Hey Trump! Must we abandon civility to repudiate political correctness?

Before Donald Trump assumed leadership of the war on political correctness, it was Rush Limbaugh’s war. Talk radio ignited the war on P.C. and talk radio trained its warriors. At its purest, it’s a righteous war. It’s a drive for linguistic accuracy, and a call to resist whitewashing speech as a means to whitewash thought.

Rush and all of radio’s other bright stars didn’t prevent the reshaping of the English language, but the resistance movement is alive. The soldiers are beaten down from the fight, which they believe they’ve lost.

Can you blame them for taking heart when Donald Trump charged ahead with their cause? A dagger-tongued anti-P.C. superhero, he stomps across the line, not simply to rebuff political correctness, but to insult it. He stands like Superman, chin up, chest out, criticism bouncing off like so many nerf balls.

But Trump is stomping across another line. It’s one thing to court controversy. It’s another to abandon civility, as he did recently when he mimicked the spasmodic gestures of a disabled person. During a stump speech, Trump engaged in a fitful imitation of New York Times reporter Serge Kovaleski, whose arm movements are hindered by a congenital joint condition called arthrogryposis. To say this display lacked civility is too kind. It was revolting and unpresidential.

Trump has evaded the P.C. police because he has spoken some inconvenient half-truths. On the notion that illegal border crossers are criminals, he was quickly, if partially validated by the murder of Kate Steinle at the hands of an illegal immigrant with criminal charges in his background. Trump’s sexist jabs at Megyn Kelly, Rosie O’Donnell, and Carly Fiorina caused a stir, but (secretly) resonated with more than a few men, who certainly have been known to blame vexing female behavior on hormones. Moreover, it’s no secret that men regularly judge women based on appearance, and – gasp – fat women get the worst of it.

With whom does it resonate when a public figure impersonates a man with a disability? What would explain – never mind justify – mocking someone’s physical handicap in the service of politics? I can’t explain why Trump supporters defend a crude display that most parents would chastise if they caught their child at it. But defend him they do.

On the radio last week, I touched the third rail of the anti-P.C. movement, and I got fried like a slice of maple-cured bacon. I called Trump a mean-spirited jerk. For good measure, I threw in jackass. This, mind you, after engaging for  months in the same belabored, serious, journalistic beard-stroking widely practiced this year concerning the Trump phenomenon. That I support his right to be a jackass, (which I do – it’s a First Amendment thing) was inconsequential to my outraged talk radio callers.

I was accused of valuing Serge Kovaleski’s feelings over the larger point Trump was making. Movement soldiers will recognize this as an uppercut to my jaw. Disdain for elevating feelings above thought is seminal in the war on P.C., and rightly so in most contexts.

One guy called me a liberal – we can argue over the definition of the word, but it was a calculated insult. Several callers demanded to know which candidate I support, if not Trump. The answer, for now, is none. I don’t fall in love easily with politicians. This was occasion to flog me anew for my insufficient criticism of President Obama over the past year.

I love talk radio. I’m a First Amendment absolutist, and I love provocateurs like Trump. I love unfettered debate, even when it gets rough. But I’m acutely aware that in debate, the moral high ground can shift in an instant. The war on P.C. is rooted in calling things what they are, even when it’s uncomfortable. It’s not a wholesale abandonment of civility.

Meanwhile, our nation is enduring a revival of campus unrest that’s based on perceived incivilities. We’re in the odd position of squaring off for free speech against university students, who might traditionally fight censorship but now seek it when they feel offended. How ironic to criticize young people for being overly sensitive, if we then condone a wounding brand of nastiness that has no redeeming purpose.

#ShoutYourAbortion and the art of violating your own privacy

If you #ShoutYourAbortion on Twitter, and the public reaction scares the crap out of you, well, you should only blame yourself.

Abortion doctors have been murdered on their way to work, and people have gone to court for the right to harass women entering clinics. Planned Parenthood has been infiltrated by videographers hoping to incriminate its personnel. You probably know all of this if you’ve waded into pro-choice advocacy.

You must also know if you’ve sought health care – women’s or otherwise — that the federal government has thousands of pages of regulation intended to protect your medical privacy. Your wart removal and your colonoscopy are equally sacred in the eyes of the law. Nobody – not even your insurance company – is supposed to receive details about those procedures without your permission.

But Amelia Bonow traded privacy for protest in the face of a threat to federal funding for Planned Parenthood, by publicizing her own abortion. She encouraged other women to share without apology that they’ve had abortions. Bonow soon left her apartment because of death threats.

As a free speech advocate, who am I to rebuke Bonow and her followers? I won’t. But as a privacy advocate, I would suggest that you never know when or why you might later regret sharing personal information. You also never know which information you might some day regret sharing.

Bonow told the New York Times that she’s not sure how seriously to take the threats, and not sure when it will be safe to go home.

“I’m not a public figure,” she said. Actually, she is a public figure now. You may have heard that the internet never forgets, and that forever is a long, long time.

By the way, have you also heard that any information you commit to a digital device can get out of your control?

If you carry around stored video of yourself having sex, for instance, as Indiana House Majority Leader Jud McMillan did, you really have nobody else to blame when your phone gets stolen and your personal porn goes public.

This can be particularly embarrassing for a family values guy. Yes, he is.

The takeaway should be obvious, but I guess it isn’t. You can’t be hurt by the stuff you never reveal. You can’t reveal the stuff you never record. Almost anything you reveal or record can be cause for regret.

From DEF CON 23: If supply and demand make a market, where is the market for privacy?

Everyone talks about privacy, but nobody does anything about it, to mangle Mark Twain’s witticism regarding the weather.

Economists at Princeton are launching a study to explain why there’s not a more robust market for privacy products and services, given our growing understanding that our most private matters are routinely plundered from online sources.

“There’s a demand for privacy,” economist Rene Mahieu told me earlier this month at DEF CON 23. “Also, I’ve been here at DEF CON and I’ve heard a lot of talk about the technical possibility for creating privacy. So there is a potential supply.”

It follows, therefore, that there should be a market. “A vibrant market,” he says.

Mahieu and Princeton research colleagues are starting with some theories, but it seems to me this question can be answered from the gut. Digital privacy is inconvenient, complicated, and expensive.

Economists have names for these obstacles, Mahieu informs me.

“Information asymmetry” may dampen the inclination to purchase, even from consumers with a clear interest in the product. In a technology transaction, the potential buyer may not understand the product, and becomes doubtful that it will deliver on its promise. Mahieu likens it to buying a used car. The seller has more information than the buyer about the vehicle, and holds the cards when it comes to contract terms. It feels better to walk away than to spend money one something when you’re not convinced it will meet your needs.

“Network effects” describes the lonely experience of adopting a privacy-enhancing messaging service, for instance, and discovering that none of your friends use it, and therefore you can’t talk with your friends. Do you undertake a massive recruitment project or continue to expose yourself to privacy invasion? Most likely, you resign yourself to the latter. Life’s too short.

There’s also the abstract nature of privacy invasion, stacked up against the convenience and pleasure of connection.

“The problems are uncertain and in the future,” Mahieu says, “while the gratification is now, and direct.”

As part of their research, the team wants to talk with business people who’ve had first-hand experience developing privacy products, successful or not. They’re interested in entrepreneurs as well as folks who’ve toiled in big data. Mahieu encountered some of them at DEF CON. One entrepreneur described his innovation, which had been well-received by everyone who tried it. But it didn’t sell, and was ultimately offered for free.

“That’s the starting point for our question,” Mahieu says. “Why, given the immense interest, and the growing interest in privacy, and our technical capabilities, is the market not functioning as we expect it to be?”

If you can help explore the question, he’d like to hear from you. The research project is at the Center for Information Technology Policy at Princeton, but you can contact him directly.  renemahieu@riseup.net

7th Circuit Court of Appeals: You don’t own your personal information

UPDATE August 9, 2015:  Regarding my claim below that a robust market for personal information on the dark web constitutes evidence of its value as a commodity, attorney Caitlin Kelly Henry points out (in the context of a casual conversation at DEF CON) that the court would not recognize illegal activity. But she also notes that businesses are routinely engaged in the lucrative practice of marketing of their customers’ personal data, making essentially the same point. Caitlin adds that this case is well outside her practice area. Thanks nonetheless, Caitlin.

7th Circuit Court of Appeals: You don’t own your personal information

Woah! This is not good news, and while the case was covered in the legal press, this was not the headline. Buried deep in the dicta —  page 13 of a 17-page decision —  the court says personal information is not a property right.

The question before the court was whether Neiman Marcus customers have standing to sue after the company suffered a credit card breach that exposed the plaintiffs’ personal ID and financial data. The court said they do.

The discussion centered on Neiman’s argument that there was no actual injury since the plaintiffs were not accountable for fraudulent charges on their accounts. Standing can’t be argued on speculative claims of future harm, Neiman argued.

Potential future injury is what’s at issue. Until this decision, there was a high bar to establish the risk of future injury from exposure of personal information. The 7th Circuit has lowered it, granting standing on the speculative claim, and asking why else cyberthieves would steal credit card numbers, if not to set up fraudulent accounts.

After a lengthy discussion of the various legal issues involved, the court threw in some brief comments on the ownership of personal information, mostly for good measure. “For the sake of completeness…” the court said.

Plaintiffs also claim they have a concrete injury in the loss of their personal information, which they characterize as an intangible commodity… This assumes that federal law recognizes such a property right. Plaintiffs refer us to no authority that would support such a finding. We thus refrain from supporting standing on such an abstract injury, particularly since the complaint does not suggest that the plaintiffs could sell their personal information for value.

What!!?? There is and has been a thriving market for personal information, and yes, the information has monetary value. Business has been so good, in fact, that the value per ID on the dark web has gone down since its peak, just as any commodity responds to excess supply.

In this opinion, the 7th Circuit has contradicted itself, acknowledging that the purpose of stealing credit card data is to make fraudulent charges and set up fraudulent accounts in the name of the card holder, yet declaring that the card holder’s personal information has no value.

I’m no lawyer, and further research is in order, but I predict a large herd of worms crawling out of this open can. And by the way, is anyone else reading these documents all the way through?

CASE UPDATE: Neiman Marcus has requested a rehearing en banc in the data breach lawsuit referenced below. The retailer asserts that the 7th Circuit Court’s “use of an expansive standard” to establish standing in data breach suits will be “enormously consequential to the national legal landscape.”

Looking for the last private place? It’s not between the sheets.

If you long for the last private place, be assured there is no refuge between the sheets. If, on the other hand, you’d like to invade someone’s sexual privacy, forces are conspiring to help you. Engage these forces at your own peril.

If you want to know whether someone is cheating, you can get some help from notorious privacy invader Spokeo. Just enter your sweetie’s email address on Spokeo’s “is he cheating on you?” page, and its web scraper will gather up all the references it can find related to the address. For a price.

“CAUTION: This information is potentially shocking,” the site warns. “Spokeo uses proprietary deep web technology to search over 70 social networks for status updates, photos, relationships, and profiles. Please prepare yourself for the unexpected.”

I entered my husband’s email address, which is not his name, but a fairly generic word. Spokeo told me there were 51 results with the same email handle — that is, just the part before the @ symbol, not the complete address. But I’d have to cough up a credit card number to find out if any of them belong to my man.

“Hey,” I jabbed him in the ribs. “Are you cheating on me?”

“No,” he said without looking up from his smartphone, “Why do you ask?”

I wasn’t curious enough to pay money to a company I consider despicable, so I left Spokeo without further interaction. Within a few hours, Spokeo was spamming me with other services I might find useful.

Some folks may be treated free of charge to a report about their spouse’s sex-seeking behavior, whether they want it or not. Cyberattackers last week issued a serious threat to Ashley Madison, a website that facilitates infidelity: Shut down your business or we’ll post stolen client data for the world to see – including nude photos,  sexual fantasies, and credit card data.

The site is still operating, and this is probably a ticking time-bomb for millions of marriages.

The attackers, who call themselves “The Impact Team,” apparently think they’re doing some kind of public  service. They’re motivated by the failure of the parent company, Avid Life Media, to adequately scrub personal data from another hook-up site it runs. There’s a $19 charge for the scrub service, which removes personal profile and “community data” if the user decides to cut loose from the cheater’s club. But it doesn’t scrub credit card information.

Oops.

Credit card data is a valuable identification tool. So valuable that the Cook County Sheriff in Illinois made a demand some years back to another business. Sheriff Thomas Dart used the implicit force of his office to persuade Backpage.com to require credit cards for sex-related transactions.

Backpage.com is a marketplace on the Craigslist model, offering a host of goods-and-services categories, including a range of adult services, like strippers, escorts, dominatrix and fetish. Backpage not only complied with the demand from the sheriff, but actively works with law enforcement to accomplish its ostensible purpose — finding suspected child predators and human traffickers. The company cooperates with subpoenas by providing client data when it’s sought, and also puts its sex ads through a vigorous regimen of internal scrutiny both before and after they post.

Nonetheless, Sheriff Dart recently send a demand to Mastercard and Visa to “defund” Backpage. That is, stop processing its transactions. The credit card companies responded by halting their services to Backpage, despite long relationships and no indication of criminal activity.  Backpage went to court seeking an injunction against Sheriff Dart and claiming prior restraint of free speech.

The judge sided with Backpage, and granted the restraining order, but allowed that Backpage is not necessarily certain to prevail at trial.

Yes, offering dominatrix services is a form of speech. Maybe performing the service is, too. But the free speech question requires consideration of the entire website, including users who are not seeking sexual services. When you post a free ad to sell your used NordicTrack, you are subsidized by the strippers and other adult-oriented service providers who pay for their ads. Backpage suggests that the business is unsustainable without the revenue from the sex ads. If the company shuts down, everyone loses a forum for speech.

What to do if you find child porn on your computer (and you didn’t put it there)

The following is not legal advice. It is common sense based on observation and research, and prompted by recent events in North Las Vegas. I am not authorized to dispense legal advice. Take it for what it’s worth.

If you see something on your computer that looks like child porn, shut it down immediately. Take it straight to your attorney’s office, or to your human resources manager if it’s a company-issued device. Your attorney or the company’s legal counsel should lock up the device, find an independent forensic expert, and then reach out to the authorities to arrange an examination involving their experts and yours.

The guy at the Apple store is not an expert. Neither is the IT guy at your company. Neither is your nephew, the computer science major. And police officers with training in digital forenics are not independent. They are employees of a system that’s very unforgiving of child porn possession.

If the mayor of North Las Vegas received a malware-laced email with a pornography payload, he’s certainly not the first. Cyberattacks bearing porn have become more common. Last year, the geek press reported on a ransomware variant called Kovter, which is capable of changing browser history to add pornography sites, and sometimes deposits child porn.

Some of the attacks are designed to spread through entire organizations, using the first recipient’s computer as a point of entry. Some target a specific person, perhaps someone with a lot to lose professionally.

If you call the police to report that you’ve found a dead body in your kitchen, you will receive due process under the law. They will question you, and they will preserve the evidence as perfectly as they find it. Even if they decide you’re a murder suspect and they arrest you, you’ll get a lawyer and the presumption of innocence in court.

But child porn is so toxic that it seems to cause brain melt. Comments from authorities in the North Las Vegas case suggest that they somehow viewed wiping the device as a favor to its owner, who may now be faced with proving a negative. Sophisticated recovery methods notwithstanding, the original data would have offered the best chance of proving what really happened.

Consider also the peripheral parties who have been perfectly happy to chime in with unqualified opinions based on – what? Based on nothing, because at this point, there’s nothing concrete on which to base an opinion. But for the brain melt, most professionals might choose to withhold comment during such a consequential investigation.

Brain melt is not unique to this episode. Think back to stories about dopey teens facing possible child porn charges for sending nude selfies to classmates. One forensic expert who spoke at a conference said he’d been prosecuted for possession of images received from a defense attorney who’d retained him to work on a case. This sent perceptible shivers down the spines of conference attendees who might have been willing to take such cases.

Bottom line – everyone whose email address is published on a website or a business card is a potential target for this kind of attack, whether it’s random, or customized to do specific damage. A knee-jerk response born of panic is understandable, but this not a purse snatching. Stop and breathe, and think.

Attorneys and employers must learn what to do. Isolate the device. Every command you enter – even simply turning on the device – might alter evidence. The passage of time can alter evidence. Helpful people with poor training or improper motives can alter evidence. Preserving the evidence is the best form of protection for everyone, including any children who may have been exploited.

Senate Bill 188: A flirtation with Orwell

A few weeks ago, Phil, my friend and co-worker, drove off the road after failing to negotiate a curve. May God rest his soul. It was an accident, and there’s no other word to describe the tragic event that took the life of a smart, active 30-year-old who savored every day.

But that word may be expunged from Nevada law. Senate Bill 188 would strike all statutory references to traffic “accidents,” and substitute the word “crash.” It’s part of an effort to change the collective mindset about public safety, according to the bill’s sponsor, Senator Mark Manendo. He cites the adoption of “crash” as preferred terminology at the National Highway Traffic Safety Administration.

DUI Victim Advocate Sandy Heverly is a cheerleader for the language change. She says “accident” is misleading because it implies no fault.

“’Accident’ is deeply offensive,” Heverly says. It impedes recovery for the victims of drunk, reckless, or negligent drivers.

Heverly says motor vehicle crashes are “predictable and preventable events.” Her claim is questionable as a general premise. Many collisions are preventable, but accidents by definition are not predictable. Nonetheless, SB188 got a unanimous thumbs-up on the floor of the Nevada Senate, and  has proceeded to the other house.

In this week’s Assembly Transportation Committee hearing, it was only insurance lobbyists who commented. They’d been blindsided by the bill, even though it’s insurers who are most interested in sorting out blame after an accident. For students of political wordsmithing, these are authentic stakeholders. They ventured that SB188 could create an expensive and time-consuming challenge for insurers. All business forms and customer contracts would have to be re-written to eliminate the offending word.

Why is the legislature, which frequently complains that 120 days is insufficient to accomplish the people’s business, engaged in this Orwellian exercise? Beyond supporting the magical notion that scrubbing a word from the state’s official language will improve road safety, it’s anybody’s guess. So let’s guess.

Perhaps SB 188 paves the way for driverless cars. Nevada wants to be on technology’s bleeding edge, you should pardon the expression. If human drivers cause “accidents,” but robotic vehicles “crash,” maybe we’re preparing for the day when juries will consider algorithms rather than human intent.

Is SB188 intended to devalue human reasoning? If it’s always a crash, and never an accident, everyone has less discretion, from the first investigator on the scene to the judge who hands down fines and sentences. This empowers prosecutors and the trial bar, and why shouldn’t we openly discuss that?

Can the SB188 concept be extended to all areas of life where legal liability exists? Recall the Florida man who recently shot a friend in the head while stupidly twirling his handgun as if he were the star of a cowboy movie. Yes, every unintended shooting is preventable, but they’re all accidents.

And what’s this about reprogramming our thinking? Who made NTHSA the arbiter of proper thought? Who gave DUI victims the right to universally apply language that soothes their anger and pain? You’re entitled to your own beliefs about why things happen, but please, stay out of my head. Some of us believe tragedy compels contemplation of God, fate, karma, or synchronicity, not parsing of language.

If public brainwashing could reduce traffic accidents – accidents! – Nevada would have the safest roads on the planet. How many public safety campaigns have we, the media, covered? How many words urging cautious driving have been written, broadcast, and posted on billboards? How many tearful victims have told their stories in classrooms, courtrooms, and newscasts?

Victim advocates are offended by the word “accident.” Perhaps a certain forgivable myopia afflicts those who spend all their working hours with victims. But it’s also grossly disrespectful —  and, by the way, it’s patently false to assert that there’s no such thing as an accident.

I don’t know what my friend Phil did in his final moments behind the wheel. He was headed into a familiar turn on a road he’d driven hundreds of times. Did he feel suddenly light-headed? Did he see an animal in the road? Did the vehicle malfunction? Was he distracted by the radio or the phone? Was he just anxious to get there? I don’t know, and since he took nobody with him, it doesn’t really matter. But I can virtually assure you that Phil didn’t intend to die on the way to one of his favorite weekend destinations. In anybody’s book, that’s an accident.