Archive for February, 2010

Data Without Borders Episode 13: Money without Borders

February 24th, 2010  |  Published in Podcasts

Here is episode 13 of the Data Without Borders podcast where we will mainly talk about SWIFT, what it is and how the EU parliament rejected the deal with the US.

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.

(Download MP3)


These are rough notes from the podcast. Better you listen to it for the full scoop!

Short News

Webfinger enabled now on all gmail accounts

WebFinger: Given an identifier for a person, how do I find out what services that person uses?
Steve said: As I’ve said over and over, email addresses aren’t going to win. They won five years ago.

Time for the OpenID people to stop being Hiroo Onoda.

Old adage from politics – “If you’re explaining, you’re losing”

The German privacy paradox

Jeff Jarvis on the german privacy paradox

As a group, Germans are more private than anyone I know. My German grandfather-in-law used to lecture me: “People do not need to know that.” Germans complain about Google Streetview taking pictures of them … inpublic. They’re going after Facebook on privacy. They say that Google Analytics violates privacy. They even enable convicted killers to expunge their names from Wikipedia out of privacy. And now they’re up in arms about airport body scanners.
Yet go into a German sauna, and there the Germans are, male and female, together, sweaty and naked. Germans protect the privacy of everything but their private parts.

SWIFT agreement between EU and US rejected by the EU parliament

The Guardian article on it

Result: 378 to 196 votes against it

“Our laws are being broken and under this agreement they would continue to be broken. Parliament should not be complicit in this,” said Jeanine Hennis-Plasschaert, a Dutch liberal MEP. “The security of European citizens is not being compromised. Targeted transatlantic data-exchange will remain possible through other legal instruments. If the US administration would propose to the US Congress something equivalent to this – to transfer in bulk bank data of American citizens to a foreign power – we all know what the US Congress would say.”

Washington had applied intense pressure on the parliament to agree to the pact, with Hillary Clinton, the US secretary of state, and Timothy Geithner, US treasury chief, appealing to Jerzy Buzek, the president of the European parliament.
The parliament veto applies to data from Swift – the Society for Worldwide Interbank Financial Telecommunications – which is based outside Brussels and co-ordinates millions of financial transfers and transactions every day on behalf of thousands of banks.

SWIFT is the messaging backbone that connects banks internationally. It’s not a clearing house, it’s a communication system.

SWIFT – Society for Worldwide Interbank Financial Telecommunications, a cooperative of banks and other financial institutions that facilitates trillions of dollars in daily international transactions. Its members include almost 8,000 financial institutions in more than 200 countries.

The majority of international interbank messages use the SWIFT network. As of November 2008[update], SWIFT linked 8,740 financial institutions in 209 countries.[1] SWIFT transports financial messages in a highly secure way, but does not hold accounts for its members and does not perform any form of clearing or settlement.

Here is a Forbes article that says international cooperation has prevented money from getting to Al Queda, leaving them close to bankrupt:

The argument *for* this agreement in the first place was that the international banking network was being used to funnel money to terrorist groups. Most of us agree that this is a bad thing – and things were pretty scary back in 2002 – so the US and European governments agreed to start watching who sent money where.

The devil is in the details, though. One of the things we’ve seen in the US is that programs that are set up for one reason have a funny way of being used for other reasons. It’s entirely possible that this anti-terrorist tool was now being used to track… drug smugglers. Drugs finance terrorism, right? That’s not too far afield. So to get to the drug smugglers they go after… suspected money launderers in general. These guys are probably pretty far from actual terrorism but they’re criminals, right?

It’s very possible that there was serious scope creep in the program, and the govenments went “Hey, this isn’t what we signed up for”.

EU parliament now stronger on privacy/civil rights issues?

Gerry Beuchelt’s blog post on Germany “getting closer to the peak of hypocrisy” in its position on privacy (check out his whole series) – it references the earlier days of the SWIFT agreement effort, so maybe all is not lost!

One of his earlier posts:

What happens when a bureaucracy goes wild? Well, you can end up in a situation where private companies are facing the most restrictive privacy regime in the world, while government agencies are at liberty to spy on their people at will. Germany – my country of origin, and the country that claims to have “Informationelle Selbstbestimmung” (roughly: information self-determination) – has now completed a fairly comprehensive system of laws limiting fundamental human rights viz-a-viz the government:…

What does this mean?

Google Wave hijacking problem: Eve would love to be able to “UMA-protect” waves and all other web resources exposed as such. 🙂

Google Buzz

Privacy Threat: News story on Google Buzz’s “huge privacy flaw”

API docs:

The first thing you need to do on a site like FB or Twitter is tell it who your friends are. It’s a pain, and as sites get big people get annoyed with invite/friend messages. This is why back in 2004 everyone thought that it was going to be AOL, MSFT, or Yahoo that took down MySpace. They were the ones who already had the massive web of IM and email connections. They already knew, so they didn’t need you to re-create the list of who you care about.

Google is trying to sidestep that by basing it on your email. They already know who you communicate with because they have the messages.

The problem with buzz is that my friends and my business associates are all mixed together in my email. Buzz picked an initial set for me that was almost entirely business contacts. There are people I keep AWAY FROM on twitter and FB. Thanks, big G!

over 9 million posts and comments

Data Without Borders Episode 12: It’s not my fault!

February 3rd, 2010  |  Published in Podcasts

This time we feature a conversation with Drummond Reed. Not only is he in the Steering Group of the DataPortability Project but he also wears a lot of heads. In this episode he will talk about those hats and we especially talk about Open Identity Exchange (OIX) in depth.

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.

(Download MP3)


Drummond and Eve co-authored an IEEE Security and Privacy journal article called “The Venn of Identity” that discusses the information card model and other models that attempt to solve “user-centric identity”.

How the U.S. government’s need for assurance may or may not match commercial/social requirements for assurance: How to rest assured.

The XRI TC works on the Extensible Resource Descriptor (XRD) metadata format

Christian’s Python implementation of an XRD parser

Data Privacy Day

New privacy icon

Open Identity Exchange (OIX)

XRD + Webfinger = crazy delicious

“It’s not *my* fault! You suck!” Greeting Card