Is privilege transitive?

A little less than a year ago in a post called No privilege for you! a situation was discussed where communication that appears on the surface to be clearly privileged, that between a client and attorney, was not. Due to the circumstances of the communication. Namely it was an email thread that took place over a corporate email network where the court deemed that there was no reasonable expectation of privacy due to the corporate policy. No expectation of privacy, no privilege. Well now we have yet another twist in the attorney client privilege for email saga. In this entry in Electronic Discovery Law blog the situation is described as follows.

The magistrate judge rejected the explanation of plaintiffs’ son that his “technical assistance was necessary for his parents to timely receive the email communications from counsel” because his parents were “not proficient in the use [of] electronic mail.”  The magistrate judge reasoned that “[l]ack of technical competence … is not the equivalent of an inability to communicate.

Now hang on just a darn minute! This magistrate is saying that if you need help getting your email then any correspondence with your attorney isn’t privileged? Apparently this is a really young judge with no older parents or grandparents. A millennial orphan perhaps. Or possibly a tech-savvy computer senior who just wants to punish his internet-illiterate peers. In any case I can assure you that if my mom’s lawyer sent her an email, her first call would be to me to make sure she got it with no problems. Fortunately the district court that reviewed the issue when the plaintiffs objected to the order took a more realistic view.

The district court identified an exception to the principle that communications involving third parties are generally not privileged where “the purpose of the communication [to a third party] is to assist the attorney in rendering advice to the client” and where the party asserting the privilege can establish that the client had a reasonable expectation of privacy with respect to the communication at issue and that disclosure to the third party was necessary for the client to obtain informed legal advice.  The court further established that disclosure to an agent of the attorney or the client does not result in waiver.

Actually New York State law is pretty clear on this matter.

New York State law addressing the “attorney-client privilege’s application in the context of electronic communications, including email.”  Section 4548 of the New York Civil Practice Law and Rules states:  “No communication … shall lose its privileged character for the sole reason that it is communication by electronic means or because persons necessary for the delivery or facilitation of such electronic communications may have access to the content of the communication.

So this certainly brings up some interesting questions. With almost all communications happening electronically over the internet and with more lawyers and doctors becoming aware of the need to protect correspondence with clients and patients as a result of regulatory compliance, the mechanisms that will be put in place to protect these communications are only going to make it more complex for a large portion of the recipients. This will necessitate ever more assistance from tech-savvy helpers. I mean seriously, there’s no way you can expect my mom to be able to decrypt email without assistance. So does that  imply that if I help my mom (don’t worry she loves it when I use her as an example – right mom?) communicate with her lawyer electronically that the privilege is transitive to me? I mean her privilege. I certainly wouldn’t expect privilege to extend to unrelated correspondence between her lawyer and me. But if so how far does the transitive privilege extend? To children? Siblings? Cousins? Any relative? Friends? Nigerian princes? [just kidding]. In any case this is an important question that will no doubt be tested further in courts as technology continues to outstrip the ability of an ever larger portion of the population to comprehend it.

Gray haired computing part 3

In part 1 of this series we talked about finding the right computer system and decried the lack of availability of such systems. In part 2 we talked about how to get connected with friends and family when access to a computer system is impossible or impractical. So in this part we’ll start from the assumption that the senior in question – most likely yourself, dear reader – already has a computer system that is more or less usable and are ready to do something fun and useful with it. How do you get from senior citizen to senior netizen, from lost in space to hacker space without being pwned in the process. Actually it’s easier than you think. In fact you probably already know a whole lot more than you realize.

First off let’s define some of this confusing cyberspeak. I mentioned being “pwned” so let’s start there:

In hacker jargon, pwn means to compromise or control, specifically another computer, web site, gateway device, or application.

Why would someone want to do that? As it turns out that’s big business these days. You’ve probably heard about botnets. Here’s what that means.

Botnet is a jargon term for a collection of software robots, or bots, that run autonomously and automatically. Typically botnets are operated by criminal entities.

And what do those criminal entities do with botnets? Mostly they sell bandwidth and compute resources – from the pwned PCs (bots) – to spammers.

Spam is the abuse of electronic messaging systems (including most broadcast media, digital delivery systems) to send unsolicited bulk messages indiscriminately. The most widely recognized form of spam is e-mail spam.

Basically it breaks down like this: Your computer gets pwned and turned into a bot and becomes part of a botnet that is used to send spam like those “cheap viagra” emails that everybody receives.

Another thing you’ve probably heard about is phishing.

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public.

Those are the two biggest threats on the internet. In fact they usually turn out to be a single threat. Here’s how that works: You get a phishing email that purports to be from your bank. Instead of sending you to your bank’s web site it links you to a malicious site that transfers malware to your computer, turning it into a bot.

Malware, short for malicious software, is software designed to infiltrate or damage a computer system without the owner’s informed consent. The term “computer virus” is sometimes used as a catch-all phrase to include all types of malware, including true viruses.

I’m guessing that right about now you are thinking “this sounds really complicated”. While plenty of companies,both legitimate and fraudulent, would like you to believe that, it’s actually not. In truth phishing and spreading malware is nothing more than con games being run in this new environment, the internet. The point being, it’s up to you to avoid being a mark. And this mainly requires a change in the way you think about communication over the internet.

I’ve written about this issue before in a post called the Technology generation gap.

There have been grifters and scam artists around since time immemorial, but it’s only been with the advent of the ubiquitously anonymous internet that the scams, schemes and spam have become pervasive. Back in the day, a grifter’s work was strictly up close and personal as opposed to nowadays when you can hit millions of marks with a single shot. Kind of like a knife fight versus carpet bombing.

You have to understand is that email is not like actual physical mail. It’s easy to get caught up in the abstraction of sending and receiving electronic mail. It appears to work exactly the same as sending or receiving correspondence. Only much faster. Unfortunately there are some dramatic differences between how mail and email work, and these differences make email significantly less private and reliable than mail. When you send a letter via mail it is picked up from a postal drop, transported through a series of post offices where it is postmarked and finally delivered to the intended recipient. Note that the same physical letter that was sent is received and the content of the letter often validates the identity of the sender. Junk mail is also easily identifiable as such. With email it works much differently. When an email message is sent, a copy is sent to and stored on the outgoing email server owned by the sender’s email provider. Then a copy of the message is broadcast over the internet and received, after any number of intermediate stops along the way, by the incoming email server owned by the recipient’s email provider. From there the recipient gets a copy of the email message. Note that there are at least 5 copies of the message created and stored on at least 5 different computers for that one email message. And the sender and recipient only have control over their respective copies. Also because email is by definition computer generated the content cannot be used to validate the sender’s identity. In other words, anyone can type “Dear Grama, … Love, Katey“, but it doesn’t make them Katey. Also, remember those postmarks on letters? They show you where the letter originated from. While email contains a record of where it was sent from, including all intermediate stops along the way, you can’t trust the voracity of this record. It can easily be “spoofed” to appear to be from anywhere the sender wishes. Furthermore since the bulk of the “daisy chain” of email message copies is not controlled by the sender or receiver it can be altered, corrupted or otherwise misused anywhere along the line and no one will be the wiser.

The next thing to understand is that the internet is designed to be anonymous. Just like the famous New Yorker cartoon: “On the internet nobody knows you’re a dog“. Unlike real life where we tend to trust people until they are proven to be untrustworthy, on the internet there are no people, as in actual living human beings, to trust. Actual humans are not directly responsible for a fair portion of internet traffic. Much of the content on the web is generated by bots or other automated processes. For us actual human internet users this requires a complete reversal of the way we’ve always thought about communication. In other words, we must assume that anything we get from the internet is suspect until proven otherwise. Guilty until proven innocent. This is the hardest thing for most of us who grew up before the information age to do. But it’s critical to understanding how the internet works.

The bottom line is this: Trust no one and don’t be an idiot. If it sounds too good to be true, it is. I mean seriously, when you see a scary message pop up on your screen like “your computer is infected with a terrible virus” ask yourself “why would anyone care about my computer?” The answer is obvious, and unless you enjoy being a sucker you’ll treat it the same way you would the street corner three-card-monty dealer. Move on. Nothing interesting here.

Now hold on there, bucko. It has to be more complicated than that. What about all that anti-virus stuff and anti-phishing services? What about Windows update? Well you got me there. The sad fact is that Microsoft Windows spawned a whole industry of snake oil products [Whoa! I knew I felt a conspiracy theory coming on!] that are now required for Windows users. But at least now the Microsoft serpents have eaten the other serpents [Woo Hoo! A vague biblical reference too!] with the introduction of Microsoft’s own anti-malware tools for free. So at least you won’t have to pony up annual subscriptions. Yet. So if you are running a Windows computer, threaten to cut the person who foisted it on you out of your will until they set this up for you. If you have a Mac or Linux computer just send the clever and generous person who gave you such good advice a digital smooch. But just remember, regardless of how much anti-malware stuff you have on your computer, or how up to date you are with all of those “security patches” you are still at risk if you act like an idiot. By contrast you could be running an old unpatched, unprotected Windows 2000 box and be just fine as long as you refuse to be a mark for online grifters.

So that’s the secret. Like most things in life, the easiest solution is the best.

Gray haired computing part 2

In part one of this series [Hey, I didn’t know it was going to be a series either], amazed that computer manufacturers don’t understand a potentially huge untapped market, I outlined what kind of computing hardware and software would be good for seniors. But what about those who for whatever reason, be it advanced age, physical infirmity or location are unable to manage a computer but still want to be a part of family and friends digital life? How can this be accomplished? While reading the Denver Post this morning (Okay it was mostly the comics) I came across an article about SunnyGram. This sounded like a great idea so I decided to check them out. Turns out it is such a great idea that it needs to be shared. This article in describes SunnyGram’s service.

A mailbox containing real mail with real family pictures is about as rare these days as a day without e-mail. But for those who don’t use e-mail – like many of our non-wired grandparents – there’s now a service that sends family news and digital pictures from your e-mail account to someone’s snail mailbox for $9.95 a month.

Sunnygram collects all of the e-mails addressed to [the recipient] and mails out a weekly, cheery compilation of messages (large font is an option) with embedded pictures. [The recipient can] respond through a Sunnygram prepaid letter (which would be scanned and e-mailed) or a toll-free number (the audio file then would be e-mailed).

From the FAQ:

Q: What is a Sunnygram?
A: A Sunnygram is a beautiful newsletter for your loved one filled with email messages and photos from family and friends. A Sunnygram is mailed via U.S. Postal Service each week so your loved one doesn’t need to use a computer or any special equipment to stay connected.

Q: How much does a Sunnygram subscription cost?
A: Only $9.95 per month. There are absolutely no other fees. You can also purchase a 6 month subscription for $49.95 or a year subscription for $99.95.

Q: Is it easy to read a Sunnygram?
A: Yes! Sunnygrams are available in large print (18-pt) at no extra charge, and regular print is already quite large (14-pt). In addition, Sunnygrams are printed using color laser printers for a crisp picture.

Q: How many people can send email to my loved one?
A: There is no limit to the number of people who can send emails. Once you’ve created the email address for your loved one, share it with all family members and friends who want to stay in touch.

Q: I was planning to get my Mother a computer. Why should I consider Sunnygram?
A: Computers are great for some people, but they are expensive and sometimes difficult to use. Almost everyone has had trouble opening an attachment or has gotten frustrated sifting through spam. A Sunnygram subscription eliminates these issues and allows your loved one to receive email messages and photos hassle free. Another factor to consider is that the price of internet access alone can be three to five times more expensive than a Sunnygram subscription, not to mention the price of the computer equipment. Sunnygram is perfect for families on a budget.

Q: Is Sunnygram secure?
A: Sunnygram processes incoming messages using secure proprietary message-handling software. It is as secure as email and postal mail. Message content is not read by any employee or agent of Sunnygram at any time, maximizing privacy. Our system also eliminates spam, only allowing messages from approved email addresses.

Is this cool or what? In case you want endorsements other than me [crazy I know] here’s what AARP says in a Now Hear This article.

Mail Twist is rewriting the hare and tortoise tale. It combines e-mail and snail mail to deliver correspondence and photos to people who shun computers. For $9.95 a month, the Glendale, Calif., company provides “computer-free” e-mail to technophobes, transforming digital messages and photos into a newsletter that is delivered to a mailbox.

So there you have it – a service that allows a senior, disabled or incarcerated person to go digital without having to invest in a computer. For about a quarter of what a cheap broadband connection will set you back each month. And did I mention that you can try SunnyGram for a month free?

For new subscribers, we are now offering one month free, no obligation. Try Sunnygram for a month and decide at the end whether you want to continue with the service.

How cool is that? You can check them out at

Gray haired computing

Recently I did an article for a seniors newsletter about phishing. Specifically the perennial “limited time to add your cell phone to the national do not call list before bad stuff happens” scam. While this particular instance is more hoax than phishing since the number to call was, in fact, the real number for the do not call list the opportunity for a phishing variation is definitely there. This got me to thinking again about why computing in general and social networking in particular are so senior-unfriendly. I’ve written this about this issue in the past here and here but it’s always seemed a little bizarre to me that no major personal computer manufacturer has thought about tapping this enormous and growing market. There are some minor players starting to get into this market according to this article on the BBC.

A new computer aimed at people aged over 60 who are unfamiliar with PCs and the internet has been unveiled.

The simplified desktop – called SimplicITy – has just six buttons directing users to basic tasks such as e-mail and chat.

The computer comes pre-loaded with 17 video tutorials from television presenter Valerie Singleton.

The SimplicITy computer has no log-in screen when started up, and contains no drop-down menus. It opens straight to a front page called “square one” containing separate clickable buttons for e-mail, browsing the web, files (for storing word documents and photos etc), online chat and a user profile.

The e-mail system is a modified version of an Italian design called Eldy. All SimplicITy users with an address will be able to chat to each other via the “chat” button.

The computer is built using Linux operating system, a free operating system that can be customised by users.
If people decide they no longer need the SimplicITy desktop, they can replace it with a standard Linux desktop.

Unfortunately these are also a one-off kind of deal and therefore carry a relatively hefty price tag.

Each made-to-order computer takes two weeks from request to delivery and can be ordered by post.

It’s not all that cheap – systems range from £299 [~$500] without screen or keyboard to £525 [~$880] for a complete system.

From what I can tell reaction to this computer system has been lukewarm to negative and almost universally snarky. Of course those reactions have been from younger people like BBC Technology correspondent Rory Cellan-Jones who quips:

There are some people who will undoubtedly feel patronised by the very idea of a computer for older users  and others will ask why they shouldn’t be taught to use Windows like just about everybody else.

But he also points out a very valid issue when it comes to selecting computing equipment for elders in this entry on the BBC News blog.

Simplicity is swimming against the tide, and may find some resistance, not from older customers, but from sons and daughters who’d rather see their parents learn the same system as themselves.

Yep – nailed it in one. Being primary technical support for a truly frightening number of older folks I know this to be absolutely true. But exhaustive yet completely unscientific polling and anecdotal evidence have led me to believe that the following statements are common to all older computer users:

My computer sucks.

My [son|daughter|younger friend]’s computer works great.

That’s why I got mine.

But my computer sucks.

Okay I’ll admit that I paraphrased a bit but I think it reliably captured the essence. So why does grandma want a computer? As opposed to why do the grandkids think grandma wants a computer. Here’s what I think based on that exhaustive yet unscientific research.

  1. Medicare, Social Security and insurers are increasingly moving online. If you want to interact with them you need a computer.
  2. Staying in contact with the family. All the grandkids are on FaceBook and use Twitter. Everybody puts photos on Flickr and sends invitations through email.
  3. Staying abreast of current news. Hey, the local newspaper is either going, gone or online and TV news is for losers.

While there are probably a few other reasons that drive grandma’s desire for a computer, please note that “making videos” or “digitizing music” are not among them. The biggie is the first reason which is why it was cleverly positioned at #1. Grandma has no choice. As much as you would like to believe that the others are more important, the bottom line is that it’s just not practical to be an analog senior any longer. So why exactly aren’t HP and Dell marketing the heck out of computers for seniors? Maybe they aren’t aware of the market [doubtful] or maybe they haven’t been talking to the right people and think they already have such a unit among their existing offerings [most likely].

So lets help them out, shall we? Feel free to chime in with comments here. What would be the attributes of the perfect computing device for seniors? Well how about we start with some physical basics:

  1. It’s got to have a full size keyboard and a decent size display. Small form factor keyboards and screens are a non-starters. Netbooks are out. Smart phones are out.
  2. It should be portable. In every respect, including WiFi. This thing will be traveling to every family get together from now on. And who wants to wire their house for ethernet?
  3. It has to have the right pointing device for the user. Some folks like trackballs, some like tablets, some even like joysticks. Not everyone likes, or can use, a mouse. And almost nobody can use a laptop touchpad without a great deal of angst. And who needs that aggravation?
  4. It doesn’t need a very powerful processor. An older low-power processor would be fine since [pay attention here younger helpers] nobody is going to do any video editing on this machine. Ever. But increased battery life would really be swell.
  5. It doesn’t need huge amounts of memory. Yeah, I know that most popular operating systems tend to expand to fill the available resources but that just proves that modern operating systems bite wind. And have [again pay attention here younger helpers] stupid amounts of cool features that nobody will ever use. Ever.
  6. It doesn’t need a killer 3-D video subsystem. As much as you might hope, grandma is not going to play Halo 3 or Call of Duty: Modern Warfare. Ever. If she really wants to play games she should get a Wii. Not a PC.
  7. It needs a fast internet connection. Essentially everything that grandma wants use her new computer for is online. Slow internet = bad user experience.

So that’s a reasonable start on hardware, how about software? What does grandma really need to do the stuff she wants? Well, first we should forget all that ancillary stuff to protect the system from bad engineering (err… malware. I meant malware. My bad) and select an operating environment that is fast, safe and easy to use. Yep, that pretty much leaves Windows out. But we’re getting ahead of ourselves. Here’s the critical software list.

  1. A web browser. Pretty much everything that grandma wants to do is online and accessible via a browser. Email, banking, insurance, FaceBook, and Twitter. There are web sites that mashup or aggregate multiple social networking sites. Even text editors and other applications. Pretty much everything out there in the cloud.
  2. A password safe. Anything that’s done in the cloud requires some kind of authentication, usually user name (or email) and a password. And lame authentication is useless. Just ask Sarah Palin. Everybody, not just grandma, but everybody should use a password safe. That way you only have to remember one password (the safe password) and let the password safe generate unique industrial strength passwords for everything else.
  3. A good bi-directional firewall. Don’t worry – grandma will never see this and any decent operating environment will ship with a good one installed and enabled by default.

Well this is interesting. It’s looking like Google Chrome OS might be just the ticket for seniors. When it comes out next year. Except that Google is targeting Netbooks as their initial platform and we’ve already determined that Netbooks are a non-starter for seniors. Actually a MacBook might be a good choice, except for the high price and wealth of useless (for grandma) software that that comes with a Mac. So maybe the SimplicITy folks have it right. Maybe a lightweight Linux distro is a good place to start. I mean that’s really what Chrome OS is under the covers, the covers being Google’s Chrome browser.

So how about it Dell or HP? How about building an inexpensive, full size, low power, portable PC with a choice of input devices [test drives available!], loaded with Google Chrome OS or maybe a minimal version of Ubuntu or OpenSUSE with Firefox or Chromium [Chrome for Linux]. Or maybe Apple could release a senior-friendly MacBook without all the spiffy iLife stuff and make it affordable. But whoever steps up be sure and forget the crapware from your partners and instead throw in some slick training demos on things like “how to get online” and decent [non-advertising] setup wizards for networking. Or maybe you could just partner with SimplicITy and use those video tutorials with Valerie Singleton. It would be wise to ask yourselves if in this economy you can afford to alienate a growing market by ignoring their needs.