First and foremost, let it age for a month after discovery. It is important to appreciate that data breaches get better with age, so give it time before you get around to pen some well turned phrases.
That was a bonus tip. It almost goes without saying that the sooner you let people know you dropped the ball on their data, the sooner they’ll panic. Be kind and let them have a few weeks to savour their false sense of privacy.
By simply reading this page, you may be inadvertently sharing some info with faceless companies (other than Medium.com). What gives?
A quick look at some of the gremlins that show up as being blocked in my browser confirms it: DataDogHQ, Optimizely, Parse.ly and Google Analytics are just a few of the data aggregation tools used by this blog platform — Medium.com — to compile analytics on … well… you.
Is that a problem? Let’s ask one of the largest data aggregators:
How Spammers Wag The Dog By Exploiting Telus’ New Online Community, the Neighbourhood
Imagine you were a spammer looking for your next mark. Would you want to use the same tired old email lists or would you instead prefer to reach fresh new audiences without even having to use your own list?
Enter Telus Neighbourhood forums, apparently the phone company’s latest idea about building an online community no one asked for! I thought that was my job.
But the Telus Neighbourhood isn’t anything like the Agora. …
Or how companies collect and share our information before even asking for it.
Let’s get one thing out of the way. You must never, ever, ever surf the Web unprotected. You would not walk into a store if you had to fill out detailed application forms from strangers, so why would you summarily surrender your identity without even bothering to ask who wants to know?
The concept of the privacy paradox is well documented. It presents the gap between the expectation of privacy and its associated salience. It laments the fact that as a species, we care about things we…
It’s always perplexing when legitimate, unsolicited emails appear to intentionally masquerade as phishing expeditions. It’s even more confusing when banks, the very organizations that claim to understand security intimately, demonstrate precisely what not to do.
This pearl recently landed in my inbox.
Companies forced to secretly share information about their customers used to rely on the warrant canary mechanism to alert the public of secret requests for information. Is it time to bring them back?
Between Amazon’s Ring & Alexa and Google’s Nest and Home, more than a quarter of Canadians are broadcasting from inside and outside their homes, having granted consent to those companies to collect the video, audio and likely mountains of other data.
But when Amazon, Google and their ilk are required to share that information using legal subpoenas, user data requests and other government orders, customers are kept…
A Data Privacy Day (#DPD) article filled with metaphors, appropriation and metaphoric appropriation.
Happy #DataPrivacyDay or as they call it in Europe, #DataProtectionDay!
As a two-bit agitator against ignorance and corruption, I am increasingly concerned about the question of climate. The global digital ecosystem, fickle as it may be, has fostered a climate in which humans are able to communicate, transact and co-exist thanks to a fabric of trust weaved together by mathematical algorithms.
Bit by bit (and soon, qubit by qubit), unimaginable volumes of activity unfold in a vast, sustained effort to power the modern world. If it were…
Pandemic Excuses Enable School Boards and Edtech Companies to Force Parental Consent for Student Data Collection
With the vastly expanded use of remote learning during the Covid-19 pandemic, some school boards are taking the extraordinary step of forcing parents and students to agree to risky data collection practices and privacy-invasive technologies.
Months after the start of the new year, some public boards are apparently realizing that their rush to adopt educational technologies may result in more data collection than initially thought, and as everyone knows, once that data is collected, it’s impossible to get it back.
According to the Auditor…
As a fan of the concept of contact tracing, I have been anxiously expecting an official review by Canada’s Privacy Commissioner (“OPC”). On July 31, the new app launched and with it, the OPC released their findings and recommendations. These were, to say the least, nuanced.
The OPC makes it clear that no hands-on testing was performed and that all comments are based on Health Canada’s self-assessment of its app. …
Personal musings on data protection fails, snafus and oddities, collected, composed and edited by Claudiu Popa; author, educator, bibliophile.