Posts

Is Your Wireless Carrier Tracking Your Surfing Habits (Maybe)

,

Oh what your mobile phone carrier knows and tracks about you! A one-page document from the Justice Department‘s cybercrime division shows how cell phone companies record and retain your call and surfing activity (calls, text messages, web surfing and approximate location). Here’s a summary of how each company retains your information (full details in the image below):

  • Verizon Wireless – rolling one-year records of cell tower usage & what phone accessed what web site
  • AT&T / Cingular – ongoing records of cell tower usage since July of 2008
  • T-Mobile USA – doesn’t keep any data on Web browsing activity
  • Sprint Nextel’s Virgin Mobile – 3 month record of text content
  • Other than Virgin Mobile and Verizon, none of the carriers keep texts but they keep records of who visited a particular web site.
  • Verizon keeps some information for up to a year that can be used to ascertain if a particular phone visited a particular Web site
  • Sprint Nextel’s Virgin Mobile keeps the text content of text messages for three months. Verizon keeps it for three to five days. None of the other carriers keep texts at all, but they keep records of who texted who for more than a year.
  • AT&T keeps up to seven years of records of who texts who — and when, but not the message content. Virgin Mobile keeps that data for two to three months.

Readily available via a simple Internet search, this document shows how cellphone companies in the U.S. treat data about their subscribers’ cell phone use.

Bring privacy and security expert John Sileo in to scare the care into your next audience. Identity theft, data breach, social media exposure and human manipulation keynote training.

Google Spying Cost Them $1

Some months ago, [intlink id=”2349″ type=”post”]Google got caught sniffing[/intlink] the wireless connection in our homes as they photographed our houses to post on Google Street View. Although the case may be newsworthy, the settlement is only peanuts.  Google has been found guilty of trespassing on Aaron and Christine Boring’s home and will have to pay them the astounding amount of $1 for punitive damages. The search engine giant admitted that they trespassed when they took a picture of the plaintiffs house for Google Street View and ended up settling the case. The couple were hoping to make a point, but also realized that they financially can’t take on the huge corporation.

The Street View cars have found controversy not only because they drive around and take pictures of homes to post to the Internet, but they were also collecting sensitive information from WiFi connections while doing so. Google admitted that it had in fact accidentally collected private details, and stated they deleted all the private information gathered. Although we are left helpless with that data breach, we DO have the option to remove our homes from Street View.  Recently I outlined how you can do this by following a few simple steps to remove yourself from Google Street View.

This case may not change the way Google operates, but it does keep bringing to light privacy issues that the company is facing. These privacy issues directly affect you and me and hopefully one day we will not be quite so helpless in protecting our identity from Google and other Internet gorillas.

John Sileo is the award-winning author of Stolen Lives and Privacy Means Profit (Wiley, August 2010), a professional Financial Speaker and America’s leading identity theft expert. His clients include the Department of Defense, FTC, FDIC and Pfizer; his recent media appearances include 60 Minutes. Contact him on 800.258.8076.

5 Business Survival Lessons from Google's Spying

,

A few months ago, Google got caught sniffing unencrypted wireless transmissions as its Street View photography vehicles drove around neighborhoods and businesses. It had been “accidentally” listening in on transmissions for more than 3 years – potentially viewing what websites you visit, reading your emails, and browsing the documents you edit and save in the cloud.

Public opinion blames Google, because Google is big and rich and and scarily omnipotent in the world of information domination. It’s fashionable to blame Google. What Google did was, to me, unethical, and they should eliminate both the collection practice and their archive of sniffed data.

But the greater responsibility lies with the businesses and homes that plugged in a wireless network and did nothing to protect it. Don’t tell me that you don’t know better. When you beam unencrypted data outside of your building, it’s no different than putting unshredded trash on your curb – YOU NO LONGER OWN IT. In fact, when you take no steps to protect the data that flies out of your airwaves and into the public domain, you really have no claim against someone taking it. It’s like finding a $100 bill on an abandoned sidewalk – you can claim it or the next lucky person will. Tom Bradley of PC World agrees:

The lesson for businesses and IT administrators is that you have to put forth some effort to at least give the appearance that you intend for the information to be private in order for there to be any inherent expectation of privacy. The burden should not be on Google, or the general public to have to determine whether the data you let freely fly about unencrypted is meant to be shared or is intended for a specific audience.

The Google story illuminates 5 Business Survival Lessons:

  1. This, like so many other business issues, is not a technology problem. The technology to keep out unwanted eyes exists (unless a government wants to tap you) and is accessible and affordable. The problem is human — someone has decided to ignore what they know should be done (especially having read this article)
  2. Private information that you fail to protect is no longer your private information (pragmatically and probably even legally).
  3. In the marketplace of data, just like in business, it is your responsibility to control what you can. Not everything is in your power, but safe wireless transmissions are. Whether it’s trash in a dumpster, posts on Facebook or wireless signals, the responsibility is yours and your business’s, not just Google’s, Facebook’s and corporate America’s. You must do your part.
  4. If you don’t employ at least WPA2 encryption currently on your wireless networks, I can nearly guarantee your data is being watched. And the expense of upgrading is minor compared to the prospect of breach, so lose that excuse.
  5. Prevention isn’t sexy, but it’s profitable. Whether your are preventing data leakage, budget shortfalls, or a heart attack, the key is to do the hard work before it happens.

John Sileo is the award-winning author of Stolen Lives and Privacy Means Profit (Wiley, August 2010), a professional Financial Speaker and America’s leading identity theft expert. His clients include the Department of Defense, FTC, FDIC and Pfizer; his recent media appearances include 60 Minutes. Contact him on 800.258.8076.