On the surface, 2012 saw some major shifts in how privacy is treated online. The Federal Trade Commission's Do-Not-Track Online Act and the White House's Consumer Privacy Bill of Rights prompted Facebook and Google to change allegedly deceptive practices for tracking users. And most Web browsers and even Twitter adopted the do-not-track functions in one form or another.
These were steps in the right direction, but in reality, they didn't solve the data insecurity problem. Facebook can still track users through its "Like" function. And Web surfers' online data can still be used by law enforcement and "market research" for the employment, credit, healthcare and insurance industries. And let's not even get into denial of service attacks and cybersecurity...
That said, here are three major privacy issues that everyone should pay attention to in 2013:
- Data sharing
- Dodgy QR codes
Ever been to a restaurant that's so proud of its clean kitchen that it lets customers see right into it? It's called an open kitchen, and this kind of transparency is what Internet companies need to strive for.
Consumer confusion and uncertainty over how social sites use their data threaten to derail the social media gravy train, and services like Facebook and Twitter need to take the initiative to stave off fears of abuse. That means no hidden fees, confusing Terms of Service or the like. The more open a company is, the more a customer is likely to trust the service, and keep using it.
Social privacy login service Gigya uses your data to to log into sites such as Twitter or Facebook. With a reach extending to 75% of the Web, you probably use its technology and don't even know it. But with 1.5 billion unique users a month and more than 600 enterprise clients like CBS, NBC, ABC, Nike and Verizon - it knows you. All that data raises some very real concerns: 53% of Internet users utilize social logins, and 41% of them worry about their security and privacy.
To alleviate those, Gigya practices an "open kitchen" policy. It has partnered with the Future of Privacy Forum to develop social privacy certification allowing "businesses to verify that they follow approved social network guidelines and industry best practices for managing consumer social data." It promises users that their social data is safe.
Back to the restaurant analogy, a promise like this is like coupling an open kitchen with a health department grade in the window. The idea is to instill confidence in potential customers.
2. Data Dealing
It's not gold, it's not oil, it's not drugs. Today's most valuable commodity is information.
With so much personal data online and accessible by law enforcement and many marketers, the only real control we have over our data, is ourselves. Michael Hussey, the chief executive of New York-based people search experts PeekYou, recommends mirroring your online identity with your real life: Don't post anything you wouldn't want everyone to see.
One solution to curbing marketers is Mine, a purchase directory site that combs through e-purchases to allow people to add public sales history to their online identities. More importantly, it also lets you erase unwanted purchase data so marketers can't monitor it. Pierre Legrain, Mine's chief executive, says the best way to stop companies tracking and selling data behind our backs is "not by blocking it, but by offering marketers what they ultimately want, while also benefiting us."
It's a nice idea, but it's unclear how much those aggressive marketers will cooperate. So it's still all about keeping your digital footprint clean. Because "leave no trace" is no longer an option.
3. Bad Barcodes
Just because it's there, that doesn't mean you should click it. Especially when it comes to QR codes.
"People need to undersand QR codes are just URLs," says Jim Fenton, chief security officer of the digital identity service OneID.
In our smartphone-heavy culture, we have to be wary of the sites we frequent, especially now that fake QR codes are popping up in crowded spots like airports and metropolitan centers. A string of international cybercrimes has been linked to stickers featuring bad QR codes leading to dodgy websites. And they're popping up everywhere: Posters, boxes, buildings - you name it.
And while practically anything can be on the other end, you could likely expect bad codes to result in malware, spam and phishing attacks. "QR codes aren't magic," Fenton warns. "If anything there's less visiblity about who they are."
So take these three steps to protect yourself:
- First, get a QR reader that can check the associated site's URL, and make sure it has built-in security features.
- Enable a QR code review prior to opening the link to make sure you're not headed for the temple of doom.
- Finally, inspect the code to make sure it isn't a sticker, a dead give away that it's probably not authentic.
Better yet, just don't click on any QR codes. After all they don't really do anyone much good anyway (see ReadWrite DeathWatch: QR Codes).
Photo courtesy of Shutterstock.