Solving problems that don't really exist
 
From buying self-help books to perusing Life Hacks online, we are a world obsessed with solving problems. 

Entrepreneurs, start-up companies and even long-standing organizations with newly minted "innovation labs" toil away, trying to fix what often isn't broken in the first place.
 
Although the spirit of invention (or reinvention, as the case may be), is awesome, the outcomes aren't always what we intend. Keep this in mind as you download the latest app, strap on the newest wearable smart device or add the hottest WiFi-enabled gadget to your home, car or office. 

Ask yourself, "Is this really going to make my life easier?" And more importantly, "Is there a privacy or security trade off?"
Please forward this message in celebration of this week's 
international Data Privacy Day, 
Thursday, January 28!

What's More Valuable Than Money?
Data. However, the value placed on different types of data is shifting. 
 
While cybercriminals were once clamoring for your payment data, today they are much more interested in other types of information. And of course, it's all about the money.
 
Stolen credit-card accounts available on the "deep Web" are selling for 22 cents per record. Netflix account information, on the other hand, averages 76 cents per account. But the real deal is Facebook. A cybercriminal with stolen Facebook  account information averages $3.02 for each one he sells. Uber accounts are even more valuable, bringing in $3.78 per account!
 
Change your passwords often, use strong ones and never use the same password more than once. If that's not realistic for you, use different passwords for your social and financial accounts. 
 
Who Has Your Health Data?
Your body contains one hundred trillion tiny cells. 
 
That almost unfathomable number is nothing compared to the amount of health data your body generates.
 
Scientists need a microscope to analyze your cells. Yet, an individual needs little more than a WiFi connection to access your medical and health data. As the Internet of Medical Things spawns the birth of more connected medical devices, privacy and security controls are vital to the wellness of all humans.
 
To bring more awareness to the need for these controls, I've produced a health data infographic enumerating just some of the many ways our medical and health data is collected and shared. 


Data Privacy Day in Iowa
An official proclamation from the Governor!
 
For the seventh consecutive year, we've been successful at working with the governor of Iowa, now Terry Brandstad, on an official proclamation of Data Privacy Day. We'll be celebrating here in the state, alongside those of you across the globe on Thursday, Jan. 28. 

If you're not familiar, the day marks an important opportunity to encourage consumers and businesses to be aware of data privacy concerns in today's digital, and increasingly connected, society and to take steps to protect personal information. 

I'll be appearing on the Great Day KCWI morning show broadcast to talk about Data Privacy Day, so if you're in the area, be sure to tune in!

Also, see my Data Privacy Day web page for information you can use for your own observance of International Data Privacy Day. Check back often; I have a few more things I will be adding over the coming days.

Why Should I Care About Privacy?
After all, privacy is dead, right?
 
No! Privacy is alive and well, albeit under increasing fire from some big-time threats. 

When people ask you why they should care about their privacy, you may find it helpful to talk about it from the perspective of freedom. Here's a little of what I shared on the topic with SecureWorld earlier this month:
 
Without privacy we do not have a free society; simple as that. We are not free to live our lives as we want if we know that there will be unlimited others...criminals, employers, hackers, government, law enforcement, insurance companies, marketers, businesses and anyone else who feels they need to surveil in some way...watching everything we do, say and write; both online and in real life.
 
You can be a part of the army of privacy defenders both during Data Privacy Day, Thursday, Jan. 28, and beyond. Simply ask questions, start a dialogue... persuade others to think before they blindly hand over their personal information for WiFi access, a 5% discount or a cute little game on their iPad.  

What Will the Hackers Hack Next?
If it's connected to the Internet, they'll hack it. 
 
Everything from electric skateboards and baby monitors to sniper rifles and smart cars has been proven vulnerable by those researching privacy and security controls.
 
And here's an especially scary place the hackers are headed - your medical devices, even those implanted in your body. To call attention to the problem, a computer security researcher hacked into her own pacemaker.  
 
After the exercise, she made what I believe to be a critical point. It isn't always the hospital, the clinic or the doctor at fault for the use of insecure communications and other systems. Vendors, suppliers and medical device engineers that haven't prioritized security and privacy are often to blame. She said:
 
"As a patient I am expected to trust that my device is working correctly and that every security bug has been corrected by the vendor, but I want to see more testing and research [because] we can't always trust vendors."
 
Absolutely right.  

Learn more about the privacy and security risks of medical devices in a recent webinar I gave, "The Medical Internet of Things: 2016, the Year Ahead."
 
What Does the Internet of Things Have To Do With Me?

Only everything. 
 
In fact, the IoT has been called the next Industrial Revolution.
 
Sensors are about to find their way into nearly everything you own - from your socks and watch to your refrigerator and thermostat. Each one will send hundreds of MBs worth of your personal and behavioral data to the cloud, all in the names of convenience, efficiency, innovation and more.
 
Here again, we may be trying to solve problems that don't really exist. For instance, is it really that difficult to answer your own front door? Do we truly need to attach a sensor and camera to our doors to enable remote opening?
 
 
If they aren't already, connected, "smart" devices will be on the radar of every hacker, law enforcement agency, marketer, private investigator, data scientist and... well, you get the point. Artificial intelligence will help these organizations put the data in context to make assumptions (and predictions) about you and your family members. 

So, what does IoT have to do with you. Only everything. 

It's a balancing act. 

For the past several years, I've been both excited about the possibilities for IoT to improve lives and concerned about the associated security and privacy risks. So I was thrilled to be asked this past June to join the new IEEE P1912 Privacy and Security Architecture for Consumer Wireless Devices Working Group as an officer. It's the hope of colleagues and I that we will create standards for the engineers of these IoT devices to build in significantly more security and privacy capabilities right from the outset.
  
Privacy Professor On the Road & On the Air
  
 

On the road again 

One of my favorite things to do is visit with leaders in different industries - healthcare to energy and beyond. Below are a couple recordings of recent talks and a schedule of where I'll be over the next few months.
 
My talk on the need for more privacy controls at Purdue University for their CERIAS program is available on my YouTube channel.
 
My participation in an Internet of Medical Things panel for the The BioPharma Research Council. 

February 15 & 16: (Two Live Privacy & Security Workshops) Alaska Surveying & Mapping Conference, Anchorage, Alaska

March 16: (Privacy Training) The Conference that Counts, Albany, New York
 
April 30 - May 1: (Live Presentation) 2-day workshop, "Creating a Privacy Program using ISACA's Privacy Principles," ISACA, New Orleans
 

 
Taking to the air waves

The Great Day KCWI 23 Morning Show regularly covers privacy and security tips with their guest, the Privacy Professor! Each is a brief 10-15 minutes and covers topics ranging from insider theft to connected vehicles. Check out this online library to watch recent episodes. Below are upcoming in-studio visits. 

January 28: Data Privacy Day (The recording will be posted to the Privacy Professor YouTube channel)


Questions? Topics?

Have a topic I should discuss on the Great Day KCWI morning show? Or, a question I can answer in my next monthly Tips? Let me know!


This year, as you stumble upon the gadgets, inventions, gizmos and devices that promise to help you achieve those new-year resolutions, give them stronger consideration. 

Be aware the convenience, financial savings or other "problem solving" benefits offered by connected devices can come at price. 

Are they worth the privacy and security risks they may pose? Ask these questions of those trying to give or sell them to you! They need to have answers for such questions.

There are so many great innovations out there for the taking. Go ahead and take... just know someone, somewhere, may be taking from you, too! 
Rebecca
Rebecca Herold
The Privacy Professor
Need Help?


Permission to Share

Want to repurpose the information contained in this Tips? Yes, please forward in its entirety. 

If you prefer to use only excerpts, please use this attribution:

Source: Rebecca Herold, Founder, The Privacy Professor�, privacyprofessor.org, privacyguidance.com, [email protected] 

NOTE: Permission for excerpts does not extend to images; some of which are my own personal photos. If you want to use them, contact me.