by Jeff Kalwerisky, Vice President and Director of Information Security and Technical Training, CPE InteractiveData privacy! Stolen credit card numbers! Lost social security numbers! Protect your personal information! Beware of online fraudsters and scammers! Nigerian 419 get-rich-quick schemes!
The list goes on and the warnings are becoming ubiquitous. We’ve all heard about the lost or stolen laptop containing unencrypted payroll, human resources, or medical information on dozens, hundreds, even thousands of innocent people.Yet it appears that that we don’t really value our own privacy. For most of us, this has become a case of information overload, resulting in a general attitude of “So what? Who could possibly be interested in my data?” A recent research report found that a majority of people will give up sensitive data, such as email addresses, cell phone numbers, even their email passwords (!), in return for small rewards like candy bars or something “free”. How often have you been offered a “free” report or Webinar, in return for which you must fill out a screed of “required” personal data – all irrelevant to the ostensible reward? Despite Websites’ protestations that “We will never sell or share your data”, once you provide this useful contact information, be sure that targeted ads will soon be coming to your email and phone.
You don't have to give up your informationThe solution to these requests for your information is simple: don’t give it up so easily! If the phone number and address fields are “required”, just enter garbage. Remember that even a valid ZIP code may allow the marketing experts to track you down, so just type in any old ZIP code from any other state. [Ed: But don't enter garbage when the results matter to you: for example, don't enter a false email address if the vendor is going to use it to send you a download link, and don't make up a mailing address if it's legitimately needed for a shipment or to authenticate a credit card charge.]
And, of course, the amount of personal freely provided on social media sites like Facebook and Google+ is a treasure trove for criminals. Ominously, human resource departments have also climbed onto this particular bandwagon and are using social media data in making hiring and firing decisions. Some of them are even demanding that applicants provide their Facebook passwords, an egregious invasion of personal privacy.
Until now, the main threat to our privacy has seemed to be human stupidity (the lost laptop with unencrypted personal data), criminal activity (emails or Websites with malware designed to gain control of your computer), or our naïve offering up of our personal data.
Big Data is a big threatA recent disturbing event shows than there is an even bigger threat to our privacy: so-called Big Data. Big Data is the term du jour for massive databases accumulated by virtually every large company. As predicted ominously in George Orwell’s novel, 1984, Big Brother is indeed watching us. But it turns out that Big B isn’t from the government; instead he resides in otherwise benign companies with which we may do business. The data analysts in companies from Google and Amazon to your local supermarket and pharmacy chains have started to figure out how to use their databases to identify sensitive information about us merely from our normal purchasing and browsing activities.
Targeted!In an especially egregious example, recently Target – normally a trusted name – figured out how to identify which women customers were pregnant, without even talking to them. By computer crawling through masses of purchase data, they identified around 25 products that allowed each shopper to be assigned a “pregnancy prediction” score. They could also fairly closely estimate the woman’s due date and even the baby’s sex (e.g., blue booties)! This allowed Target generously to send the customer “targeted” coupons timed to specific stages of her pregnancy.
The story broke when an angry man complained to Target in Minnesota that his high-school age daughter was receiving coupons from Target for maternity clothing, nursery furniture, baby clothes, etc. It turned out that what the company knew but the father did not was correct. Still, this takes “customer service” to a new low.
And Big Brother now knows more about you and your family than you may know yourself.
Perhaps we should return to paying for retail purchases in good old-fashioned cash.