Categories
End User internet online safety

Government surveillance and the issue of personal privacy

The whole issue of government surveillance seems to have reached a crescendo over the last few days. It makes you wonder what the whole Draft Communications Data Bill was all about if “they” can already see everything.

I don’t even know whether encrypted communications are particularly secure anymore. I thought they were but does government secretly have the capability to do really advanced tech that is not in the public domain. Quite probably. We expect it of our own side and hope that we are better than the opposition (whoever they are) – the James Bond movie Skyfall confirmed that it goes on 🙂

I don’t know what to think about the whole privacy thing anymore though. Every online platform seems to know an awful lot about us. Tesco knows the intimate details of my lifestyle from what I buy from it. Google knows absolutely everything about what I’m doing with all my waking hours.

The old joke about a bloke having an affair with his secretary after work and then rubbing snooker chalk on his collar so that his wife would think he’d been playing with his mates doesn’t work any more. She just needs to follow his movements online, or have the difficult conversation about why he switched his phone off for an hour (5mins? 🙂 ) on his way home from work1 .

The Domesday scenario here is that all this information is opened for all to see, accidentally of otherwise. Worst case is that our bank accounts could be emptied.

Aside from ferociously safeguarding your bank password details, though it seems that crooks use back door techniques for breaking into accounts these days rather than brute force password hacks, it seems to me that we need to up the profile of the whole issue of security of our own personal data.

I can’t see how we can stop people/organisations from collecting this data but if they lose it or expose it for others to see then the penalties need to be suitably robust. The world needs to fast track a move to an online security conscious culture.

1 On Sunday I nipped out to the pub for a swift one before dinner and forgot my phone. When I got home there was a text message from my wife asking which pub I was in! Nothing was mentioned though.  I did feel an element of freedom being out without the mobile phone but was also conscious that the clock in the window of acceptability was ticking away.

Categories
End User security

Privacy on London Underground Metropolitan Line #googleglass

hfobd_trust_thumbThe Metropolitan Line on London Underground has nice newish interconnected carriages and you can walk from one end of the train to the other. As we wound our way to Kings Cross for me to catch the train back north I noticed that the carriages were making interesting snake like movements. Very artistic I thought. I’ll video it.

I whipped out my S3 and propping against an upright for some semblance of stability I started recording (action – roll). I do this sort of thing. The first thing that happened was that a girl in the carriage noticed what I was doing and lifted her newspaper up to cover her face. That made me think.

There are obvious privacy issues in doing this although we were in a public place. However if I was wearing Google Glass I would be able to do it without anyone noticing. What is the implication of this? It really means the total end to privacy and anonymity in public places. That girl would not have noticed that I was recording.

I’m not sure there is anything that can be done about it. Maybe some sort of device that blocks other electronic devices from being able to video the space around you. There would have to be a standard for it. Maybe Bluetooth based. Not an easy thing to implement and it would only catch accidental video recording. If someone was hell bent on recording you they would obviously just disable that blocking function. I can imagine videos where lots of people had blurred out faces based on the fact that they have been transmitting blocking signals.

Makes you think dunnit?

Categories
Business online safety social networking

Parliament and Internet Conference – Privacy

portcullisThe Parliament and Internet conference wound its annual way to Westminster yesterday. The conference usually comes up with a nugget or two and made the BBC news site with a comment from Andy Smith, PSTSA1 Security Manager at the Cabinet Office that he wouldn’t recommend using your real name when registering with sites like Facebook.

Lord Merlin Errol also noted that he used to give his date of birth as April 1st 1900 but that drop down boxed rarely went that far back these days. I guess there are still one or two 112 year old people around though whether they would be interested in social networking is another  issue.  Privacy  on the Internet, or lack of it, is something I’m still trying to get my brain around.

This came to the front of mind again this morning as a Facebook message appeared in my timeline asking me to confirm my mobile phone number. I did so, particularly as a mobile number is one way of recovering a lost password. Didn’t feel particularly comfortable doing it though. I don’t trust Facebook though

Categories
End User Regs surveillance & privacy

Draft Communications Data Bill – a summing up of why it is wrong

Home Secretary Theresa May launched the draft Communications Data Bill yesterday with an interview on the Radio 4 Today programme. She has also written a foreword to the Bill arguing why we need it.

I have already written arguments against why we should implement this act. All of my previous points remain and I will restate the two most important aspects here.

  • Firstly what is being proposed represents a serious threat to our privacy as a nation. The government wants to collect personal information about our private web browsing, phoning, email, tweeting, Facebook and all other internet related communications. They then want to store this information “securely” for one year so that it can be accessed buy anyone granted permission by senior police officers.

I refer you to last week’s LinkedIn password debacle where 6.5 million passwords being securely held on a server were stolen and published on a Russian website. The next time this could be details of websites you visit. It would happen if this Bill moved into law. Guaranteed.

  • Secondly the proposed measures will not catch those who the police et al are trying to catch. If you are hell bent on crime you will easily find ways of going undetected on the web.

Here I refer you to the recent court orders for ISPs to block access to Pirate Bay. One of my most visited blog posts this year and certainly high up on the list of search terms  covers how to bypass these blocks. The same will be true with criminals looking for anonymity.

I’ve been thinking of whether there is a middle ground here where ISPs collect data on specified targets rather than everyone and subject to court orders. This could work though opponents will argue that once the capability has been put in place it will be abused. My second point above would also apply so the effort might be futile and money spent wasted (it would probably cost almost the same as if we were collecting all the data).

On balance we all need to oppose this Bill. Email your MP with a link to this post.

Previous posts on this subject here and here.

Categories
Business Regs surveillance & privacy

Legislation encourages tidal wave of new ISPA members – life jackets at the ready

It’s a funny old world. A judge orders ISPs to cut off access to Pirate Bay and visitor numbers to the site increase by 12 million. A government says it wants to increase the amount of regulation on the internet and the membership of the trade association shoots up.

The membership of ISPA normally hovers just under the 200 mark. The nature of our industry is that companies are bought out or merge with others to get scale. So in any given year the we get perhaps 10 or 15 new members but 10 or 15 disappear off the UK internet map and on the whole the number stays the same – ish.

Things are changing. The threat to the  industry stemming from potentially onerous new regulations placed upon service providers, such as the upcoming Communications Bill Green Paper, has prompted six new service providers to join ISPA in the space of one month. This is a veritable tidal wave in the scheme of things.

ISPs are

Categories
End User online safety social networking

The Online Garden Shed – the answer to internet privacy issues

Google Opt out - the online garden shed?We all need our private space. This true in our virtual lives as much as in the touchy-feely-smelly real world that we once inhabited.  In those days man could retire to his shed if he felt the need for a bit of time to himself. He would only let you in if you were a pal.

There are no sheds online.  What do we do about privacy when using the internet? The fact that Google seems to know what I’ve been up to is a concern.  Do we all sign up with proxy services?  The proxy service provider will still know what you are up to.  Switching on “private browsing” seems a bit of a faff and all that does is prevent PC from storing usage data.

A reader (thanks HmmmUK) just Tweeted me a link to the Google Opt out page:

“Opt out of customised Google Display Network ads

Opt out if you prefer ads not to be based on interests and demographics. When you opt out, Google disables this cookie and no longer associates interest and demographic categories with your browser.”

I thought “great, the answer to the problem” and proceeded to that page to opt out. Then I paused

Categories
Apps End User online safety

Pipe dreams and privacy – is your private life a thing of the past? or no Google doodle for privacy muddle

Today is all about privacy. No Google doodle to go with it because Google is at the centre of the debate with its harmonisation of privacy rules across all of its services.

The European commissioner of justice, Viviane Reding says there are “doubts” over what Google has done. I’m not going to go into detail on the ins and outs – read about that in the Guardian. Commissioner Reding though in my experience is someone worth listening to so she is expressing concern there is likely to be something in it.

It is worth thinking about privacy for a moment because in our modern age it is a hugely complex subject.

If I do a search for “Trefor Davies” Google comes up with