Paul Wallbank – Brilliant Communications

Tag: privacy

  • Tracking the knowledge graph

    Tracking the knowledge graph

    “Married Men Who Like Prostitutes” is juicy search term and the results can wreck marriages, careers and lives.

    This is one of the Facebook Graph searches UK tech commentator Tom Scott posted on his Actual Searches on Facebook Tumblr site which lists, mercifully anonymised, the results.

    What should worry anybody who uses Facebook is that this data has been in the system all along, advertisers for instance have been able to target their marketing based on exactly this information, Graph Search just makes it quicker and easier to access. This is why you should be careful of what you like and who you friend online.

    Tom Scott has a terrific Ignite London presentation which looks at just how vulnerable an individual is by over sharing online. In I know what you did five minutes ago, Tom finds an individual, discovers his mother’s maiden name and phone number all within two minutes.

    Facebook isn’t the only service we should be careful of, it just happens to be the one we overshare data with the most. When you start stitching together social media services with government and corporate databases then a pretty comprehensive picture can be made of a person’s likes and preferences.

    The best we can hope for in such a society is that picture is accurate, fair and doesn’t cast us in too unfavourable a light.

    In same cases though that data can be dangerous, if not fatal.

    As potential employers, spouses and the media can easily access this information, it might be worthwhile unliking obnoxious, racist and downright stupid stuff. There’s a very good chance you’ll be asked about them.

    Similar posts:

  • Privacy is not someone else’s problem

    Privacy is not someone else’s problem

    Early this year a storm broke out about privacy in the United States when a computer rental company was caught spying on its customers.

    Technology website Ars Technica has an excellent story describing what the company was doing and the software they were using.

    What the story of PC Rental agent shows is that even small businesses have the tools to run serious surveillance on their customers and some will do so simply because they can.

    The days when privacy could be dismissed as the concern for a few sensitive celebrities, sports people and politicians with something to hide are over – privacy is now your problem.

    Similar posts:

  • Are executives taking privacy seriously?

    Are executives taking privacy seriously?

    In an article for Business Spectator on Lord Justice Leveson’s Sydney speech last week, I looked at the commercial aspects of privacy, an area that was overlooked in the reporting of the two Australian lectures by the British jurist.

    Privacy is a serious issue which is also being overlooked by boardrooms, possibly because it’s often conflated with IT security and so it’s seen as a technology problem and, to be honest, executives see it as being a bit ‘soft’ and airy-fairy.

    Sony’s humiliations in 2011 with a series of embarrassing privacy breaches that left the company’s reputation in tatters show the real and embarrassing risks in not taking privacy seriously.

    The UK prank phone call scandal is another example of poor privacy policies which have real world impacts on both the hospital’s patients and staff, whether the management there is held to account or even learns any lessons remains to be seen.

    In California, the US state with the strongest privacy laws, Delta Airlines is being sued over its smartphone app’s policies however the state itself isn’t immune from serious breaches.

    Giving away social security numbers opens up all sort of identity theft opportunities although any privacy breach exposes the victims to potentially serious consequences, some of that pain is going to be passed onto those who give the information away.

    The worry for businesses is that in the absence of serious action by governments and the private sector, the evolution of privacy law is going to take place in the courts with unpredictable and inconsistent results.

    As we now have the tools to gather, store and process huge amounts of data about our customers and staff, we also have an obligation to protect it. This is something managements need to understand and take seriously.

    Similar posts:

  • Tracks in the ether

    Tracks in the ether

    Bureaucrats dream of tracking every person or asset under their purview and the rise of technologies like smartphones,  Global Positioning Systems (GPS) and Radio Frequency IDentity (RFID) chips are giving them more power than ever.

    Two stories in the last week illustrated how these technologies are being used by authorities to monitor people; a school district in the United States is fighting a student who refuses to wear an RFID enabled identity card and Saudi immigration authorities are now sending text messages to guardians of travellers, mainly women, leaving the country.

    In Saudi Arabia, the law prohibits minors and women from leaving the country without the permission of their adult male guardians. As the Riyadh Bureau website explains, to streamline the permission process Saudi authorities enabled online pre-registration for travellers so now male guardians can grant assent through a website rather than dealing with the immigration department’s paperwork every time their spouse or children wants to travel.

    When the spouse or child passes through immigration, the guardian receives an SMS message saying their ward is about to leave the country. One assumes the male can withdraw that approval on receipt of the text.

    The Saudi application is an interesting use of the web and smartphones to deliver government services and probably not what Western e-gov advocates are thinking of when they agitate for agencies to move more functions online.

    More ominous is the story from the US where Wired Magazine reports Andrea Hernandez, a Texan student, is fighting her local school over the use of RFID enabled identity cards that track pupils’ attendance.

    John Jay High School’s use of RFID tags is a classic case of bureaucrat convenience as electronic cards are far easier to manage and monitor than roll calls or sign-ins.

    Incidentally John Jay High School has over 200 CCTV cameras monitoring students’ movements, as district spokesman Pascual Gonzalez says, “the kids are used to being monitored.”

    The problem is that RFID raises a range of privacy and security issues which the bureaucrats either haven’t thought through or have decided don’t apply to their department.

    Notable among those issues is that “has a bar code associated with a student’s Social Security number”. It never ceases to amaze just how, despite decades of evidence, US agencies and businesses keep using an identifier that has proved totally unsuited for the purposes it was developed for.

    Probably the most worrying point from the Texan story is how school officials tried to suppress the story, offering Ms Hernandez’s father a compromise on the condition he “agree to stop criticizing the program and publicly support it.”

    That urge to control criticism and dissent is probably the thing all of us should worry about when governments and businesses have the ability to track our movements.

    In this respects, the Texas education officials are even more oppressive than Saudi anti-women laws. Something we should consider as more of our behaviour is tracked.

    Similar posts:

  • Posting without permissions

    Posting without permissions

    A client of mine once had a angry worker scream at him when she found out he’d posted photographs of all his staff on the company’s website.

    “My ex is a psycho, he doesn’t know where I live or work. If he finds this, he might come around here and kill us all,” she cried.

    The photos went down immediately and Kevin made sure he got explicit consent before he posted any details of his staff onto the website.

    It was a valuable lesson on why you shouldn’t just post people’s details online without first asking them. We all have reasons why we’d like to keep certain facts out of the public light.

    A Texan gay choir’s organiser posting the details of members onto Facebook is another reminder of why it’s a bad idea to put someone else’s details online without asking them first.

    For two members of the Queer Chorus at the University of Texas, having their sexual orientation pasted on their Facebook feeds caused terrible damage with their families and it should serve as lesson to every manager, business owner or community group leader that this stuff matters.

    One of the worrying features with Facebook is how other people can add you to groups without your permission – almost certainly a recipe for misunderstanding and mischief.

    What’s even more unforgivable with Facebook’s conduct is the privacy settings for those groups overrides an individual’s own privacy settings.

    As one of the victims said in the Wall Street Journal of when his father saw the status update, “I have him hidden from my updates, but he saw this,” she said. “He saw it.”

    So even though both the individuals had chosen to lock their profiles away from public view, Facebook and the organiser of the group decided they knew better.

    We shouldn’t let the administrator of the Facebook off the hook on this lapse, Christopher Acosta decided to make the group open and public. “I was so gung-ho about the chorus being unashamedly loud and proud,” he’s quoted as saying.

    That’s nice when you have a tolerant family and you’re from a liberal community but for others that ‘transparency’ can lead to damaging family relations for years, if not lifetimes. In some communities the consequences could be far worse.

    “I do take some responsibility,” says Mr Acosta. Which is a nice way of accepting you might have screwed somebody’s life up by doing something you didn’t understand.

    Ultimately responsibility lies with the person who presses the button which causes the email or status post to be published. In this case Christopher Acosta was responsible.

    To be fair to Mr Acosta, the ability to add people to Facebook groups without their permission is a deeply flawed as are those groups’ setting overriding an individual’s privacy preferences.

    Facebook have to understand there are real life consequences to ‘transparency’ which can ruin careers and even cost the lives of people. The damage to families and communities can be immense.

    Coming from a secure upper middle class white background, Mark Zuckerberg probably doesn’t quite understand the risks his company’s policies pose to people in vulnerable situations, hopefully some of his older and wiser advisers will explain why ‘transparency’ and ‘openness’ are not always a good idea.

    Similar posts: