Your Webcam May Be Watching You
Two-way video chat is fun. One-way chat--where you're the one being watched--is not so much fun. But it's more common than you might think.
In February, school officials in southeastern Pennsylvania found themselves in hot water after they installed software on school laptops that allowed them to activate students' Webcams remotely. The school claimed that the software--which could snap a picture of whoever was using the MacBook at any time--was only for locating lost or stolen laptops. Outraged parents sued the district, and the story made international headlines.
Two weeks earlier, a woman reported being spied on via her Webcam by a Dell support technician, which she discovered when she realized the tech had turned on her Webcam without asking permission. Chinese cyberspy network GhostNet has reportedly taken over at least 1300 PCs worldwide, including the ability to operate their Webcams. In 2006, Spanish authorities arrested two teens after they hacked Webcams at a local college and tried to blackmail students caught in compromising situations. In 2004, an online intruder commandeered the computer of a 15-year-old girl in Houston, operating her Webcam remotely and typing messages on her screen about the clothes she was wearing.
The Fix: If you have an external Webcam, unplug it when you're not using it. If your camera is built in, covering the lens with a sticky note should do the trick.
Your Boss Can (and Probably Does) Monitor Your Computer
Paranoia, schmaranoia. If you work in a medium-size or large organization, the folks in your IT department are keeping tabs on you.
Using software like Websense Triton or Barracuda Purewire, they can monitor the sites you visit, and scan the e-mail you send or receive. They can also check network-activity logs, or use software that captures your keystrokes or periodically grabs images off your screen.
According to the most recent surveys conducted by the American Management Association, two-thirds of all employers monitor employee Web and e-mail activity. About four out of ten use keyloggers or snoop around employees' computer files. And one out of four firms has fired employees for Internet-related misdeeds.
Besides boosting productivity, companies are trying to avoid malware infestations, accidental leaks of confidential data, and liability for sexual-harassment suits if employees are exposed to Internet porn.
The problem? Selective enforcement, says Joe Rose, a labor-rights attorney based in Sacramento, California. Companies just collect the information and use it when needed to weed out troublemakers, complainers, or people who rub them the wrong way. "In my experience," Rose says, "companies use this information selectively, either to pile on evidence in case of employee misconduct or if the employee engages in activity the company doesn't like, such as labor organizing."
The Fix: Don't use company gear or networks to conduct personal business. If your employer gave you a BlackBerry, get your own cell phone, says Rose. Want to check your private Webmail account? Do it from your own computer and on your own network. In nearly all cases, your privacy rights at work are minimal at best.
You Can Fight the RIAA and Win
Organizations such as the Recording Industry Association of America and the Motion Picture Association of America can have your Website taken down simply by sending an e-mail to your host or Internet service provider--even if you've done nothing wrong. Under the endless gift to copyright holders known as the Digital Millennium Copyright Act, service providers may avoid liability by immediately removing material alleged to violate copyrights. They don't require proof, and they don't have to notify you in advance.
If your materials don't infringe copyrights, however, you can file a DMCA counter-notification with your service provider. If the copyright holder doesn't file suit against you within 14 days, your provider must restore what it deleted. (Of course, if the copyright holder calls your bet and files suit, you can withdraw your claim. Otherwise you'll need to lawyer up, so pick your battles carefully.)
Unfortunately, service providers don't always provide sufficient notice for site owners after the takedown; in some cases bloggers don't even know which files to remove. Recently, six music bloggers had years' worth of MP3 archives wiped from Blogger.com after Google received DMCA takedown notices from the International Federation of the Phonographic Industry. One site was reinstated, while a few others changed Web hosts; the rest were still dark as of this writing.
The Fix: Mail or fax your provider a counter-notification ASAP (e-mail isn't an option). You'll find a fill-in-the-blanks form at the Chilling Effects Clearinghouse site.