Friday, March 26, 2010

Privacy Settings: Don't blame your tools for your work results

Articles regarding privacy evaporation, and blaming the phenomenon on social networks, makes for lots of readers. But the reality is, the social networks are seldom to blame for the embarrassing and often dangerous positions people put themselves in regarding online information sharing.

A review of privacy settings can virtually eliminate the risk of unwanted sharing. Like anything else, users need to make sure they understand the powerful tool of a Twitter or Facebook account before they begin using it. Yes, you have to read.

Linkedin, Facebook, Plaxo, Twitter, Myspace and others actually provide some of the best methods for perserving personal privacy, when they are utilized properly. In fact, many use these services instead of standard email because they mask your IP address to the public, and are capable of offering just the information you want to be presented to the public at large. They also allow you to cut off or prevent communications from any user with a simple click.

Don't Blame Facebook for the Erosion of Online Privacy - Business - The Atlantic

To review your privacy settings and your overall presentation, have a trusted friend or a personal privacy consultant go through your social networking membership page, and provide feedback. A professional can tell you what information can be gleaned from your entries, which is critical in protecting yourself online.

Monday, March 22, 2010

High-tech copy machines a gold mine for data thieves -

Beware: You now have to verify deletion of digital files kept from paper copies, in order to protect yourself. High-tech copy machines a gold mine for data thieves -

Friday, March 12, 2010

Many Mobile Phones Now Equipped to Detect Personal Activity, Not Just Location

The newest incarnation of the cellular phones offered by most manufacturers contain "accelerometers". These sophisticated sensors are easily co opted to determine what exactly the carrier is doing. The phone can tell if you are walking, sitting, driving, even eating.

Manufacturers of the co opting software and additional add-ons are are quick to point out the potential uses for employers.

BBC News - Mobile that allows bosses to snoop on staff developed

The obvious ramifications for privacy are tremendous. Access of the data falling into the wrong hands could bring about an entirely new level of thievery and voyeurism, especially in light of the Obama Administration's recent statement that Americans have "no reasonable expectation of privacy" as to the location history of their mobile phones.

The likelihood of acceptance, however, as a so-called "self protection" measure, or "mothering" feature is likely to allow for mass use, according to some industry leaders.

Wednesday, March 10, 2010

DMV to Scan Your Hand for Employment: Senators Schumer (D) & Graham (R)

In what some are calling a case of monumental buffoonery, the Senate is about to consider a bill which would not only create a giant new bureaucracy and a new ID card which every employed person will have to buy, it also will have you going to the DMV to have your hand scanned. No kidding.

The new ID card is supposed to have something biometric "like fingerprints" to connect the holder to the card. The card is supposed to also verify that the holder is working legally. To make matters worse, employers are expected to buy $800 hand scanners from some lucky government contractor (probably in a state where a senator supports this nonsense) so that they can become the defacto immigration patrol.

Waiting in the wings are the thousands of scammers who will simply obtain the driver's licenses under fake pretenses to begin with, thereby using the ridiculous new ID card to buoy up the scam. The DMV simply is not qualified to verify immigration status.

If the motive for this legislation were anything other than pork barrel contractor gains, it would not exist. The passport already does more than the capabilities of the new ID card. In no country but the U.S. can you work, drive, open a bank account or climb on a domestic or international flight with any ID other than a passport.

The passport is verified by the State department of the issuing country, standardized as to content and structure by international treaty, internationally recognized, issued by all countries all over the world through consulates, and already held by millions. It is the toughest ID to fake, and the easiest faked ID to catch.

Contact Senator Schumer ( and Senator Graham ( and let them know that your passport is the only ID you will get for work, and all you will require of your workers.

Sign the petition to make the Passport the only US National ID, on Facebook at

Read the full story:

Worker ID Card at Center of Immigration Plan -

WARNING: Copy Machines Save Everything You Copy

Before you copy that tax return, your ID, child's passport application, or legal documents, you'd better check the privacy policy of the copy machine owner.

Copy machines are not the Mimiagraph machines of old. They are computers attached to very sophisticated scanners. Whatever you copy is stored in that computer. For how long? Ask the machine's owner.

Where does your lawyer make copies? Who copied your loan application? what about that lease? Who copied your daughters's school amission forms? All of those images are easily extracted from the copier, usually with a laptop, and not always by the owner. Who has access to copiers containing your private information?

Chances are, you shouldn't risk copying anything with personal information on any copy machine which you do not own.

Copy Machines Can Store Your Private Info -

Tuesday, March 9, 2010 Sued Over Privacy Setting Change

Changing privacy options without giving users the whole picture and a real opt-out option can be risky. apparently hoped nobody would notice.

MediaPost Publications - High School Reunion Ruin: Sued Over Opt-Out Privacy Setting Change 03/09/2010

Lifelock to pay $12 Million in False ID Theft Protection Claims Settlement

"...Protection actually provided left enough holes that you could drive a truck through it" - FTC

03.09.2010 International Association of Privacy Professionals--/

In a press conference held Tuesday, March 9, Federal Trade Commission (FTC) Chairman Jon Leibowitz and Illinois Attorney General Lisa Madigan announced that LifeLock, Inc., has agreed to pay $11 million to the FTC and $1 million to a group of 35 state attorneys general to settle charges that the company’s claims of providing 100-percent protection against identity theft were false.

“While LifeLock promised consumers complete protection against all types of identity theft, in truth, the protection it actually provided left enough holes that you could drive a truck through it,” Leibowitz said.

In addition to the $12 million settlement, LifeLock and its co-founders Richard Todd Davis and Robert J. Maynard, Jr. are prohibited from making deceptive claims and required to better safeguard customers’ personal information.

According to the FTC’s complaint, LifeLock’s claims included protecting against identity theft “ever happening to you” and being “the first company to prevent identity theft from occurring.” The FTC, however, contended that LifeLock’s practice of placing fraud alerts on its customers’ credit reports only protected them against specific types of ID theft, but had no effect on the most common form: the misuse of existing credit card and bank accounts.

“There is nothing you can do or purchase that will provide you with a 100-percent
guarantee against identity theft,” Madigan said during Tuesday’s announcement, urging consumers to be aware of the steps they can take to protect their personal information. “Most of what they did you can do on your own, and you can do it for free.”

In addition to what the FTC described as deceptive identity theft protection claims, Leibowitz noted that LifeLock’s own data security practices did not adequately protect its customers’ information.

According to an FTC press release issued after Tuesday’s conference, LifeLock routinely collected sensitive information from its customers, including their Social Security numbers and credit card numbers, but did not encrypt the data. Additionally, the FTC alleges, “sensitive consumer information was not shared only on a ‘need to know’ basis…the company’s data system was vulnerable and could have been exploited by those seeking access to customer information.”

The FTC has confirmed it will use the $11 million it receives from the settlements to provide refunds to consumers. For more information, visit

Jennifer L. Saunders IAPP