Rewarded for sharing your data? Sign me up!

Rewarded for sharing your data? Sign me up!

Companies now starting to pay users for their data, in efforts to be more ethical. Large Bluetooth security flaw detected proving potentially harmful to millions. Blockchain’s future looking bright as privacy-preserving technology booms. Canadian federal elections being ‘watched’ for their history of ‘watching’ public.

Rewarded for sharing your data? Sign me up!

Drop Technologies has secured USD$44 million in investments towards growing a technology-based alternative towards traditional customer loyalty programs. With over three million users signed up already, as well as 300 brands on its platform, such as Expedia and Postmates, the company is headed in the right direction. 

Given that Facebook and other tech giants are monetizing data without user permission, getting paid for it doesn’t seem like a bad idea after all. “I’m a Facebook user and an Instagram user, and these guys are just monetizing my data left and right, without much transparency,” said Onsi Sawiris, a managing partner at New York’s HOF Capital.” At least if I’m signing up for Drop, I know that if they’re using my data I will get something in return, and it’s very clear” (Source).

This alternative to rewards programs basically tracks your spending with all of their 300+ brands, and lets you earn points that you can spend at certain companies such as Starbucks of Uber Eats. If it’s an alternative to credit card rewards, it will be beneficial to consumers looking for extra savings on their purchases. So don’t drop it till you try it!

Bluetooth proving to be a potential data breach vulnerability 

Researchers have discovered a flaw that leaves millions of Bluetooth users vulnerable to data breaches. This flaw enables attackers to interfere while two users are trying to connect without being detected, as long as they’re within a certain range. From music to conversations, to data entered through a Bluetooth device, anything could be at risk. “Upon checking more than 14 Bluetooth chips from popular manufacturers such as Qualcomm, Apple, and Intel, researchers discovered that all the tested devices are vulnerable to attacks” (Source). 

Fortunately, some companies such as Apple and Intel have already implemented security upgrades on their devices. Users are also advised to keep their security, software, and firmware updated at all times. 

Get ready for blockchain advancements like never before

For the past decade, blockchain has been used to build an ecosystem where cryptocurrencies and peer-to-peer transactions are just a few of the many use cases. (Source).

Traditionally, data is shared across centralized networks, leaving systems vulnerable to attacks. However, with decentralization as an added security measure to blockchain, the threat of a single point of failure across a distributed network is eradicated. 

As more and more companies turn to blockchain to gain the benefits of more efficient data sharing and easier data transfers, privacy is overlooked.

In most public blockchains today, transactions are visible to all nodes of a network. Naturally, of course, the issue of privacy is raised due to the sensitive nature of the data, and this transparency comes at a cost. With digital transformation happening all around us, privacy protection cannot be ignored.

To address privacy, many blockchain companies are employing privacy-preserving mechanisms on their infrastructures, from zero-knowledge proofs to encryption algorithms such as Multi-Party Computation (MPC). These mechanisms encrypt data as it’s shared and only reveal the specific elements needed for a specific task (Source).

Costs efficiencies and a better understanding of consumer needs are just a few of the advantages of privacy-preserving mechanisms being introduced. As data and privacy go hand in hand in the future, equitability and trust will be our key to unlock new possibilities that enhance life as we know it (Source).

Upcoming Canadian elections could turn into surveillance problem

Once again, the Canadian federal elections are raising concerns about interference and disruption through the misuse of personal data. In the past, political parties have been known to use their power to influence populations who are not aware of how their data is being used. 

Since data has played a major role in elections, this could become a surveillance issue because experts who study surveillance say that harnessing data has been the key to electoral success, in past elections. “Politicians the world over now believe they can win elections if they just have better, more refined and more accurate data on the electorate” (Source).

A related issue is a lack of transparency between voters and electoral candidates. “There is a divide between how little is publicly known about what actually goes on in platform businesses that create online networks, like Facebook or Twitter, and what supporters of proper democratic practices argue should be known” (Source).

The officials of this upcoming election should be paying close attention to the public’s personal data and how it is being used.

Join our newsletter


A deep dive into Facebook’s privacy today

A deep dive into Facebook’s privacy today

This week we take an in-depth look into what privacy looks like for Facebook. First, we will explore what user data Facebook is collecting. Then, we will look at how Facebook is invading users’ privacy… again. Finally, we will discuss the new privacy scam directed at Facebook.

See and control what Facebook collects from you

Last year, Facebook announced their upcoming release of a tool to ‘clear history’ and delete data that third-party websites and apps share with the social media giant. Fast-forward to today, the company has kept its word and has released the tool in Ireland, South Korea, and Spain. 

The tool, known as ‘Off-Facebook Activity’, allows you to see and control what information has been collected about you by apps and websites and sent to Facebook. It will show you information about your online activities, the questions you search on Google and your online shopping history. However, while it has the option to disconnect the data, it cannot delete it.

If you choose to clear your activity, Facebook will simply remove your identifying information from the data and unlink it to your account. It will not delete the data (Source).

This is the first step in the right direction, as this is the first time Facebook has allowed users to control or even see this information.

Facebook’s voice transcripts more invasive

Facebook has been transcribing users’ audio clips for quality control and to improve the accuracy of their services. Unlike Alexa or Google Home workers listening to user recordings, Facebook’s audio does not come from users giving smart assistants commands but from human-to-human communication. Bloomberg reported that Facebook contractors were kept in the dark with regards to where the audio came from and why these audio clips needed to be transcribed. 

While Google, Apple, and Facebook have temporarily suspended human audio reviews, Amazon has chosen to let its users opt-out (Source).

Another Facebook privacy scam, and this time it’s not Facebook’s fault

People have been reposting and resharing a viral message, that explicitly notifies Facebook of their rights as users.

“Don’t forget tomorrow starts the new Facebook rule where they can use your photos. Don’t forget Deadline today!!! It can be used in court cases in litigation against you. Everything you’ve ever posted becomes public from today Even messages that have been deleted or the photos not allowed. It costs nothing for a simple copy and paste, better safe than sorry. Channel 13 News talked about the change in Facebook’s privacy policy. I do not give Facebook or any entities associated with Facebook permission to use my pictures, information, messages or posts, both past and future. With this statement, I give notice to Facebook it is strictly forbidden to disclose, copy, distribute, or take any other action against me based on this profile and/or its contents. The content of this profile is private and confidential information. The violation of privacy can be punished by law (UCC 1-308- 1 1 308-103 and the Rome Statute. NOTE: Facebook is now a public entity. All members must post a note like this. If you prefer, you can copy and paste this version. If you do not publish a statement at least once it will be tacitly allowing the use of your photos, as well as the information contained in the profile status updates. FACEBOOK DOES NOT HAVE MY PERMISSION TO SHARE PHOTOS OR MESSAGES.”

It is not real, it is a scam, and there are several reasons why:

1. The message is written poorly with no attention to capitalization and grammar.

2. There is no way you can end up in court by using social media.

3. Facebook does not own your content, there are several discrepancies. 

4. Posting a statement on your Facebook timeline that is contrary to Facebook’s privacy terms has no legal effect nor does it change Facebook’s privacy policies (Source).

However, if you are still wary about your privacy being at risk, take some measures to be safer. Change your privacy controls. Don’t post content that you don’t want being shared. Or, simply cancel your account for the best protection guaranteed. 

 

Join our newsletter


Avoid Data Breaches and Save Your Company Money

Avoid Data Breaches and Save Your Company Money

Tips on how to avoid privacy risks and breaches that big companies face today. How much data breaches cost in 2019. Why consumers are shying away from sharing their data. Airline phishing scam could prove to be fatal in the long-run.

Stay Ahead of the Privacy Game

The Equifax data breach is another wake-up call for all software companies. There’s so much going on today, with regards to data exposure, fraud and, threats. Especially with the new laws proposed, companies should take the necessary steps to stay away from penalties and breaches. Here are some ways you can stay ahead of the privacy game. 

  1. Get your own security hackers – Many companies have their own cybersecurity team, to test out for failures, threats, etc. Companies also hire outside hackers to uncover any weaknesses in the company’s privacy or security tactics. “Companies can also host private or public “bug bounty” competitions where hackers are rewarded for detecting vulnerabilities” (Source)
  2. Establish trust with certificates of compliance – Earn your customers’ trust by achieving certificates of compliance. The baseline certification is known as the ISO 27001. If your company offers cloud services, you can attain the SOC 2 Type II certificate of compliance.
  3. Limit the data you need – Some companies ask for too much information, for example, when a user is signing up for a free trial in hopes of making easy money. Why ask for their credit card number when you are offering a free trial service? If they love the product or service, they themselves will offer to pay for full services. Have faith in your product or service.
  4. Keep the data for as long as needed only – Keeping this data for long periods of time, when you don’t need it is simply a risk for your company. Think about it: As a consumer yourself, how would you react if your own personal data was compromised because of a trial you signed up for years ago? (Source)

How much does a data breach cost today?

According to a 2019 IBM + Ponemon Institute report, the average data breach costs a company approximately USD$1.25 million to USD$8.19 million, depending on the country and industry.

Each record costs companies an average of USD$148, based on the report’s results, which surveyed 507 organizations and was based on 16 regions in the world, across 17 industries. The U.S. takes first place with the highest data breach, at USD$8.19 million. Healthcare is the most expensive industry in terms of data breach costs, sitting in at an average of USD$6.45 million. 

However, the report isn’t all negative, as it provides tips to improve your data privacy. You can reduce the cost of a potential data breach by up to USD$720,000, through simple mitigating steps such as an incident response team or having encryption in place (Source).

Consumers more and more hesitant to share their data

Marketers and data scientists all over – beware. A survey of 1,000 Americans conducted by the Advertising Research Foundation indicates that consumers’ will to share data with companies has decreased drastically since last year. “I think the industry basically really needs to communicate the benefits to the consumer of more relevant advertising,” said ARF Chief Research Officer Paul Donato. It is important to remember that not all consumers would happily give up their data for better-personalized advertisements (Source).

Air New Zealand breach could pose long-term effects

Air New Zealand’s recent phishing scam from earlier this week has caused fear among citizens. The data breach exposed about 112,00 Air New Zealand Airpoints customers to long-term privacy concerns. 

Victims received emails requesting them to disclose personal information. They then responded with personal information like passport numbers and credit card numbers. 

“The problem is, the moment things are out there, then they can be used as a means to gain further information,” said  Dr. Panos Patros, a specialist in cybersecurity at the University of Waikato. “Now they have something of you so then they can use it in another attack or to confuse someone else” (Source).

A good practice for situations similar to this is to regularly change your passwords and monitor your credit card statements. Refrain from putting common security question information on your social media such as the first school you attended or your first pet’s name, etc. Additionally, delete all suspicious emails immediately without opening them (Source). 

Join our newsletter


Facial Recognition Technology is Shaking Up the States

Facial Recognition Technology is Shaking Up the States

Facial recognition technology is shaking up the States

Many states in America are employing facial recognition devices at borders to screen travelers. However, some cities like Massachusetts and San Francisco have banned the use of these devices, and the American Civil Liberties Union (ACLU) is pushing for a nationwide ban. 

It is still unclear how the confidential data gathered by the facial recognition devices will be used. Could it be shared with other branches of the government, such as ICE? 

ICE, or Immigrations and Customs Enforcement have been in the public eye for some time now, for their arrests of undocumented workers and immigration offenders. 

“Any time in the last three to four years that any data collection has come up, immigrants’ rights … have certainly been part of the argument,” says Brian Hofer, who is part of Oakland’s Privacy Advisory Commission. “Any data collected is going to be at risk when [ICE is] on a warpath, looking for anything they can do to arrest people. We’re definitely trying to minimize that exposure”.

This unregulated data is what is helping ICE locate and monitor undocumented people violating laws (Source).

Now Microsoft is listening to your Skype calls

A new day, a new privacy scandal. This week, Microsoft and Skype employees were revealed to be reviewing real consumer video chats, to check the quality of their software, and its translations. 

The problem is that they are keeping their customers in the dark on this, as do most tech companies. Microsoft has not told its consumers that they do this, though the company claims to have their users’ permission. 

“I recommend users refrain from revealing any identifying information while using Skype Translation, and Cortana. Unless you identify yourself in the recording, there’s almost no way for a human analyst to figure out who you are”, says privacy advocate Paul Bischoff (Source).

Essentially Alexa, Siri, Google Home, and Skype are listening to your conversations. However, instead of avoiding these products, we are compromising our privacy for convenience and efficiency. 

Canadians want more healthcare tech, regardless of privacy risks

New studies indicate that Canadians are open to a future where healthcare is further enhanced with technology, despite privacy concerns. 

The advantages of these innovations include reduced medical errors, reduced data loss, better-informed patients, and much more. 84% of respondents wanted to access their health data on an electronic platform, as opposed to hard copy files. 

Dr. Gigi Osler, president of the Canadian Medical Association, states, “We’ve got hospitals that still rely on pagers and fax machines, so the message is clear that Canada’s health system needs an upgrade and it’s time to modernize”. 

Furthermore, most respondents look forward to the possibility of online doctor visits, believing that treatment could be faster and more convenient (Source).

After all, if we bank, shop, read, watch movies and socialize online, why can’t we get digital treatment too? 

Join our newsletter


CryptoNumerics’ Privacy Automation Solutions

CryptoNumerics’ Privacy Automation Solutions

The demand for data privacy automation has arrived. Manual ways to make data private cannot keep up with the new data privacy regulations and thus a new solution is needed. This is hindering many organizations by slowing down their data processes and analytics. To combat this, companies need privacy automation to unlock their data and use their most valuable asset in a way that both protects and adds value to their customers’ lives.

The CryptoNumerics solutions bring forth a new next-generation of privacy automation solutions. Privacy automation is not just about encrypting and hashing data. It’s far more complex than that. Privacy automation needs to assess the risk of the data for re-identification. It needs to apply privacy actions to the data that allows the analytical value to be used in data science environments. It also needs to balance the compliance and risk teams’ requirements together with the data analytics teams. Privacy automation needs to provide complete audit and compliance reporting. CryptoNumerics’ privacy automation solutions are truly next-generational. It’s intended to be enterprise and end-to-end, thus harmonizing the needs of both the Compliance and the Data Science teams.

Join our newsletter