The Privacy Blog
Thursday 3 January 2008
Plaxo up for sale? So is your information....
However, whomever buys Plaxo will also have access to all your data, and can do with it as they wish. This may include login details to sites like Facebook etc.
Plaxo is certified by TrustE (not to be confused with eTrust), but as we have seen Truste is completely worthless.
Wednesday 2 January 2008
Can't even trust Sears
It’s another take on ITBE blogger Kachina Dunn’s recent post, “Users Will Gladly Trade Privacy Today for Free Stuff Tomorrow.”
Ben Edelman, a Harvard Business School assistant professor, says the My SHC Community program fails to meet U.S. Federal Trade Commission standards by failing to notify users exactly what happens when they download the marketing software.
Sears Holdings owns Sears Roebuck and Kmart department stores. It launched the program in March as a way for customers to have a voice in the direction of the company. It offers members a $10 incentive and a chance to win several sweepstakes.
Ask.com search tool bars
Add to this that Ask.com is actually part of IAC, a large online media company, with other online properties such as downloadable cursors, and you have to wonder if the toolbar is just a way to get their software onto our machines.
But before you install the latest version of the Ask.com search toolbar, ask yourself what information you are giving away. IAC was sued by eTrust about its toolbars which is part of a larged business ethics organization, and giving the recent debacle regarding the Ask.com eraser tool, things dont look good.
Ask.com eraser
A group of privacy advocates is asking Ask.com to make some changes to its new AskEraser feature so that it better protects consumers' privacy when they conduct Web searches.
Ask launched its AskEraser feature last week, touting it as a tool that erases traces of a consumer's search activity within hours.
There are three main problems. The first one is the fact that AskEraser uses an opt-out cookie. Cookies are bits of software left on a consumer's computer that are used to authenticate the user and maintain information such as the user's site preferences.
Usually, people concerned with privacy delete cookies, so creating an opt-out cookie is "counter-intuitive," the letter states. Once the AskEraser opt-out cookie is deleted, the privacy setting is lost and the consumer's search activity will be tracked. Why not have an opt-in cookie instead, the letter suggests. The second problem is that Ask inserts the exact time that the user enables AskEraser and stores it in the cookie, which could make identifying the computer easier and make it easy for third-party tracking if the cookie were transferred to such parties. The letter recommends using a session cookie that expires once the search result is returned.
Ask's Frequently Asked Questions for the feature notes that there may be circumstances when Ask is required to comply with a court order and if asked to, it will retain the consumer's search data even if AskEraser appears to be turned on. Ask should notify consumers when the feature has been disabled so that people are not misled into thinking their searches aren't being tracked when they actually are, the letter said.
Passport privacy questioned
Associated Press reports that privacy advocates expressed concerns about the new passport cards, saying that they’re not secure enough and potentially could result in identify theft or other privacy invasions.
One such advocate, Ari Schwartz at the Center for Democracy and Technology, a D.C-based advocacy group, said the technology used in the passport cards is better suited to tracking inventory than people.
German privacy breaches
The objection against the German Telecomms Data Retention Act was filed in federal court on Monday by German privacy group Arbeitskreis Vorratsdatenspeicherung (Working Group on Data Retention). The group said 30,000 people have signed the objection against laws that mean German telecoms carriers are obliged to keep details of internet usage and phone call records for up to two years. The 150-page complaint calls on the court to suspend the law on the grounds of "apparent unconstitutionality".
US worst for privacy
Big Brother lives. And he may live a lot closer to home than you might think or want.
Human rights organization Privacy International compiled list of the best and worst countries in 2007 for citizen privacy versus government surveillance. The United States sits squarely at the bottom of that list with Privacy International classifying the country as one of the world's most "endemic surveillance societies."
Other low ranking countries include: China, Russia, Thailand, Taiwan, Singapore, Malaysia, and England. Greece was the highest ranking country when it came to citizen privacy protection. Privacy International said that Greece had "adequate safeguards against abuse." No country reached the highest ranking of "significant protections and safeguards" or "consistently upholds human rights safeguards."The US has dropped in status since last year, when it was given the marginally better label of an "extensive surveillance society."
To some the ranking of high surveillance may sound like a good thing, after all more surveillance means more security, right? However it is important to note that the US ranking is below the ranking of "systemic failure to uphold safeguards" when regarding citizen privacy. There is a trade-off at work where more security means less privacy.
As for me, I'd like to have a bit more privacy. Hopefully in 2008 the U.S. can raise its privacy standards to something above an utter failure.