How to protect your online privacy

More effective and better protection is needed for children online

2011-01-18T23:09:00.001-08:00

Present-day technical and legal methods of preventing child pornography offences and online grooming are not sufficiently effective and do not meet their purpose. A thesis from the University of othenburg, Sweden, shows that new approaches are needed to improve online protection for our children.

Marie Eneman of the Department of Applied Information Technology has studied in her thesis how information technology is used for child pornography and grooming, that is to say adults making contact with minors for sexual purposes, and the technical and legal controls that exist to protect children. She has studied all Swedish judgments on child pornography offences over the period 1993-2008 and has interviewed a number of people convicted of child pornography offences.

"Information technology has made it easier to produce, distribute and access child pornography, and has also increased the risk of grooming. As well as availability, technology brings a certain degree of anonymity, a global market and the possibility of making contact with like-minded people," says Eneman.

In her thesis, she identifies hortcomings in present-day legal and technical regulation models.

"The picture of the role of information technology in these offences is more complex than the legislators, police and prosecution authorities could have envisaged, and technology poses a great challenge," she says.

While implemented technical egulation, in the form of filtering, currently focuses solely on websites, Eneman shows that significantly more types of information technology are used to distribute child pornography. One example is file sharing. Information technology is not a homogeneous technology, it consists of several technologies with different characteristics. It is therefore important to adopt a broader perspective in looking at the technology in order to be able to develop effective regulatory models. The thesis additionally shows how offenders have been able to adapt and have developed various social and technological strategies to reduce the risk of being exposed and finding ways of circumventing filtering, for example.

Eneman's thesis asks whether we might need to accept certain restrictions on our rights in order to improve protection for our children. "Rights such as freedom of expression and personal privacy are fundamental and should continue to be defended, but they must be adequately balanced in relation to other important rights such as the right of the child not to be sexually exploited," she says.

Provided by University of Gothenburg (Read news : See University web)

Proposed Online ID System Raises Privacy Concerns

2011-01-13T08:40:00.001-08:00

Some privacy advocates say a U.S. Department of Commerce-proposed system for smoother identification of people on the Internet could create as many problems as it is designed to solve.

The Obama administration is proposing what it calls the National Strategy for Trusted Identities in Cyberspace (NSTIC), an initiative aimed at establishing technologies to identify people and enhance privacy. The idea is to improve the ability to identify individuals as well as authenticate who they are, as a way of protecting people from identity theft and businesses from fraud.

The U.S. Department of Commerce is proposing an "identity ecosystem" that would provide better privacy protection and authentication of identity. But some privacy groups fear it may make the problems of identity theft and privacy worse than they already are.

Privacy advocates are concerned that in trying to close some vulnerabilities, new ones could get opened up, but the current system isn't a great success. "What we have certainly doesn't work very well at all," said Jim Dempsey, vice president for public policy at the Center for Democracy and Technology. "Properly implemented, the ID ecosystem the Commerce Department is proposing could improve both privacy and security," he said.

Read full story

Online Privacy: What to Expect in 2011

2011-01-05T07:45:00.001-08:00

The year 2011 could be when government cracks down on online advertising - particularly behavioral advertising - in a meaningful way. Thus far, lawmakers and regulators have merely introduced a slow-moving privacy bill and written extensive reports, centered on issues like behavioral ad targeting, consumer data tracking, data security, and children's data privacy.

With the Federal Trade Commission recently floating its do-not-track concept, and additional legislators piling on with new privacy bill proposal plans, many signs point to passed privacy legislation coupled with increased enforcement capabilities for the FTC when it comes to penalizing violators of potential laws. Consider the coming period the final test for self-regulators as they struggle to appease authorities calling for more transparency and notice around data tracking, collection, and use online.

"Do Not Track" - Seriously being thought by Firefox, IE and Chrome

2010-12-23T00:54:00.001-08:00

As concern about online privacy grows, Mozilla is promising to let people cloak Internet activity in free Firefox Web browsing software being released early next year.

"Technology that supports something like a 'Do Not Track' button is needed and we will deliver in the first part of next year," Mozilla chief executive Gary Kovacs said while providing a glimpse at Firefox 4 at the Mozilla's headquarters in Mountain View, California.

"The user needs to be in control," he added.

There is a disturbing imbalance between what websites need to know about visitors to personalize advertisements or services and the amount of data collected, according to Kovacs.

"It is not that ads are bad," he said. "It is what they do with my tracked behavior.

"Where I go on the Internet is how I live my life; that is a lot of data to hold just for someone to serve me ads."

Microsoft this month unveiled increased privacy options for the upcoming version of its popular Web browser Internet Explorer 9 (IE9) including a feature "to help keep third-party websites from tracking your Web behavior."

Microsoft said "Tracking Protection" will be built into a test version of IE9 being released early next year.

IE9 users will have to be savvy enough to activate the feature and create lists of the third-party websites that they do not want to track their behavior.

Internet Explorer is the most widely used Web browser in the United States followed by Mozilla's Firefox, Google's Chrome and Apple's Safari.

Google, which beefed up Chrome in recent weeks and is testing a notebook computer that operates on the Web browser software, cautioned that the mechanics and ramifications of stealth browsing need to be figured out.

"The idea of 'Do Not Track' is interesting, but there doesn't seem to be consensus on what 'tracking' really means, nor how new proposals could be implemented in a way that respects people's current privacy controls," said the company, also based in Mountain View.

Read more

National Do Not Call Registry (NDNC Registry) in India

2010-12-15T07:43:00.001-08:00

National Do Not Call Registry is a database having the list of all telephone numbers of the subscribers who do not want to receive UCC. Telephone subscriber (Landline or mobile) who does not wish to receive UCC, can register their telephone number with their telecom service provider for inclusion in the NDNC. Telecom Service Provider shall upload the telephone number to the NDNC within 45 days of receipt. The Telemarketer will have to verify their calling telephone numbers list with the NDNC registry before making a call.

The primary objective of the National Do Not Call Registry (NDNC Registry) is to curb Unsolicited Commercial Communication (UCC). UCC has been defined as "any message, through telecommunications service, which is transmitted for the purpose of informing about,or soliciting or promoting any commercial transaction in relation to goods, investments or services which a subscriber opts not to receive, but, does not include, ----

(i) any message (other than promotional message) relating to a service or financial transaction under a specific contract between the parties to such contract;or

(ii) any messages relating to charities, national campaigns or natural calamities transmitted on the directions of the Government or agencies authorized by it for the said purpose;

(iii) messages transmitted, on the directions of the Government or any authority or agency authorized by it, in the interest of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality."

The NDNC Registry will be a data base having the list of all telephone numbers of the subscribers who do not want to receive UCC.After the establishment of NDNC registry, Telephone subscriber (Landline or mobile) who does not wish to receive UCC, can register their telephone number with their telecom service provider for inclusion in the NDNC. Telecom Service Provider shall upload the telephone number to the NDNC within 45 days of receipt. The Telemarketer will have to verify their calling telephone numbers list with the NDNC registry before making a call. To discourage the telemarketers who make calls to the numbers registered in Do Not Call List, a provision has been made whereby Rs.500/ - shall be payable by the telemarketer to the service provider for every first unsolicited commercial communication (UCC) and Rs.1000/- shall be payable for subsequent UCC. There is a provision for disconnection of the telemarketer telephone number / telecom resource if the UCC is sent even after levy of Rs.500/- & Rs.1000/- tariff. In case of non-compliance to the Telecom Unsolicited Commercial Communications Regulations, 2007, the Service Provider is also liable to pay an amount by way of financial disincentive, not exceeding Rs.5000/- for first non-compliance of the regulation and in case of second or subsequent such non-compliance, an amount not exceeding Rs.20,000/- for each such non-compliance.

For customers who would like to register/de-register their request for NDNC registry may dial 1909 or SMS to 1909 with keywords 'START DND' for registration and 'STOP DND' for de-registration

Subscriber can check the status of their registration in NDNC Registry by clicking on "DND Registration Check"

Read more at http://ndncregistry.gov.in/ndncregistry/index.jsp

'Do Not Track’ tool needed for web users

2010-12-15T07:40:00.001-08:00

If the 'Do Not Call' registry helped Americans avoid unwanted telemarketers, can a 'Do Not Track' option protect their privacy online? The Federal Trade Commission thinks so, and in a Dec. 1 report on consumer privacy in the digital age called for new tools to control the collection of information about consumer's Internet activity.

In releasing its report, titled 'Protecting Consumer Privacy in an Era of Rapid Change,' the FTC argues there is now widespread support for more transparency and choice surrounding the largely invisible practice of 'behavior advertising,' in which marketers track a consumer's Internet activity and then deliver ads targeted to those interests, or assumed interests.

Read more..

10 tips to protect your online privacy

2010-11-24T08:21:00.001-08:00

Protecting your online privacy should be top of any serious PC user's list of concerns.

Here's a guide provided by techradar.com on how the bad guys steal personal data, and tips revealing how to foil even the most devious villains.

1. Be careful what you put online

First, the obvious one. Once you've released something onto the internet, it's never, ever coming back. That doesn't mean you need to become an online hermit, but it does mean that everything you put out either under your own name or a constant pseudonym can come back to haunt you.

2. Check yourself out online

After Googling yourself, check out a site such as 192.com, where you'll be able to find your details from the Electoral Roll. The good news is that you can have yourself removed by sending in a form at www.192.com/help/help-home. Repeat this process on similar sites to make yourself completely ex-directory and you should be clear from at least opportunistic searchers.

Another thing that people often miss is that if you register a website address, by default your name and address are listed in the Whois database. Non-commercial users can opt out of this on .co.uk addresses, making them a good one to register for personal sites.

For other domains, many registrars offer an anonymity service, which really means claiming the domain belongs to a third party, but forwarding any information that comes in. This usually costs a few pounds per year.

3. Watch out for scams

Always be on the lookout for phishing sites pretending to be your bank, favourite game's homepage, social media service or similar pages. Never visit one through a link – always type the address in directly.

Most phishing attempts are woeful, but occasionally a convincing one slips through. Whatever you do, make sure you never enter any payment or other critical information onto a site with no padlock icon. This means the connection is secure.

Without it, anyone could be eavesdropping on the data you send. Many services, such as Gmail and Backpack, also let you use these 'SSL' connections while you're using their service. It slows them down slightly, but not to the extent that you'll notice.

4. Don't trust the padlock

Even if a page does have the padlock icon, don't trust it fully. All it means is that technologically speaking, your data is safe, not that the company will treat it properly.

As boring and over-padded as they are, it's always worth checking sites' privacy policies to see what they let their employees do. As an example, does that backup site encrypt your data so they can't see it, or do you just have to take their word that they won't sneak a peek?

At the very least, you'll be able to seek better restitution if they're caught with their fingers in the till.

5. Only use networks you trust

Remember that there's no better way for someone to get your information than by controlling the computer you enter it on. Never use email, banking or similar services from a public terminal, such as at a cybercafe or in an airport, or over a non-trusted Wi-Fi connection.

Just because it says 'Free airport Wi-Fi' doesn't mean it's not actually controlled by the man two seats away. At the same time, you're not safe just because you're at home.

Regular malware sweeps are essential to make sure you're the only one with the keys to your trusty PC, and that your data's staying put.

6. Check your privacy options

Originally, everything on Facebook was locked down. Now things have changed and almost everything is public. Visit http://bit.ly/fbk-privacy to customise your settings and switch off anything you don't want the whole internet to see.

7. Stick to Friends Only

Anything you do want to make available, switch it to Friends Only. Friends of Friends opens you up to spammers getting into your network through friends who add everyone who asks. It's best not to play the numbers game and only add people you actually know and trust.

8. Separate your friends

Facebook lets you categorise Friends by group, separating work colleagues from friends or family. It's well worth doing this. Remember, it's not just what you post – if one of your friends tags you dancing on a table at a drunken party, that'll appear in your feed too.

9. Check your permissions

Facebook now plugs into many websites, which can also get their hands on your data. You should regularly check that you've given them all permission in 'Applications Settings'. If it's a website or application you don't recognise, cancel its access.

10. Stay alert to changes

Keep a close eye on any changes to Facebook's privacy options. It's made it clear that it wants people to live more open lives, if only because the more we do, the more it can do with our data. That doesn't mean you have to let it. Keep using it, but remember to stay vigilant.

Privacy News Round-Up: Lessons Learned

2010-11-17T07:51:00.001-08:00

On November 6, 2011, the Wall Street Journal reported that major websites are taking steps to control and limit tracking of their visitors by third parties. The sites' goal is to both mitigate the privacy risks associated with such third party tracking and to capture the revenue that could be derived from their users' data. A study cited in the article estimated that a sample of 50 popular U.S. websites is losing at least $850 million in revenue to third parties that collect and sell users' data without the sites' knowledge. The study also found that nearly a third of the tracking tools operating on the 50 sites are unauthorized. As the recent Facebook controversies demonstrate, clandestine or unauthorized use and collection of users' data may cause reputational harm to the sites, and not every company is able to withstand revelations of inappropriate data use as well as Facebook can.

Read more

Facebook submitted responses to the inquiry from privacy lawmakers

2010-11-10T08:12:00.001-08:00

Facebook last week responded to a host of questions from congressmen playing key roles in the future of online privacy regulations.

Facebook submitted responses to the inquiry in a 13-page document dated October 29, and signed by the company's VP Global Public Policy Marne Levine. The firm stressed that no privacy breach occurred when user IDs (UIDs) were transferred between Facebook and third-party app developers. Facebook also said that all ad networks must delete Facebook UIDs in order to operate on its platform.

Facebook told the congressmen it receives no "remuneration, financial or otherwise" from sharing information with third-party firms, and added, "Facebook expressly prohibits application developers from selling user data and from transferring user data to such companies."

Facebook also stressed that the transference of UIDs "is not a Facebook-specific issue" because "in the course of its normal operation on the Internet, the browser includes the referrer URL in its request to the third party." The firm said it is "working to launch an industry-wide initiative to equip browsers with privacy controls that would prevent such inadvertent passing of information," and added, "In the coming months, we expect to work with such manufacturers to enable users to control the passage of information via referrer URLs."

Read more

Online privacy: digitally exposed

2010-11-03T08:41:00.001-07:00

Though the dangers of online over-sharing are evidentiary, young people are being hit by a myriad of mixed messages over what is and isn't acceptable to share publicly. In a culture of reality television, where everyone is a celebrity, it's no surprise that young people are confused. Such mixed messages become especially clear when it comes to social networking.

Take Facebook, for example. In his recent book, The Facebook Effect, David Kirkpatrick refers to the concept of radical transparency, arguing that founder Mark Zuckerberg believes that people will be better off by making themselves more transparent. Problematically, Zuckerberg's position is one of privilege; Zuckerberg has no boss to answer to, he can post virtually anything online without fear of retribution. For the average user, however, the risks are palpable.

The damage done by exposing too much online is by no means limited to what we can do to one another, such as in the case of Clementi or, for example, the more innocuous posting of risqué vacation photos. In fact, individual risk is perhaps higher - at least statistically speaking. Just ask any blogger who's been fired for writing about the workplace or tracked down by creditors because of information they put online.

Read more here.

Facebook Disconnect to protect your online privacy - Stop Facebook from tracking the webpages you go to

2010-10-28T02:14:00.001-07:00

Facebook is notified whenever you visit one of the more than one million sites on the web that use Facebook Connect and has a history of leaking personally identifiable information to third parties.

Thousands of third party websites and applications currently use Facebook Connect, promptly raising privacy concerns over how personal data is being handled, and what data is accessible to third parties, among other concerns.

In the past few weeks, Facebook applications like FarmVille reportedly shared confidential personal information about users obtained through Facebook Connect with numerous different partners such as advertising networks.

To help ensure online privacy, Brian Kennish (@byoogle), an engineer at Google, developed Facebook Disconnect, an extension for the Google Chrome browser, which effectively blocks the transmission of data back to Facebook servers through Facebook Connect on third party websites, while still allowing a user to access the sites.

The developer says the project was created on his own time, and it is not endorsed or related with his employer, Google, in any way, express, or implied.

The developer is expected to release the application for other popular browsers, including Mozilla Firefox, among others.

To install the extension visit https://chrome.google.com/extensions/detail/ejpepffjfmamnambagiibghpglaidiec

Govt mulls law to defend citizen's privacy

2010-10-28T02:08:00.001-07:00

The government has woken up belatedly to provide legal protection to its citizens' privacy, circulating an approach paper on need to guarantee it without compromising the country's balance of interests and concern.

Most Western countries have strict privacy laws that India lacked so far because the public dissemination of personal information has over time become a way of demonstrating 'the transparent functioning of the government.'

How soon the law will be enacted for the purpose is, however, not certain as it is all still at the conceptual level. The draft approach paper was circulated on Monday and a short time of one week is given for the public views by October 25; that itself may trigger an outcry to allow more time.

The approach paper says the privacy for the purpose should be defined as the expectation that confidential personal information disclosed by any individual to government or non-government entity should not be disclosed to third parties without his consent and sufficient safeguards be adopted in processing and storing such information.

"In essence, disclosure of data which can be used to identify a physical person without following the due process could be construed as breach of privacy," says the document while pointing out that the country does not have any protection statute.

Though the judiciary has derived "right to privacy" from the rights available under Article 19(1)(a) that defines fundamental right to freedom of speech and expression and Article 21 that gives the right to life and personal liberty, all cases were decided in the context of government action resulting in denial of right of privacy to private citizens.

No privacy judgment has so far granted citizens a right of action against the breach of privacy by another citizen and as such the personal privacy jurisprudence in the country is not yet fully developed, says the approach paper.

It says the legislation to ensure privacy should really be in the form of framework rather than detailed prescriptions, making it applicable equally to private as well as public entities to protect citizens and individuals against the misuse of their personal data by anybody.

Such a law will ensure protection to all forms of personal data, imposing a greater responsibility on those processing and collecting the information "whose disclosure can result in significant financial, reputational or other associated loss to the person concerned."

The legislation is recommended to be limited to personal information relating to real persons on the ground that there are other legislations that deal with information in the context of legal persons such as corporations.

Besides, there is a greater risk of personal injury in the context of real persons as opposed to legal persons.

The document recommends creation of an appropriate list of items that would constitute sensitive information and goes on to list out what they can be. These are:

    * racial or ethnic origin or castes;
    * political affiliations or opinions;
    * religious affiliations and beliefs or other beliefs of a similar nature;
    * membership of a trade union;
    * physical or mental health or condition;
    * sexual life;
    * criminal record;
    * genetic information about an individual that is not otherwise health information;
    * information or an opinion about an individual;
    * financial or proprietary confidential corporate data;
    * data on a person's personality;
    * private family relations;
    * biometric data;
    * social welfare needs of a person or the benefits, support or other social welfare assistance received by the person; and
    * data collected on a person during the process of taxation (except data concerning tax arrears).

The approach paper also takes note of the biometric data collected by the government under its Unique Identity project called 'Aadhar' which can be misused causing immense harm to the individuals as it says it should be also defined as personal sensitive data.

It also stressed that the personal data be collected only after written consent and the individuals should have the right to correct any wrong data about them and the data controller must be made responsible for faults of the data processor to fulfil the data protection obligations.

Also the data should be stored only till the time the purpose for which it is collected is achieved.

The document discusses the possible conflict of the privacy law with various other laws like the Right to Information Act and says the act itself directly or indirectly lays down that private information relating to an individual is to be prevented from authorised disclosure.

It also stressed that the legislation must provide for exceptions like in the interests of national security as on many occasions the government may need to gain access.

What about the credit verification done by banks and financial institutions to access personal information about the prospective borrowers? The document says there will be no bar on collection of data but provide a regulation regime on how it is processed for only verifying the credit worthiness of a person.

As regards the possibility of the proposed law infringing upon freedom to trade of the detective agencies, the approach paper refers to the European laws dealing with the use of surveillance for security and private investigation purposes and suggests that the private detective agencies must be regulated as they can potentially wreak considerable havoc on the personal information of a citizen if allowed to operate without regulations.

Source: http://news.rediff.com/report/2010/oct/27/exclusive-now-a-law-to-defend-citizens-privacy.htm

Five Tips to Using Online Location-based Services Safely

2010-10-20T23:33:00.001-07:00

Peter Cameron, Managing Director of AVG (AU/NZ), says: "By themselves, certain shared facts may seem harmless enough. But disparate pieces of ourselves can easily be assembled like puzzles to create holistic pictures of our daily lives. Don't make it easy for criminals — follow these tips to protect yourself."

Don't post pictures online. If you must, make sure they can only be viewed by those you trust. There are privacy features on Facebook that will let you do this, but remember there is nothing to stop your contacts from copying and pasting pictures openly elsewhere.
If you want to share location or other personal info on Twitter, or you're afraid of inadvertently giving away too much, create a separate network just for those you know and trust, and set the privacy setting to protected. But again, nothing prevents your contacts from publicly retweeting your updates.
For your larger online networks, always consider how someone might use posted info against you before you post. It is also a good idea to regularly look back on what you've posted to see how updates might be combined together to indicate where you live, work or go to school.
If you have a smart phone, disable the geotagging feature. But if you must use location-based services such as Foursquare, never "check in" from home as this will disclose your address.
Google yourself to see what others can find out about you online. Be sure to remove yourself from Spokeo and other aggregators of personal content.

See http://www.avg.com.au/resources/security-tips/

TRUSTe Releases Survey Results of Parents and Teenagers on Social Networking Behaviors

2010-10-20T23:26:00.001-07:00

TRUSTe, provider of the leading privacy trustmark, today announced the results of a survey of parents and their teenagers on social networking behaviors -- the first national social networking privacy survey to be conducted on both parents and their teens that also measures parental expectations against actual teen behavior. The poll, conducted by Lightspeed Research, included responses from two thousand parents and teenagers to reveal: their level of involvement with social networks; perceptions and concerns about their privacy when using social networks; and parental monitoring and engagement with their teens on social networks.

Key findings from our survey include:

80 percent of parents and 78 percent of teens feel in control of their personal information on social networking sites;
84 percent of parents are confident their teen is responsible with personal information on a social networking site;
72 percent of parents surveyed monitor their teens' accounts, with 50 percent of these parents monitoring weekly, 35 percent daily and 10 percent monthly; and,
84 percent of parents are accurate in understanding the amount of time their teen spends on social networks and generally have a good understanding of the activities they are engaged in online
18 percent of teens have been embarrassed or disciplined as a result of a posting;
80 percent of teens use privacy settings at some point to hide content from certain friends and/or parents; and,
68 percent of teens surveyed have at some time accepted friend invites from people they don't know, with 8 percent accepting all, 34 percent accepting some, and 26 percent accepting rarely.

Source link

1,000 cyber attacks on Delhi Commonwealth Games, most from China

2010-10-16T00:38:00.000-07:00

Six cyber networks of the Delhi Commonwealth Games faced at least 1,000 "potential" attacks in the 12 days of the event that concluded last night — that is, more than three attacks every hour.

Roughly three-fourths of these attempts to breach and paralyse the Games networks originated from China, experts in the Cyber Crisis Management Group (CMG), which was monitoring the networks round the clock, told The Indian Express.

A clutch of attacks — between October 3 and October 5 — originated in Pakistan. Some attempts to penetrate CWG circuits were made from Mumbai as well, top sources in the CMG said.

"In all, our systems detected around 5,000 incidents, about 20 per cent of which could be described as potential attacks. Many were 'denial-of-service' attacks, which, if successful, would jam entire networks. But none of these attempts succeeded in penetrating even the first of the three layers of cyber security systems that we had installed," said a member of the CMG. [indianexpress.com]

Read more...

Your Online Privacy Choices: Does anyone watching you and tracking your clicks?

2010-09-28T23:55:00.001-07:00

Do you know that every click you make can be tracked by someone using a computer which is even miles away? Yes, this do happen if you dont have appropriate antivirus and antitheft tools installed. It would be better to install an online firewall as well.

Every click you make is tracked by ad companies who tend to collect information on your behavior and then sell it to other advertisers who want you to be their target too. There are zombie cookies that respawn instead of die. And then security researcher/hacker Samy Kamkar came up with an open source evercookie that would have to qualify as the cookie tracker from hell; it stores itself in eight different places. Even if the user deletes their cookies, it only takes one cookie to escape notice and enables most, if not all, of the cookies to reset.

There is no bullet-proof method to avoid being tracked, but there are some companies who are doing the hard work for you.

Read more here

Should government take the initiative to protect online privacy?

2010-09-08T20:51:00.001-07:00

Eric Schmidt, the chief executive of Google, recently gave warning that people are leaving large amounts of information about themselves on the internet without fully understanding the implications of their actions. The launch of services such as Facebook's Places initiative, which allows users to identify their location when uploading content to the web, has intensified calls for more to be done to protect online privacy, as has Google's StreetView fiasco. One response to all this is to lobby companies such as Facebook and Google to provide stronger protections for users, and to step up the online industry's efforts to educate folk about the consequences of "over-sharing".

Read more at http://www.economist.com/debate/overview/181/Online%20privacy

The Internet security in China

2010-06-09T00:02:00.001-07:00

Protecting Internet Security Internet security is a prerequisite for the sound development and effective utilization of the Internet. Internet security problems are pressing nowadays, and this has become a problem of common concern in all countries. China also faces severe Internet security threats. The Chinese government proactively promotes the improvement of relevant legislation and Internet corporate service regulations, in order to steadily enhance online privacy protection systems. The Decision of the National People's Congress Standing Committee on Guarding Internet Security stipulates that illegal interception, tampering with or deletion of others' e-mails or other data and infringement upon citizens' freedom and privacy of correspondence that constitutes a crime shall be investigated for criminal liability. According to the self-disciplinary public pledges of the Internet industry, Internet service providers are responsible for protecting users' privacy. The providers shall announce their relevant privacy protection commitment when providing services, provide reporting and reception channels for privacy infringement and take effective measures to protect users' privacy.

Source: tmcnet.com
More details can be found here

Do teens need education in online privacy?

2010-05-12T21:18:00.000-07:00

Online privacy forms a subset of computer privacy. Internet users may achieve an adequate level of privacy through controlled disclosure of personal information. The revelation of IP addresses, non-personally-identifiable profiling, and similar information might become acceptable trade-offs for the convenience that users could otherwise lose using the workarounds needed to suppress such details rigorously.

A number of experts within the field of Internet security and privacy believe that security doesn't exist; "Privacy is dead - get over it" according to Steve Rambam, private investigator specializing in Internet privacy cases. Many young people remain vulnerable to online predators because they are dangerously unaware that privacy on the Internet is an illusion, experts say.

Teenage girls in particular tend to be easy prey because they see the Internet as part of their living space and consider — incorrectly — whatever they do online as private, said Shaheen Shariff, an associate professor of education at McGill University, who specializes in cyber-bullying and online social networking.

A 20-year-old Ottawa man who used threats and extortion to lure young women into performing online sexual acts reinforces the need for more Internet-usage education.

Read more:
http://www.vancouversun.com/life/Teens+need+education+online+privacy/2988762/story.html
http://en.wikipedia.org/wiki/Internet_privacy

Privacy policies of major social networks

2009-12-29T22:10:00.001-08:00

Do you think that privacy policies and security features of social network prevent one from bulk downloading contact information of people in their address book? NO. If you think they have strict policies, then how could this happen?

When RockYou can stash 32 million passwords in the clear; when RapLeaf can index 600 million email accounts; and when Intelius can go public by buying 100 million profile pages; then our social networks have traded away our privacy for mere ?privacy theater.?

As long as the same information that social networks piously prohibit their own customers from using is being bought and sold on the open market by giant marketing companies, social networks are only pretending protect your privacy.

See more details about this at The Washington Post article, linked here.

Thousands of mobile customers' details sold by T-Mobile employees

2009-11-25T10:26:00.000-08:00

The breach of the Data Protection Act, which bans the selling on of data without prior permission from the customer, was disclosed following an investigation by the Information Commissioner's Office (ICO). The ICO is responsible for promoting openness by public bodies and data privacy for individuals and for enforcing and overseeing the Data Protection Act. Read more...

Many mobile sales calls are lawful, and there are rules in place to prevent the misselling of mobile services, however mobile misselling still happens. You can reduce the number of legal cold calls you receive by signing up to the Telephone Preference Service or Do Not Disturb Registry and taking care to opt out of receiving marketing calls when filling in forms that include personal details such as your phone number.

Can anybody steal information from your mobile phone?

2009-11-18T02:49:00.000-08:00

Today's smart phones can store phones—contact lists, emails and email ids, company documents and data, personal financial information and passwords, etc.

As the mobile phones becomes more sophisticated, they become more vulnerable to spyware and viruses. Hackers can work their way into your phone through text messages, steal your information and use your contact list to find more victims.

There are several simple ways you can help protect yourself.

Text messaging is a favorite service not only for users but also for scammers. For e.g., SMS carrying hidden coding were the weapon in an attack late last year on phones using the Symbian operating system and were later identified as a threat to the iPhone too.

Phishing scams have spread from email to SMS. It attempts to acquire personal data such as passwords or credit-card account information through fraudulent messages. Here the best protection should be familiar: Be skeptical of any messages that ask for passwords, account numbers or any other personal information. When in doubt, check directly with the company that claims to be asking for the information.

MMS also pose a threat. A message could contain a virus that not only can tap into any information stored on your phone but also dig into your phone's address book to spread itself to all of your contacts. Again, caution is the best protection. If you don't know the origin of the message or don't recognize the number it's sent from, it's best to delete it before opening.

One sure way to give strangers access to your phone is to lose it. And of course theft is another concern. If you have sensitive data on the device, make sure you have a way to remotely erase the contents—and that you know how to do it. If your phone doesn't have the capability, SMobile offers a program that allows you to remotely back up data and wipe the device clean.

Another easy way to lessen your vulnerability is to limit the amount of personal information on your phone. Don't list your home address, or the personal relationships with your contacts. Also, never place your credit-card or bank account numbers on your phone.

A password is yet another simple measure that can go a long way toward deterring common thieves from gleaning anything from your phone. All smart phones have the ability to create a password built in.

Transparency choice and control using Google Dashboard

2009-11-11T03:03:00.000-08:00

Google has announced the launch of Google Dashboard on 5th Nov 2009. The Google Dashboard offers a simple view into the data associated with your Google account — easily and concisely in one location.

openmediaboston.org reported- Google is on the defensive in recent months, facing threats of antitrust action from the Obama administration, a concerted public smear campaign by Microsoft, and growing concern from its users over its panoptic and ubiquitous services. In an attempt to allay these concerns and convince Washington it isn't evil, Google has created Dashboard, a tool that brings many of a user's privacy settings and content from Google products onto one page.

According to Google: ... with hundreds of millions of people using those (Google) products around the world, we are very aware of the trust that you have placed in us, and our responsibility to protect your privacy and data. In the past, we've taken numerous steps in this area, investing in educating our users with our Privacy Center, making it easier to move data in and out of Google with our Data Liberation Front, and allowing you to control the ads you see with interest-based advertising. Transparency, choice and control have become a key part of Google's philosophy, and today, we're happy to announce that we're doing even more.

Watch this quick video to learn more and then try it out for yourself at www.google.com/dashboard.

Protect your privacy on Facebook and Twitter

2009-11-06T10:45:00.000-08:00

How to protect your online identity and personal data in the age of the social web

Web surfing is no longer a solo affair. Social networking is built on the idea of sharing information openly and fostering a sense of community. Unfortunately, an online network of individuals actively sharing their experiences and seeking connections with other like-minded people can be easy prey for hackers bent on social-engineering and phishing attacks. It's important to be aware of the threats, and to maintain a healthy skepticism in your online interactions.

When you write a Twitter tweet or post a Facebook status update, you have to keep your audience in mind. More and more these days, we hear stories of people who have forgotten that their boss is part of their network and have said things online that have gotten them reprimanded, even fired.

With services like Twitter, or the recent changes to Facebook that allow anyone to view and search updates, you really have no way to hide.

Blog moved

2009-11-06T09:09:00.001-08:00

This blog has been moved to a new site with enhanced features. Click here to continue..