I need user opinion on this issue. Could you kindly spare some time and comment either on or off line? TIA Alex Gakuru <gakuru@gmail.com> wrote: Date: Fri, 13 Apr 2007 09:27:47 +0300 From: "Alex Gakuru" <gakuru@gmail.com> To: ke-internetusers@bdix.net Subject: [ke-internetusers] User Privacy (deliberately?) Compromised *** Any comments*** Identity Management Systems invade individual's privacy. Interception of communication, lawful or otherwise, is primarily used to gain "informed advantage" and fore-warn law enforcement agencies to protect everyone, commercial espionage, Intellectual property thefts, or sheer mischief, such as embarrassing an online user, among others. "Private censorship" is a far bigger and real problem that government censorship considering technology users served by state-owned Telkom. Privacy has never been a bigger issue that it is today. For example, with 8 million subscribers but only 2.7 million internet users in Kenya, how, if, when, and where did 7 million pre-paid subscribers ever read website-posted terms of service? These terms are repeated in broadcast advertisements as "terms and conditions apply" Celtel appears not to bother posting their terms of service but several interesting clauses can be read at Safaricom's pre-paid "contract" at . [Safaricom Pre-paid users "contract"] f) Please note that the confidentiality of your communications via our Network is not guaranteed. You are advised that for reasons beyond our control, there is a risk that your communications may be unlawfully intercepted or accessed by those other than the intended recipient. We cannot accept any liability for any loss, injury or damage whether direct or consequential arising out of any such compromise of confidentiality; g) You accept that we may disclose and/or receive and/or record any details of your use of the Services including but not limited to your calls, emails, SMS's, data, your personal information or documents obtained from you for the purposes below: i. Fraud prevention and law enforcement; ii. For reasonable commercial purposes connected to your use of the mobile service, such as marketing and research related activities; iii. Use in our telephone directory enquiry service in printed or electronic format; iv. To comply with any legal, governmental or regulatory requirement; v. Our lawyers in connection with any legal proceedings; vi. In business practices including but not limited to quality control, training and ensuring effective systems operation. h) You must comply with any instructions that we may give you from time to time about the use of the Services; i) The maximum call duration for any one single call made using the Services is approximately sixty (60) minutes. j) With the exception of calls made to our Customer Service Hotline numbers and to any other designated toll free numbers, a variable minimum network access credit requirement shall be applied and shall depend on the Tariff used by the Customer. 2 . 3. ACCEPTANCE AND COMMENCEMENT OF CONDITIONS OF USE You are deemed to have accepted these Conditions of Use as amended from time to time and which take effect:- (a) Upon the Re-charge of your account at any time with any amount using the designated recharge voucher or using any other approved means of Re-charge ; or (b) Upon your use of our Services or upon you accessing our Network at any time; or (c) Upon the initial activation of your SIM Card.3 The EU has perhaps more protection for privacy than in the U.S. The Data Protection Directive of 1995 prohibits sharing of information with any nation that does provide adequate protection for personal data. In 1999 the U.S. Dept. of Commerce worked out a safe harbor regulation that has so far satisfied the EU. FTC (US) has led govt. action to protect consumer privacy. FTC thinks that web sites should adhere to the Five Fair Information Principles: 1. Notice/Awareness—right to be notified if someone is collecting information about you 2. Choice/Consent—right to opt out of having information about you collected 3. Access/Participation—right to see files collected about you and right to offer corrections 4. Integrity/Security—right to have personal files collected about you be secure 5. Enforcement/Redress—right to sue if any of the first four FIPs are violated ------- [How Stuff Works] by Jeff Tyson Carnivorous Evolution Carnivore was the third generation of online-detection software used by the FBI. While information about the first version has never been disclosed, many believe that it was actually a readily available commercial program called Etherpeek. In 1997, the FBI deployed the second generation program, Omnivore. According to information released by the FBI, Omnivore was designed to look through e-mail traffic travelling over a specific Internet service provider (ISP) and capture the e-mail from a targeted source, saving it to a tape-backup drive or printing it in real-time. Omnivore was retired in late 1999 in favor of a more comprehensive system, the DragonWare Suite, which allowed the FBI to reconstruct e-mail messages, downloaded files or even Web pages. DragonWare contained three parts: * Carnivore - A Windows NT/2000-based system that captures the information * Packeteer - No official information released, but presumably an application for reassembling packets into cohesive messages or Web pages * Coolminer - No official information released, but presumably an application for extrapolating and analyzing data found in the messages As you can see, officials never released much information about the DragonWare Suite, nothing about Packeteer and Coolminer and very little detailed information about Carnivore. But we do know that Carnivore was basically a packet sniffer, a technology that is quite common and has been around for a while. Packet Sniffing Computer network administrators have used packet sniffers for years to monitor their networks and perform diagnostic tests or troubleshoot problems. Essentially, a packet sniffer is a program that can see all of the information passing over the network it is connected to. As data streams back and forth on the network, the program looks at, or "sniffs," each packet. Normally, a computer only looks at packets addressed to it and ignores the rest of the traffic on the network. When a packet sniffer is set up on a computer, the sniffer's network interface is set to promiscuous mode. This means that it is looking at everything that comes through. The amount of traffic largely depends on the location of the computer in the network. A client system out on an isolated branch of the network sees only a small segment of the network traffic, while the main domain server sees almost all of it. A packet sniffer can usually be set up in one of two ways: * Unfiltered - Captures all of the packets * Filtered - Captures only those packets containing specific data elements Packets that contain targeted data are copied as they pass through. The program stores the copies in memory or on a hard drive, depending on the program's configuration. These copies can then be analyzed carefully for specific information or patterns. When you connect to the Internet, you are joining a network maintained by your ISP. The ISP's network communicates with other networks maintained by other ISPs to form the foundation of the Internet. A packet sniffer located at one of the servers of your ISP would potentially be able to monitor all of your online activities, such as: * Which Web sites you visit * What you look at on the site * Whom you send e-mail to * What's in the e-mail you send * What you download from a site * What streaming events you use, such as audio, video and Internet telephony * Who visits your site (if you have a Web site) In fact, many ISPs use packet sniffers as diagnostic tools. Also, a lot of ISPs maintain copies of data, such as e-mail, as part of their back-up systems. Carnivore and its sister programs were a controversial step forward for the FBI, but they were not new technology. ---- Alex Gakuru _______________________________________________ ke-internetusers mailing list ke-internetusers@bdix.net http://www.bdix.net/mailman/listinfo/ke-internetusers --------------------------------- Ahhh...imagining that irresistible "new car" smell? Check outnew cars at Yahoo! Autos.