The erosion of privacy in the digital world
by Mirko Zorz - Tuesday, 20 August 2013.
5. Privacy of thoughts and feelings. People have a right not to share their thoughts or feelings or to have those thoughts or feeling revealed. Individuals should have the right to think whatever they like.

6. Privacy of location and space, individuals have the right to move about in public or semi-public space without being identified, tracked or monitored.

7. Privacy of association (including group privacy), is concerned with people’s right to associate with whomever they wish, without being monitored.

Considering the full spectrum of privacy, are you sure you have nothing to hide? For example, do you want that people knows where you spend your time — and, when aggregated with others, who you like to spend it with? If you called a substance abuse counselor, a suicide hotline, a divorce lawyer or an abortion provider? What websites do you read daily? What porn turns you on? What religious and political groups are you a member of?

How has privacy evolved in the digital world? What are users still doing wrong?

Internet is a worldwide network and everything must be developed for a global environment (without national borders). Cloud computing delivery models require the cross-jurisdictional exchange of personal data to function at optimal levels.

In January 2011, the World Economic Forum (WEF) issued a publication entitled: “Personal Data: The Emergence of a New Asset Class”. In this document, the WEF highlighted the differences of Privacy-related laws and police enforcement across jurisdictions, often based on cultural, political and historical contexts and that attempts to align such policies have largely failed. For the WEF, the key to unlocking the full potential of data lies in creating equilibrium among the various stakeholders influencing the personal data ecosystem. A lack of balance between stakeholder interests – business, government and individuals – can destabilize the personal data ecosystem in a way that erodes rather than creates value.

Many users approve a privacy policy without reading it and many of these policies are vague guidelines where it is completely impossible for the user to foresee the scope and content of his consent to the processing of his data. The consent to this agreement is mandatory in order to access the service. Consequently, the user has no choice if it wants to use it.

Furthermore, the service provider may change this policy. Everybody remembers the Instagram case. In December 2012. Instagram said that it has the perpetual right to sell users' photographs including for advertising purposes without payment or notification. Due to the strong reaction, Instagram has backed down.

Many consumers are poorly educated about how their personal data is collected by companies and are unsure about what it is actually used for. Investigation into the recent implementation of the EU Cookie Law has highlighted how misinformed consumers in Europe currently are. For example, 81 percent of people who delete cookies do not distinguish between the ‘first-party’ cookies that give a website its basic functionality (e.g., remembering what items the consumer has placed in their shopping basket) and the ‘third-party’ cookies that advertisers place on websites to track user viewing. At the same time, 14 percent said they thought the data used to show them relevant ads included information that could identify them personally, while 43 percent were not sure if this meant their identity was known.

With wearable recording devices such as Google Glass getting traction, we are opening ourselves for a new type of privacy invasion. Do you see people embracing such technologies en masse or can we expect them to question those that do?

Google Glass is essentially a phone in front of your eyes with a front-facing camera. A heads-up display with facial recognition and eye-tracking technology can show icons or stats hovering above people you recognize, give directions as you walk, and take video from your point of view.


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th