Apple CEO Tim Cook on Privacy and Profits

Apple CEO Tim Cook discusses privacy, profits and cars with NPR’s All Things Considered

“Privacy is a fundamental human right”. A short, but sweet and fascinating, NPR interview with Apple CEO Tim Cook.

Cook goes onto to avoid discussing the likelihood of Apple Cars and expounds the advantages of repatriating corporate profits back to the US, something we can expect cash rich companies like Apple to start agitating for after the next Presidential election.

The interview, which is only eight minutes long, is well worth a listen as Apple positions itself against competing internet giants Google and Facebook over the topic of privacy.

 

Similar posts:

  • No Related Posts

Experian, T-Mobile and third party security risk

T-Mobile’s security woes at the hands of Experian show trust cannot be outsourced

Another day, another corporate security breach (or six). This time telco T-Mobile has revealed up to 15 million customers’ data has been compromised.

Notable in this story is that T-Mobile are firmly putting the blame on credit monitoring company Experian.

For both companies this is extremely embarrassing with T-Mobile stating, “our vendors are contractually obligated to abide by stringent privacy and security practices, and we are extremely disappointed that hackers could access the Experian network.”

T-Mobile, like most telcos, sees a major opportunity in being a trusted provider of security services and this setback hurts them in a key market.

Experian on the other hand have shown their slack attitude to user data previously, having been caught selling consumer details to identity thieves.

That a company in such a privileged position as Experian can be constantly caught this way will almost certainly increase the push to see penalties for corporate data breaches start to get real teeth and the United States’ cavalier attitude to public privacy and online security will take another dent.

For T-Mobile and most other companies, the lesson is start and clear. Trust starts with your own contractors and business partners, it cannot be outsourced.

Similar posts:

  • No Related Posts

The need for an IoT manifesto

As the internet of things rolls out, more care in the design of products and services will be needed

Last May at the ThingsCon conference in Berlin a group of European designers came together to form the IoT Manifesto.

Now vendors have the ability to put a chip into almost anything companies and designers are tempted to add connectivity simply for the sake of doing so.

In many cases this is opens up a range of security risks ranging from the screaming baby monitor to the hackable jeep.

Coupled with the security risks of your intimate devices being hacked there’s the related privacy risks as millions of devices collect data ranging from how hard you press your car’s brake pedal through to last time you burned your breakfast toast.

In an era where governments and businesses are seeking to amass even more information about us, there are genuine concerns about what that data is going to be used for and why it is being collected in the first place.

The IoT manifesto looks to manage these problems facing the sector through ten guiding design principles;

  1. Don’t believe the hype around the IoT
  2. Only design useful things
  3. Deliver benefits to all stakeholders
  4. Keep everything secure
  5. Promote a culture of privacy
  6. Gather only a minimal amount of data
  7. Be transparent about who that data will be shared with
  8. Give users control over their data
  9. Design durable products
  10. Use the IoT and its design to help people

All of the principles are laudable and it’s not hard to think that meeting the guidelines would make devices and services that aren’t just useful and safe but also simpler, cheaper and more effective.

There’s many ethical, business and safety issues facing the Internet of Things as connected devices rollout across almost every industry. The IoT Manifesto may well be a good framework in which to design them and the cloud services they’ll depend upon.

Similar posts:

  • No Related Posts

How the Internet of Things could overtake the law

The internet of things is going to present challenges for governments and regulators.

Last March the Australian internet industry celebrated twenty years of commercial operations with the Rewind/Fast Forward conference that looked at the evolution of the online economy down under and its future.

Naturally the Internet of Things was an important part of the discussion looking at the internet’s future and one of the panels examined the effects of the IoT on industry and society.

During the session chairman of the Communications Alliance industry association, John Stanton, raised an important point about how the IoT creates problems for existing laws and the regulators as a wave of connected devices are released onto the market place.

The risks are varied, and Stanton’s list isn’t exhaustive with a few other aspects such as liability not explored while some of the issues he raises are a problem for other internet based services like cloud computing and social media.

Roaming rules

Having fought many regulatory battles over roaming charges and access between networks, it’s not surprising Stanton and the Communications Alliance would raise this as an issue.

Dealing with roaming devices will probably be a big challenge for mobile Machine to Machine (M2M) technologies, particularly in the logistics, airline and travel industries. We can expect some bitter billing battles between clients and their providers before regulators start to step in.

Number schemes

Again this is more an issue for mobile M2M consumers. Currently every SIM card has its own phone number once the service is activated.  It may be that regulators have to revise their numbering schemes or allow providers to use alternative addressing methods to contact devices.

Data sovereignty

Where data lives is going to continue to be a vexed issue for cloud computing consumers, particularly given the varied laws between nations.

Short of an international treaty, it’s difficult to see how this problem is going to be resolved beyond companies learning to manage the risks.

Identity management

Data integrity is essential for the IoT and accurately determining the identity of individuals and devices is going to be a challenge for those designing systems.

Over time we can expect to see some elegant and clever solutions to identity management in the IoT however masquerading as a legitimate device will always be a way malicious actors will try to hack systems.

Privacy

For domestic users, the privacy of what remains in data stores is going to be a major concern as domestic devices and wearables gather greater amounts of personal information. We can expect laws to be tightened on the duties and obligations of those collecting the data.

Access Security

Who can do what with a networked device is another problem, should a malicious player or a defective component get onto the system, the damage they can do needs to be minimised. What constitutes unlawful access to a computer network and the penalties needs to be carefully thought out.

Spectrum allocation and cost

Governments around the world have been reaping the rewards of selling licenses to network operators. As the need for reliable but low data usage IoT networks grows, the economics of many of the existing licenses changes which could present challenges for both the operators and governments.

Access to low cost and low data access networks

Following on from the economics of M2M networks, the question of mandating slicing of scarce spectrum for IoT applications or reserving some frequencies becomes a question. How such licenses are granted will cause much friction and many headaches between regulators and operators.

Commercial value of information

How much data is worth will always be a problem in an economy where information is power and money. This though may turn out to be more subtle as information is only valuable in the eyes of the beholder.

Where information becomes particularly valuable is in financial markets and highly competitive sectors so we can see the IoT becoming part of insider trading and unfair competition actions. These will, by definition, be complex.

Like any new set of technologies the internet of things raises a whole new range of legal issues as society adapts to new ways of doing business and communicating. What we’re going to see is a period of experimentation with laws as we try to figure out how the IoT fits into society.

Similar posts:

  • No Related Posts

Clawing back our data – Telstra makes metadata available to customers

Australia’s Telstra responds to government data legislation by opening metadata to users

Today Australian incumbent telco announced a scheme to give customers access to their personal metadata being stored by the company.

In a post on the company’s Telstra Exchange blog the company’s Chief Risk Officer, Kate Hughes described how the service will work with a standard enquiry being free through the web portal with more complex queries attracting of fee of $25 or more.

The program is a response to the Australian Parliament’s controversial intention to introduce a mandatory data retention regime which will force telcos and ISPs to retain a record of customer’s connection information.

We believe that if the police can ask for information relating to you, you should be able to as well.

At present the scheme is quite labor intensive, a request for information involves a great deal of manual processing under the company’s current systems however Hughes is optimistic they will be able to deal with the workload.

“We haven’t yet built the system that will enable us to quickly get that data,” Hughes told this website in an interview after the announcement. “If you came to us today and asked for that dataset it wouldn’t be a simple request.”

The metadata opportunity

In some respects the metadata proposal is an opportunity for the company to comply with the requirement of the Australian Privacy Principles that were introduced last year where companies are obliged to disclose to their customers any personally identifiable information they hold.

For large organisations like Telstra this presents a problem as it’s difficult to know exactly what information every arm of the business has been collecting. Putting the data into a centralised web portal makes it easier to manage the requirements of various acts.

That Telstra is struggling with this task illustrates the problems the data retention proposals present to smaller companies with far fewer resources to gather, store and manage the information.

Unclear requirements

Another problem facing Hughes, Telstra and the entire Australian communications industry is no-one is quite clear exactly what data will be required under the act, the legislation proposed the minister can declare what information should be retained while the industry believes this should be hard coded into the act which will make it harder for governments to expand their powers.

What is clear is that regardless of what’s passed into law, technology is going to stay ahead of the legislators, “I do think though this will be very much a ‘point in time’ debate,” Hughes said. “Metadata will evolve more quickly than this legislation can probably keep pace with so I think we will find ourselves back here in two years.”

In many ways Australia’s metadata proposals illustrates the problems facing governments and businesses in managing data during an era where its growing exponentially, it may well turn out for telcos, consumers and government agencies that ultimately less is more.

Similar posts:

In tech we trust

How much can we trust technology? A World Economic Forum panel discusses the issues.

“There is a big problem with trust today,” says cable operator Liberty Global’s Micheal T. Fries.

He was sitting on a fascinating panel at the World Economic Forum this week with Yahoo! CEO Marissa Mayer, Salesforce founder Marc Benioff and World Wide Web creator Tim Berners-Lee looks at the issue of trust in the tech world.

In a world where everyone wants access to our data, it’s a pertinent and timely discussion from people at the front line of where these issues of ethics and privacy are being dealt with.

Similar posts:

  • No Related Posts

Burning user trust

How Whisper burned its users trust with false security and privacy promises

The Guardian today has a stunning expose on the Whisper social media network and its practice of tracking users.

In trying to sell its services to the Guardian, the company showed that it was betraying their promises of anonymity to its users.

Whisper’s behaviour is particularly disgraceful given the service’s promise of user confidentiality and their changing of their terms of service only shows the company’s struggle to understand ethics.

No social media service can afford to burn user trust in the way Whisper has.

If you’re going to promise users anonymity and security then you better deliver. Whisper has failed

 

Similar posts:

  • No Related Posts