Connect with us

Privacy

Technology Law: with Billy Hawkes & Ronan Lupton

Data Protection and ePrivacy law are now a part of doing business online. With high profile cases of lost or leaked data and ubiquitous social networks, consumers are increasingly conscious of how carefully website owners, large and small, are looking after their personal data.

Published

on

Data Protection and ePrivacy law are now a part of doing business online. With high profile cases of lost or leaked data and ubiquitous social networks, consumers are  increasingly aware of how website owners, large and small, handle their personal data. In the  Technology in Business segment on today’s show Billy Hawkes the Data Protection CommissionerRonan Lupton, Barrister, specialising in media and commercial law and I, joined Bobby Kerr for an extended version of the Technology in Business segment. Extended, because there’s lots to say!

Direct marketing via email to your existing customers or a cookie that recognises a returning visitor to your website are all subject to Irish Data Protection Law, and the Data Protection Commissioner explained the relevance of Irish law to not only large technology companies, but to all SMEs with a website or who retain customer data.

And for businesses selling or promoting products online you need to bear in mind where you get images, descriptions and content that you publish. In the old days, you wouldn’t have gone to a competitor’s shop, photocopied their brochure, copied their descriptions and produced your own catalog, yet we do see this sort of thing happening online. If you copy content, or use material without permission you could have legal woes ahead.

“A cookie, sometimes called a web cookie, or a browser cookie, is a small piece of data sent from a website and stored on a user’s web browser while the user browses a website. A cookie is usually a string of text, numbers and some alpha-numeric characters stored as a text file on the users computer.”

— redcert.com/news/what-is-a-cookie

When you’re doing business online, I’m an advocate for a common sense approach; would you do it in the ‘real world’, of business?  If the answer’s no, you probably shouldn’t do it online. So always seek permission to use or reproduce content. My experience is that people will often say yes, but big brands or suppliers often have image use or brand guidelines, which they’ll tell you. They may well supply you with better quality images than you’d pick up around the web anyway.

And what’s a common sense approach to Data Privacy? Treat your website users and their data with respect and be open with them. Do you really need to collect any data from them? Make sure, if your website uses cookies, that you have a prominent notice on your website regarding this. If your website doesn’t use cookies, I’d suggest that’s worth telling visitors also – transparency is gradually becoming appreciated and expected by web visitors. I’ve come across various free and open-source solutions to the Cookie law notice – SilkTide is a good example. So if you maintain your own website, you could customise a tool like this or talk to your web-designer and have them do it for you.

If you do you collect data from your website users treat it with care; never sell it, never share it and protect it. The best place to start a review of your compliance is the Data Commissioner’s website DataProtection.ie and the Self-Assessment Checklist; and the case studies on the data commissioner’s website are an excellent indicator of how the law is interpreted, and implemented in a real world situations.

Data protection, copyright, e-privacy – there not there to cause you a problem, rather the law is well defined to ensure you don’t have one in the future.

“And no, the EU directive isn’t a boon for the web-design industry; I customised the SilkTide Cookie Notice for my website in less than an hour.”

External links & references

  1. DataProtection.ie : Data Privacy Checklist
  2. RIght to be forgotten : Google in Spanish courts
  3. Social Media Ethics & Regulation: @ TJ McIntyre.com
  4. What is a Cookie? : Redcert
  5. SilkTide’s cookie consent : open-source tool for websites
  6. Raytheon and Social Media data : RedCert
  7. My Secret Crush on Big Data : RedCert

Continue Reading

Privacy

The day Booz Allen called

Around a year ago, both Shannon Daly and myself wrote blog posts on redcert.com about PRISM and Edward Snowden. A few days lter I was browsing my LinkedIn profile – and, I’d had an anonymous viewer. My heart fluttered – I expected the head-hunter call – the remarkable offer – and I kept scrolling.

Published

on

Around a year ago, both Shannon Daly and myself wrote blog posts on redcert.com about PRISM and Edward Snowden. A few days lter I was browsing my LinkedIn profile – and, I’d had an anonymous viewer. My heart fluttered – yes!the head-hunter call was coming – the remarkable offer to change something forever. I kept scrolling and stayed by the phone.

It appears , one of my anonymous viewers was from Booz Allen : my heart fluttered even more – the pay’s good.

Continue Reading

Government

Prism: It’s been hiding in plain sight

Well, here it is. After weeks, months, and even years, the scandal has arrived. The scandal that may forever tarnish the Obama presidency: Prism, the top-secret NSA surveillance program that has been harvesting data from nearly every social network service and the world’s leading internet companies. Your personal information and mine and that of everyone you know is being hoovered up and examined and gleaned for whatever information the NSA considers pertinent. This is governmental overreach at its worst. An overwhelming example of the “Power corrupts; absolute power corrupts absolutely” adage.

Published

on

Well, here it is.  After weeks, months, and even years,   the scandal has arrived.  The scandal that may forever tarnish the Obama presidency:  Prism, the top-secret NSA surveillance program that has been harvesting data from nearly every social network service and the world’s leading internet companies.  Your personal information and mine and that of everyone you know is being hoovered up and examined and gleaned for whatever information the NSA considers pertinent.  This is governmental overreach at its worst. An overwhelming example of the “Power corrupts; absolute power corrupts absolutely” adage.

Even President Obama, who campaigned on being the antithesis of George W. Bush and everything he stood for, is not immune to its pull.  Had this occurred during Obama’s first term, I would have to give serious consideration to something I swore, from the day I turned eighteen, I would never do:  abstain from voting in a Presidential election.  This, to me, is an absolute dealbreaker.

And yet, I don’t feel the outrage that is very much justified coming from the media or the populace.  On Yahoo! News this morning the first Prism-related article was an astounding 55 headlines in, one of only three on the entire page, which seemed to be dominated by WWDC speculation and television gossip.  Network news has given it little more than a cursory glance.  On most of the major news channels the story garnered perhaps five minutes of coverage per half-hour, the ironic exception being the opinion programs of that liberal bastion MSNBC, which stayed on the story slightly longer.  Hours upon hours of news coverage has been spent on tempests-in-teacups like the IRS and Benghazi.  Now here’s the real thing being handed to them on a plate, and the response has been superficial at best.  It’s touched on briefly and then abandoned.

The reaction of the average citizen is even more frustrating.  Most people either just shrug as if to say “It’s not surprising but it’s out of my hands,” or they take the stance of  “Well, if that’s what it takes to catch the bad guys, so be it.”  Where is the attention and the anger this story deserves?  Is this the “boy who cried ‘wolf'” effect?  Have we all become so overloaded with pseudo-scandals that we fail to see the genuine article when it’s right in front of us?  Has Edward Snowden given up his life and, most likely, his freedom for nothing?  Is he martyring himself for the good of a public that just doesn’t seem to give a damn?

“NSA is focussed on getting intelligence wherever it can by any means possible… Increasingly we see that it’s happening domestically. The NSA specifically targets the communications of everyone, it ingests them by default, it collects them in its system and it filters them and it analyses them and it measures them and it stores them for periods of time … While they may be intending to target someone associated with a foreign government or someone they suspect of terrorism, they’re collecting your communications to do so. Any analyst at any time can target anyone…”

— Edward Snowden

It would be nice to think this is being done just for purposes of national security (although the effectiveness of this type of blanket surveillance is questionable), but honestly, do we really think it’ll stop there?  What else could this information be used for?  Could you suddenly find yourself under the scrutiny of your insurance company for a condition for which you haven’t even sought treatment?  Or perhaps for your choice of weekend past-time, such as rock-climbing or motorcycle racing?  The stories of the FBI tracking library records have been around for decades — what types of records could they be keeping now?  Is there a file on you out there somewhere, detailing your Facebook posts, your Google searches, the YouTube videos you watch . . . and the  other types of videos you watch?  This is the very definition of a slippery slope.

Right now this story is relatively self-contained, but the vastness of this violation of privacy is such that it   will be abused.  There are probably abuses and plans for abuses happening right now as you read this.  When those stories are exposed — when it finally becomes clear that your private life is anything but — will people’s indignation finally be awakened?  And will it come too late to spark change? I’m watching…they’re watching.

External Links & References

  1. NSA’s Prism Surveillance Program:  How It Works and What It Can Do
  2. UP with Chris Hayes on MSNBC
  3. Why Edward Snowden is a hero : John Cassidy @ New Yorker Blog
Continue Reading

Privacy

Raytheon predict a RIOT: your ‘predictive’ data

Last week, Ryan Gallagher in The Guardian wrote about RIOT, an experimental project by the defence contractor Raytheon. A Cyber-Tracking tool, RIOT (Rapid Information Overlay Technology) analyses photos and the location data that may be attached to the photos that social network users take and post to services like Instagram or Facebook. 

Published

on

Last week, Ryan Gallagher in The Guardian wrote about RIOT, an experimental project by the defence contractor Raytheon. A Cyber-Tracking tool, RIOT (Rapid Information Overlay Technology) analyses photos and the location data that may be attached to the photos that social network users take and post to services like Instagram or Facebook.  Using a graphical browser a reviewer can see the activity, associations and relationships between a subject and other online users. It could  allow analysis of where a subject went and how often – and how they got there and who they went with. The fact that the word ‘Rapid’ is in the acronym is interesting. Rapid because it’s a zippy application to use? Or ‘rapid’ because the data can be analysed in almost real-time as new check-ins happen, facilitating real-time tracking and even real-time prediction about where a subject is going next, and with who.

The potential for intrusion and the impact on people’s privacy is significant. The truth is many of us are not always where we’re meant to be; when we take an hour off to go to the dentist we may meander back to the office via Century 21 or The Gap, we occasionally tweet exes whilst under the influence late on a Friday night; deeper analysis may show that the duration it took you to get from home to the office may indicate your average speed was in excess of legal limits. Issue the speeding fine now!

“Data can always be interpreted in a variety of ways, and interpretation is in the eye of the beholder. If the beholder (of data) is looking at you this closely, the context is not a social one – they’re not nodding approval at your sushi reviews.”

Regular social activity from from Twitter, Facebook and Foursquare could be used to review a person’s activities, associations, movements and perhaps predict future movements and associations. Interesting use of publicly available data. If this story revealed a marketeer doing the same thing, we would be less concerned,  perhaps we’d sigh, and think that we’d just have to deal with more location targeted marketing. But, because Raytheon is a large defence contractor, it’s not a huge leap to think this is the sort of that will appeal to governments – worldwide. It would be comforting to believe that such a wide-scale initiative would only be used to catch bad guys, because of course, you and I have nothing to fear, after all we’re members of the innocent majority.

We owe ourselves some reflection on this, are you happy having your personal data analysed to this extent? If the data were used like many web companies use data, cumulatively, there are obvious benefits. Traffic on Fridays for instance – opening extra lanes, extending traffic light sequences in hot-spots or suggesting retailers look at opening hours could all help relieve congestion in focus areas.

One of the issues is social media may not actually be reflective of real-world relationships and real-world intentions or trends. We know people who interact excessively on-line do not in fact want to interact with the same people in the physical world. We often pay more attention to those we don’t know well; they have less in common with us, are outside our close circles of commonality and are often the people who tell us the most interesting things. And of course, can you program an analysis engine to interpret satire or sarcasm? Humour and satire will be a trait that could land you in the mire – or worse. So, do you want your most personal data analysed to this extent?  You should have the choice.

 External links & references

  1. GCHQ to trawl Facebook & Twitter for intelligence: The Guardian
  2. Electronic Privacy Information Centre
  3. Effective Counterterrorism and the Limited Role of Predictive Data Mining
Continue Reading

Popular

Copyright © 2014 redcert.com

Skip to toolbar