Ethics Class 12

Computer Ethics, Sum 2023

Mondays and Wednesdays 6:00-7:30+

Class 12 Readings

Before class 12, finish reading chapter 1 of Baase and read the first three sections of chapter 4.

Videos:

    Threat speech
    Software as speech
    Patent examples

Discovering that your Bluetooth car battery monitor is siphoning up your location data

This is a $60 device that you connect to your car battery, and then connect via bluetooth to an app on your phone. It is actually the phone app that collects GPS and other location data and sends it (unencrypted) to China. There is no user-safe reason for collecting this data.

Note that Android requires you to enable Location Tracking to use Bluetooth scanning. (There's sort of a reason for this; Bluetooth and Wi-Fi scanning can be used to determine your location, so if you're scanning you're in effect just acknowledging that maybe your location is being tracked.)

Why are they doing this? The battery device sells ok, but it will never be more than a niche product. But, as drivers drive around, the app can map all the Wi-Fi access points it sees, and thus the app developers can build their own location service. This is exactly what Google did, with the Street View cars (in addition to taking all those pictures).

https://doubleagent.net/2023/05/21/a-car-battery-monitor-tracking-your-location.

Barred From Grocery Stores by Facial Recognition

This is now widespread in England. Stores sign up, and whenever a shoplifting suspect is identified, their face is entered into the database. Then, if the suspect re-enters the store, or any other store that has subscribed to the service, the store is notified. The store can watch the suspect closely or ask them to leave.

It is entirely up to the store to decide who is a "suspect".

www.nytimes.com/2023/06/28/technology/facial-recognition-shoplifters-britain.html.

(But think about San Francisco, too, where several large stores have pulled out due to intractable shoplifting issues.)

Antitrust

Patents

start with E-Data

i4i, Blackberry

Business Methods

Bilski

Mayo Labs, Myriad Genetics, Ultramercial, Alice

Patents below

Crime

start with felonies

Two patent examples

6,865,185, Patel et al

There are a lot of claims for this patent. Claim 1 recites:

A method for queuing traffic in a wireless network, comprising:
receiving a stream of packets for transmission in a wireless network, each packet including a flow identifier uniquely identifying the flow;
determining for each packet based on the included flow identifier a location for a corresponding flow, the location comprising at least one of a sector in the wireless network, a latitude and a longitude of a mobile device associated with the flow, and a specific beam within a sector of the wireless network; assigning each packet to one of a plurality of virtual groups based on the location for the corresponding flow, the virtual groups comprising discrete transmission resources, and queuing each packet in an assigned virtual group for transmission in the wireless network.

So far, so good: packets are assigned to virtual groups based on data. But then many later claims add additional possible data, without specifying how the data should be used. In effect, the patent covers any use of data from a large number of categories:

Claim 8: "wireless network parameter"
Claim 10: "sector layout"
Claim 11: "frequency plan"
Claim 12: "soft handoff percentage"
Claim 13: "interference estimate"
Claim 14: "sector power output"
Claim 15: "noise threshold"
Claim 18: "peak rate"
Claim 19: "subscribed rate"
Claim 20: "maximum burst rate"
Claim 21: "packet size"
Claim 22: "delay threshold"

These are all legitimate network parameters, but they are also extremely well known.

8,793,151

Claim 1 is about risk analysis. But there are no details about the "'adaptive risk analysis engine".

10,826,941

Claim 1: A method for protecting an enterprise network, the method comprising, at a system comprising one or more processors and memory that are remote from the enterprise network:
controlling communications to and from the enterprise network according to a set of security policies;
controlling endpoint to endpoint connections within the enterprise network according to the set of security policies;
receiving a request for modifications to one or more policies of the set of policies;
automatically generating a policy digest formatted according to a predefined format, the policy digest comprising the modifications, and storing the policy digest in the memory;
retrieving the policy digest from the memory;
generating one or more calls to one or more system components that control the communications to and from the enterprise network and the endpoint to endpoint connections based on the policy digest; and
modifying control of the communications to and from the enterprise network and the endpoint to endpoint connections based on the one or more calls.

Security policies are well-known. The patent does not define them. Another part of the patent is about central control of security, but this isn't new either.

Claim 1 is the "method" claim and Claim 12 is the nearly identical "system" claim. Most patents do this.