Feeds:
Posts
Comments

Archive for the ‘Privacy’ Category

Tracking Your Eyeballs on the Internet

An announcement was made last week that Microsoft’s upcoming latest version of Internet Explorer will automatically default to the “do not track” option. Why is that an important ethical step in the online world?

Remember the term “eyeballs” – that quaint concept in the earlier days of the World Wide Web? The key to marketing success was to get as many eyeballs on your page as possible.  But as competition for eyeballs increased, mere “eyeball” count gave way to more sophisticated concepts such as “click through” and “driving traffic.” A whole new consulting opportunity sprang forth called Search Engine Optimization or SEO.

Swiftly and surely the focus then shifted from driving traffic to your site (still highly important) to getting as much information as possible about the site visits obtained. Cookies are being placed on your computer not just from the sites you actually visit but also from their web oriented marketing vendors who want to gather more data on YOU. Targeted marketing based on that information has created whole new companies which present you with specific online “coupons” in an attempt to get you to buy.

The web browsers, principally Internet Explorer, Safari, Firefox and others, provide a way for you to browse the web without such tracking going on, but most of us never use it. As a result our privacy is disregarded on the basis that we have given our permission to be tracked. However, that “permission” is based on a default selection chosen by others together with a lack of training and transparency for all but the more technical among us.

This week’s announcement that Microsoft’s newest version of Internet Explorer, still the most widely used browser, will automatically default to “do not track” and, more importantly, provide a visible alert of that fact to the user, is an important first step in increasing public awareness of the digital privacy issue. Unfortunately it only occurs when the browser is installed; not every time the browser is launched.

Read Full Post »

I started this series back in May with my first post on this topic. Given the whole summer has already gone by, let me repeat my introduction:

“The time for a national discussion of our right to privacy and what that really means is long overdue. I will try to contribute to that discussion in a series of posts on digital privacy. Particular points I will discuss include the following:

  • That the right to privacy has already been established as a constitutional right;
  • That technology assisted statistics has already made protecting and hiding your personal identity and personal identification information impossible;
  • That the data that is collected on you in database warehouses around the globe is and ought to be yours and yours alone to surrender, no matter how it was collected;
  • That the economic size and scale of companies such as Google renders “opting out” impractical and our laws ought to recognize that reality;
  • That therefore the burden of maintaining privacy and security of identification should be on the organizations and corporations that provide services, not the individual; and
  • That these principles must be established not just on the federal level but on the international level.”

That post continued by addressing the first bullet in the above list as I outlined how our constitutional right to privacy came to be recognized in the Constitution and through two key Supreme Court decisions.

This second article will explore the idea that “technology assisted statistics has already made protecting and hiding your personal identity and personal identification information impossible.”

To understand why that is true requires an understanding of two things. First, personal identifying information does not have to be the pieces of data normally associated with that phrase – social security number, name and address. Any combination of data that can collectively determine who you are will do. Second, statistical analysis and technology capable of making that connection exists today.

1. Personal Identification Does Not Require Your Tax ID

The very concept of privacy is that others should not know what you have done and what you are doing, who you associate with, what your plans are for the future, your personal letters, or what you said in a private conversation on the phone without your willing permission of the force of a subpoena or duly executed warrant. The “you” in that concept means YOU, the person you are at your address. The combination of your name and Tax ID/Social Security Number as “personal identifying information” is applicable to privacy in a narrower sense – your financial and medical data and identity. However, if someone circulates in a social network system that “Mary Smith and her husband had an argument at home last night” that would be a violation of the Smiths’ personal privacy in that the recipients of this information can be reasonably certain which of the thousands of Mary Smiths in the world was involved. That is what I mean when I say that “You” can be uniquely identified without a Tax ID being compromised.

2. Statistical Analysis and Technology are Capable of Identifying Unique Information About You Without Your Tax ID

Let us assume that you are a woman and you have just found out that you are pregnant. You are excited and happy by the possibility, but haven’t had a chance to tell your family yet. You stop at a store on the way home. A few days later you receive a mailer from that store offering special deals on baby products. A coincidence? A mass mailing? No, it isn’t. The store that is capable of doing that is named Target and their ability to pinpoint the unique “You” who is pregnant was reviewed in an article in the New York Times earlier this year.

Target does this using a combination of statistical analysis of buying patterns captured by modern computers that have the speed and storage capacity necessary to identify, store and track every purchase in every store. They have a variety of means of identifying the specific customers. There is also a company in Arkansas that helps retailers with the specific person identification problem. It’s name is Acxiom and it too was featured in the New York Times.

Personal identifying information in the traditional sense (Name, Address and Tax ID) can be readily derived from there via the store’s name brand card, for example. However, smart companies have taken huge strides to protect that data from their own employees and the outside world, and the store systems that link your swiped credit card to the Visa/Mastercard computers are now specifically designed to prevent retaining the full card information for the retailer. There are also data security standards covering the transmission of that information back and forth. But as the Target story illustrates, one can still ascertain that you are the Mary Smith who lives at a specific residence.

Isn’t that enough?

Read Full Post »

Acxiom takes off your digital clothes. If you missed this weekend’s Sunday New York Times Business section, follow this link and you will learn about a company near Little Rock that analyzes your every move, on and off the web. While the search engines and big online retailers may track your data, Acxiom combines that data together with your in-store buying habits to determine your demographic, income level and whether or not you are worth getting special offers. Have you ever had someone at the checkout ask for your zip code? That’s a key piece of data that validates the matchup of virtual and real shopping and other interests.

You’ll learn more about this in my upcoming second post on the Right to Privacy and why technology and powerful statistical modeling have all but eliminated the need for a retina scan to identify Y-O-U.

Read Full Post »

With the nation’s first potential $100 billion IPO just around the corner and with that IPO based upon the premier and best social networking site, one has to recognize that this event is symbolic of a very new age in human interaction. At the same time, it should also remind us of a key challenge of the digital age: maintaining respect for the privacy of the individual.

Lest you think that I am about to attack Facebook, I have previously commended Mark Zuckerberg for defending that privacy. I am referring to the unbelievable requests made by potential employers for job candidates to provide their Facebook user ID and password to the interviewer. Zuckerberg rapidly responded to that news and stood up for his users’ privacy. Bravo!

Unfortunately our digital privacy dilemma does not hinge on Facebook’s founder alone. Information technology combined with mathematics and statistics has opened the door for corporations, governments and other individuals to find more information about you than you can imagine. Tracking your searches, learning your buying preferences, determining your likelihood of having particular medical problems, even observing you eating a hamburger in your backyard patio are all things we can now do.

The time for a national discussion of our right to privacy and what that really means is long overdue. I will try to contribute to that discussion in a series of posts on digital privacy. Particular points I will discuss include the following:

  • That the right to privacy has already been established as a constitutional right;
  • That technology assisted statistics has already made protecting and hiding your personal identity and personal identification information impossible;
  • That the data that is collected on you in database warehouses around the globe is and ought to be yours and yours alone to surrender, no matter how it was collected;
  • That the economic size and scale of companies such as Google renders “opting out” impractical and our laws ought to recognize that reality;
  • That therefore the burden of maintaining privacy and security of identification should be on the organizations and corporations that provide services, not the individual; and
  • That these principles must be established not just on the federal level but on the international level.

One of my first posts (My Big Data Footprint) opened the discussion of privacy in the digital world. Following the Seven Layers of Integrity® framework, we should start with the law. Let’s first briefly review the historical basis for the constitutional right to privacy.

The concept of a right to privacy is commonplace in our thinking, but unlike many of our other rights (freedom of speech, right to peaceably assemble, right to bear arms), privacy is not actually enumerated in our constitution. However, the Ninth Amendment, part of the Bill of Rights, provides recognition of other individual rights without specific identification in the constitution itself: “The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.”  Privacy as a matter of physical space (versus digital) can also be read into the 4th Amendment: “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated….”

The right to privacy as a legal issue remained largely dormant until the Civil War, when the 14th Amendment provided an opening to the legal evolution of this right with these words “No State shall make or enforce any law which shall abridge the privileges or immunities of citizens of the United States; nor shall any State deprive any person of life, liberty, or property, without due process of law; nor deny to any person within its jurisdiction the equal protection of the laws.” (Fourteenth Amendment, Section 1)

The first Supreme Court case involving the right to privacy was Griswold v. Connecticut, which centered on a Connecticut law forbidding the sale of contraceptives. In this 1965 case, Estelle Griswold, the executive director of the Planned Parenthood League of Connecticut, and another individual had been fined for violating the state law against sale of contraceptives. After taking the case to the state’s supreme court without success, Griswold filed at the Supreme Court, arguing that the Connecticut law was unconstitutional under the 14th Amendment. As part of the court’s favorable ruling, it established that the Connecticut law had violated a “right to privacy.”

The second major case that cited a right to privacy was the very case that established a woman’s right to an abortion: Roe v Wade (1973). In that landmark decision, the court ruled that that the right to privacy was protected under the “due process” clause in the 14th Amendment, and that this right to privacy included a woman’s right to an abortion.

The Constitution’s Bill of Rights, the Fourteenth Amendment and two pivotal Supreme Court cases in relatively recent decades have established a right to privacy. As with freedom of speech and freedom of the press, our starting point should always be to place a burden of compliance with that right not on the individual but on those who would restrict the individual’s rights. To do otherwise in the case of privacy would be unacceptable.

Read Full Post »

Less exciting than the prior week, but still a few news items on the corporate and financial fronts worthy of note.

Bank of America was mentioned in the American Banker as having sold credit card receivables to collection agencies without, how can we say this kindly, having scrubbed the data. Not to worry, the records were evidently sold “as is” per the contracts. But those consumers in the lists who had actually paid their debts may have found themselves getting collections calls nonetheless.

Senator Al Franken (D-Minnesota) gave a speech on data privacy to the American Bar Association’s Antitrust Section. His speech highlighted data privacy as an antitrust issue. An interesting speech that hits on some of the same issues I am dealing with in this blog (My Big Data Footprint and How Corporations Use It).

And in the sports world, Reebok was hit with a restraining order to cease manufacturing items with Tim Tebow’s name as their license to do so expired on March 1st. Details, details.

Read Full Post »

Another exciting week for those who follow ethics in the news!

MF Global’s Jon Corzine was initially reported to have directly ordered the transfer of $200 million from a client’s account to satisfy an overdraft in one of the firm’s brokerage accounts. A subsequent story indicated that he may have been told the transfer (now said to be only $175 million) was between firm accounts. No wonder the firm and Corzine don’t know what happened to all of that investor money.

Meanwhile, Texas’ state government scored a low D minus for integrity and ethics in a study announced last Monday. Is anyone surprised?  But as a relative indicator of where we stand as a country, New Jersey, the highest scorer, received a B plus. No one was ranked as an “A.”

On the data privacy front, Facebook last week condemned a newly reported practice by employers. Some employers have allegedly been asking candidates for the candidate’s Facebook ID and password so that they could review the candidate’s…. Why don’t they just ask the candidate to bring in all their medical records too? No point hiring someone that may be a problem later. Or would that be illegal?  I give high marks to Facebook on this one. Their response and stance is right on.

The SEC is apparently beginning an investigation of whether or not certain trading firms are using their relationships with the electronic exchanges to give them an edge over other traders. Nah, that would never happen.

And finally, just to show that no one is immune from financial shenanigans and cover-ups, the Los Angeles Times reported on a lawsuit involving the Trinity Broadcasting Network (TBN), one of the largest religious broadcasting networks in the country. Per the story, a granddaughter of one of the co-founders was fired when she attempted to bring to light all the money that was being spent on family members’ homes and lifestyles, among other financial issues. Remember former Tyco CEO Dennis Kozlowski’s $6,000 shower curtain? These guys allegedly spent $100k on a motor home for their…. dogs! Yipes!

— George Jones

Read Full Post »

When I read Orwell’s 1984 in high school, 1984 seemed far enough away to qualify for science fiction. When it arrived I was too busy to notice – buried in my career, happily building the very computer systems that would eventually breathe life into  “Big Brother.”

Now we have the technology to gather incredible amounts of discreet data, store it, analyze it and use it. A few examples of this capability have been surfacing in the public discourse:

Are these uses of data ethical? Who does this data (my shopping habits, location, Internet searches) belong to? How is it being safeguarded? Does stripping the “personal identifying information” from these records really protect your privacy?

We will tackle this topic and analyze the issues using the Seven Layers of Integrity ® model in future posts. Stay tuned and receive alerts on new posts by following us on Twitter.

Read Full Post »