Paul Wallbank – Brilliant Communications

Tag: identity

  • Experian, T-Mobile and third party security risk

    Experian, T-Mobile and third party security risk

    Another day, another corporate security breach (or six). This time telco T-Mobile has revealed up to 15 million customers’ data has been compromised.

    Notable in this story is that T-Mobile are firmly putting the blame on credit monitoring company Experian.

    For both companies this is extremely embarrassing with T-Mobile stating, “our vendors are contractually obligated to abide by stringent privacy and security practices, and we are extremely disappointed that hackers could access the Experian network.”

    T-Mobile, like most telcos, sees a major opportunity in being a trusted provider of security services and this setback hurts them in a key market.

    Experian on the other hand have shown their slack attitude to user data previously, having been caught selling consumer details to identity thieves.

    That a company in such a privileged position as Experian can be constantly caught this way will almost certainly increase the push to see penalties for corporate data breaches start to get real teeth and the United States’ cavalier attitude to public privacy and online security will take another dent.

    For T-Mobile and most other companies, the lesson is start and clear. Trust starts with your own contractors and business partners, it cannot be outsourced.

    Similar posts:

    • No Related Posts
  • It’s tough in YouTube land

    It’s tough in YouTube land

    For owners of YouTube channels life has been tough in the last few months as Google plays with the service and its features.

    The first irritant for YouTube administrators was the integration of Google Plus into the comments that now requires commenters to have an account on Google’s social platform.

    Google’s reasoning for this is some transparency in YouTube’s comments will improve the services standards of conversation and there’s no doubt that YouTube comments truly are the sewer of the internet with offensive and downright deranged posters adding their obnoxious views to many clips.

    Unfortunately the objective of improving YouTube’s comment stream doesn’t seem to have worked which casts the effectiveness of Google’s identity obsession into doubt, but it has had the happy – and no doubt totally unintended – effect of boosting user numbers for the struggling Google Plus service.

    The latest blow for YouTubers has been Google’s copyright crackdown where the service is removing posts it claims are in breach of owners rights. Many channels, particularly game review services, are being badly hit.

    Of course the Soviet attitude to customer service that Google shares with many other Silicon Valley giants doesn’t give these folk many options of getting their problems resolved.

    All of which illustrates the risks of being dependent on one social media service which the poor YouTubers are finding this the hard way.

    Watching this play out, it’s hard not wonder how vulnerable services like YouTube are to disruption, while they have the network effect of being the leader it’s not hard to see how alienating the people who create the platform’s content opens up opportunities for new players.

    Similar posts:

    • No Related Posts
  • Crumbling cookies

    Crumbling cookies

    On the last ABC radio spot we looked at how our data is being tracked, in the following 702 Sydney program with Linda Mottram we looked at the role of Internet cookies and online privacy.

    Cookies – tiny text files that store visitors’ details on websites – have long been the mainstay of online commerce as they track the behaviour of web surfers.

    For media companies, Cookies have become a key way of identifying and understanding their readers making these web tracking tools an essential part of an already revenue challenged online news model.

    Cookies also present security and privacy risks as, like all Big Data, the information held within them can be cross-referenced with other sources to create a picture of and often identify an internet users.

    These online data crumbs often follow us around the web as advertising platforms and other services, particularly social media sites, monitor our behaviour and the European Union’s Directive on Privacy and Electronic Communications is the first step by regulators to crack down on the use of cookies.

    Similar moves are afoot in the US as regulators start to formulate rules around the use of Cookies, in an Australian context, the National Privacy Principles apply however they are of limited protection as most cookies are not considered to be ‘identifiable data’, the same get out used by US government agencies to monitor citizens’ communications.

    Generally these rules promise to be so cumbersome for online services Google is looking at getting rid of cookies altogether .

    Ditching cookies gives Google a great deal of power with its existing ways of tracking users and ties into Eric Scmidt’s stated aim of making the company’s Google Plus service an identity service that verifies we are who we say we are online.

    Whether Google does succeed in becoming the web’s definitive identity service remains to be seen, we are though in a time where the questions of what is acceptable in tracking our online behaviour are being examined.

    For the media companies and advertising, putting the control of online analytics in the hands of one or two companies may also add another level of middle man in a market where margins are already thin if not non-existent.

    It may well be that we look back on the time when we were worried about  internet cookies tracking us as being a more innocent time.

    Similar posts:

    • No Related Posts
  • Managing your digital estate

    Managing your digital estate

    Everyone who goes online leaves “digital footprints“, a trail of the things we’ve done on the web. When you pass away, what happens to those status updates, comments and documents you’ve left on the Internet?

    Dealing with the passing of a loved one is always difficult but today we have an added complexity of dealing with the online problems of social media sites suggesting people still “like” the deceased or valuable documents locked into cloud computing services.

    With more of us storing information into cloud computing services, having important data locked away becomes a real risk and how online storage or software companies deal with deceased estates becomes important.

    Online services don’t have a standard way of dealing with the data of someone who has passed away, here’s a quick sampler of some of the different policies.

    Facebook

    The social media giant has the easiest way to manage a deceased’s profile, simply fill in a form and swear you’re telling the truth. Facebook will then “memorialize” the account.

    “Memorializing” is an interesting way of dealing with user’s passing. Rather than deleting the account, Facebook will lock out everyone but friends who are still able to post to the deceased’s wall. In some aspects, this is quite an elegant solution.

    LinkedIn

    One of the features of LinkedIn is that it gives upfront suggestions of who should be in your network. If you’re a heavy user of the service, you’ve almost certainly encountered a suggested contact that is either inappropriate or distressing so the stakes for LinkedIn in keeping their contacts up to date is high.

    LinkedIn’s process of dealing with a deceased’s passing is an email to customerservice@linkedin.com with the word “deceased” in the subject line. You need to give some details on the user’s passing and their account.

    Google

    With Google offering both social and cloud computing services, they are probably the most important service of all. Google’s requirements for handing over account details are rightly stringent.

    Google’s procedure for deceased accounts involves the person first reporting the user’s passing to identify themselves first. Interestingly this has to be done by post.

    Twitter

    Like Google, Twitter requires anyone reporting a user’s death to mail proof of identity along with a death certificate. Once they are satisfied the user has passed away, they will deactivate the account.

    PayPal

    “When contacted in regards to a deceased estate we move quickly and with respect to close the customer account.  Our policy and process is similar to many large financial institutions including banks  When PayPal is notified that an account holder is deceased immediate steps are taken to suspend the account to prevent any unauthorised transfers from the account. 

    To close the account of someone who has died, PayPal needs to be sent paperwork including; details of the Executor of the Estate and a copy of the death certificate for the account holder. The documentation is reviewed and, once authenticated, the account is closed. If there are funds in the PayPal account, then these will be issued to the Executor of the Estate. 

    With bankrupt estates we refer this directly to our legal team who deal with them on a case-by-case basis and take action according to the instruction provided by the person or company handling the bankruptcy.

    Apple

    No specific policy, the company recommends “customers needing guidance in relation to a deceased estate contact iTunes support at http://www.apple.com/support/itunes/contact/“.

    Amazon

    No clear policy. The company has been approached for comment.

    Digital estate management services

    There’s a number of services which help manage digital identities after someone passes away. Mashable reviews a number of these.

    Sharing passwords

    One simple solution is to share passwords with your next of kin, but that is a horrible security risk which isn’t recommended.

    A slightly different solution is to split passwords in two and give half to different people, that still has risks and can get complex.

    Probably the biggest problem with passwords is they change. Even if you write the password in your will or share it with trusted loved ones there’s a good chance it may have changed in the meantime.

    Central email accounts

    Probably the easiest, albeit still risky solution, is to have all online services pointing to one email address. almost every service has a “recover my password” feature which an executor or loved one with access to the central address will be able to recover most account login details.

    Should everything else fail there are the courts and every major online service will obey a properly executed legal order although anything involving lawyers invariably ends up messy, difficult and expensive so that course should be the last resort.

    As with everything online, balancing security, convenience and privacy is a difficult task for both individuals and companies. It’s not made better by the distress and grief when someone passes away.

    Ideally we’d all plan these things and it would be easy on our loved ones although things often don’t turn out that way. It’s as true online as in any other aspect of life.

    Similar posts:

  • ABC Nightlife Computers: The Internet Name Wars

    ABC Nightlife Computers: The Internet Name Wars

    The online empires want our names and identities, are the real costs of social media now being exposed? Our September ABC Nightlife spot on September 22 from 10pm looked at these issues and more.

    Paul and Tony discussed how Google’s “Name Wars” or “nymwars” came about, why social media sites like Facebook and search engines want you to use to use your real names.

    The podcast from the program is available from at Nightlife website, more details of Tony’s programs can be found there as well.

    Is this a good thing or are there costs we should consider before handing over our intimate details to a social media or free cloud computing service?

    Some of the topics we covered included;

    • What are the “name wars’?
    • Why do companies like Google and Facebook want us to use our ‘real’ identities?
    • How can they use the information they gather?
    • What problems does that cause for Internet users?
    • Can these problems spill into real life?
    • Are all web services doing this?
    • What are the risks to businesses using social media?
    • Is this the real cost of social media?

    Some of the information we mentioned can be found here;

    The cost of lunch: Google and Information Revenue
    Google’s real names policy explained
    Google’s Eric Schmidt on being an “identity service”, not a social network
    Google’s company philosophy (note item two)
    Why Twitter doesn’t care what your real name is

    We’ll be adding more resources in the next few days, the next ABC Nightlife spot is on 20 October and our events page will have more details. If you have any suggestions for future programs or comments on the last show, please let us know as we love your feedback.

    Similar posts: