Category Archives: PRIVACY

WHICH LAW ENFORCEMENT GROUP HAS BEEN SNOOPING INTO MY ONLINE DATA

Around AU$200m later, data retention mostly used for chasing drugs, not terror

The Attorney-General’s Department has exposed a report outlining the opening months of Australia’s data retention scheme.

Australia’s telecommunications companies have been left with a funding hole of over AU$70 million to cover the capital costs of Australia’s data retention scheme, according to the Telecommunications Interception And Access Act 1979 Annual Report 2015-16 [PDF], while data authorisations for terrorism ranked below those for illicit drug offences.

www.policesearch.net

Despite handing out AU$128 million in grants last year, the report, released on Monday, states that the capital cost to industry will total AU$198 million by the end of the 2016-17 financial year.

“Information collected from industry through the Data Retention Industry Grants Programme indicates that the estimated capital cost of implementing data retention obligations over the period between 30 October 2014 and 13 April 2017 is AU$198,527,354,” the report said.

“[Costs] relate to the anticipated direct upfront capital costs and not the recurring or indirect costs associated with compliance.”

In 2015, Attorney-General George Brandis said he expected the average ongoing cost for telcos to run their data retention system would be around AU$4 per month.

The report said the Attorney-General’s Department (AGD) received 210 applications for funding, of which 10 were withdrawn, and 180 telecommunications providers were found to be eligible for funding. Of that 180, “most” were awarded a grant to cover 80 percent of their costs.

It was also detailed that during the implementation period for the data retention scheme, AGD received 402 data retention implementation plans from 310 providers.

Under Australia’s data retention laws, passed by both major parties in March 2015, telecommunications carriers must store customer call records, location information, IP addresses, billing information, and other data for two years, accessible without a warrant by law-enforcement agencies.

Over the period from October 13, 2015 to June 30, 2016, the report said the offence for which the highest number of authorisations to telco data was made was illicit drug offences, with 57,166. This was followed in ranking by miscellaneous, homicide, robbery, fraud, theft, and abduction.

Terrorism offences ranked below property damage and cybercrime, with 4,454 authorisations made.

As part of the data retention laws, the spirit of the legislation was to restrict access to stored metadata to a list of approved enforcement agencies, with those agencies not on the list theoretically having access removed on October 12, 2015.

Overall, the report said 63 enforcement agencies made 333,980 authorisations for retained data, of which 326,373 related to criminal law.

“In 2015-16, law enforcement agencies made 366 arrests, conducted 485 proceedings, and obtained 195 convictions based on evidence obtained under stored communications warrants,” the report said.

During 2015-16, 3,857 telecommunication interception warrants were issued, with interception data used in 3,019 arrests, 3,726 prosecutions, and 1,812 convictions. Total cost for interception warrants was AU$70.3 million, at an average cost of AU$619,200 per warrant.

Australia Post accounted for 64 authorisations between June 30 and October 12, 2015, compared to none the year before; and the Victorian Department of Economic Development, Jobs, Transport and Resources made 173 authorisations in 3.5 months compared to 226 the entire financial year prior.

It was also noted that on six occasions, warrants were exercised by people not authorised to; in three instances, the Ombudsman could not determine whether stored communications related to the person named on a warrant; and in one instance, it could not determine who had received stored communications from a carrier.

It was also revealed that during the 2015-16 year, the Western Australia Police had received a pair of journalist warrants, which saw 33 authorisations of data made.

“These authorisations were for the purpose of enforcing the criminal law,” the report said.

In April, the Australian Federal Police (AFP) revealed that it had “mistakenly” accessed a journalist’s call records without a warrant in breach of the data retention legislation.

It was subsequently learned that AGD had advised government departments to skirt metadata laws and rely on coercive powers.

In May, the Commonwealth Ombudsman found the AFP to be handling metadata in a compliant manner, but noted a number of exceptions.

“We identified two instances where a stored communications warrant had been applied for and subsequently issued in respect of multiple persons, which is not provided for under the Act,” the report said.

In response, the AFP said its warrant templates were not clear enough.

www.druglinks.info

Henry Sapiecha

Twitter abandons ‘Do Not Track’ privacy protection

Is this the end for ‘Do Not Track’, the web-tracking privacy service?

The most shocking internet privacy laws.

Twitter was one of the first companies to support Do Not Track (DNT), the website privacy policy. Now, Twitter is abandoning DNT and its mission to protect people from being tracked as they wander over the web

DNT seemed like a good idea. By setting DNT on in your web browser, websites that supported DNT could neither place nor read advertising cookies on your device. Well, that was the idea anyway.

Any web browser or application that supported DNT added a small snippet of code to its request for a web page: DNT=1. This meant websites and services that observed DNT shouldn’t track you on the internet.

This would protect your online privacy. You might think that meant “Don’t collect and store any information about me without my explicit permission.”

Wrong.

From day one in 2012, that isn’t how it worked. According to Sarah Downey, an attorney and privacy advocate, the Interactive Advertising Bureau and the Digital Advertising Alliance (DAA), which represent most online advertisers, have their own interpretation of Do Not Track: “They have said they will stop serving targeted ads but will still collect and store and monetize data.”

However, Twitter played fair by the spirit of DNT rather than the law. Unfortunately, they were one of the few companies that did. DAA, for example, publicly abandoned DNT in 2013. With the advertisers and privacy advocates unable to agree on basic principles, DNT increasingly offered users no privacy protection worth the name.

Twitter finally had enough of fighting an already lost battle. In a note to its revised privacy policy, the company stated: “Twitter has discontinued support of the Do Not Track browser preference. While we had hoped that our support for Do Not Track would spur industry adoption, an industry-standard approach to Do Not Track did not materialize. We now offer more granular privacy controls.”

Under its new privacy rules, Twitter is extending how long its tracking cookies are active, from 10 days to 30 days as of June 18. You can also switch off Twitter ad personalization. From the same page, you can also disable geolocation and data sharing with third parties.

It’s a pity DNT has come to this. As Jason Kint, CEO of Digital Content Next, pointed out in an email interview: “Do Not Track still remains an elegant and simple consumer signal to not be tracked across the broader web.”

Kint remains hopeful about DNT: “Twitter dropping its support is disappointing as they were a leader here, but the standard is written regardless of what Twitter says and will continue to move forward. In the desire to regain consumer trust and reduce ad blocking, the ad tech world would be wise to embrace Do Not Track rather than ignoring it. Ultimately consumers win. No business has ever succeeded long-term without meeting consumer demands.”

I’m not at all optimistic. DNT has been spinning its wheels for years now with little progress. Online privacy remains an issue that upsets people, but at day’s end, neither companies nor the Trump administration have any real interest in protecting privacy.

Henry Sapiecha

Protect your emails from being spied on by doing this

We live in a post-Edward Snowden world, in which US tech companies have been accused of complicity in mass surveillance by the US National Security Agency. One recent allegation is the claim that Yahoo scanned hundreds of millions of emails at the NSA’s request.

We don’t truly know how much or how often this is happening within the companies that host millions of people’s email accounts.

Yahoo secretly scans emails for US

Yahoo said to have secretly scanned all of its customer emails for US intelligence officials.

According to Reuters, Yahoo was ordered by the secret US Foreign Intelligence Surveillance Court (FISC) to scour emails for a specific string of characters. This is significant, as it required Yahoo to create a custom-built program for real-time surveillance of email traffic.

The power for this type of surveillance was expanded by the US Patriot Act, which allows for the use of secret National Security Letters to compel service providers to hand over customer data. The letters come with gag orders, prohibiting companies like Yahoo from even admitting that they have been ordered to monitor customers.

oooYAHOO SIGN OFFICE image www.intelagencies.com

Email scanning does not only occur at the behest of national security agencies. 

But email scanning does not only occur at the behest of national security agencies. The past decade has seen the rise of “surveillance capitalism” and “data brokers”, who collect your information for behavioural profiling and targeted advertising.

Google has admitted to scanning emails to deliver targeted advertising and customised search results. Facebook is currently facing legal action for scanning private messages to do the same. And earlier this year Yahoo itself settled a class action lawsuit for scanning non-Yahoo customer emails without consent.

Protecting your privacy

So with all this going on, is it possible protect your privacy? And if so, how?

One way is through encryption, which allows only the sender and the receiver to read the content of messages, as it converts information into a secret code that requires a key to decode it.

Public-key cryptography is one type of encryption, involving two paired keys – one public and one private. When an encrypted email is sent it is encoded or “locked” with the receiver’s public key. Only the receiver can “unlock” it with their private key.

End-to-end encryption involves encrypting information before it leaves your device, with it only being decrypted once it reaches the receiver’s device. In other words, it is encrypted “at the ends” where the keys are held. This means that security and privacy are not dependent on the channel of communication – in this case the email provider – because if the message is intercepted it cannot be deciphered. This prevents eavesdropping in transit.

There are now numerous services that promise free end-to-end encrypted communication, including ProtonMail, Tutanota, and the messaging app Signal. Look for those with open source code because it enables peer-review, guaranteeing there are no backdoors.

The push-back against encryption

With increased encryption comes more demands from authorities for companies to “unlock” information. The best example may be the Apple-FBI case, which saw the FBI attempt to compel Apple to unlock a suspect’s iPhone. In the end this wasn’t necessary. There has also been a simultaneous rise in companies like Cellebrite who offer digital forensic services to decrypt and extract data.

Therefore, the best services use principles of privacy by design, that limit how much information the service provider themselves can collect or access. ProtonMail and Signal, for example, cannot access their users’ information, no matter how hard they try. If issued with a subpoena all they could provide is the date and time a user registered and the last date of connection.

Partly as a result of this encryption war, some states are considering outlawing encryption entirely. Criminalising encryption has been discussed in the United States, Britain, Australia, and elsewhere.

Tech companies safeguarding secrecy

But not all hope is lost. There is a growing trend of tech companies fighting back and refusing to comply with surveillance orders.

In 2014 Lavabit chose to shut down rather than turn over the private encryption key to a customer’s account. This customer was later revealed to be Edward Snowden. Microsoft has refused to hand over emails stored on its servers in Ireland, arguing that this would constitute an impermissible extraterritorial search by the FBI. And of course, Apple refused to disable inbuilt security features to crack an encrypted iPhone.

This shows that service providers are aware of the importance of developing and maintaining consumer trust in matters of privacy. They are intimately, and commercially, invested in protecting it.

Transparency reports and warrant canaries

Another way companies have attempted to gain trust is through transparency reports that detail the orders they have received from authorities. These can be found on company websites and are often reported in the media. Many of these reports feature a workaround to the restrictions on letting customers know if surveillance has been ordered. Companies simply include a statement that they have not been subject to a secret order. If this statement ever goes missing, customers know an order has been issued. This is known as a “warrant canary”.

Several companies routinely issue transparency reports with warrant canaries. Apple and Reddit have set them off, implying that they have received secret orders to provide data.

The same workaround may not be available in Australia however. Recent data-retention laws introduced journalist information warrants that made it an offence to disclose information about the existence (or non-existence) of the warrant, effectively outlawing warrant canaries for journalists in Australia.

The future

Encryption and transparency reports are some of the last protections that consumers have against both governments and the big tech companies we rely on. As more of our lives transition online, we will need them to protect civil rights and individual privacy. We can’t afford for either to be weakened or outlawed.

There are a couple of challenges under way. NSL statutes and gag orders are currently being challenged by the Electronic Frontier Foundation and members of the US Congress as unconstitutional. Watch this space. The Conversation

Monique Mann is a lecturer at the Crime and Justice Research Centre at  Queensland University of Technology in Australia.

Meet_Russian_728_90

Henry Sapiecha

www.scamsfakes.com

 

Inside the global terror watch-list that secretly shadows millions

The database contains profiles on millions of “heightened-risk individuals,” and is used by dozens of leading banks, governments, and spy agencies

thomson-reuters-times-square image www.intelagencies.com

Thomson Reuters building in Times Square, New York. (Image: file photo)

There is a private intelligence database, packed full of personal details of millions of “heightened-risk” individuals, which is secretly having a devastating effect on those who are on it. Most have no idea they’re under the watchful gaze of some of the world’s largest and most powerful organizations, governments, and intelligence agencies.

But for its worth and value, it wasn’t nearly kept secure enough.

A copy of the database, dating back to mid-2014, was found on an unsecured server hosted by a London-based compliance company, which specializes in “know your customer” profiling and anti-money laundering services.

Chris Vickery, a security researcher at MacKeeper, who found the database, told me that it was stored on a server configured for public access.

This influential yet entirely unregulated database called World-Check lists over 2.2 million corporations, charities, and individuals — some notable, like politicians and senior government officials — which might be connected to illegal activities, like sanctions, violations or financial mismanagement.

Some have been pinned under the database’s “terrorism” category, or are thought to be connected to financing violence.

This data could affect a person’s ability to be lent money by a bank, their employment opportunities, and even influence the people who do business with them — simply based on a designation.

Word of the database first widely emerged earlier this year when Vice News disclosed the existence of the project. It said the database was “secretly wielding power over the lives of millions” who are said to have “hidden risk,” such as those who are violating sanctions or have laundered money or a connection to criminals — which has been linked to account closures and bank blacklisting. As the news site pointed out, simply being a high-profile individual can label someone at risk of bribery.

The report said the database now has over 2.7 million entries — including over 93,000 records relating to those associated with terrorism.

No wonder it’s popular with law enforcement agencies and government departments, which subscribe to the database in an effort to uncover potentially improper conduct. Most of the world’s largest banks and law firms, and over 300 government and intelligence agencies are subscribers, according to a 2015 sales document from its owner, information and finance giant Thomson Reuters, which in 2011 bought the company for $530 million .

Because of the sensitivity of the data, access is limited to a few thousand customers, which have been carefully vetted and are bound by secrecy and non-disclosure agreements.

Vickery reported the leak to Thomson Reuters, but he still went public in an effort to spark a debate on whether these profiling databases are being run appropriately.

“If governments and banks are going to alter lives based upon information in a database like this, then there needs to be some sort of oversight,” he said in an email.

The problem is, there isn’t.

Vickery shared access to the database with ZDNet.

Each profile lists a person’s potential risks such as “narcotics” or “terrorism,” “organized crime,” or “politically exposed person.” Given the list’s potential power to alter a person’s opportunities, many would not approve of their name being on it.

Take one example. Maajid Nawaz ran for the British parliament as a Liberal Democrat in the last election, as profiled by Vice. He is a former member of the radical Islamic group Hizb ut-Tahrir, which calls for its own Islamic state. He was detained in Egypt for five years, but is best known for his publicized and well-documented transition away from radical views. He later set up a think-tank dedicated to challenging the extremist narrative, and advised former prime ministers from Tony Blair onwards on Islamic extremism. And yet, after looking up his profile on the World-Check database, created in 2002, it’s still maintained with a “terrorism” tag and updated as recently as August 2013, despite “no further information recorded,” let alone any connection to extremists or terrorists.

nawaz copy www.intelagencies.com

He called the database “archaic,” and said that the inclusion of his name has had a “material impact” on his life.

It’s not just individuals who are designated as affiliates with terrorism, despite equally publicly available data to suggest the contrary.

A BBC investigation last year showed the process behind banking giant HSBC’s bid to shut down accounts associated with several prominent British Muslims. A mosque in North London was given a “terrorism” label, despite new management that was installed more than a decade ago.

Other names in the database include diplomats and ambassadors, and senior ranking officials associated with global financial institutes, such as the World Bank, as was previously reported.

Based on how profiles are built, potentially anyone with an internet footprint could be included.

Much of the data comes from law enforcement sources, political information, articles, blog posts, and social media, among other sources. From the records we looked at, the data would often contain names, locations, and dates of birth and details of education. but also in some cases social security numbers, and citizenship and passport numbers were included.

The profiles themselves often have little or no justification for the entry. From our searches, we found high ranking global government officials who were named in the files yet there was no visible or clear justification for why they were there. In most cases there were just a handful of external links to publicly available documents, like speeches, election results or pages linking to official government websites for justification of their presence.

Many of the “reports” list a person’s risk as “to be determined,” suggesting there were no improprieties, illegal activities, or even an apparent reason for a profile, except for their status as a public figure.

The database we examined is two years old, and the records may have changed since, however.

A spokesperson for Thomson Reuters didn’t specifically respond to a question in relation to how profiles are built, vetted, or designated, but pointed me to the World Check privacy policy, which reiterates its effort to get data based on information in the public domain.

This entire market of “know your customer” and profiling remains unregulated and ungoverned — despite being used by some of the most powerful countries and organizations today. This industry is growing at a rapid rate — some say by over $30 billion by the start of the next decade. Even though the service has to stand up to strict European and UK data protection rules, a lack of public scrutiny and accountability makes that task almost impossible.

Those who are named in the database have little or no recourse to have their data corrected or removed.

In Nawaz’s case, Thomson Reuters reportedly removed his profile earlier this year. But given that the contents of the database are shrouded in secrecy, not everyone will have the same luck, let alone know they’re on a database in the first place.

SDNN
Henry Sapiecha

Snowden On Video At NYC Forum To Promote Privacy Treaty

edward snowdon image www.intelagencies.com

NEW YORK (AP) — Domestic digital spying on ordinary citizens is an international threat that will only be slowed with measures like a proposed international treaty declaring privacy a basic human right, Edward Snowden said Thursday in a video appearance at a Manhattan forum.

“This is not a problem exclusive to the United States. … This is a global problem that affects all of us,” Snowden, the one-time National Security Agency systems analyst, said in his brief remarks from Moscow via video link. “What’s happening here happens in France, it happens in the U.K., it happens in every country, every place, to every person.”

The key question, Snowden added, is: “How do we assert what our rights are, traditionally and digitally?”

Snowden gained notoriety in 2013 for leaking details of the once-secret U.S. surveillance programs. He fled to Russia, where he was granted asylum despite demands by the United States that he return to face espionage and other charges.

The global advocacy group Avaaz organized the gathering to promote the so-called “Snowden Treaty.” Countries who signed would be required to curtail surveillance of phone calls and online activity, and also agree to provide sanctuary for people who expose illegal domestic spying.

The forum was timed to coincide with the United Nations General Assembly. Organizers have said diplomats have shown interest in a draft of the treaty, but have declined to name what nations they represent.

The NSA’s collection of American phone metadata has been deeply controversial ever since Snowden disclosed it to journalists. President Barack Obama sought, and Congress passed, a law ending the collection and instead allowing the NSA to request the records of U.S. domestic phone customers as needed in terrorism investigations.

A succession of decisions in federal courts in Washington and New York have at various times threatened the constitutionality of the NSA’s surveillance program, but have so far upheld the NSA’s amassing of records from phone companies.

A website promoting the proposed treaty calls the NSA surveillance programs “a direct contravention of international human right law.” It adds: “Protecting the right to privacy is vital not just in itself but because it is an essential requirement for the exercise of freedom of opinion and expression, the most fundamental pillars of democracy.”

ooo

Henry Sapiecha

Facebook ‘tramples European privacy law’ says Belgian watchdog

A 3D plastic representation of the Facebook logo is seen in front of displayed cables in this illustration in Zenica

Belgium’s privacy watchdog accused Facebook (FB.O) on Friday of trampling on European privacy laws by tracking people online without their consent and dodging questions from national regulators.

The Privacy Protection Commission (CPVP/CBPL), which is working with German, Dutch, French and Spanish counterparts, launched the blistering attack after trying to find out more about the U.S. social media giant’s practices.

It urged Internet users to install privacy software to shield themselves from Facebook’s tracking systems, whether they have an account with the social network or not.

The show of strength from the Belgian regulator, which does not have the power to levy fines, highlights a growing willingness across the 28-member bloc to demand that big U.S. tech companies abide by European laws.

“Facebook tramples on European and Belgian privacy laws”, the Commission said after publishing a report analyzing changes that the company made to its privacy policies in January.

It said in a statement that Facebook had refused to recognize Belgian and other EU national jurisdictions, insisting it was subject only to the law in Ireland, the site of its European headquarters.

“Facebook has shown itself particularly miserly in giving precise answers,” the watchdog said, adding that the results of the study by a group of researchers were “disconcerting”.

A Facebook spokeswoman questioned the Belgians’ authority but said it would review the study’s recommendations with the Irish data protection commissioner: “We work hard to make sure people have control over what they share and with whom.”

“Facebook is already regulated in Europe and complies with European data protection law, so the applicability of the CBPL’s efforts is unclear,” she said.

Some EU states accuse Ireland of being soft on the multinational firms it wants to attract, whether in data protection or corporate taxation.

SECOND REPORT

The commission said it would publish a second report on Facebook this year. Sanctions available to privacy watchdogs can be negligible to big firms, but a new EU data protection law expected to be ready this year would allow for fines up to 5 percent of annual sales.

The commission said Facebook would not explain in detail how it uses data it collects. It highlighted problems with plug-ins such as Facebook’s “Like” button, which it said affected many who do not have a Facebook account.

A number of firms are under fire in Europe over the data they collect. Facebook places tracking “cookies” when anyone visits a Facebook page, meaning it can track the online activities of a huge number of non-customers, but has said this is a bug that it is working to fix.

The Commission asked Facebook to stop gathering user data via cookies and plug-ins, except where users asked for it.

European regulators have previously forced Google (GOOGL.O) to change its privacy policies.

And a year ago, EU judges upheld a Spanish order that Google must remove links to outdated information from searches for people’s names — establishing a “right to be forgotten”.

EU anti-trust regulators launched a case against Google last month and are probing Apple (AAPL.O) and Amazon (AMZN.O) over low-tax deals with Ireland and Luxembourg. The European Commission is studying whether to pursue German and French proposals for an EU-wide regulator for Internet platforms.

Some European politicians, also angered by revelations of U.S. espionage in Europe, say U.S. firms abuse their power, discouraging local start-ups and jeopardizing privacy laws cherished by Europeans with memories of authoritarian rule.

U.S. President Barack Obama, who is trying to negotiate a landmark transatlantic free trade deal with the EU, TTIP, says Europe is throwing up protectionist barriers to tech companies.

ooo

Henry Sapiecha

 

Top cop Nick Kaldas claims ‘massive wrongdoing’ and cover-up in police bugging of his children scandal

Subject of 'intense electronic and other surveillance': Police Deputy Commissioner Nick Kaldas, far right.

Deputy police commissioner Nick Kaldas has accused an internal affairs unit formerly run by two of NSW’s most senior officers – Commissioner Andrew Scipione and his deputy, Catherine Burn – of “massive wrongdoing and habitual illegal acts” in relation to a covert bugging operation more than a decade ago.

In a submission to a parliamentary inquiry examining the operation, codenamed Mascot, Mr Kaldas also sensationally claims illegal activities by the police Special Crime and Internal Affairs (SCIA) unit were “sanctioned and covered up” by the Police Integrity Commission.

Mr Kaldas was one of more than 100 police and civilians bugged by Operation Mascot between 1999-2001.

Mr Scipione was commander of SCIA  at the time, while Ms Burn was head of the team which ran Operation Mascot.

The operation exploded into controversy when it emerged at least one journalist and police not under suspicion of wrongdoing were among those whose names appeared on covert surveillance warrants issued by the Supreme Court.

An internal police operation, Strike Force Emblems, was launched into Operation Mascot in 2003. Its report has never been released, although details have been previously revealed by Fairfax Media.

In his submission Mr Kaldas says documents submitted to the committee show “a level of intense electronic and other surveillance [was] … carried out on every part of my life, home and work, including my ex-wife and children, and was clearly unjustified but in the end yielded not one allegation to be put to me at the end of the operation”.

The submission was published on Thursday morning, as the parliamentary inquiry began hearings into a two-year investigation by the NSW Ombudsman Bruce Barbour into Strike Force Emblems.

Mr Kaldas and Ms Burn are due to give evidence on Friday. Mr Scipione and Mr Barbour are scheduled to appear on Tuesday.

In her submission to the inquiry, Ms Burn strongly denied any wrongdoing.

Ms Burn denies she directed internal affairs police “to use illegal warrants to secretly record conversations of my rivals in the police force”, in particular Mr Kaldas, when she did not suspect him of wrongdoing.

Ms Burn also denied directing use of illegal warrants to bug Mr Kaldas “as part of a personal vendetta”.

The inquiry – which is opposed by the NSW government, was established in response to concerns about the time being taken for Mr Barbour to complete his investigations and the nature of his inquiries.

Earlier on Thursday, committee chairman Robert Borsak accused NSW attorney-general Brad Hazzard of seeking to “bribe” him into withdrawing from the inquiry, which the government opposes.

The inquiry heard from Channel Seven journalist Steve Barrett, whose name appeared on one of the bugging warrants.

Barrett said he was mystified as to why he appeared on the warrant but suggested that either Supreme Court judges had been “duped” or “no one checked”.

ooo

Henry Sapiecha

Privacy shall be thought of as a luxury in 2025 say the pundits

Experts believe the exchange of personal data for online conveniences will soon erode today's notions of privacy. guy with infrared binocs image www.intelagencies.com

Experts believe the exchange of personal data for online conveniences will soon erode today’s notions of privacy.

Today’s notions of privacy will be eroded significantly within the next decade as growing reams of personal data are willingly exchanged for the convenience of living our lives online.

That’s the prevailing view among the more than 2500 industry experts from around the world – including academics, legislators and staff at global companies such as Google, Microsoft and Yahoo – who were quizzed on the future of privacy and security.

Respondents to the study from the Pew Research Center in the US, in conjunction with North Carolina’s Elon University, said they believed living a public life online would be the new default by 2025.

They variously predicted current notions of privacy would soon become “quaint”, “archaic”, a “fetish” and “the new taboo” – something that future generations would fail to understand, let alone appreciate.

“Everyone will expect to be tracked and monitored, since the advantages, in terms of convenience, safety, and services, will be so great,” Google chief economist Hal Varian wrote in his response.

Optimistically, one policy co-ordinator believed internet organisations would reach an international consensus on how best to balance privacy and security with popular content and services.

However, many more foresaw a backlash against the evolving social norms.

One respondent, who wished to remain anonymous, predicted more people would engage in acts of civil disobedience by choosing to “opt out” of online services, rather than be tracked by companies.

Others believed new tools would be created to give citizens greater agency over what information they shared, and with whom.

Some saw encryption tools, which can be used to hide personal information and files, becoming more widely used.

However, researcher Kate Crawford said such service providers would be likely to seek commercial benefit, resulting in the creation of privacy as a “luxury good”, and a new social divide of “privacy rich” and “privacy poor”.

Companies the world over are investing more and more in “big data” and “data mining”, which allows them to trawl through customer data to better tailor and market their products and business.

Professor Michael Fraser, director of the Communications Law Centre at the University of Sydney, said that while individuals legally consented to companies storing their data when signing up to online services, it was not necessarily informed consent.

“Facebook, Google and others, their entire value comes from the exploitation of our personal, private information,” he said.

Professor Fraser also warned of the link between the private sector’s collection of customer data and government agencies’ ability to access such data, saying it was effectively government surveillance by proxy.

In 2013, Australian authorities made more requests to access user data from major technology companies such as Google, Facebook and Apple than any other country except the US, according to “transparency reports” published by the companies.

Legislative changes recently increased the powers of Australia’s top spy agencies, with a plan to force telcos to retain customer metadata for up to two years still in the pipeline.

Professor Fraser said privacy law reform was needed to protect citizens’ personal data as a property right.

Many respondents to the Pew survey were sceptical whether the push for such protections would succeed in the face of large corporate interests and lobby groups.

The study was part of a broader internet research project by the Pew Research Center to mark the 25th anniversary of the creation of the World Wide Web by Sir Tim Berners-Lee.

Source: Pew Research Center

Privacy in 2025: Experts’ Predictions

We canvassed thousands of experts to ask them to predict the future of privacy in America and found they were divided on whether or not a secure, trusted privacy-rights infrastructure would be in place by 2025. Highlights from their responses are featured below. Read the full quotes and responses from many more experts in the complete report.

commercial business loans info flyer www.money-au (19)

Henry Sapiecha

In the next 10 years, I would expect to see the development of more encryption technologies and boutique services for people prepared to pay a premium for greater control over their data. This is the creation of privacy as a luxury good. It also has the unfortunate effect of establishing a new divide: the privacy rich and the privacy poor. Whether genuine control over your information will be extended to the majority of people—and for free—seems

Uber Corp hires former privacy chief of IBM to conduct assessment amid controversy

uber logo image www.intelagencies.com

Uber is hiring Harriet Pearson and law firm Hogan Lovells in an attempt to stamp out growing controversy around riders’ privacy. Photo: Reuter

In a move straight out of the PR crisis management handbook, Uber has hired a heavyweight data privacy expert to conduct a review of its practices amid growing controversy and criticism.

The San-Francisco-based ride-sharing app start-up announced in a blog post that Uber had engaged the services of Harriet Pearson — formerly IBM’s chief privacy officer — and her colleagues at law firm Hogan Lovells to “conduct an in-depth review and assessment of [Uber’s] existing data privacy program and recommend any needed enhancements”.

Pearson said in a phone call that she will work for Uber as a legal adviser. An Uber representative declined to comment beyond the blog post.

Criticism of Uber practices grew following remarks by executive Emil Michael.

Uber has been grappling with a growing controversy after one of its executives, Emil Michael, recently said the company would be willing to pay to look into reporters’ lives. Another Uber manager is also under investigation after using a tool in the app known as God View to track a journalist at online publication BuzzFeed without her permission, a person with knowledge of the matter has said.

The incidents have prompted a wave of criticism. Minnesota’s Senator Al Franken, a Democrat who chairs the Senate subcommittee on privacy, technology and the law, sent a letter yesterday to Uber asking for answers on the startup’s privacy policies.

Elsewhere, journalists and commentators have wondered whether Uber’s dangerous win-at-all-cost attitude is emblematic of start-up culture when blown up to a global scale.

Some consumers have said they have deleted the Uber app from their smartphones following the incidents. Many have also taken to social media to promote the hashtags #BoycottUber and #deleteuber.

“Trust founded on confidentiality and information security lies at the very heart of Uber’s business and we will be working with the team to review and reinforce where appropriate its policies and systems,” Pearson said in an e-mailed statement, adding that she is an Uber user.

Uber had clarified its privacy policy earlier this week, saying employees would only access data for issues like monitoring for fraudulent activity and solving problems.

“The policy is also clear that access to rider and driver accounts is being closely monitored and audited by data security specialists on an ongoing basis,” the company said in a blog post earlier this week. “Any violations of the policy will result in disciplinary action, including the possibility of termination and legal action.”

Henry Sapiecha