Pete Warden, an entrepreneur from Boulder, Colorado, was about to share with fellow researchers the data he collected from the public profiles of some 210 million Facebook users. His records included a "social graph" showing all the friend connections between users in the dataset, and could have been a pretty powerful research tool for social scientists. So where is the data now?
Wiped out, says Warden, who claims Facebook threatened legal action if he didn't delete his data. Warden says he complied because he didn't have the funds to contest a lawsuit.
That's too bad, as more than 50 researchers had requested copies of the dataset, which Warden says he obtained by writing "crawler" software designed to harvest information from Facebook profile pages viewable without logging into the site. At the time of the alleged legal threats, Warden had already used the graph to show how the social connections of 120 million US users were concentrated in regional clusters.
Google Buzz is making all the wrong noises. It has been the talking point among privacy and digital rights activists ever since it launched. The Electronic Privacy Information Center (EPIC), a non-profit privacy advocacy group, wasted little time in highlighting several privacy issues with Buzz in a complaint filed with the Federal Trade Commission (FTC). In fact, it went ahead with the complaint despite Google making some crucial changes to address some of the major concerns.
Now, Google's failure to make Buzz an opt-in service has landed the company in further trouble. This time around, a bipartisan group comprising 11 congressmen has formally raised the matter with the FTC. "We are writing to express our concern over claims that Google's 'Google Buzz' social networking tool breaches online consumer privacy and trust. Due to the high number of individuals whose online privacy is affected by tools like this—either directly or indirectly—we feel that these claims warrant the Commission's review of Google's public disclosure of personal information of consumers through Google Buzz," they wrote in a letter to the FTC. Google would want to avoid a probe by making Buzz an opt-in service.
Not that Big Blue's ego needs any more stroking, but according to a new survey, IBM is trusted by consumers more than any other IT company when it comes to securing and protecting personal information and overall privacy.
"We are honored to be recognized by consumers as the most trusted business-to-business company in Ponemon Institute's survey," said Harriet Pearson, vice president, Security Counsel and Chief Privacy Officer at IBM. "As data rapidly moves from the desktop to the cloud, consumers are more aware and concerned than ever about the security and privacy of their personal and sensitive information. IBMers worldwide are committed to delivering trusted and secure technologies, services and solutions that protect the privacy of our clients' most valuable and critical assets and operations.
On a related note, the study reported that 41 percent of consumers feel they have control over their personal information, which is down from 45 percent last year, and 56 percent from 2006. Identity theft ranked as the top concern and a major factor in brand trust diminishment, while half of those surveyed said notice of a data breach was a big factor.
Ever since its release, Google has tagged Chrome installs with a unique ID. The search giant is now reportedly abandoning that practice. Future versions of the browser will still install with a unique ID that will be used to check for the first automatic update. After that task is complete, the ID will be deleted.
It has always been Google’s position that the client ID was only used to determine when users update, and in the event of a crash (but only if crash reporting is turned on). Some privacy advocates have long held that the unique identifier could lessen browser privacy. However, no one has ever been able to show that to be the case.
As Chrome continues to gain market share, Google appears to be tweaking it to keep it palatable to users. There is a certain amount of Google fatigue out there, and if privacy concerns become too pervasive, Google could lose public trust. Even though there was no confirmed privacy breach caused by this feature, does its removal make you feel more comfortable using Chrome?
Get ready to kiss your privacy goodbye. Those horrifying billboards from Minority Report that know everything about you are one step closer to reality. Japan’s NEC has created the Next Generation Digital Signage Solution, a system that tailors ads based on who is looking at it.
This new system isn’t going so far as scanning your iris to look you up in a huge advertising database like in the movie, but it is guessing what you might like based on age and gender. The billboards will be able to determine gender and age to within 10 years by snapping a photo. Some are already crying foul, claiming the signs would be an invasion of privacy. NEC claims the ads would be anonymous and the digital imaging system would delete the images of people used to build the ads.
Do you think this is an acceptable system? It could mean you’d see ads that are more relevant to you, but does anyone really care about that? If this scares you, then start putting together a disguise now. NEC says several companies are interested in the signs, and they might make it stateside in late 2010.
Beta watching is so much fun. For those in on the hunt, you can check off a sighting of a new beta version of Google Chrome. This new variant on the species is particularly interesting, as it allows easier navigation of a multi-lingual web.
Google explains: “When the language of the webpage you're viewing is different from your preferred language setting, Chrome will display a prompt asking if you'd like the page to be translated for you using Google Translate.” Google readily admits that the translations may not be perfect, but they should be good enough for a user to get the gist of what a web page is about.
This is nothing new--there have long been translations options available on the Internet, for particular passages or entire web pages. What Google has done is make the process more convenient. Rather than hunt down a translation option, Google presents you with one--and starts you off by guessing the original language, which it offers to translate into your preferred language.
While there are arguments to be made that these translations don’t do justice to the original text, it’s better than nothing. And it might prove useful for pushing users into new areas of the Internet, where they can experience the cultures that accompany these other languages.
Also new in this beta are updated privacy features. Besides Chrome’s incognito mode, a new “Privacy” section appears in Chome’s Options dialog allowing quicker, easier access to privacy settings.
Experi-Metal Inc. (EMI), a Michigan-based metal supply company, is suing Comerica Bank alleging that the bank exposed its customers to phishing attacks, and thus is responsible for EMI's financial losses.
EMI fell victim to a phishing scam in which one of the EMI's employees handed over the company's banking credentials. Those credentials were then used to initiate wire transfers totaling $560,000 from EMI's account to numerous other accounts scattered about in Russia, Estonia, Scotland, Finland, China, and the U.S. The funds were quickly withdrawn once the transfers were complete.
Not wanting to eat its loss, EMI alleges that the phishing scam only worked because of Comerica's routine practice of sending emails to its customers asking them to click on a link to update their security information. The lawsuit also criticizes Comerica's token-based authentication system that replaced the company's digital certificates it had been using up until 2008.
"Comerica knew or should have known that the technology of the two-factor authentication procedure which it instituted in 2008 was known to be lacking in any reasonable fortification against 'man in the middle' phishing attacks," EMI said.
Naturally, Comerica sees things differently, pinning the blame squarely on EMI.
"Valid credentials assigned to an EMI employee were used to authenticate a logon for purposes of online banking transactions," the bank said. "If some unknown criminals used those credentials, rather than an EMI employee to whom they had been entrusted, this was caused solely by the actions of that EMI employee."
Microsoft will soon make it more difficult for pirates to pillage Windows 7 when it closes a whole bunch of activation workarounds via an upcoming update. According to Microsoft, the Windows Activation Technologies Update for Windows 7 will close more than 70 "activation hacks.
Perhaps less appealing to the mainstream consumer, the update will also dial into a Microsoft server every once in awhile to help detect and root out any further hacks. Of course, this comes with the standard claim that no personally identifiable information about the user will ever be sent, but nevertheless, we can't see privacy advocates being too thrilled with this one.
Joe Williams, general manager of Microsoft's Genuine Windows unit, justifies the measures by calling attention to all the malware that's associated with non-genuine versions of Windows.
"We do see malicious code -- everything from easily discoverable malware to keyboard recording," Williams said. "There's all sorts of things we've seen that puts our customers at risk and their data at risk."
For those who want to get a jump start on the update, it will be made available as a manual download starting February 16th from Microsoft's genuine website, and the Microsoft Download center a day alter. Later on this month, it will be classified as an "important" yet optional update through Windows Update.
Having trouble landing a job lately and can't figure out why? You may need to clean up your online shenanigans, or at least hide them better. According to a Microsoft study, 70 percent of surveyed HR professionals in the U.S. have turned down a potential job candidate based solely on online reputation information.
The survey, which was conducted to commemorate Data Privacy Day, pinged 2,500 consumers, HR managers, and recruitment professionals in the U.S., U.K., Germany, and France to find out what effect online profiles and activities have in each nation when it comes to job hunting.
Of those surveyed, 63 percent of consumers admitted to being concerned that their online rep might affect their personal or professional life, but at the same time, less than half consider the ramifications when posting online. Less than 15 percent of consumers in any of the countries felt that information found online might hamper or help their ability to land a job.
No means no, except when Google decides it doesn’t? This might be the case, according to Benjamin Edelman, who says that Google’s Toolbar not only tracks your every browsing move when you’ve authorized it to, but it also continues to track you when you tell it not to.
Edelman tells us that when enhanced features are enabled in the Google Toolbar, the URL for all websites visited are sent to Google. In return, Google adds some additional information, such as “PageRank”, “Related Sites”, and “Sidewiki” to the Toolbar. That’s to be expected.
But, when the “Disable Google Toolbar only for this window” option is selected, or if the Google Toolbar is disabled using the “Manage Add-Ons” option, URLs are still sent to Google for processing. Google acknowledges this, but says that URLs are no longer sent after the browser is reset. Edelman points out this requirement is meaningless for the first scenario, and that Google provides no warning of the necessity of a reset for the second.
Turning off the Toolbar’s enhanced features is an option, but Edelman says that Google designed the Toolbar like the “Hotel California”. Edelman writes, “disabling Enhanced Features seems to require uninstalling Google Toolbar altogether, and in any event disabling Enhanced Features certainly lacks any comparably-quick command.”
Lesson here: If you don’t want to be tracked, don’t let it happen in the first place. And if you disable it later, be sure to restart your browser before continuing.