to, albeit automatically done. Correct?

Lawyer: The email context is used to identify what ads are most relevant to the user...

Gohmert: And do they pay for the right or the contractual ability to target those individuals who use those keywords?

Lawyer: I might phrase that slightly differently, but the gist is correct, that advertisers are able to bid for the placement of advertisements to users, where our system has detected might be interested in the advertisement.

Gohmert: Okay, so what would prevent the federal government from making a deal with Google, so they could also "Scroogle" people, and say "I want to know everyone who has ever used the term 'Benghazi'" or "I want everyone who's ever used... a certain term." Would you discriminate against the government, or would you allow the government to know about all emails that included those words?

Lawyer [confounded look] Uh... sir, I think those are apples and oranges. I think the disclosure of the identity...

Gohmert: I'm not asking for a fruit comparison. I'm just asking would you be willing to make that deal with the government? The same one you do with private advertisers, so that the government would know which emails are using which words.

Lawyer: Thank you, sir. I meant by that, that it isn't the same deal that's being suggested there.

Gohmert: But I'm asking specifically if the same type of deal could be made by the federal government? [some pointless rant about US government videos aired overseas that is completely irrelevant and which it wasn't worth transcribing] But if that same government will spend tens of thousands to do a commercial, they might, under some hare-brained idea like to do a deal to get all the email addresses that use certain words. Couldn't they make that same kind of deal that private advertisers do?

Lawyer: We would not honor a request from the government for such a...

Gohmert: So you would discriminate against the government if they tried to do what your private advertisers do?

Lawyer: I don't think that describes what private advertisers...

Gohmert: Okay, does anybody here have any -- obviously, you're doing a good job protecting your employer -- but does anybody have any proposed legislation that would assist us in what we're doing?

Gohmert: I would be very interested in any phrase, any clauses, any items that we might add to legislation, or take from existing legislation, to help us deal with this problem. Because I am very interested and very concerned about our privacy and our email.

Gohmert: And just so the simpletons that sometimes write for the Huffington Post understand, I don't want the government to have all that information.

Rep. Sensenbrenner: For the point of personal privilege, my son writes for the Huffington Post.

Gohmert: Well then maybe he's not one of the simpletons I was referring to.

Sensenbrenner: He does have a Phd.

Gohmert: Well, you can still be a PHUL.

An important category of open data that boosts transparency concerns basic drug safety information. Last month, Techdirt wrote about the AllTrials initiative that seeks to have key information about clinical trials placed in the public domain. As part of a wider move towards greater openness, the European Medicines Agency, the main body that licenses drugs in Europe, is starting to make available information that has hitherto been withheld.

Although doctors and patients are rejoicing at this greater transparency, not everyone is pleased by the move. AbbVie, the pharma company spun out of the Abbott Laboratories at the beginning of this year, for example, is taking legal action to stop it:

AbbVie, a pharmaceutical company has sought an injunction to block Europe's medicines regulator from releasing "confidential" and "commercially-sensitive" information on its blockbuster rheumatoid arthritis drug, a spokeswoman for the U.S. drugmaker confirmed on Sunday.

The Chicago-based company had taken legal action against the European Medicines Agency to stop it from releasing data on the effects in individual patients in clinical trials for its drug Humira, the Financial Times reported earlier on Sunday.

Another EU body, the European Food Safety Authority (EFSA), is also opening up:

The project is part of EFSA's continuing commitment to openness and addresses recommendations made by an independent evaluation report of the Authority's performance to further enhance transparency in its decision-making processes. EFSA's Science Strategy also highlights the importance of the Authority playing a leading role in making relevant scientific data more accessible to all interested parties.

What makes this a little confusing is that the company is quoted in that article as saying that it "firmly supports transparency" -- and yet here it is fighting tooth and nail against precisely that. Apparently, Monsanto also wants the regulatory environment in Europe to be "science-based". Modern science requires experimental data to be made available so that anyone can check the validity of the conclusions that have been drawn from it. If it can't be scrutinized, the conclusions can't be confirmed, and it's not science. So, given its call for "science-based" regulation, why does the company want to keep that data hidden? A cynic might almost suspect that Monsanto and AbbVie have something to hide.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Our project to produce enhanced XML markup of federal legislation is well under way, and we hope to use this data to make more information available to the public about how bills affect existing law, federal agencies, and spending, for example.

What better way to spread knowledge about federal public policy than by supporting the growth of Wikipedia content?

The review by the state's legislative auditor — highly anticipated by legislators and privacy advocates — said officers need better training in allowed uses of the protected data, and local and state agencies should do more to monitor use. Beyond 88 incidents of misuse documented in state records last year, auditors found even more suspicious activity buried in audit trails.

More than half of the 11,000 law enforcement users of the Driver and Vehicle Services (DVS) website in that time frame queried themselves or people with the same last name, for example, or disproportionately searched for people of one sex.

The legislation came on the heels of news that a former employee at the Department of Natural Resources had viewed thousands of drivers license records — almost exclusively of women — without a permissible use. That employee, John Hunt, is now facing criminal charges, and his actions have spurred five federal lawsuits against the state.

The report also recommended that because audits by the DPS largely detect heavy users, rather than suspicious use, local agencies should conduct more proactive monitoring. They suggested the department beef up its abilities to assist local agencies.

[Public safety commissioner Mona] Dohman said in an interview that the queries were so spread out that he did not emerge in their monthly review of the top 50 users.

During the 18 months ending June 30, 2012, 13 users conducted queries using access privileges associated with law enforcement agencies that no longer existed. Over the same time period, three former employees of state law enforcement agencies, as well as four former employees of local law enforcement agencies, accessed the DVS Web site using usernames and passwords that should have been disabled.

DPS (Dept. of Public Safety) has not implemented other access management practices for all users. For example, DPS does not require a user agreement for sworn officers with access to the DVS Web site. Civilian law enforcement employees must sign a user agreement justifying their need for driver's license information, including their specific needs for access to driver's license photographs. DVS staff review the agreements before granting access. BCA (Bureau of Criminal Apprehension) has a signed intra-agency agreement with DVS. Agencies with employees who access BCA systems sign an agreement taking responsibility for access by their staff, among other things. Thus, it is only sworn officers who use the DVS Web site for whom DPS does not require an agreement, signed by the user or his or her employer, taking responsibility for appropriate access.

House author Rep. Mary Liz Holberg, R-Lakeville, said she has already met resistance from some law enforcement entities.

"If you have bad actors in your bunch, then why shouldn't the public know about it?" Holberg said. "It seems like nobody wants any sunshine around this issue. And I think it would do a lot to rebuild the public trust if there was more public awareness of misuse and consequences."

I have issued a memorandum today (.pdf) to Federal agencies that directs those with more than $100 million in research and development expenditures to develop plans to make the results of federally-funded research publically available free of charge within 12 months after original publication. As you pointed out, the public access policy adopted by the National Institutes of Health has been a great success. And while this new policy call does not insist that every agency copy the NIH approach exactly, it does ensure that similar policies will appear across government.

In addition to addressing the issue of public access to scientific publications, the memorandum requires that agencies start to address the need to improve upon the management and sharing of scientific data produced with Federal funding. Strengthening these policies will promote entrepreneurship and jobs growth in addition to driving scientific progress. Access to pre-existing data sets can accelerate growth by allowing companies to focus resources and efforts on understanding and fully exploiting discoveries instead of repeating basic, pre-competitive work already documented elsewhere. For example, open weather data underpins the forecasting industry and provides great public benefits, and making human genome sequences publically available has spawned many biomedical innovations—not to mention many companies generating billions of dollars in revenues and the jobs that go with them. Going forward, wider availability of scientific data will create innovative economic markets for services related to data curation, preservation, analysis, and visualization, among others.

When he first reached our Milford, Connecticut Supercharger, having driven the car hard and after taking an unplanned detour through downtown Manhattan to give his brother a ride, the display said "0 miles remaining." Instead of plugging in the car, he drove in circles for over half a mile in a tiny, 100-space parking lot. When the Model S valiantly refused to die, he eventually plugged it in.

Mr. Straubel said Tesla did not store data on exact locations where their cars were driven because of privacy concerns, although Tesla seemed to know that I had driven six-tenths of a mile “in a tiny 100-space parking lot.” While Mr. Musk has accused me of doing this to drain the battery, I was in fact driving around the Milford service plaza on Interstate 95, in the dark, trying to find the unlighted and poorly marked Tesla Supercharger.

Musk was offended that a reporter didn't operate the hardware properly. Blame the manual, tech support, PR, but not the user.

After figuring out just who she's seeking, Webb rejoins JDate, the Jewish dating site, as a man — creating 10 profiles for men she would want to date, with stock images and character sketches so elaborate you'd think she were outlining a novel. For example, we learn from the spreadsheet she makes for LawMan2346 that he and his younger brother, Mark, "didn't get along great as kids, but they're best friends now. Mark is the total opposite of him — plays sports, drinks beer. Typical man's man kind of guy."

But she's not Catfishing, she's doing opposition research. For a month, she corresponds with 96 female JDaters through these fake profiles, never meeting these women but interacting just enough to collect data (more spreadsheets!) on how they present themselves. Then, she can mimic her competitors and hopefully snag a better catch.

You agree to provide accurate, current and complete information about Yourself as prompted by Our registration form ("Registration Data"), and to maintain and update Your information to keep it accurate, current and complete."

You represent and warrant to Us that the information posted in Your profile, including Your photograph, is posted by You and that You are the exclusive author of Your profile and the exclusive owner of Your photographs. You assign to Us, with full title guarantee, all copyright in Your profile, Your photographs posted, and any additional information sent to Us at any time in connection with Your use of the Service.

You will not post on the Service, or transmit to other members or to Us or Our employees, any defamatory, inaccurate, abusive, obscene, profane, offensive, sexually oriented, threatening, harassing, racially offensive, or illegal material, or any material that infringes or violates another party's rights

You will not harass or impersonate any person or entity. You will not use any manual or automatic device or process to retrieve, index, data mine, or, in any way reproduce or circumvent the navigational structure or presentation of the Service or its contents.

• A recent project encoded all of Shakespeare's sonnets (along with some other text and images) on DNA, putting 5.2 million bits of information (including some error correction) into some tangible goo. It costs roughly $12,400 to encode a megabyte of data and $220 to read it, and since sequencing DNA will never become obsolete (and is getting cheaper to do), DNA storage could be an excellent archiving technology. [url]
• A milligram of DNA *could* contain all the text every book in the Library of Congress -- and all digital data that humans have ever created could be stored on a handful of DNA. We'd just have to make sure never to forget how to translate the digitized data from DNA back into a comprehensible form. [url]
• Researchers at the J. Craig Venter Institute (JCVI) created the first self-replicating synthetic bacterial cell in 2010 -- and included a genetic watermark in the bacteria's DNA. The DNA watermark encoded some extra data such as the names of 46 researchers who worked on the project, as well as a URL and some famous quotations. [url]

When government agencies ask for our users’ personal information—like what you provide when you sign up for a Google Account, or the contents of an email—our team does several things:

• We scrutinize the request carefully to make sure it satisfies the law and our policies. For us to consider complying, it generally must be made in writing, signed by an authorized official of the requesting agency and issued under an appropriate law.
• We evaluate the scope of the request. If it’s overly broad, we may refuse to provide the information or seek to narrow the request. We do this frequently.
• We notify users about legal demands when appropriate so that they can contact the entity requesting it or consult a lawyer. Sometimes we can’t, either because we’re legally prohibited (in which case we sometimes seek to lift gag orders or unseal search warrants) or we don’t have their verified contact information.
• We require that government agencies conducting criminal investigations use a search warrant to compel us to provide a user’s search query information and private content stored in a Google Account—such as Gmail messages, documents, photos and YouTube videos. We believe a warrant is required by the Fourth Amendment to the U.S. Constitution, which prohibits unreasonable search and seizure and overrides conflicting provisions in ECPA.

• The Internet Archive has updated its Wayback Machine, indexing 5 petabytes of internet goodness, covering the web from 1996 to December 2012. That data is from over 240,000,000,000 URLs, and this virtual backup of the web doesn't even touch sites that have a login or a robot.txt file that blocks the Wayback Machine. [url]
• Sandvine's global internet phenomena report contains a prediction that US internet traffic may rise to over 700,000 exabytes per year by 2019. And if Netflix continues to do well (accounting for about double the amount of traffic as YouTube and crushing Amazon Video, Hulu and HBO Go), a lot of that traffic will be people watching streaming movies and TV shows (legitimately, too, not just using BitTorrent). [url]
• Every minute of the day, more and more data is generated. For example, 571 new websites per minute, 100K+ tweets per minute... gazillions of infographics and bazillions of random factoids. [url]
• Since the beginning of time until 2003, humans generated about 5 billion gigabytes of data... and now we generate that much every 2 days. And that rate is accelerating (but humans are not exclusively generating all that data). [url]