Webcam Spying

I've seen several news stories over the past few days about the webcam spying incident that has occurred in the lower Merion School District, based in Ardmore, PA. The article, "School accused of off-campus Webcam spying" explains this case in detail. The basic story here is that the local high school distributed laptops to many of its students. These laptops were to be used throughout the school year as a long-time loaner type program. Additionally, each of these laptops came equipped with a webcam; a standard feature on most of today's laptops.

As the article's title implies, Harriton High School was eventually accused of using these built-in webcams to spy on several of its students without their knowledge. Eventually, while spying on one of the students, school officials witnessed some objectionable behavior (while the student and his laptop were at home), and contacted the student's parents. The school even went so far as to provide the parents with incriminating pictures as proof of the behavior; "Many of the images captured and intercepted may consist of images of minors, and their parents or friends, in compromising or embarrassing positions, including, but not limited to, in various stages of dress or undress."

Thankfully, this student's parents had enough sense to recognize this practice as a major violation of personal privacy. Accordingly, this has now led to a massive federal wiretapping investigation at this particular school. Of course, the school defends this practice by explaining that the ability to remotely activate and view webcams on the loaner laptops was a security feature, to be used if the laptop was ever lost or stolen.

This abomination of socially beneficial information technology practices is truly frightening, especially after my previous blog post on cell-phone tracking. It seems that organizations are minimizing the importance of our personal privacy at every possible turn.

This really makes me wonder about any company issued device. Many of our devices which our companies lend to or purchase for us have the ability to capture sound and/or video. Perhaps the idea that the IT department at work could remotely hijack your Blackberry for the purpose of spying or 'ensuring security' isn't really so far-fetched at all.

I think the core issue here is where company/school property ends and where personal property begins. Obviously the organization which lends the equipment should have some ability to ensure the safety and security of the device (computer, phone, company car, etc.), but these measures must not undermine an individuals' constitutional rights to privacy.

Perhaps we still have a long road ahead of us in ironing out this complicated juxtaposition. Until then, maybe we should all think twice before doing or saying anything in front of our school or company-issued devices. In the specific case illustrated in this article, many of the students of Harrinton High School now keep a small piece of masking tape over their webcams when they aren't using them; just to be sure.

Getting paid to fish: Is it possible?

Since I have the opportunity to choose any topic for this blog entry, this blogger has decided that he is going to bore you all tremendously, and rant on how I could possibly achieve the impossible; getting paid to fish!

First, a little background. Since I was a small child, I have always been at home on the water. As a child, I fished in ponds around my neighborhood, and occasionally would fish with my dad on his small boat in the Chesapeake Bay.

As I got older, especially once I had my driver's license, I would spend every summer on the Outer Banks. There, I would fish every waking moment. I really began surf fishing for Spanish Mackeral and Bluefish from piers and the beach. Eventually, after meeting others interested in the same thing, I learned how to target more elusive species such as Sheepshead, Red Drum, and Speckled Trout.

From there, as I grew older and more experienced, I was invited on boat trips with others, constantly learning new things. At this point, I was now spending a rather substantial amount of money on fishing equipment. It eventually became common practice to spend $600 or more for a custom rod and reel. The cost of my hobby didn't matter to me though, I was working on a fishing pier, so I could literally fish for the better part of every day.

At that point, at around 18 years of age, I realized that I wanted to be paid to fish. In direct defiance of my parent's wishes, I began working as a first mate on various offshore fishing charter boats. I would get up at 4:00 AM daily, prepare the boat (50+ foot yachts), and make the daily 50 mile offshore trek to the Gulf Stream. I spent three summers in this exact routine, pursuing various pelagic species such as Marlin, Dolphin, Wahoo, and Tuna.

At some point though, I realized that the grunt work wasn't for me. As much fun as it was, I didn't want to bait some tourist's hook every day for the rest of my life. At this point, I had several close friends who were all in basically the same position, and we each took different paths.

Justin's parents own a chain of incredibly lucrative tackle shops in North Carolina, so he's pretty much set, aside from an undergraduate business degree which his parents required. Likewise, Ketch's parents are filthy rich and bought him a 70ft yacht and a house in Tortola; he's now living the life. Jack decided to work in restaurants for the summer and move to Bali for six months each year, fishing and surfing. Andrew joined the coast guard and now captains a 40ft cutter in Oregon, he's on the water every day and loves every minute of it. So that leaves me.

I'm now about to graduate with my MBA, and I have a strong background in marketing, intellectual property, and project management from my work and educational experience. So where do I go from here? I've thought about working for a fishing manufacturer in product development in some capacity perhaps, or even as a marketing rep for a boat manufacturer, but I just haven't come across the right position. Well, I'm not giving up on the dream yet. See you guys on the water!

Warrantless Cell Phone Tracking

Since this week’s topic had to do with the legal implications of IT, I really started to think a lot about what our government does to monitor our daily actions. At what point does our government’s utilization of IT to maintain security become unethical and too invasive? The article, “Justice Dept. defends warrantless cell phone tracking” really sparked my interest in this topic. Of course, this article is referring to the built-in GPS capabilities of cellular phones, and the legality behind the accessibility of this information to law enforcement agencies. More specifically, there are two forms of cell phone tracking; retrospective and prospective. Retrospective tracking utilizes historical data kept by mobile providers, and isn’t very detailed. In contrast, prospective tracking is very detailed (roughly accurate to a city block) and “reveals the minute-by-minute location of a mobile device”.

According to the article, the United States Department of Justice is now asking U.S. federal courts to allow the FBI and other law enforcement agencies to have relatively open access to individual’s cellular phones for the purpose of tracking the whereabouts of that individual. The rationale here is that “there is no constitutional bar to acquiring routine business records held by a communications service provider “. Additionally, such law enforcement agencies are already permitted to use tracking devices without first obtaining a search warrant.

I think we all knew that this issue would arise before too long since so many individuals have cell phones, the majority of which can be easily tracked with satellites. Personally, I am vehemently against our government being able to access our location through our cellular phones. I certainly never agreed to this when I purchased my cell phone. That said, I also definitely want some government agencies to be able to track my location. Obviously, I want emergency services to be able to locate me if I am ever lost or stranded, and cell phone tracking could very easily facilitate this.

Despite my disdain for warrantless cell phone tracking, perhaps it is necessary. Perhaps we shouldn’t have this assumption of privacy. After all, cellular phones definitely make it easier for criminal to evade law enforcement. In fact, the article details two instances in which federal law enforcement was able to track a murderer and drug shipment via cell phone tracking.

Still, I believe that this issue must abide by constitutional law; specifically the fourth amendment. If law enforcement officials truly have reason to suspect wrongdoing, shouldn’t they be able to obtain a warrant to track that individual? I think my problem with this issue is that ‘big brother’ wants to randomly follow otherwise (presumed) innocent individuals. Perhaps the old wives’ tales of embedded tracking devices in tooth filliings or pennies really isn’t that far off…

Legal Implications for Government Agencies

In the past, firms for which I’ve worked have had very small IT departments, if any at all. As an alternative, I would like to discuss some of the legal aspects of IT that came up in my CIO interview. For the CIO interview assignment, I spoke with John Henderson, a network administrator for the United States Social Security Administration.

Obviously, security is a massive issue for any government organization. In the case of the Social Security Administration, extremely personal information for every single United States citizen is at stake. In fact, according to John, Social Security is constantly struggling with decisions to digitize its information to improve efficiencies given the inherent security risks of having such information more widely accessible.

Aside from this obvious threat of identity theft, John really focused on more internal security threats. For John, the majority of his daily efforts are centered on maintaining Social Security’s massive worldwide intranet. Accordingly, within this network, email tends to be the primary aspect of IT from which legal issues arise.

Social Security works very closely with software developers such as Microsoft to develop email systems which very closely monitor the internal communication among its employees. This includes scanning files to check for viruses as they pass through the network, and also even monitors written email communication for specific words and phrases which indicate illegal internal activity. There is obviously a major legal issue with regard to these practices as the privacy of an individual’s communication comes into question. Of course, all government employees realize that their actions at work are highly transparent, and Social Security is rather open about its liberal use of this policy in order to deter illegal activity.

Additionally, Social Security constantly backs-up all of its data. This literally means that the agency makes a daily backup copy of the hard disk of every single workstation (hundreds of thousands of workstations) on its entire network. This allows the agency to always have a redundant copy in case of an IT disaster. Of course, this also allows the agency to monitor each individual’s work for internal security.

For Social Security, the importance of maintaining a secure network is astounding. There is really no telling how far-reaching the effects of any security breech to this agency could be. Not only could the identity of every U.S. citizen be compromised, but the daily operations of countless federal, state, and local government organizations as well as the operations of many private firms would be directly affected as well.

Sioux Thompson's Developmental Stages

Sioux Thompson's talk about organizational development was definitely thought provoking. Overall, I found her discussion of development progression of individuals to be of the greatest interest to me. According to Sioux, there are four development levels (D1-D4). The first of these, the lowest level, refers two those who are learning a skill for the very first time(s). These individuals have a very low level of competence as they are new to the skill, yet they are very much committed to learning the skill. Individuals at the second level of development have attempted the new skill, experienced numerous failures, and still haven't learned very much. These individuals are no longer committed to succeeding given their failures. At the next level of development, individuals have learned from their failures. These individuals have not yet mastered the skill, but they have had some success. At this point, they are learning from their failures, progressively succeeding more often, while failing occasionally. Individuals at tis level are becoming increasingly committed as they see that they are capable of success. At this point, individuals can see the light at the end of the tunnel. The fourth and final level of development represents the point at which the individual has basically mastered the skill. Individuals no longer fail, are very comfortable with the skill set, and have a high level of commitment to using the new skill given their confidence.

After learning about the levels of development, we took this model to the next level by assessing what strengths and needs individuals at each level would possess. In looking back at this part of the assignment, and putting it in perspective with my other MBA coursework, I think this model is strongly correlated to Maslow's hierarchy of individual needs. According to Maslow, individuals have five levels of needs, those being (from lowest to highest): physiological, safety, love/belonging, esteem, and self-actualization. Individuals must first satisfy lower levels of needs in order to attain the next level in the hierarchy.

In Sioux's example of learning use a manual transmission, I noticed that Maslow's hierarchy closely fits with each development level. At the first developmental level, Sioux had both physiological and safety needs. As she obviously needed food/water/shelter before even considering driving a car, and once in the car she needed to feel secure in order to take the first few steps in learning the skill. Perhaps this safety came from the seatbelts, or the fact that she was learning in a secluded parking lot. She also needed to feel safety at the second level of development as she was becoming frustrated and losing interest. If she didn't feel safe at this point, she would surely quit. At this point, she also needed to have a sense of love/belonging from her friend who was teaching her. This kept her working to learn despite her failures. In the third level of development, she was at the point where she needed esteem. This is because she could now see that she was beginning to succeed, and this brought satisfaction and increased commitment. Finally, once mastering the manual transmission at the fourth level of development, Sioux had reached the need for self-actualization. She was now at the point that she would continue using and pursuing this skill for some higher purpose. Perhaps she would one day teach someone else this skill.

Medical Records IT.. or the lack thereof

One of my largest projects at the MD Small business Development Center was to setup an urgent-care medical center with a local entrepreneur. My client wanted his business to be differentiated as an upscale, less-stressful faciltiy. One of the major points of differentiation was that this business would charge its customers upfront in cash, and then handle all insurance claims after the service was performed. Prior to this, I hadn't had a great deal of knowledge of or experience with medical records and insurance issues, so I really didn't understand what the big deal was.

Since completing this project, I have to say that I am truly amazed at the complete lack of information technology in the world of hospitals and medicine. Why don't we have a central repository of medical information in America? It makes no sense. In fact, most medical facilities in our country only have hard copies of our medical records. This means that when a person seeks medical attention at a facility which he or she hasn't visited, that facility must contact the most recent medical provider for an up-to-date medical history on that individual. It amazes me that hospitals have such archaic records systems when CVS and Wal-Mart keep a national record of all of my prescription information; available instantly at any time.

With a centralized medical records system however, many of the current pitfalls of our medical system could be avoided. One of the major advantages is the time savings in tracking down someone's records, but the accuracy of these records would also be much more accurate as it passes through fewer hands. Additionally, doctors would be able to more quickly identify problematic patients; those patients whom frequent different hospitals and falsify information to obtain prescription medications. Additionally, a centralized medical records IT strategy would allow doctors and insurance companies to interact instantly, rather than having doctors and other medical professionals waste their valuable time in authorizing medical procedures and prescriptions.

The major downside to such a system is definitely security. Medical records contain the most personal of an individual's information, and this information could prove extremely dangerous in the wrong hands. To me however, personal medical records and information already exist and could be obtained by unscrupulous individuals with some degree of ease.

Perhaps this issue is closely tied to our current domestic healthcare reform efforts. I'm sure a more nationalized healthcare system would require such advances in information technology. Even if our country doesn't reform its healthcare system however, we really need to take steps to modernize our medical information systems for the well-being of us all.