As we draw Data Privacy Month 2012 to a close and celebrate Data Privacy Day on 28 January, we bear witness to a number of new privacy policies which are being presented, dare one say thrust, upon user populations for major online social networks.
Let's look at Google, who in complete transparency has rolled out their new Privacy Policy (effective date March 1, 2012) which states in clear and unambiguous terms: Google collects information. You also give Google information -- i.e. your profile. When you are visiting their services -- they may collect specific information on your device; information with respect to your session -- i.e. IP address; your queries; and cookies. If you turn on your device's GPS, they may collect your exact geographical locale (see "Double Edge Sword of Location Based Services"). Perhaps the most important aspect is how they use your information, with your consent: "We will share personal information with companies, organizations or individuals outside of Google when we have your consent to do so. We require opt-in consent for the sharing of any sensitive personal information." If you are using Google, you want to get in there and look at what information you have provided your consent for Google to share. (Here's Google's privacy page)
Meanwhile over at Facebook, they too have streamlined and rendered more readable their privacy policies. Important to understand is the information they receive about you: You provide info at registration; you also provide information via your posts, photo and videos and tagging activities; they do collate the information others share about you (tagging or on your wall); and those games or applications you use also provides Facebook data about you; and here too, if you provide your location then your location is retained. There is a whole section on that information which you choose to make public -- read it. And they too divulge how your information will be used: to provide you with a better experience; and they too share information with others only when you have provide your consent; given you notice how and what information will be shared; and removed personally identifying information. If you are using Facebook, you want to get in there as well and lock down your privacy settings at the levels commensurate with your comfort level. (Here's Facebook's privacy page)
While there are many other environments, I believe these two are representative of the current state of affairs with respect to user/consumer privacy. Are you content and comfortable with this as the status quo? No? Neither am I.
I'd like to see industry move to an environment where the preferences and identity of the consumer are 100 percent controlled by the individual consumer. In the good ol' days a coupon drawn from the Thursday paper for eggs, and utilized at the supermarket, would provide to the retailer feedback on the marketing medium which brought you into the store (i.e. measurable results); would allow the retailer to determine if the "eggs" were an effective draw, what other goods were also purchased (also measurable). But it wasn't necessary for the individual to reveal their identity for the transaction to occur, for the consumer to receive their goods and for the merchant to be successful.
I want the retailer to provide to me the best possible recommendation, personalize it for me, but without my being required to provide my personal identity to make it happen. Industry must drive to present to me, the consumer, the right service, the right content and the right product at the right time, based on my individualized preferences, which are provided without my individual identity and thus ensuring my privacy. I think we can and should strive to achieve this in 2012 so that Privacy Day version 2013 will be known as the day the consumer had total control of their privacy.
Follow Christopher Burgess on Twitter: www.twitter.com/BurgessCT
I am waiting with bated breath for the US Gov. to take up this issue of serious laws against privacy invasions for people on the internet. They passed a law to stop posting social security numbers where are the laws to stop the rest of our information being gathered, sold, posted without our consent. I wonder if these laws are pending and that is why FaceBook and Google are cleaning up their privacy terms with the public?
There are plenty of good ways to protect your privacy on the Internet, and all of them begin and end with the simple concept of: put the content into a (cryptographic) envelope, instead of writing it on a postcard. If the information needs to not be disclosed, do not distribute it across the Internet in a form that anyone other than the intended recipient can read.
Very-secure cryptography is trivially easy to obtain: VPN and "https" are well known. "S/MIME" and "GPG" encrypted e-mail a little bit less so ... yet your computer (no matter what kind of reasonably modern computer you own) has always been able to send and to receive it.
If you don't care that the information can be disclosed ... if you don't care that the room is "bugged" ... then enjoy the free service provided by the companies who are doing the "bugging."
But, don't be unreasonable about it. "Nothing's Free." They're providing the world's biggest honeypot to you. They're giving the service away because they want to data-mine your every blab and chuckle. And they ARE doing it with your consent.
--
Christopher
Thank you,
Christopher
http://articles.sfgate.com/2003-11-07/news/17519805_1_credit-files-credit-reports-equifax-and-experian
Credit agencies sending our files abroad - SFGate
http://ivebeenmugged.typepad.com/my_weblog/2008/05/is-it-wise-fo-2.html
I've Been Mugged: Is It Wise For Credit Bureaus To Outsource To Foreign Call Center Firms? (Part 3)
Indian BPO firms will probably be putting our medical records online:
http://www.vdare.com/posts/obamacare-a-boon-for-indian-bpos
Obamacare a Boon for Indian BPOs | VDARE.com
All the best,
Christopher
With our financial and medical records being sent out of the country, we don't have much privacy left.
Here's a story from 2003...
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2003/10/22/MNGCO2FN8G1.DTL
A tough lesson on medical privacy/Pakistani transcriber threatens UCSF over back pay
""Your patient records are out in the open... so you better track that person and make him pay my dues."
A woman in Pakistan doing cut-rate clerical work for UCSF Medical Center threatened to post patients' confidential files on the Internet unless she was paid more money.To show she was serious, the woman sent UCSF an e-mail earlier this month with actual patients' records attached.
The violation of medical privacy - apparently the first of its kind - highlights the danger of "offshoring" work that involves sensitive materials, an increasing trend among budget-conscious U.S. companies and institutions.
U.S. laws maintain strict standards to protect patients' medical data. But those laws are virtually unenforceable overseas, where much of the labor- intensive transcribing of dictated medical notes to written form is being exported..."