Category Archives: Privacy

About.Me



Depending on your point of view about.me either strips the final layers of privacy from a narcisstic world or else provides a handy one-stop signposting to your Web 2.0 presence. As their tag line says, “It’s all about you.”

Like many people, your online life isn’t restricted to just one social media site. You have your friends on Facebook, your work colleagues on LinkedIn, random acquaintances on Twitter and family on Flickr. When it comes to pointing someone to “you” on-line, there’s no one place to go and this is where about.me comes in. At about.me, you can set up a cool picture and a biography, plus links to all of the social sites that you subscribe to.

To get an idea of what it’s like, here’s the about.me page of one of the founders, Tony Conrad. Looks pretty cool doesn’t it? There are editing tools to setup your page just as you’d like and there are stock designs if you don’t have a good photograph to use. To further appeal to the cult of me, about.me will provide statistics and graphics on who has been looking at your page.

It’s all very seductive, isn’t it. But let’s just have a little reality check here…this brings together your whole on-line life. Everything is linked to from one place, so if someone, say a prospective employer, wants to research you then it’s all there for them. They don’t even have to do any digging. Of course, you could have two about.me profiles, one for your public persona and one for your private life…

About.me seems to be backed by AOL amongst other investors and you might recognise a few of their advisors too.

The landrush for good names is underway, but I think the site has only been up a couple of months so I was able to snag my name without any numbers. If you are interested, I’d pop over and grab your page just in case about.me gets big.


How Far Should a Job Background Check Go?



As I am now on the prowl for a new job since I am being laid off from my current one, I’m thinking about all the things that could go wrong.  My credit might not be good enough, and is that speeding ticket I got a couple years ago going to be a problem?  And what about my online presence and activities?  How much of that will be a determining factor?  How far, really, will an employer attempt to go to dig into who I am and what I do with my life?

In the case of the Maryland Department of Corrections, background checks now require applicants (and those getting recertified or taking promotions to new jobs) provide their facebook username and password.  I, personally and professionally, think this is  a step too far.  What’s to stop them from asking me for my email accounts and passwords, and the usernames and passwords of any accounts I may have on a news website, blogging site, or forum or bulletin board?  At what point will they want to know what I watched on television last night, what YouTube videos I may have searched for, and what political, religious, or medical terms I may have Googled last week?  Where does the invasion of privacy end?

I purposely set my facebook privacy settings pretty high.  I am careful who I friend, and careful whose profiles I post on.  In other endeavors, I do blog on several websites, under my name, but none of these are likely to be issues, I don’t think.  I have other blogs that I post to that do not use my name at all, for good reason.  And my emails?  Well, aren’t those privileged communications too?  It would be like a potential employer asking for the box of love letters I keep under my bed that were between my husband and I when we were courting.  Pretty rude, even at just face value.

The ACLU has sent a letter off to the Maryland DOC asking them to cease the practice, and they have agreed to suspend it until they have given it a closer look.  But it seems to me that it should have never been a policy that was implemented in the first place.  While I understand the need to be sure that a potential employee is not a danger to the job, clients, or organization, I think there are limits on what it is okay to ask people to provide.  Yes, we should all be careful what we post online, who we connect with, and what information we give out.  But when it comes to personal communications, I think those need to be completely off-limits to any potential employer.

Would love to hear thoughts and comments on this.


GadgetTrak Remote Tracking Software For Mobile Gadgets



GadgetTrak is a piece of software that you install on your mobile phone or laptop. The software will periodically check in and let you know the physical location of the device. If a camera is present, for example on a laptop, it can even take a photo of the thief and email it back to the owner. The software cannot be disabled by the thief.

For a Mac or Windows laptop, the price is $34.95 per year.

For Android and Blackberry phones, which includes remote data wipe ability, secure encrypted backup and a loud piercing audible alarm even if the device is in silent mode, the price is $19.95 per year.

For iPhone, iPod, and iPad, the GadgetTrak app is .99 cents, The iOS version does not include remote data wipe, but does include remote camera and push notification support to inform the thief of the GadgetTrak software’s presence.

Interview by Jeffrey Powers of Geekazine.

Please Support our CES 2011 Sponsors.

Save 25% on 4GH Hosting 1yr Subscriptions Save 25% Promo Code CES2.


Google Acted Illegally in UK



Google LogoThe UK’s Information Commissioner today confirmed that Google breached UK’s Data Protection Act when the Street View cars captured personal data while collecting wi-fi network information.

As a result of this, Google will be required to sign an undertaking to take steps to ensure that breaches of the Act don’t re-occur.  Google will then be audited in nine month’s time to confirm that the required policies and training has taken place. Finally, once any legal obstacles have been cleared, Google will have to delete the personal data from the UK.

Currently, the Information Commissioner does not intend to fine Google, but will take further action if necessary

Information Commissioner's OfficeThe Commissioner, Christopher Graham said,  “It is my view that the collection of this information was not fair or lawful and constitutes a significant breach of the first principle of the Data Protection Act.  The most appropriate and proportionate regulatory action in these circumstances is to get written legal assurance from Google that this will not happen again – and to follow this up with an ICO audit.”

What’s interesting about this is that the Information Commissioner’s Office (ICO) had previously decided not to take action against Google because the sample data shown to the ICO was considered to be fragmentary and therefore unlikely to constitute personal data.

However, Google’s Alan Eustace admitted on Google’s own blog that, “A number of external regulators have inspected the data as part of their investigations (seven of which have now been concluded). It’s clear from those inspections that whilst most of the data is fragmentary, in some instances entire emails and URLs were captured, as well as passwords.”

The Commissioner then infers that because this happened in other countries, it happened in the UK, even if most of the data was fragmentary.  You can read the Commissioner’s letter to Google Inc here.

Personally, I’m pleased that Google is being held to account.  Far too often it seems that big business gets away with abusing our personal information.


Lower Merion School District Settlement



The Lower Merion School (Pennsylvania) has agreed to a settlement with two students involved in the laptop spying case that made national news in February of this year.  It seems that the school district, which began distributing laptops to high school students in 2008, had installed remote webcam activation software on the laptops for use when a laptop went missing.  There were several problems, not the least of which was that no one from the district informed parents or users that such software existed.  There was also no district policy in place to regulate the use of the software, and no oversight of the people in charge of activating the software.  In the process, district IT workers had captured over 56,000 images from activated webcams, some of which were not from computers that had been misplaced.

A single student sued the school for its breach of trust, and the lawsuit threatened to go to class-action status to cover the 40 or so students whose images had been captured and stored by the district’s IT department.

The settlement amounts to $610,000, to be paid by the district’s insurance company.  The majority of that payout (over $400,000) is paying off the lawyers; the student who sued first will receive $175,000 in a trust, and a second student will receive $10,000.

The school district, in my opinion, is getting off very very lucky, as is the IT manager who thought all this was a good idea in the first place.  I’m all for retrieving stolen property, but I’m also all for covering everyone’s butts with well-written, clear-cut policy statements that state when snooping software can be used and why.  You can’t get in trouble if you’re being above-board, everyone knows what you’re doing and why, and you are very clear about how policy will be enforced.

This should also send a message to other school districts who may be considering similar snooping measures to cover district-owned computer equipment.


Google Family Safety Centre



Google FamilyGoogle has setup the Family Safety Centre to help parents and teachers keep their children safe online.  After spending a little time in the resource, it seems to be a good introduction to online safety for children from a parent’s point of view.  If you need to know more, you can then take it further through some of the links.

The Centre has four main sections:

i) Google Safety Tools – information on Safesearch, which stops inappropriate material being returned in searches, and YouTube Safety Mode, which similarly stops age-restricted videos from appearing.

ii) Advice from partners – information from children’s organisations on cyberbullying, privacy, talking to strangers online, adult content and malware.

iii) Reporting abuse – if you find inappropriate material on any of Google’s properties (YouTube, Buzz, Picasa, Blogger), here’s how to flag the material to Google.

iv) Video tips from Google parents – a set of videos on YouTube from parents to parents.  In this section there’s also six basic tips for on-line safety.  Frankly, I think these tips should be more prominent as they’re good.
Keep computers in a central place
– Know where your children go online
– Teach internet safety
– Help prevent viruses
– Teach your children to communicate responsibly
– View all content critically

Each country has its own slight variant, including Australia, Canada, New Zealand, US and UK versions – there are probably others for non-English speakers. The main difference seems to be the list of partner organisations that Google has worked with (and spelling).

If you are a parent, you should spend a few minutes having a read of the information here.


Privacy in a Public World



Facebook rolled out Places late on Aug 18, it allows you to check in where you are through Facebook. In its default mode it also allows your friends to check you in. Lifehacker has a good article on how to adjust your privacy settings for Places to a level you are comfortable with.

This again brought out the issue of privacy. Some of the answers to the issue of privacy by those who believe being public is best ranged from impractical to absurd, such as don’t be on these social sites, to change your name, which is what Google’s CEO Eric Schmidt suggested in an interview with the Wall Street Journal. (if you are unable to get the Wall Street Journal article PC world has a good review of it ) On the other side, privacy evangelist can sound like members of a lunatic fringe group, when they talk about things like RFID tags being the work of the devil.

Both sides are trivializing an issue which can very serious for a lot of people, especially women who have been in an abusive relationship, it is important that their lives remain private. In fact for them it really can be a matter of life or death. However they should be able to participate in social media sites to connect with their friends, like anyone else. If they can’t then the abuser wins. How public or private someone is should be an individual’s choice. They should be able to control that privacy level how ever they see fit. My biggest fear is that the decision making is being taken away from the individual. Just because I make part of my life public doesn’t mean I have given up my right to privacy in other parts of my life.

Anytime an application or website is created or changed in a way that affects a person privacy, that change should be made clear and public. It should not be hidden in the middle of a 65 page software license agreement. Each person should make their own choice on how public or private they want to be and it shouldn’t be a decision made others. I have made a choice to be public in most areas of my life, I however don’t presume that I have the right to make that choice for someone else.



Google WiFi – Wrong But No Big Deal



Information Commissioner's Office logoThe UK’s Information Commissioner’s Office has issued a press release on Google’s collection of WiFi data that was obtained by the StreetView cars as they drove round.

In what appears to be a holding statement, the ICO says that it has reviewed samples of collected data at Google premises and confirms that the samples do not include any “meaningful personal details“.  Additionally, the information cannot be connected to an identified individual and it is unlikely to cause any harm.

However, the ICO confirms that collecting the information was wrong but there is nothing further in the press release to indicate if any penalties will be levied against Google.  Apparently the Information Commissioner will be taking a “responsible and proportionate approach.”


Do “Regular” People Know They Are Living Life in Public?



The recent privacy flap surrounding Facebook got me thinking.  Exactly how much are we all sharing?  What can be learned from it?  And how much of any of this does the average person know or understand?

I decided to take myself as a case study.  I may not be the average user – and most of you who read this techie site probably aren’t either.  But, we all know and/or are related to the “average user”.  And that is the person who is in danger in this modern, tech-based, privacy-challenged world.  I feel as though I can kind of compare myself to the average user in a strange sort of way.  It goes like this: I write for this site and my own and, sometimes, for others, and because of that, I have a vested interest in being found.  I want my writing found and I want to share it.  In fact, I have made the conscious decision to be easily found.  Plus, I want feedback.  I want to communicate with everyone out there and crowd-source questions and discussions.  Hence, it may appear that I share everything, but, I understand what’s going on in this space.  I realize that everything I post, regardless of rather or not I mark it as private, can be, and probably will be at some point, public.  Terms of use change.  I take NOTHING for granted.  I share nothing that I wouldn’t want the whole world to know.

Just about everyone who can access the internet is using at least one of these services that I looked at (and there are many more I didn’t).  And the average user gives not a single thought to what they are telling whoever wants to look.  Mostly who is looking is advertisers – either directly or because the site in question is sharing.  There are more nefarious onlookers as well, but to be fair, that is rare and requires the site to have security hole.

I will start with the one service I considered for this piece that I don’t use – Foursquare.  I don’t use it because I live in the country and it seems rather pointless for me.  Although, I guess I could rack up the “mayor” spots!  But, if you live in a metro area you may be using it, and what better way to let your stalker know where you are and when?  Since I don’t have experience with it I’ll leave it at that.

Let’s look at two photo sharing sites – Flickr and Picasa.  I use Picasa, myself, but most of you probably use Flickr. They are pretty much interchangeable though.  Picasa has settings.  Flickr probably has similar.  You can decide to not allow the general public to see your pictures and you can block GPS data from the photos. Do most users know this?  Probably not.

I am probably in the minority in using Wakoopa.  In fact, some of you probably don’t even know what it is.  It’s a simple program that tracks what programs I use.  It even includes some Webware programs.  What’s the harm in that?  Well, we will get to those possibilities later.

Another seemingly innocuous program is Goodreads.  As with Wakoopa, I may be in the minority using it, but I would guess there are dedicated users out there as well.  This site performs the simple task of keeping track of, and sharing, the books you read.  Like Wakoopa, what could be the harm?

Do you listen to music?  Do you love Pandora as much as I do?  Or, maybe you’re into Slacker or Last FM.  Everyone knows that their Pandora playlists are shared thanks to Facebook, right?  Slacker and Last FM can’t be very far behind on that gravy train.

My phone’s GPS tracks me via Google Latitude.  This one seems secure – only people I okay can see my location.  In all seriousness, I do trust Google, and maybe it will be my downfall, but other than a couple of stupid lapses, they seem genuinely to be trying to keep all of their overwhelming amount of data about all of us in check.  But, don’t get too comfortable, because Google knows EVERYTHING.  If management changes we are all in for a rough ride.  They have it all – our profiles, our email, our RSS feeds, and, most of all, our searches.  And that’s not even counting our location (if you use Latitude) or our thoughts (if you use Buzz).  And if Google Me is real, well….

Then there’s Twitter (and I’ll include Buzz here since they are the same type of service).  The great thing about Twitter is that you KNOW everything is public.  It’s designed that way.  They do allow users to set their accounts to private, but I assume few do.  And, let’s face it, few are sharing anything private on here…right?  Well, except those who lost jobs for posting things about their bosses or the woman who was sued for libel after posting about her apartment problems.  How many other stories like these are out there?  Far too many to count I am sure.  Let’s face it.  Even a service that is outright public from the start lulls the average user into a false sense of privacy.  And, what’s more, you can (and I do) allow the Twitter feed to cross-post to Google Buzz and Facebook.  Now if I say something dumb it has the maximum chance of being heard by the most people possible.  And, let’s not forget that Twitter makes it easy to add photos and videos to every tweet with such third-party services as TwitPic and TwitVid.  Oh, and just to top it off, I can geo-tag my posts so everyone knows exactly where I am.

Finally, there’s the black hole of privacy known as Facebook.  They have changed their privacy settings several times and only once (and that’s debatable) did it favor the users.  Facebook has an interest in users sharing their data.  That’s how they make their money.  If your settings are all private then it is bad for their bottom line.  So, they have slowly opened their doors to allow more and more user data to become public.  And they have made their privacy settings harder for users to understand.  The biggest thing they have done was to make settings opt-out instead of opt-in.  They gamble on the average user not understanding all of this.  And, let’s face it, they’re right.  Sure, they made some news with all of this, and some people got up-in-arms over it, but, did the public-at-large really hear and really understand?  Probably not.

Now let’s see what we can learn about me from all of this data.  I don’t use Foursquare so my stalker will not be happy here, nor will the marketers who want to know the kind of businesses I frequent.  From Picasa they will see my pictures, and those are posted to Buzz as well, but they are marked as private so I win one here.  Wakoopa tells everyone what software I am using, which is great for the marketers, but probably useless for my stalker.  Similarly, Goodreads will let everyone know that I am just about done reading A Walk In The Woods, which is useful to marketers, but less so to my stalker.  The same for Pandora – great to know what I listen to if you want to sell to me, but not so much if you want to find me.  And then we come to the last three services I looked at, and those are the ones the stalker is interested in – Twitter, Buzz, and Facebook.  Here’s where you know where I am, where I am going and who I am with, complete with exact GPS coordinates.

Can you build a good profile for marketing or stalking?  I would say it’s very easy to do so.  And, almost everyone that each of us knows is using, at the very least, one of these services.  Worse, they don’t know what the default settings are, and even worse than that, probably don’t care because they don’t understand the implications of them.  Things are not improving on this horizon any time soon, either.  In fact, if Facebook is any indication, they will get worse.  Yes, it’s great to have all of these services and they are very useful.  But, we need to take the time to understand them and what they mean.  People have been hurt – women with real stalkers.  Nobody should have to suffer because of vague terms-of-service or the questionable practices of some site that is out to make a dollar off of unsuspecting users.