Thursday 3 January 2008

Plaxo up for sale? So is your information....

News.com and other websites reported today that Plaxo, is up for sale. The site which started out as an address book and moved into social networking is expecting to go for around the $100 million mark.

However, whomever buys Plaxo will also have access to all your data, and can do with it as they wish. This may include login details to sites like Facebook etc.

Plaxo is certified by TrustE (not to be confused with eTrust), but as we have seen Truste is completely worthless.

Wednesday 2 January 2008

Can't even trust Sears

A prominent anti-spyware researcher calls a Sears and Kmart customer program “just spooky” because users might be giving up more personal information than they planned, reports InfoWorld.
It’s another take on ITBE blogger Kachina Dunn’s recent post, “Users Will Gladly Trade Privacy Today for Free Stuff Tomorrow.”
Ben Edelman, a Harvard Business School assistant professor, says the My SHC Community program fails to meet U.S. Federal Trade Commission standards by failing to notify users exactly what happens when they download the marketing software.
Sears Holdings owns Sears Roebuck and Kmart department stores. It launched the program in March as a way for customers to have a voice in the direction of the company. It offers members a $10 incentive and a chance to win several sweepstakes.

Ask.com search tool bars

Think before you install the latest version of the Ask.com toolbar. Many of us will be used to search toolbars, in fact studies suggest that a little under half of us will prefer to use them rather than a search engine.

Add to this that Ask.com is actually part of IAC, a large online media company, with other online properties such as downloadable cursors, and you have to wonder if the toolbar is just a way to get their software onto our machines.

But before you install the latest version of the Ask.com search toolbar, ask yourself what information you are giving away. IAC was sued by eTrust about its toolbars which is part of a larged business ethics organization, and giving the recent debacle regarding the Ask.com eraser tool, things dont look good.

Ask.com eraser

A group of privacy advocates is asking Ask.com to make some changes to its new AskEraser feature so that it better protects consumers' privacy when they conduct Web searches.
Ask launched its AskEraser feature last week, touting it as a tool that erases traces of a consumer's search activity within hours.

There are three main problems. The first one is the fact that AskEraser uses an opt-out cookie. Cookies are bits of software left on a consumer's computer that are used to authenticate the user and maintain information such as the user's site preferences.


Usually, people concerned with privacy delete cookies, so creating an opt-out cookie is "counter-intuitive," the letter states. Once the AskEraser opt-out cookie is deleted, the privacy setting is lost and the consumer's search activity will be tracked. Why not have an opt-in cookie instead, the letter suggests. The second problem is that Ask inserts the exact time that the user enables AskEraser and stores it in the cookie, which could make identifying the computer easier and make it easy for third-party tracking if the cookie were transferred to such parties. The letter recommends using a session cookie that expires once the search result is returned.

Ask's Frequently Asked Questions for the feature notes that there may be circumstances when Ask is required to comply with a court order and if asked to, it will retain the consumer's search data even if AskEraser appears to be turned on. Ask should notify consumers when the feature has been disabled so that people are not misled into thinking their searches aren't being tracked when they actually are, the letter said.

Passport privacy questioned

The U.S. State Department on Monday approved a new type of passport for U.S. citizens traveling to Mexico, the Caribbean, Bermuda and Canada. The new “passport cards” use wireless technology that allows them to be read at a distance (up to 20 feet away), rather than being put through a scanner as with current passports.

Associated Press reports that privacy advocates expressed concerns about the new passport cards, saying that they’re not secure enough and potentially could result in identify theft or other privacy invasions.

One such advocate, Ari Schwartz at the Center for Democracy and Technology, a D.C-based advocacy group, said the technology used in the passport cards is better suited to tracking inventory than people.

German privacy breaches

Privacy activists have filed a constitutional complaint against Germany's data retention laws.
The objection against the German Telecomms Data Retention Act was filed in federal court on Monday by German privacy group Arbeitskreis Vorratsdatenspeicherung (Working Group on Data Retention). The group said 30,000 people have signed the objection against laws that mean German telecoms carriers are obliged to keep details of internet usage and phone call records for up to two years. The 150-page complaint calls on the court to suspend the law on the grounds of "apparent unconstitutionality".

US worst for privacy

Big Brother lives. And he may live a lot closer to home than you might think or want.
Human rights organization Privacy International compiled list of the best and worst countries in 2007 for citizen privacy versus government surveillance. The United States sits squarely at the bottom of that list with Privacy International classifying the country as one of the world's most "endemic surveillance societies."


Other low ranking countries include: China, Russia, Thailand, Taiwan, Singapore, Malaysia, and England. Greece was the highest ranking country when it came to citizen privacy protection. Privacy International said that Greece had "adequate safeguards against abuse." No country reached the highest ranking of "significant protections and safeguards" or "consistently upholds human rights safeguards."The US has dropped in status since last year, when it was given the marginally better label of an "extensive surveillance society."


To some the ranking of high surveillance may sound like a good thing, after all more surveillance means more security, right? However it is important to note that the US ranking is below the ranking of "systemic failure to uphold safeguards" when regarding citizen privacy. There is a trade-off at work where more security means less privacy.


As for me, I'd like to have a bit more privacy. Hopefully in 2008 the U.S. can raise its privacy standards to something above an utter failure.