Posts

Privacy Expert: NSA Intercepting Your Address Books, Buddy Lists

Snowden_Leak_Tip_of_the_Iceberg_of_NSA_Surveillance_Program__141492What makes a privacy expert nervous? Glimpsing the size of the iceberg under the surface. When National Security Agency contractor Edward Snowden became a whistle blower earlier this year, I think we all knew we were really just seeing the tip of the iceberg about exactly how much information the NSA was gathering on the average American citizen.  And it was a pretty large tip to start with.

Here’s a reminder of what started the whole thing.  Snowden provided reporters at The Guardian and The Washington Post with top-secret documents detailing two NSA surveillance programs being carried out by the U.S. Government, all without the average voter’s knowledge. One gathers hundreds of millions of U.S. phone records and the second allows the government to access nine U.S. Internet companies to gather all domestic Internet usage (so they are tapping pieces of your phone calls and emails, in other words). The intent of each program respectively is to use meta-data (information about the numbers being called, length of call, etc., but not the conversation itself, as far as we know) to detect links to known terrorist targets abroad and to detect suspicious behavior (by monitoring emails, texts, social media posts, instant messaging, chat rooms, etc.) that begins overseas. As a privacy expert, I understand the need to detect connections among terrorists; the troubling part is the scope of the information being gathered. Read more

Digital Footprint: Exposing Your Secrets, Eroding Your Privacy

Does your digital footprint expose your secrets to the wrong people? 

National Public Radio and the Center for Investigative Reporting recently presented a four part series about privacy (online and off) called, Your Digital Trail. To get the gist of how little privacy you have as a result of the social media, credit cards and mobile technology you use, watch this accurate and eye-opening explanation of how you are constantly being tracked. 
Marketers, data aggregators, advertisers, the government and even criminals have access to a vivid picture of who you are. NPR calls it your digital trail; for years, I’ve referred to it as your digital footprint. Let’s take quick look of what makes up your digital footprint.

What is your digital footprint? 

Just like a car leaving exhaust as it runs, you leave digital traces of who you are without even knowing it. Here is a partial list of the ways that you are tracked daily: cookies on your computer, apps on your smartphone or tablet, your IP address, internet-enabled devices, search engine terms, mobile phone geo-location, license-plate scanners, email and phone record sniffing, facial recognition systems, online dating profiles, social networking profiles, posts, likes, and shares, mass-transit smart cards, credit card usage, loyalty cards, medical records, music preferences and talk shows you listen to on smartphone apps, ATM withdrawals, wire transfers and the ever-present, always rolling surveillance cameras that tell what subway you rode, what store you shopped in, what street you crossed and at what time. Is there anything, you might ask, that others don’t know about you? Not much.

What happens to your data that is tracked? 

According to NPR, a remarkable amount of your digital trail is available to local law enforcement officers, IRS investigators, the FBI and private attorneys. And in some cases, it can be used against you.

For example, many people don’t know their medical records are available to investigators and private attorneys. According to the NPR story, “Many Americans are under the impression that their medical records are protected by privacy laws, but investigators and private attorneys enjoy special access there.”  In some cases, they don’t even need a search warrant, just a subpoena. In fact, some states consider private attorneys to be officers of the court, so lawyers can issue subpoenas for your phone texts, credit card records, even your digital medical files, despite the HIPAA law.

Kevin Bankston, senior attorney with the nonpartisan Center for Democracy and Technology, explains that the laws that regulate the government regarding privacy were written back in the analog age, so the government often doesn’t have many legal restraints. When the Fourth Amendment guaranteeing our rights to certain privacies was written, our Founding Fathers weren’t thinking about computers and smartphones!

Specifically, the Fourth Amendment states, “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated.”  In the “old days” police would have had to obtain a search warrant (showing probable cause) and search your home for evidence of criminal activity.

But since the 1960’s and 1970’s, the Supreme Court and other courts have consistently ruled that if you have already shared some piece of information with somebody else, a warrant is no longer needed.  So now when you buy something with a credit card (letting your credit card company know what you’ve purchased), or drive through an intersection with license plate scanners (telling law enforcement where you’ve been) or Like something on Facebook (letting the social network and everyone else know your preferences), you have, in essence, given the government (as well as corporations and criminals) the right to gather information about you, whether you are guilty of anything or not.  So much for probable cause.

In this age of cloud computing, the issue becomes even more, well, clouded.  Take the case of a protester arrested during an Occupy Wall Street Demonstration in New York City.  The New York DA subpoenaed all of his tweets over a three and a half month period.  Of course, his lawyer objected, but the judge in the case ruled that the proprietary interests of the tweets belonged to Twitter, Inc., not the defendant!

How can we defend our digital footprint against privacy violations? 

My takeaway from the NPR piece? We are so overwhelmed by the tsunami of privacy erosion going on, by the collection, use and abuse of our digital footprints, that the surveillance economy we have created will only be resolved by broad-stroke, legislative action. Until that happens, corporations, criminals and even our government will consume all of the data we allow them to. And so will we.

John Sileo is an expert on digital footprint and a highly engaging speaker on internet privacy, identity theft and technology. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 Minutes, Anderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Screen Shot 2013-10-11 at 2.11.21 PM

Online Privacy and Teens: Help Them Care if They Don't

facebook teenBefore you read this article, stop and picture yourself as a 16 year old.  Now that you’ve recovered from the trauma of that, think about this question: what thoughts consumed your time – your favorite band, your first car, your first love, your first job, your first password?  Certainly not the latter, and you most likely weren’t thinking about online privacy issues.

It’s no surprise then that today’s teens don’t think about them much either, although they do more than most of us ever had to.  The Pew Research Center recently conducted a survey entitled Teens, Social Media, and Privacy and found a variety of interesting statistics.

Teens share more about themselves on social media sites than they did according to the previous survey from 2006.  A few of the more significant ones:

  • 91% post a photo of themselves (up from 79%)
  • 71% post their school name (up from 49%)
  • 53% post their email address (up from 29%)
  • 20% post their cell phone number (up from 2%)

Some new questions revealed that teens also post other potentially risky information:

  • 92% post their real name
  • 82% post their birth date
  • 24% post videos of themselves
  • 16% have set their profile to automatically include their location in posts

The good news is that while teens are sharing more, they are also becoming more aware of privacy concerns; 60% of teen Facebook users set their profiles to private.  In addition, 89% of those users indicated it’s “not difficult at all” or “not too difficult” to set privacy controls.

Teens also manage their profiles in other ways to help control their reputation:

  • 59% have deleted or edited a previous post
  • 53% have deleted comments from others
  • 74% have deleted people from their network or friends list
  • 26% have posted false information to help protect their privacy

While some of these statistics would seem to indicate that teens are becoming more aware of protecting their privacy and reputation, there are still far too many that are just not concerned.  In fact, just 9% responded that they were “very concerned” and 31% were “somewhat concerned that some of the information they share on social networking sites might be accessed by third parties like advertisers or businesses without their knowledge.”  Undoubtedly, some of this lack of concern comes from simple, blissful teenage ignorance.  One teen that participated in a focus group discussion said, “Anyone who isn’t friends with me cannot see anything about my profile except my name and gender.  I don’t believe that [Facebook] would do anything with my info.”

In contrast to this, 81% of parents are “somewhat” or “very” concerned about what advertisers can learn about their children’s online behavior.  Too bad it’s not 100%, but if you’re reading this, I’m guessing you’re one of the 81%.  Because you care, and because your children quite likely do not, it may fall to you to help them be safe online.  We’ve addressed this many times in the past (in articles referenced below), but it’s so important that we wanted to revisit it.  The most basic steps:

  • Have a frank discussion about what concerns you. Discuss how advertisers use the information they can easily garner when we use social media, and warn them (AGAIN AND AGAIN!) about how strangers can access it, too.  Our Summer School for Parents article addresses the specifics in case you missed it.
  • Teach your child how to play it smart on Facebook.  We addressed this in our Facebook Privacy article with some detailed action items.
  • Check out our Smartphone Survival Guide and Facebook Safety Survival Guide if you want more specifics.

It may be hard to pull your teens off their social media sites long enough to have these discussions, but it will be worth the effort to protect their online privacy.

John Sileo is an online privacy expert and professional speaker on social media privacy. His clients include the Department of Defense, Pfizer, Visa, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

 

 

 

 

 

 

 

 

 

Summer School for Parents: Protecting Your Kids' Social Media Privacy

girls phones summerSchool is out for the summer and the tasks that often fall upon the shoulders of your local schools are now sitting squarely on yours.   In addition to making sure your kids practice their math facts, read regularly and get plenty of exercise, you’ll want to watch out for how they spend their free time when it comes to using Facebook, Tumblr, Instagram, Twitter, YouTube and other sites that can expose their social media privacy.

Social Media refers to web-based and mobile applications that allow individuals and organizations to create, engage, and share new user-generated or existing content in digital environments through multi-way communication.  Okay, that’s too technical. Social media is the use of Internet tools to communicate with a broader group. Some of the most common examples are listed above.  If you have elementary aged children, they may use more secure, school-controlled forms such as Schoology, Edmodo or Club Penguin, but if your kids are older, I can almost guarantee they’re into Social Media sites whether you know if or not.

Statistics show that 73% of online adolescents visit social networking sites daily and two billion video clips are watched daily on YouTube.  The American Academy of Pediatrics recently conducted a study that found that 22 percent of teenagers log onto their favorite social media sites more than 10 times a day, and that 75 percent own cell phones.

So, how do you battle such a time-consuming, captivating influence over your children?  You don’t, because you won’t win!  Instead you look at social media privacy best practices that schools implement and do the same at home.

  • Expect the Internet to be used appropriately and responsibly and set agreements and consequences with your children if it is not.  The Family Online Safety Institute can guide your discussion and even provide a contract.
  • Expand your typical discussions about strangers to include social media
    • Don’t accept unknown friend requests
    • Don’t give out personal info – specifically: last name, phone number, address, birthdate, pictures, password, location
  • Warn kids about the dangers of clicking on pop-up ads or links with tempting offers, fun contests, or interesting questionnaires, even if they’re sent from a friend.  They may really want that free iPad being offered, but chances are it’s just a way for someone to glean their personal information.
  • Monitor the information your kids give out and their use of sites; let your children know they should have no expectation of privacy.  (Make that part of your contract.)  You can also install filtering software to monitor their social media use and even their cell phones.  A few popular ones are Net Nanny and PureSight PC to help keep your child safe online and My Mobile Watchdog to help with monitoring their cell phones.
  • Check your privacy settings for all Internet sites and make sure they are set to the strictest levels.
  • Remind your child that once it’s published, social media is public, permanent, and exploitable forever- even when “deleted”
  • If your children are not 13, keep them off of Facebook since that is their stated age limit. There are plenty of reasons, not the least of which involves the emotional repercussions of being “unfriended” or cyber bullied.  When they are ready, have your children read and study the actual Facebook user agreement and privacy policy and discuss it with them.
  • Set limits on social networking time and cell phone time, just as you would for TV hours. Many families limit total screen time, which includes everything from computers, iPads, smartphones, and video games to our old fashioned notion of television.
  • Be a good example yourself.  Monitor your own amount of time spent online and seek to find a balance of activities. When you are on you iPhone at dinner, you are letting your kids know that this is acceptable behavior.
  • Monitor your child’s activities and try to stay educated about the latest platforms!

Social Media can be a positive way for kids to continue to develop friendships while they’re home for the summer and to feel like they’re connected to a community that matters more to them than anything.  But there are risks that come with it and it’s your job as a parent to protect them from those risks just as surely as you keep them from taking candy from a stranger

Social networking has an addictive component because dopamine (a natural feel-good drug produced by the body) is released anytime we talk about ourselves. And what is social networking if not a constant exposé of what is happening in our lives? Just make sure you know what is happening in your child’s life, even in the more relaxed months of summer.

John Sileo is an online privacy expert and professional speaker on social media privacy. His clients include the Department of Defense, Pfizer, Visa, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.