You have to read this fas­ci­nat­ing report from The New York Times on how new bill­boards with cam­eras are “watch­ing” passersby and col­lect­ing data on who really looks at the bill­board and who does not.

Yesterday, Google launched their newest prod­uct, Google Health, a web-based tool that lets you track your med­ical con­di­tions, his­tory and med­ica­tions all in one place. Some med­ical providers can even con­nect to Google Health, so you can import your com­plete health his­tory as eas­ily as you can invite all of your MSN con­tacts to sign up for Gmail.

Scary, right? Of course Google promises that they will keep your infor­ma­tion “safe and secure,” but safe and secure from whom? The pri­vacy pol­icy men­tions that they will use your per­sonal health data in ways not clearly defined:

Google will use aggre­gate data to pub­lish trend sta­tis­tics and asso­ci­a­tions. For exam­ple, Google might pub­lish trend data sim­i­lar to what is pub­lished in Google Trends.

They might. Or they might not. This vague “pol­icy” doesn’t inspire con­fi­dence. But it gets worse:

None of this data can be used to per­son­ally iden­tify an individual.

We know this isn’t true, as we’ve already seen how osten­si­bly anonymized data can be used, with some detec­tive work, to reveal iden­ti­ties. And if no one has ever cap­tured and pub­lished this par­tic­u­lar data before, how can we be cer­tain that indi­vid­u­als can’t be iden­ti­fied with it? More impor­tantly, does lump­ing my infor­ma­tion in with oth­ers’ and then pub­lish­ing it on the web qual­ify as keep­ing my health records “safe and secure”? Obviously, Google and I dis­agree on this point. But we have already tran­si­tioned into a world where Gmail mines our emails, and Mint mon­i­tors our per­sonal finances, so why not do the same with med­ical records?

An effi­cient, secure tool for man­ag­ing one’s own health infor­ma­tion would be an enor­mous asset. I just don’t think that a web-based, hosted solu­tion is in the individual’s best inter­est. Convenience doesn’t always have to come at the expense of relin­quish­ing con­trol of our pri­vate data.

Also see: NY Times story

I’ve offi­cially sub­mit­ted my Search Explorer project to Rhizome’s 2009 com­mis­sions process! Watch the demo, and if you like what you see, I’d appre­ci­ate your vote!

WikiLeaks, a wiki site that helps insid­ers release infor­ma­tion anony­mously, was in the news last month when its pri­mary domain name (wikileaks.org) was removed from the Domain Name System. A San Francisco judge ordered the move, which effec­tively made it impos­si­ble to reach any part of the wikileaks.org web­site directly. Fortunately for whistle­blow­ers world­wide, the site was still acces­si­ble via an alter­nate domain name -- wikileaks.be -- which was reg­is­tered in Belgium, and there­fore not sub­ject to injunc­tions from US judges. (Technically, it was also acces­si­ble by IP address for those moti­vated enough to bypass the DNS.)

Two weeks later, the judge reversed his own deci­sion, and wikileaks.org came back online. The case raises some inter­est­ing ques­tions, start­ing with, when you’re deal­ing with a wiki, who do you sue? The “owner” of the wikileaks.org domain is in Australia, the phys­i­cal servers are in Sweden and Belgium, and the con­trib­u­tors are anony­mous and unlogged. So, when the bank Julius Baer wanted to sue some­one for leak­ing inter­nal doc­u­ments, the only domes­ti­cally iden­ti­fi­able party was Dynadot, the San Mateo-based reg­is­trar of the wikileaks.org domain. (Of course, the bank’s approach back­fired, as it only drew more atten­tion to WikiLeaks -- and to Julius Baer’s alleged wrong­do­ings -- than ever before, which was exactly what they wanted to avoid. I, for one, had never heard of WikiLeaks before I heard about the case in the news.)

WikiLeaks is a case study in some­thing com­pletely new: a col­lec­tively authored pub­li­ca­tion where every con­trib­u­tor is fully anony­mous and untrace­able. At least one other site I’ve seen, Strictly No Photography, uses a sim­i­lar model to share pro­tected infor­ma­tion (pho­tos, in this case). It will be inter­est­ing to watch these mod­els evolve, pay­ing close atten­tion to how var­i­ous legal struc­tures react to them.