The Technology Tradeoff

 

Here in the U.S., with the Thanksgiving holiday its crowing jewel, the month of November gives us time to reflect on all the things for which we are grateful. For many of us, this includes the new and emerging technology tools that make our lives easier. Mobile apps that help us navigate a strange city, smart devices that know exactly when to brew our morning coffee, loyalty programs that offer us discounts simply for walking in a store - all of these innovations certainly offer value.  

    

 

As we know, however, there's no such thing as a free lunch. Very few of these technologies have been built by altruistic developers who simply want to make things better for their fellow man. Quite often these helpful innovations are built for a much more profitable purpose. While developers may not be getting wealthy, they may be building a pool of data that is arguably just as valuable.  

 

The takeaway? It's perfectly appropriate to be grateful for these new tools and technologies. Just be sure to adopt them with eyes wide open, fully aware of how they are gathering your data and with which parties they are sharing that information. 

 

Your Face in Google Ads

When it comes to developers of popular free tools, Google is king. Yet the tradeoffs for using tools like YouTube, Gmail and Google+ are becoming clearer. For instance, starting November 11, Google will be able to include Google+ users' faces, names and comments in ads. Configured as a default, the policy is one that users must opt out of if they do not want their images projected in marketing messages.

 

Here's exactly how to stop your face from appearing in what are being called "adver-dorsements" (at least for now, until Google+ changes again):

  1. Navigate to Shared Endorsements in Google+ settings.
  2. Uncheck the box next to "Based upon my activity, Google may show my name and profile photo in shared endorsements that appear in ads."

Understand that this will not stop your network from being able to see those companies and brands that you have liked (or in Google+ language, plus-one'd). If this makes you uncomfortable, simply stop hitting +1 and do not leave any reviews on Google products.  


What Email Activity Reveals about Your Relationships


Developers, even those who are open about their data-collection policies, often argue that even though they are collecting some information, they are keeping your personal information -- the kind that can identify you, like social security numbers -- private. Yet it's important to understand that assumptions on who we are and with whom we are associated can easily be made when that data is analyzed.

 

Take this story, offered up by a tech blogger who asked an MIT professor to analyze his Gmail activity, for example:

 

A few minutes after looking at my profile, he had my number. Like a fortune teller, he could immediately ferret out my closest relationships. 

 

Correspondence with my girlfriend put her right at the center of my profile. After sorting our emails by month and year, the professor could see that we met four years ago. He could see that things started out slowly, and as we became closer, messages flew back and forth at a faster rate.

 

The professor notes that even without identifying information attached to these communications, the patterns he sees are unique. Few people have the exact same communications pattern with my girlfriend, my son, and with my close friends. So that information could potentially be used to identify me.

 

 

Who Will Inherit Your Twitter Account

Many a social media user has wondered: What happens to my networks when I die? Fortunately, many developers have answered, and today there are a multitude of free and inexpensive tools available to consumers who wish to "will" their social media accounts to a loved one.

 

Legacy Locker for example, is a free service that lets the social savvy pass on their online accounts to designated heirs after they die. If you have more than three accounts to pass on, though, they'll charge you a monthly fee.

 

Some legal experts say you should go a step farther and actually create a letter in addition to your will including all of your online and social passwords. It's important, as The Wall Street Journal points out in this article, to create a separate letter rather than to publish those passwords inside the will because that document could become public.   

  


Your Digital "Cloak of Invisibility"

It's always fascinating when societies are pushed to innovate to protect themselves from their own innovations. And that is exactly what two privacy-savvy individuals have collaborated to bring to the market. 

 

Called "Off Pocket," the tiny purse allows users to keep their phones on while blocking incoming phone signals, Wi-Fi, GPS and Internet connections. It's designed to replace the "old-fashioned" way of shutting out the world, which is simply shutting down your phone.

 

As this post by an NPR blogger points out, Off Pocket has not quite passed muster, so it'll likely be some time before we see it (or its knock-off) achieve mass adoption. Nonetheless, it's interesting evidence that people are investigating the capitalistic possibilities of protecting consumers from unwanted privacy invasions. 

  

Another Free Tool to Use with Caution

Free tools and technologies can deliver real value. Yet they also can present risks. Take the time to understand them before you proceed.

 

URL shortening services, for example, are fantastic, especially for those of us who love to share our knowledge and findings inside social networks. Yet they can very easily, and often do, hide a nefarious attack. Be sure to check the security of shortened URLs before clicking them. One service you may consider is urlxray.com. (Thanks to my friend @DebbieMahler for this pointer!)

 

When and where are you giving up your personal data each day? If you didn't see it last month, please check out the new infographic I created to raise awareness of where our personal information is being collected, often without our knowledge. 

 

***Please share the infographic... the more eyes we can get on this information, and the more conversations about the related privacy risks we can start around it, the better! *** 

 

   

 

Reader Question  

 

How do my Facebook friends know when I am online? I recently opened my Facebook and had a message that said: 

 

My mobile device shows me you're online. Are you here?

 

I had been away from my computer for three hours, and it had been in sleep mode. What kind of device provides my online status to my Facebook friends? Is there a setting I can use to disallow that?

 

This is a significant problem a lot of folks have complained about. Facebook is always changing how its site works, and how its data is shared, so it's understandably hard to keep up. Below are a few things to consider.

 

If you are using a mobile Facebook app:

 

These apps automatically show you as being online; that is one of their "beneficial features."  

 

Understand if you have Facebook's chat feature turned on, there will be an indicator next to your name, viewable by all those you have indicated you are open to chatting with (see image courtesy of Inside Facebook below). This will display in the News Feed whenever you do anything (e.g. like something or post a comment.) 

 

 

If you enable chat for only one person (Choose someone not likely to chat!), you will be unavailable to everyone except that one person.

 

If you are using Facebook via browser:

 

Turn off the Facebook chat feature. If you have this feature turned off, the only way someone will be able to know you're online is if you do something that will show up in the News Feed.

 

The only way to completely keep others from seeing that you're online is to avoid liking, commenting or posting, each of which automatically publishes your activity (often with a time and location stamp).

 

If you have a question like this one above from my friend Gayle Lin, simply reply to this email, and I'll do my best to offer an educated answer... or at the very least, my opinion. 

 

Need Help?

 

If you need any help with information security or privacy training and awareness, or if you must comply with HIPAA and need help (especially important now that the Omnibus Rule has gone into effect), please check out my Compliance Helper site or get in touch with me; I would love to help you!

  

You Have My Permission to Share

 

I receive a lot of requests to repurpose the information contained in these Tips messages, so I wanted to drop a quick note in here to say, "Yes, I approve!" Please use the following attribution so that others will know where to find me if they have additional questions about the material you pass along.

 

Source: Rebecca Herold (a.k.a. The Privacy Professor), privacyguidance.comrebeccaherold@rebeccaherold.com.

 

  

 
This is the time of year to be thankful, and to help those that are less fortunate. Helping others out is good, and I'm sure I'm not alone in wishing more people would participate! However, be sure to watch out for the charity scams. There are plenty going on this time of year.

 

 

Have a wonderful Thanksgiving!

   

Rebecca

Rebecca Herold, CISSP, CIPM, CIPP/US/IT, CISM, CISA, FLMI 
The Privacy Professor�
Rebecca Herold & Associates, LLC
Mobile: 515.491.1564