fbpx

Over the last month there has been an unfathomable amount of content published about the massive privacy intrusion that is Facebook Messenger. With the ability to intrude into the lives of its users in ways that the NSA would never think to, it isn’t a surprise that the new download brought such strong opinions; many of which served as recommendations to not download the application.

The good news about the widespread dialogue on messenger is that it brought to light the issues that surround privacy of data. Further implicating what some of us have always known. “When the service is free, the user is the product.” Make sense?

In other words, when companies like Facebook create applications that we use in our everyday lives, for free, the real price is in what we sacrifice for the right to use the application for free, our data.

Internet of Things, Big Data and Jargon, Contextualized

Perhaps the only word more abused and used in the tech space than “Internet of Things” is “Big Data.” In itself, Big Data means very little. It is merely the massive collection of information that resides out in cyberspace that is waiting to be somehow organized, visualized, contextualized and “Ized” in some other TBD capacity.

For Big Data it comes down to what you do with it, otherwise it is like an English major staring at endless strings of PHP or Java; it’s meaningless.

Having said that, what Big Data really is and has meant is a revolutionary approach to marketing. It is our behavior online that helps brands and organizations learn about us in ways that they can contextualize and apply to their marketing strategies, and from the time that this became so eerily apparent, marketers have been seeking out ways to exploit it.

In a world where the web is moving from a search state to a semantic state it is without question our data that makes this possible. In a recent series of articles I posted about the semantic web it talked about the marriage that is taking place between Big Data, Semantic Search and User Generated Content that is shifting the way we explore the web.

If you consider this as a possibility or a reality then you will quickly realize for the web to be semantic, it is dependent upon us as users to feed it our data. And in order for the web to collect our data we need to voluntarily (even if not knowingly) give up our privacy so websites and brands can sell and use it to create this new online experience.

Our Privacy Died When We Grew Obsessed With Free

With Social Media users well over a billion and a growing mobile and wearable trends that puts us online almost around the clock, we are ever connected and endlessly sharing what seems like our every idea.

This feeling of connectedness undoubtedly gives many a sense of community and happiness as it is through the sharing of our everyday lives that we are able to garner the feedback we seek and the validity that we need.

However, if we are fooled, for even a moment as to what all of this is really about; the desire to have us tethered without wires and connected without cost, then we are delusional.

I for one can say that I have almost never read the privacy policy of an application I downloaded. As a millennial I suppose this puts me in the group of about half of us that are okay with trading our privacy for a potentially better experience online. Now whether having more targeted ads and content during our everyday browsing is really a better experience; that is yet to be seen.

As a society, it really came down to our insatiable desire for free. Free content, free social media, free productivity tools and free games. We want to be connected and we want to play with the latest games, toys and widgets, but we by in large don’t want to trade our cash for them. So instead we trade something else; our data and our privacy.

Just as long as you know what you are giving up and you make that choice then you are fine. But know, whatever you know “They” know and that is the way it will be.

So here’s to a better web experience, marketers that know more about what we want than we do and a complete and total loss of privacy that really makes minimal difference in our lives. Heck, we share it all anyway. Don’t we?

But one thing is for sure, on the Internet of Things, there is no privacy.

Source:  http://www.forbes.com/sites/danielnewman/2014/08/20/there-is-no-privacy-on-the-internet-of-things/#1d5932886b4e

Categorized in Internet of Things

Is everyone’s website illegal?

Your website consists of visible text and graphics, geared to the sighted reader. Its terms and conditions include legal disclaimers and limitations of liability, which, it explains, apply unless they are specifically prohibited by law. As a service to the public, you have posted scores of videos providing useful information for consumers in your industry.
Are these common practices illegal?

Some class action lawyers say so. They’ve been making claims against standard websites that they claim violate the federal Americans with Disabilities Act or a New Jersey consumer protection statute.
Class actions targeting website practices aren’t unusual. In the early days of the commercial Internet, many companies were sloppy with their website terms and privacy policies. Most notably, high flying dot-com companies that promised never to sell their customer data were caught flat-footed when the bubble burst. In liquidation, their customer lists were their most saleable assets, which they then usually sold, in violation of their prior promises.
Cases from that era showed the legal vulnerability of disconnects between website promises and actual business practices.

Similarly, when web technologies ran ahead of website disclosures, as allegedly occurred in some cases with behavioral advertising, customer tracking, and information sharing practices, the class action lawyers pounced then too. On multiple occasions in 2010 and 2011, the Wall Street Journal’s “What They Know” series would run articles about customer tracking on the Internet, and, the very next day, class action suits were filed keyed to the practices revealed by the Journal.

The ADA and New Jersey suits appear to be the newest wave of Internet class actions —ones that have the potential to reach thousands if not millions of website operators.

Is the Internet expanding privacy expectations?

Internet privacy - e-mails
Is the Internet invading privacy, or expanding privacy? The conventional wisdom is that the Internet is eviscerating privacy. But in some ways a heightened focus on privacy in the digital era may be creating new and greater privacy expectations.

Consider the simple matter of lists of addressees and cc’s on emails.
In the ancient days of postal mail, it was never a big deal if a sender revealed, on a letter, the other persons to whom he or she were sending the same letter, or to whom he or she was sending copies of that letter. Lots of letters show multiple addressees or multiple persons copied. That indeed explains the origin of the “cc” field, as a visible list of the persons to whom a “carbon copy” (another ancient term) was being sent.

But an expectation has developed recently that one should never send out a mass email that reveals the email addresses of all of the recipients, unless they previously knew one another. That is why the Federal Trade Commission was so red-faced recently when, in the course of preparation for its first PrivacyCon workshop on privacy research, it sent an email out to all attendees revealing – horrors! – all of their email addresses. The agency “sincerely apologized” for this terrible mistake

The presumed confidentiality of one’s email address is seen in other laws. College professors, for example, are instructed never to communicate with an entire class of students by placing all of their email addresses in the “to” field; rather, they must use the “bcc” field, so that no student receives his or her fellow students’ email addresses, which some of them may have designated as confidential personal information under the Family Educational Rights and Privacy Law.

Though the prohibition against letting strangers see others’ email addresses in group emails now seems to be settled, the presumed harm to be avoided — use of those email addresses for bulk commercial emails — is fairly speculative, and such a misuse, if it occurred, would seem to cause more of an inconvenienced harm than a true privacy invasion. The same goes for concerns about reply-all “catastrophes,” such as the one that hit Thompson Reuters employees in August 2015. The event inconvenienced employees, but its true lasting impact appeared to be a flood of humorous Twitter traffic. (Another reply-all incident struck Time Inc. just this week.)

The best explanation for this new expectation, rather, seems to be an expanding understanding of privacy, at least in certain areas. Contrary to the conventional wisdom, our expectations of privacy are not steadily and uniformly shrinking. In some cases, they are expanding.

Can you be sued for posting your opinions on the Internet?

A restaurant tells customers it may sue them if they post unfavorable reviews on the Internet. A flooring company sues a customer who complained on social media that he had an “absolutely horrible experience” with the company.
Klear-Gear, a gadget company, included in its Internet terms a provision that “your acceptance of this sales contract prohibits you from taking any action that negatively impacts KlearGear.com, its reputation, products, services, management or expenses.” The terms also set damages for a violation: $3,500.

If something seems wrong to you about these cases, you are not alone. While libel law has struggled for years with the dividing line between expressions of actionable fact and constitutionally protected opinion, most laypeople, and judges, believe that statements of opinion should be protected, and broadly construed.
That may be why Grill 225, a restaurant in Charleston, met with such opposition when its scheme for suppressing unfavorable reviews was recently publicized. The restaurant required persons booking online reservations to agree to terms and conditions in which, among other things, the customer agreed “that they may be held legally liable for generating any potential negative, verbal, or written defamation against Grill 225.

Most efforts to prevent or penalize Internet comments and criticism are crushed in the court of public opinion even before they reach the courthouse. Grill 225, for example, is really only stating the obvious when it says that it could sue a customer. It wisely hasn’t done so in the two years that it has posted its terms. The flooring company, in Colorado, did sue its customer, but the case provoked a state legislator to propose stronger protection against suits aimed at chilling free speech.

Indeed, last year California passed a so-called “Yelp Bill” that prohibited businesses from including in their contracts “a provision waiving the consumer’s right to make any statement regarding the seller or lessor or its employees or agents, or concerning the goods or services.” A similar bill, the proposed Consumer Review Freedom Act, has been introduced in Congress.

When cases do get to court, even under existing law, statements of opinion are generally protected. As one example, consider a case involving presidential candidate Donald Trump, back in the early 1980s, when he announced an audacious plan to build the tallest building in the world, a 150-story skyscraper, on landfill just south of downtown Manhattan.

Trump’s plan met opposition in Chicago, then home of the world’s tallest building, the 108-story Sears Tower (now Willis Tower). Specifically, the Chicago Tribune’s architecture critic, Paul Gapp, analyzed Trump’s proposal in a review and deemed it, among other things, “one of the silliest things anyone could inflict on New York or any other city." Gapp’s review was accompanied by a Tribune artist’s rendering of southern Manhattan with a giant new building, a Sears Tower lookalike on steroids, sticking out like a sore thumb below and east of Battery Park.

Trump, no more shy then than he is now, immediately sued the Tribune, seeking damages to the tune of $500 million. I worked for the Tribune’s law firm and had the task of writing the motion to dismiss Trump’s case. There were plenty of good legal authorities on the right of critics to express their opinions, but I decided to prepare our brief a bit differently.

Experts make privacy regulation a serious threat

Now is the time to get smart about privacy and technology, because your government regulators are smart and savvy in those areas.

No, that’s not a misprint. Though government regulators are often far behind on the technology curve, real experts have taken over at several important agencies that regulate conduct on the Internet.
Take Ashkan Soltani, who took over in late 2014 as Chief Technologist for the Federal Trade Commission. Just by hiring a chief technologist, the FTC showed awareness of the need for deep computer expertise to effectively regulate privacy and commercial practices on the Internet. And by hiring Soltani, one of the sharpest computer privacy experts in country, the FTC showed it was serious.

Soltani was one of a handful of computer experts who have been at the forefront of studying privacy on the Internet. Along with his former colleagues at Berkeley, and like-minded researchers, especially at Stanford and Carnegie-Mellon universities, Soltani has identified and publicized many previously unknown ways in which the Internet allows personal information to be collected, used and commercialized.
Soltani and his colleagues haven’t just quietly studied Internet privacy. They’ve been active and savvy in getting the word out on their studies.

To take one example, a few years back, most website operators thought they had satisfied their disclosure obligations if they told their users that they honored users’ instructions with respect to HTTP “cookies” (datasets that identify previous browsing activity). But in an important research report in 2009, Soltani and colleagues reported that even when users deleted HTTP cookies, in an attempt to shield knowledge of their previous browsing activity, some websites, by activating Flash cookies (often tied to web video files) would automatically regenerate those HTTP cookies – a generally unintended result, but one that cast doubt on the company’s privacy promises. Soltani followed this up with reports on other pervasive tracking technologies.

Soltani and his colleagues and co-authors, many of whom, like him, are motivated by their need for more privacy protection, focused their research on exposing technologies (like Flash cookies) that collected or revealed information that consumers thought was private. Many of their research projects became the foundation of class action lawsuits against companies that made privacy promises in ignorance of these technologies.

And it wasn’t a coincidence that Soltani’s research was used in class action cases. He served as technology adviser to the Wall Street Journal for its widely read “What They Know” series that has brought many Internet privacy issues to widespread attention, beginning in 2010. In several instances, a flurry of class action suits followed within days of the Journal’s Soltani-supported articles.

Soltani isn’t the only technology whiz to join the government from the Berkeley-Stanford-Carnegie-Mellon research triad. The Federal Communications Commission recently announced that it was hiring Jonathan Mayer, another member of the group, to act as its Chief Technologist. Like Soltani, his research has focused specifically on web-tracking technologies. And as with Soltani, Mayer’s research has led to major privacy cases, including an FTC consent decree against Google, concerning its use of tracking code on the Safari browser. While privacy isn’t an FCC focus, Mayer’s work on net neutrality could significantly affect many businesses.

Some business people may think that they don’t have to worry much about the FTC, a slimly staffed agency that has the impossible mission of policing “unfair or deceptive acts or practices” all over our huge country. But the FTC has been very active in the Internet privacy area, and its results, usually in the form of consent decrees, are reshaping how business is done on the Internet.

As two privacy experts have pointed out in a law review article titled “The FTC and the New Common Law of Privacy,” the FTC has become the primary regulator of privacy on the Internet, and its large and growing body of consent decrees have an effect far beyond the companies that are directly bound (which, moreover, includes such Internet giants as Google, Microsoft, Facebook, and Linkedin). The authors assert that contrary to the general belief that the United States has weak privacy regulation compared to Europe, that view is “becoming outdated as FTC privacy jurisdiction develops and thickens.”

Source:  http://www.thompsoncoburn.com/news-and-information/internet-law-twists-and-turns.aspx

Categorized in Internet Privacy

Google, MSN Search, Yahoo!, AOL, and most other search engines collect and store records of your search queries. If these records are revealed to others, they can be embarrassing or even cause great harm. Would you want strangers to see searches that reference your online reading habits, medical history, finances, sexual orientation, or political affiliation?

Recent events highlight the danger that search logs pose. In August 2006, AOL published 650,000 users' search histories on its website.1 Though each user's logs were only associated with a random ID number, several users' identities were readily discovered based on their search queries. For instance, the New York Times connected the logs of user No. 4417749 with 62 year-old Thelma Arnold. These records exposed, as she put it, her "whole personal life."2

Disclosures like AOL's are not the only threats to your privacy. Unfortunately, it may be all too easy for the government or individual litigants to subpoena your search provider and get access to your search history. For example, in January 2006, Yahoo!, AOL, and Microsoft reportedly cooperated with a broad Justice Department request for millions of search records. Although Google successfully challenged this request,3 the lack of clarity in current law leaves your online privacy at risk.

Search companies should limit data retention and make their logging practices more transparent to the public,4 while Congress ought to clarify and strengthen privacy protections for search data. But you should also take matters into your own hands and adopt habits that will help protect your privacy.

The Electronic Frontier Foundation has developed the following search privacy tips. They range from straightforward steps that offer a little protection to more complicated measures that offer near-complete safety. While we strongly urge users to follow all six tips, a lesser level of protection might be sufficient depending on your particular situation and willingness to accept risks to your privacy.

1. Don't put personally identifying information in your search terms (easy)

Don't search for your name, address, credit card number, social security number, or other personal information. These kinds of searches can create a roadmap that leads right to your doorstep. They could also expose you to identity theft and other privacy invasions.

If you want to do a "vanity search" for your own name5 (and who isn't a little vain these days?), be sure to follow the rest of our tips or do your search on a different computer than the one you usually use for searching.

2. Don't use your ISP's search engine (easy)

Because your ISP knows who you are, it will be able to link your identity to your searches. It will also be able to link all your individual search queries into a single search history. So, if you are a Comcast broadband subscriber, for instance, you should avoid using http://search.comcast.net. Similarly, if you're an AOL member, do not use http://search.aol.com or the search box in AOL's client software.


3. Don't login to your search engine or related tools (intermediate)

Search engines sometimes give you the opportunity to create a personal account and login. In addition, many engines are affiliated with other services -- Google with Gmail and Google Chat; MSN with Hotmail and MSN Messenger; A9 with Amazon, and so on. When you log into the search engine or one of those other services, your searches can be linked to each other and to your personal account.

So, if you have accounts with services like Google GMail or Hotmail, do not search through the corresponding search engine (Google or MSN Search, respectively), especially not while logged in.

If you must use the same company's search engine and webmail (or other service), it will be significantly harder to protect your search privacy. You will need to do one of the following:

Install two different web browsers to separate your search activities from your other accounts with the search provider. For example, use Mozilla Firefox for searching through Yahoo!, and Internet Explorer for Yahoo! Mail and other Yahoo! service accounts.6 You must also follow Tip 6 for at least one of the two browsers.7

For Google and its services, you can use the Mozilla Firefox web browser and the CustomizeGoogle plugin software. Go to http://www.customizegoogle.com/ and click "Install." Restart Firefox and then select "CustomizeGoogle Options" from the "Tools" menu. Click on the "Privacy" tab and turn on "Anonymize the Google cookie UID." You must remember to quit your browser after using GMail and before using the Google search engine.8 In addition, be sure not to select the "remember me on this computer" option when you log into a Google service.

If you are using a browser other than Firefox, you can use the GoogleAnon bookmarklet, which you can obtain at http://www.imilly.com/google-cookie.htm. You will need to quit your browser every time you finish with a Google service. Unfortunately, we currently do not know of similar plugins for other search providers.9

4. Block "cookies" from your search engine (intermediate)

If you've gone through the steps above, your search history should no longer have personally identifying information all over it. However, your search engine can still link your searches together using cookies and IP addresses.10 Tip 4 will prevent tracking through cookies, while Tips 5-6 will prevent IP-based tracking. It's best to follow Tips 3-6 together -- there is less benefit in preventing your searches from being linked together in one way if they can be linked in another.

Cookies are small chunks of information that websites can put on your computer when you visit them. Among other things, cookies enable websites to link all of your visits and activities at the site. Since cookies are stored on your computer, they can let sites track you even when you are using different Internet connections in different locations. But when you use a different computer, your cookies don't come with you.11

From a privacy-protection perspective, it would be best to block all cookies. However, because cookies are necessary for accessing many websites, it may be more convenient (though less privacy-protective) to allow short-lived "session" cookies. These cookies last only as long as your browser is open; therefore, if you quit your browser, re-open it, and then go back to your search engine, your search provider will not be able to connect your current searches with previous ones via your cookies.

Use the following steps to allow only "session cookies," and remember to quit your browser at least once a day but ideally after each visit to your search provider's site. We recommend that you use Mozilla Firefox and apply these settings:

  • From the "Edit" menu, select "Preferences"
  • Click on "Privacy"
  • Select the "Cookies" tab
  • Set "Keep Cookies" to "until I close Firefox" 12
  • Click on "Exceptions," type in the domains of all of your search sites, and choose "Block" for all of them


If you use Microsoft Internet Explorer to surf the web:

  • From the Internet Explorer "Tools" menu, select "Internet Options"
  • Click on the "Privacy" tab and then press the "Advanced" button
  • Click on "Override automatic cookie handling"
  • Set both "first party" and "third party" cookies to "Block"
  • Select "Always allow session cookies"

5. Vary your IP address (intermediate)

When you connect to the Internet, your ISP assigns your computer an "IP address" (for instance, EFF's web server's IP address is 72.5.169.162). Search providers -- and other services you interact with online -- can see your IP address and use that number to link together all of your searches. IP addresses are particularly sensitive because they can be directly linked to your ISP account via your ISP's logs. Unlike cookies, your IP address does not follow your computer wherever it goes; for instance, if you use your laptop at work through AT&T, it will have a different IP address than when you use it at home through Comcast.

If your ISP gives you a changing, "dynamic" IP address,13 or you surf from an office computer that is behind the same firewall as lots of other computers, then this concern is diminished. However, if you have a dynamic IP address on a broadband connection, you will need to turn your modem off regularly to make the address change. The best way to do this is to turn your modem off when you finish with your computer for the day, and leave it off overnight.

On the other hand, if you have an unchanging, "static" IP address, you will certainly need to use anonymizing software to keep your address private; see Tip 6.


6. Use web proxies and anonymizing software like Tor (advanced)

To hide your IP address from the web sites you visit or the other computers you communicate with on the Internet, you can use other computers as proxies for your own -- you send your communication to the proxy; the proxy sends it to the intended recipient; and the intended recipient responds to the proxy. Finally, the proxy relays the response back to your computer. All of this sounds complicated, and it can be, but luckily there are tools available that can do this for you fairly seamlessly.

Tor (http://www.torproject.org) is a software product that encrypts then sends your Internet traffic through a series of randomly selected computers, thus obscuring the source and route of your requests. It allows you to communicate with another computer on the Internet without that computer, the computers in the middle, or eavesdroppers knowing where or who you are. Tor is not perfect, but it would take a sophisticated surveillance effort to thwart its protections.14

You also need to make sure that your messages themselves don't reveal who you are. Privoxy (http://www.privoxy.org) helps with this, because it strips out hidden identifying information from the messages you send to web sites. Privoxy also has the nice side benefit of blocking most advertisements and can be configured to manage cookies. (Privoxy comes bundled with Tor downloads.)

You can also use web proxies like Anonymizer's (http://www.anonymizer.com) Anonymous Surfing. This option is more user-friendly but possibly a less effective method of anonymizing your browsing. Anonymizer routes your web surfing traffic through their own proxy server and hides your IP address from whatever web sites you visit. However, Anonymizer itself could in principle have access to your original IP address and be able to link it to the web site you visited; therefore, that service is only as secure as Anonymizer's proxy facilities and data retention practices. While there is no reason to believe that Anonymizer looks at or reveals your information to others (we know the people currently running Anonymizer and they are good folks), there is little opportunity to verify their practices in these regards.

Using Tor and Privoxy is more secure because one untrustworthy proxy won't compromise your search privacy. On the other hand, web proxies like Anonymizer are slightly easier to use at present.

Tor and Privoxy downloads and instructions can be found here: http://www.torproject.org/download.html.en


Conclusion

If you've implemented all six tips, congratulations -- you're now ready to search the Web safely. These steps don't provide bulletproof protection, but they do create a strong shield against the most common and likely means of invading your privacy via your search history.

Source:
https://www.eff.org/wp/six-tips-protect-your-search-privacy 

Categorized in Online Research
Page 8 of 8

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media