Facebook Gets Slapped on Wrist by FTC for Lack of Privacy
Can social media and privacy mix? The short answer is no. Social media is social by nature (meaning others are involved) and is media based (meaning that the materials are designed to be easily communicated and shared). When something is essentially named Share with Others, privacy is an afterthought. But that doesn’t mean it should be completely non-existant, or at least transparent – so that we know what we are sharing with others.
The FTC (Federal Trade Commission) is about to hold Facebook to stronger safeguards regarding user privacy, but in the end, it won’t matter very much because they are leaving Facebook with lots of wiggle room.
Rumor has it that Facebook will soon have to acquire users’ consent before making changes to privacy policies that affect current user data. That is a total contrast to what they’ve done in the past, which is to rewrite their privacy policies to be less protective without so much as giving users a whiff of the changes to their privacy.
It looks like Facebook, much like happened recently with Google, may have to submit to independent privacy audits annually over the next 20 years. At issue is the fact that the settlement will prohibit Facebook from making information that’s already on the site available to a wider audience without user consent.
Business Killers: Identity Theft and Data Breach Protection FREE WEBINAR
Business Killers: Identity Theft and Data Breach Protection Webinar on November 10
On November 10, I will host an interactive webinar sponsored by Deluxe that will explore how small businesses can protect themselves from identity theft. As someone who lost more than $300,000 and my small business to identity theft, this is a topic I care about deeply. In addition to delivering keynote speeches at conferences, I also provide consulting and guidance to organizations like the Federal Trade Commission, Pfizer and the Department of Defense on how to best protect the sensitive data inside of their organizations.
Register now for tomorrow’s webinar.
During this multi-part webinar, I will provide simple, actionable tools and advice to help small businesses protect their data and retain information privacy. I’ll also explain how the information economy has shifted the competitive landscape and increased our data exposure. Attendees will learn the following:
- The new reality: information does not equal power
- How to think like a spy and apply critical thinking to the power equation
- Manipulation triggers thieves use against your employees and defense techniques
- Interrogation tools to uncover fraud before it erodes your profits and net worth
- Fraud hotspot best practices
- Trends in data theft
- Holiday identity theft prevention tips
What Larussa’s Botched Bullpen Call Teaches About Trust
St. Louis Manager Tony La Russa changing course mid-stream (Dilip Vishwanat / Getty Images)
During Monday night’s World Series game, Tony La Russa, the coach of the St. Louis Cardinals, failed to warm up the right-handed relief pitcher he desperately needed to face the Texas Rangers red-hot right-handed batter, Mike Napoli. Napoli, with the games announcers in complete disbelief at the oversight, took advantage of the mistake, drilling the pitch into right center field for a double. The Texas Rangers went up 4-2 and won the game.
Directly following the game, La Russa blamed the dugout phone, the bullpen coach (indirectly) and the noisy crowd for his failure to warm up the right guy. Within minutes, you could almost hear the simultaneous guffaw of the entire sports world, “It’s the phone’s fault?”. Our collective BS meters went off because in some way, we sensed he was covering something up.
Suddenly, a coach with a glorious 30 year coaching reputation, a man known for his intricate patchwork of relief pitching to pry out of tough situations, had lessened his credibility. What actually happened to cause the mistake is immaterial; how La Russa addressed the blunder is what matters — his credibility was eroded more by his response and less by his mistake.
Look at the foundation of La Russa’s reputation:
Britain, America Unite Against Identity Theft Trends
London, UK (PRWEB) October 16, 2011
The world of identity theft is changing rapidly. Earlier this week Experian UK, a unit of one of the world’s largest credit-reporting agencies, hosted the 2011 Identity Theft & Fraud Forum at The Grove, a prestigious five-star resort located on the outskirts of London. The purpose of the Forum was to assemble a cross-cultural collection of thought leaders on identity theft prevention and to focus attention on Britain’s increasing financial battle with identity theft. Keynote presenters included highly regarded American identity theft expert John Sileo, Jairam Sridharan, Head of Retail Assets, Axis Bank of India and Jonathan Walsh, Head of Consulting and Analytics, Identity & Fraud at Experian.
During his afternoon presentation, Mr. Walsh revealed the results of a newly released study commissioned by Experian UK. The study found that cases of identity fraud have doubled in Britain over just the past six months and that the trend is likely to continue unless addressed.
“Britain is determined to identify the latest trends in identity theft and define leading-edge solutions to avert the costly eight ball we are behind here in the States,” says Sileo, who founded ThinkLikeASpy.com and has worked with organizations from the U.S. Department of Defense and Homeland Security to Pfizer, Blue Cross and the FDIC. “Experian UK helped all of us take a huge step in the right direction with the Forum.”
Top 7 Reasons Mobile Banking Apps Aren’t Safe (Yet)
A new study produced by The Ponemon Institute and ThreatMetrix (Mobile Payments & Online Shopping – October 2011) states that only 29% of consumers use mobile banking apps on their smart phones and tablets. Of those that don’t participate, 51% cite security reasons for their lack of participation. In other words, consumers like you and I are not yet comfortable with mobile banking. And our instincts are correct! Why shouldn’t you be comfortable with mobile banking appsquite yet?
Top 7 Reasons Why Mobile Banking Apps Aren’t Yet Safe
- Because most app stores (e.g., Android Marketplace) don’t review apps for security, it is very easy for criminals to post malicious apps that steal information from your mobile device (like your bank account numbers).
- The average smartphone or tablet user has installed no security software on their mini-computer (that’s what smartphones and tablets are), meaning that they have only a fraction of the security of a laptop or desktop.
- Detected malware developed for the Android platform alone has increased by 400% in the past year.
- The technology that keeps apps separate on your smartphone or tablet doesn’t separate them out into private sandboxes, meaning that one app can read the juicy details stored in the other without much difficulty.
iPad Vampires: 7 Simple Security Settings to Stop Data Suckers
Information is the currency and lifeblood of the modern economy and, unlike the industrial revolution, data doesn’t shut down at dinnertime. As a result, the trend is towards hyper-mobile computing – smartphones and tablets – that connect us to the Internet and a limitless transfusion of information 24-7. It is an addiction that employers encourage because it inevitably means that we are working after hours (scanning emails in bed rather than catching up with our spouse).
In the work we do to change the culture of privacy inside of organizations, we have discovered a dilemma: iPads are not as secure as other forms of computing and are leaking significant amounts of organizational data to corporate spies, data thieves and even competing economies (China, for example, which would dearly love to pirate the recipe for your secret sauce). Do corporations, then, sacrifice security for the sake of efficiency, privacy for the powerful touch screens that offer a jugular of sensitive information?
Of course not! That’d be like driving a race car minus seat belts and air bags.
iPads provide a competitive advantage, and like generations of tools before it (the cotton gin, the PC), individuals and organizations alike will be forced to learn how to operate this equipment safely or risk the bite of intellectual property vampires. Here are 7 Simple Security Settings to help you lock down your iPad much like you would your laptop.
U.S. is Dumb About Smart Cards
The typical US consumer still swipes their card, credit or debit, with those same old black magnetic stripes. And, we hold our breath and hope they work, and don’t lead to erroneous (fraudulent) charges we have to defend. The rest of the world has switched to Smart cards, according to Peter Svensson, The Associated Press, in The Denver Post. “The problem with that black magnetic stripe on the back of your card is that it’s about as secure as writing your account information on a post-card”.
Svensson comments “Smart-cards (chip-based cards) can’t be copied, which greatly reduces the potential for fraud. Smart cards with built-in chips are the equivalent of a safe: They can hide information so it can be unlocked only with the right key”.
This begs the question, why is the US lagging in this technology? How do we re-vamp our system to promote smart-card transactions? Some experts maintain that it is a lack of demand by everyone from consumers and issuing banks to retail establishments. In essence, we don’t want the added security. This, of course, is just a smoke screen to obscure the underlying issue: no one wants to pay for it. Consumer don’t feel like they should pay for the technology (through higher card fees) even if it makes them safer (Haven’t we always been pretty safe?). Banks don’t want to pay to issue higher-cost cards with chip technology (they probably think it is cheaper to weather the costs of fraud – it is not). And retailers don’t want the added expense of new, more sophisticated equipment.
Supercookie Monster Eating Your Privacy for Lunch
You already know that every word you type on your browser is being tracked and used to profile and deliver highly-relevant advertisements to you (Big Brother Lives in Your Browser). And you know that most websites install “cookies” onto your computer in order to store relevant information about you (account numbers) that make surfing more convenient, and to gather information that allows advertisers to know more about you. You probably even know how to delete them.
But new research has shown that deleting cookies doesn’t always help. A new breed of cookies, called supercookies, can reconstruct all of your profile history even after the cookie has been deleted. MSN.com and Hulu.com just got caught using supercookies to track your surfing habits in stealth mode (you have no way of knowing that it’s happening, and you can’t do anything about it). The Wall Street Journal had this to say about supercookies and history stealing:
Hulu and MSN were installing files known as “supercookies,” which are capable of re-creating users’ profiles after people deleted regular cookies… The spread of advanced tracking techniques shows how quickly data-tracking companies are adapting their techniques… ["history stealing"] peers into people’s Web-browsing histories to see if they previously had visited any of more than 1,500 websites, including ones dealing with fertility problems, menopause and credit repair… Supercookies are stored in different places than regular cookies… | WSJ 8/18/11 | Supercookies on WSJ for non-subscribers.
Sileo In the Media
Privacy Project Newsletter
Tools and tips for bulletproofing yourself against identity theft, data breach and corporate espionage. Subscribe to the newsletter and get John Sileo's 7 Survival Strategies for Starving Data Spies for FREE!
