Archive | Privacy RSS feed for this section

Privacy content from Leo Nelson

Privacy Definition

An excellent definition of privacy in the context of autonomy and security:

  • Autonomy Privacy is an individual’s ability to conduct activities without concern of or actual observation (i.e., surveillance).
  • Information Security is the protection of information resources from unauthorized access, which could compromise their confidentiality, integrity, and availability.  This includes, but is not limited to networks, hardware, software and information (some of which is confidential).
  • Information Privacy is the intersection of autonomy privacy and information security — it is the appropriate protection, use, and dissemination of information about individuals

Source: Autonomy Privacy, Information Privacy and Information Security

Using DNA for Access Control

You’ve probably heard of the genetic testing site, 23andMe. The site allows users to send in a swab covered in their saliva for genetic decoding. When that code is translated, it’s viewable online as a pie chart of ancestry. 23andMe even offers an API that allows you to share your genetic information with the REST of the world. Genetic information is some powerful stuff: It can countermand information that’s been passed down through a family, provide a clue to lost relatives, and even offer unexpected insights into one’s origins. But did you ever think that genetic information could be used as an access control? Stumbling around GitHub, I came across this bit of code: Genetic Access Control. Now, budding young racist coders can check out your 23andMe page before they allow you into their website! Seriously, this code uses the 23andMe API to pull genetic info, then runs access control on the user based on the results. Just why you decide not to let someone into your site is up to you, but it can be based on any aspect of the 23andMe API. This is literally the code to automate racism. The author offers up a number of possible uses, many of which sound fairly legitimate, however. Imagine a women’s support group online that restricts access to women only. What if JDate didn’t just take your word for it that you were Jewish, and actually checked your DNA to make sure?

Source: Using DNA for Access Control

Data Conveniency

Chris Dancy recently tweeted, “We don’t have a privacy problem with data we have a conveniency problem with data.” How true. We live in a day and age when we have become more desensitized to how our data is used to make our lives just a little more convenient. Earlier this week, Wired also published a great story on Disney’s MagicBand. Colleagues at work have described first hand how convenient the Disney MagicBand made their trip by allowing for things like unlocking your door at a Disney Resort hotel room, entering theme and water parks, checking in at FastPass+ entrances, connecting Disney PhotoPass images to your account and even charging food and merchandise purchases to your Disney Resort hotel room. Convenience?

It’s delightful, and it took hold faster than the goosebumps could. The utility seems so obvious, your consent has simply been assumed.

Source: Disney’s $1 Billion Bet on a Magical Wristband

App Permissions

The biggest risk to you and your company’s privacy is your smartphone.