The Data Leaks Are Just Getting Started
Premera cyberattack could have exposed information for 11 million customers, Ars Technica, March 17, 2015
Premera’s statement available here. “Health care provider Premera Blue Cross said on Tuesday that the identifying [including social security numbers], financial, and medical information, and medical information for millions of customers could have been revealed in a cyberattack.. . . Besides customers, Premera said that the e-mail addresses, bank information, and social security numbers for business partners may have also been affected in the breach.. . . So far, the company said that there is no evidence that information was removed from their network or that information was stolen and used in any harmful way.” To prevent phishing attacks, Premera warns customers that it will be be communicating via mail, and for customers to ignore any e-mails that appear to be from Premera.
Via @ArsTechnica @TiffMKelly
Note: This is a super short article, and I essentially copy/pasted the whole thing. The only real reason to go look at the actual article would be to read the statement in more detail.
Further: I know I should be more shocked/horrified. But after Anthem, iCloud (I know, nude “pics” aren’t the same), Target, and countless other breaches, the phrase “data breach” almost doesn’t mean anything anymore. It makes the public (and me) feel like the companies are either 1) crying Chicken Little, or 2) are the worst ever at keeping anything secure. Something in the process needs to change. We need to either simply move over to a dystopian society where everything is shared and public and there are no secrets, or actually get solid privacy protections in place (preferably the latter – dystopian societies tend to make bad fashion choices – see Insurgent.)
Epic Google snafu leaks hidden whois data for 280,000 domains, Ars Technica, March 12, 2015
“Google Apps has leaked hidden names, phone numbers, and more since mid-2013.. . . Whois data is notoriously unreliable, as is clear from all the obviously fake names, addresses, and other data that’s contained in public whois records. Still, it’s reasonable to assume that some people might be more forthcoming when using a supposedly privacy-enhancing service Google claimed hid such data.. . . Google’s breathtaking failure is a potent reminder why in most cases people do well to provide false information when registering for anything online.”
Note: Oops. Even more reason to create a fake identity online.
With new medical technologies, opting out isn’t an option., Slate, March 17, 2015
“Today’s companies aren’t just mining our contact lists, calendars, and search histories anymore: They’re checking our blood pressure and heart rate, tracking our diet and exercise habits, and even digging into our genetic heritage—all things once reserved for the privileged relationship between doctor and patient. . . . Companies won’t just be mining our data to determine if we’re in the market for a new car, but a new kidney. They’ll be hunting for the most lucrative kind of customer: the desperate.. . . And that’s the problem. Opting out may no longer be a choice between privacy and convenience, but a choice between privacy and living long enough to know one’s grandchildren. That is no choice at all. Opting out is not an option.”
“The ever-rising costs of nonparticipation make clear the need to rethink our approach to consumer privacy. We need to build a relationship with our technology that isn’t reduced to a buyer-beware, take-it-or-leave-it mentality. Instead of asking how we can opt out, let’s ask how we can collectively opt in to systems we can trust to preserve our privacy.
Via @Slate @FutureTense @GeekWrights
Note: My favorite line is “Opting out may no longer be a choice between privacy and convenience, but a choice between privacy and living long enough to know one’s grandchildren. That is no choice at all. Opting out is not an option.” It sounds an awful lot like the argument the ACLU made in to the United States Court of Appeals for the Fifth Circuit when it argued that users can only relinquish privacy interests voluntarily. That court rejected the argument, finding that users’ “use of their phones . . . is entirely voluntary.” In re U.S. for Historical Cell Site Data, 724 F.3d 600, 613 (5th Cir. 2013). However, the Supreme Court of New Jersey was on board:
“Just as customers must disclose details about their personal finances to the bank that manages their checking accounts, cell-phone users have no choice but to reveal certain information to their cellular provider. That is not a voluntary disclosure in a typical sense; it can only be avoided at the price of not using a cell phone.” State v. Earls, 214 N.J. 564, 584, 70 A.3d 630, 641 (2013)
That gives me some hope.
I Promise, I Will Always Remember You.
With One New App, The Entire World’s Oral History Is About To Go Viral, Forbes, March 18, 2015
“For the past decade, StoryCorps has put 65,000 people through their mobile or temporary studios to be interviewed for 40 minutes, usually by an accompanying younger family member or friend. The largest body of recorded voices ever. The project has affirmed that every person has experienced something that should not be lost to humanity — that their life mattered.. . . With [StoryCorps], that ability is now universal. As with the mobile studios, anyone with a smartphone, either iOS or Android – can record their story for 40 minutes. Basic editing functions can create a 3-minute version. And with one tap, the story gets uploaded to the Library of Congress’s American Folklife Center.. . . From there, the stories belong to history. They’re permanent, to exist long after the storyteller is gone.”
Note: So much for the “right to be forgotten”. Let’s just pack up and go home now. Oh, and anyone coming to my place for dinner on Thanksgiving is subject to phone search.
It’s all ‘bout that $, ‘bout that $, No Trouble
Twitter puts trillions of tweets up for sale to data miners, Twitter, March 18, 2015
Note: Yeah don’t trust Twitter. Follow the “New York Times” rule (that’s just what I call it):
Don’t put anything on the Internet which you wouldn’t be perfectly happy to see the following morning, on front page of the New York Times.
Facebook Announces a Payments Feature for Its Messenger App, March 17, 2015
“Facebook, the social networking company, announced Tuesday that American users of its Messenger app would be able to link their debit cards to the service and use it to message money to one another just as easily as they send a snapshot or text.. . . Venmo, a mobile payments app owned by eBay’s PayPal unit, is perhaps the most direct competitor to Facebook’s new offering. Popular with young users, it is not just a payment system, but a social network that allows users to post public or private messages about what the money is for.”
Via @NYTimes @VinduGoel
Note: I was out at brunch last week, and a member of our party wanted people to use Venmo to pay him back. I had never even heard of Venmo, and when he described it, I was horrified. The goal of the social network is not only to share money, but to tell your social network how you shared your money. I could only think of a post looking something like: “May gave Joe $10 for last night ;)”
Pop-Ups are So 2-D
Virtual Reality Advertisements Get in Your Face, MIT Technology Review, March 18, 2015
“Some companies see virtual and augmented reality as a way to make money from a new type of ads.. . . From inside the headgear, [the computer-generated world] still looks pretty primitive. . . But it’s still a heck of a lot more interesting than the banner and pop-up ads we’re used to seeing on websites and mobile apps.. . . There will be plenty of challenges ahead for companies working to bring ads to virtual and augmented reality. Beyond the obvious difficulty of working with emerging technologies, [Founder and CEO of Airvirtise, Kevin] Hart and others must figure out what kinds of ads users will respond to, and which they might find too overwhelming or obnoxious.” MediaSpike’s Founder and CEO, Blake Commagere, concurred “I can’t imagine having a banner at the bottom of a VR screen the entire time .. . That would be infuriating.””
Via @TechReview @RachelMetz
Note: Before we know it, we’re going to build up virtual realities and let actual reality fall to the way-side. The upside? Maybe people will stop watering their lawns during droughts.
One thought on “The SDK: The Privacy Edition 2015.03.18”