Googling a personal question might not be a private act

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

In some cas­es, the most inti­mate ques­tions a per­son is ask­ing on Google—about health wor­ries, rela­tion­ship woes, finan­cial hardship—are the ones that set off a chain reac­tion that can have trou­bling con­se­quences both online and offline. Being online increas­ing­ly means being put into cat­e­gories based on a socioe­co­nom­ic por­trait of you that’s built over time by adver­tis­ers and search engines col­lect­ing your data—a por­trait that data bro­kers buy and sell, but that you can­not con­trol or even see. Con­sid­er, for exam­ple, a per­son who googles, “can’t pay rent.” Among the search results may be ads for pay­day loans designed to cir­cum­vent Google’s poli­cies against preda­to­ry finan­cial adver­tis­ing. They’re placed by com­pa­nies called lead gen­er­a­tors, and they work by col­lect­ing and dis­trib­ut­ing per­son­al data about con­sumers online. Lead gen­er­a­tors may direct con­sumers to a land­ing page where they’re asked to input sen­si­tive iden­ti­fi­able infor­ma­tion. Then, pay­day lenders buy that infor­ma­tion from the lead gen­er­a­tors and, in some cas­es, tar­get those consumers—online, via phone, and by mail—for the very sorts of short-term loans that Google pro­hibits. Source: The Atlantic

Worry isn’t changing their shopping habits

sh_online shopping_280More than half of Cana­di­ans (54 per­cent) say they are more con­cerned about iden­ti­ty theft today than they were a year ago accord­ing to a study by Equifax Cana­da on con­sumer spend­ing habits online and in stores. In the past 18 months, Equifax Cana­da has received more than 180 reports of data breach­es involv­ing com­pa­nies of every size. When sur­veyed, near­ly half (49 per­cent) of Cana­di­ans indi­cat­ed they are par­tic­u­lar­ly wor­ried about the risk of iden­ti­ty theft when mak­ing online pur­chas­es. Even with this grow­ing risk and con­cern, 75 per­cent of shop­pers still plan to make their hol­i­day pur­chas­es online this year. Source: Mar­ket­Watch

Identity thief gets a new liver out of her crime

Cas­es of med­ical iden­ti­ty theft are get­ting more bizarre and more seri­ous. Ami­ra Aven­dano-Her­nan­dez, an undoc­u­ment­ed immi­grant, had a liv­er trans­plant using a stolen iden­ti­ty after buy­ing a Social Secu­ri­ty num­ber for around $1,500 and apply­ing for dis­abil­i­ty ben­e­fits. She was sen­tenced to six months in prison after plead­ing guilty to defraud­ing state and fed­er­al gov­ern­ments of hun­dreds of thou­sands of dol­lars. The vic­tim in Puer­to Rico did not know her iden­ti­ty had been stolen until author­i­ties con­tact­ed her. In anoth­er case, a cou­ple were try­ing to buy their first home, but were denied a loan because of an out­stand­ing med­ical bill for a heart pro­ce­dure the hus­band nev­er had. Such crimes can go unde­tect­ed for years. Source: WTMJ, Mil­wau­kee

Small towns not immune to big thefts

sh_small town bank_280Marsh­field, Mass., police are inves­ti­gat­ing the cyber theft of about $30,000 from a town-owned bank account. Chief Phillip Tavares said that a munic­i­pal account held at Rock­land Trust was hacked, but he does not sus­pect crim­i­nal involve­ment by any pub­lic employ­ee or offi­cial. “Some­how some­body was able to access that account and we are going to hold some­one respon­si­ble,” Tavares said. “I have every rea­son to believe an out­side per­son hacked in.” Rock­land Trust did not respond to ques­tions. Source: WCVB, Boston, Mass.

Want to buy a car? I’ll need your fingerprint first

Every year, mil­lions of dol­lars are lost by finance com­pa­nies and deal­er­ships due to fraud and iden­ti­ty-theft relat­ed crimes, and iden­ti­fy­ing and con­vict­ing sus­pects is near­ly impos­si­ble. The Cal­i­for­nia High­way Patrol is propos­ing a leg­isla­tive bill requir­ing all licensed vehi­cle deal­ers to get a cus­tomer thumbprint before any vehi­cle sale. The thumbprint would be main­tained for the life of the sales con­tract, then destroyed or delet­ed. A dig­i­tal copy of the thumbprint would be main­tained with the deal file or a third-par­ty ser­vice provider with a secure data­base and is not acces­si­ble to the pub­lic or law enforce­ment with­out prob­a­ble cause or a search war­rant. Once a deal­er is noti­fied that it is a vic­tim of fraud, law enforce­ment would have req­ui­site prob­a­ble cause to inspect, copy or seize the print for inves­ti­ga­tion. Source: Lex­ol­o­gy

$1 million bounty to jailbreak iPhone has been claimed

sh_iPhone jailbreak hack_280Secu­ri­ty start­up Zerodi­um announced that it’s agreed to pay a $1 mil­lion boun­ty to a team of hack­ers who have suc­cess­ful­ly devel­oped a tech­nique that can hack any iPhone or iPad that can be tricked into vis­it­ing a care­ful­ly craft­ed web­site. Zerodi­um describes that tech­nique as a “jailbreak”—a term used by iPhone own­ers to hack their own phones to install unau­tho­rized apps. But Zerodi­um and its founder, Chaou­ki Bekrar, have made clear that its cus­tomers include gov­ern­ments who might use such “zero-day” hack­ing tech­niques on unwit­ting sur­veil­lance tar­gets. Bekrar says two teams of hack­ers had attempt­ed to claim the boun­ty, which was announced in Sep­tem­ber with an Oct. 31 dead­line. Bekrar con­firmed that Zerodi­um plans to reveal the tech­ni­cal details of the tech­nique to its cus­tomers, whom the com­pa­ny has described as “major cor­po­ra­tions in defense, tech­nol­o­gy and finance” seek­ing zero-day attack pro­tec­tion as well as “gov­ern­ment orga­ni­za­tions in need of spe­cif­ic and tai­lored cyber­se­cu­ri­ty capa­bil­i­ties.” Source: Wired

Oh, yeah? Well I say we didn’t pull our spies out of China!

sh_U.S. embassy_200The CIA did not pull offi­cers out of the U.S. embassy in Bei­jing fol­low­ing the hack of the Office of Per­son­nel Man­age­ment, the nation’s top intel­li­gence offi­cial said. Speak­ing at a Defense One con­fer­ence, Direc­tor of Nation­al Intel­li­gence James Clap­per flat­ly con­tra­dict­ed Sep­tem­ber media reports that such action had been tak­en to pro­tect agents whose iden­ti­ty might be revealed as a result of the hack. “No,” Clap­per said, when asked if the Unit­ed States had removed agents from Bei­jing, adding: “Don’t believe every­thing you read in the media.” Cur­rent and for­mer U.S. offi­cials who spoke on the con­di­tion of anonymi­ty told The Wash­ing­ton Post that the agents were alleged­ly with­drawn as a pre­cau­tion­ary mea­sure. Source: The Hill

Click yes on that user agreement, and you may give up more than you think

The Rank­ing Dig­i­tal Rights 2015 Cor­po­rate Account­abil­i­ty Index finds that user agree­ment poli­cies in place with the world’s top tech­nol­o­gy firms shows that free­dom of expres­sion and user pri­va­cy aren’t top pri­or­i­ties. The project’s key find­ings reveal a lack of trans­paren­cy on the part of many busi­ness­es. The col­lec­tion, use, shar­ing and reten­tion of user data is poor­ly con­veyed, and few orga­ni­za­tions reveal infor­ma­tion about third-par­ty data requests to remove or restrict con­tent. In addi­tion, the report found that many busi­ness­es are ham­pered by legal and reg­u­la­to­ry require­ments when it comes to respect­ing user pri­va­cy. The report looked at the prac­tices employed by such com­pa­nies as Google, Microsoft and Ten­cent. Google scored high­est on the Cor­po­rate Account­abil­i­ty Index, with 65 per­cent, while sev­en of 16 firms sur­veyed scored less than 22 per­cent, high­light­ing the “seri­ous deficit of respect for users’ free­dom of expres­sion and pri­va­cy.” Source: ITPro­Por­tal

And they’ll drink to that

sh_wine_280The Liquor Con­trol Board of Ontario, which spent more than $250,000 fight­ing the case, is now destroy­ing the per­son­al infor­ma­tion of wine, beer and spir­it club mem­bers that the pri­va­cy com­mis­sion­er said it was wrong to col­lect. Now the LCBO is wind­ing down its wine club pro­gram, which let mem­bers buy prod­ucts not nor­mal­ly avail­able at the LCBO and to get vol­ume dis­counts. The Vin de Garde wine club com­plained to Ontario’s Infor­ma­tion and Pri­va­cy Com­mis­sion­er that the LCBO had start­ed requir­ing infor­ma­tion beyond names and address­es, includ­ing details and quan­ti­ties of their orders. Club mem­bers wor­ried that the LCBO was col­lect­ing and track­ing con­sump­tion habits. Con­sump­tion was not being tracked, the LCBO said, but it need­ed the data to process orders, recall prod­ucts and detect fraud. The LCBO was con­cerned wine clubs could stock­pile alco­hol and ille­gal­ly resell it. “The LCBO has not pro­vid­ed my office with much more than anec­do­tal or hypo­thet­i­cal evi­dence to sup­port its posi­tion that the ille­gal resale of liquor by wine clubs in this province is so prob­lem­at­ic that it neces­si­tates the col­lec­tion of the per­son­al infor­ma­tion of club mem­bers,” wrote then-pri­va­cy com­mis­sion­er Ann Cavoukian. Fur­ther, the LCBO had man­aged to process the club’s orders since 2004 before requir­ing per­son­al infor­ma­tion, Cavoukian not­ed. She ruled that the infor­ma­tion col­lec­tion vio­lat­ed the Free­dom of Infor­ma­tion and Pro­tec­tion of Pri­va­cy Act. Source: CBC

City authorities blamed in long-standing case of identity theft

Wes­ley Taylor’s wal­let was stolen in 2006, and that inci­dent has evolved into a worst-case sce­nario of iden­ti­ty theft. His driver’s license was sus­pend­ed. An appli­ca­tion for a gun per­mit was denied. He’s been denied sev­er­al jobs. Now, Tay­lor is suing the city of Indi­anapo­lis in fed­er­al court, claim­ing offi­cials didn’t do enough to help him cor­rect a record tar­nished by anoth­er man he says stole his iden­ti­ty and passed him­self off as Tay­lor while com­mit­ting sev­er­al mis­de­meanor crimes. That man is now sit­ting in a prison cell on a mur­der con­vic­tion. “This is what you see on paper,” Tay­lor said. “You see me as a gun-tot­ing, arrest-resist­ing mur­der­er.” The com­plaint alleges that, despite Taylor’s pleas with the Indi­anapo­lis Met­ro­pol­i­tan Police Depart­ment and the Mar­i­on Coun­ty court staff to remove his name from the oth­er man’s cas­es, the crim­i­nal record stayed wrong­ful­ly asso­ci­at­ed with Tay­lor for years. That inac­tion, Taylor’s com­plaint alleges, amount­ed to defama­tion. Rep­re­sen­ta­tives from the city’s legal depart­ment declined to com­ment about Taylor’s case. Source: USA TODAY