Information Security, Ethical Hacking, website Security, Database Security, IT Audit and Compliance, Security news, Programming, Linux and Security.
Wednesday, 29 January 2014
Who's Responsible For Your Privacy? Big Companies (And You)
While companies can do better about how they protect user privacy, the fact is, we have to take control of our own privacy.
Privacy used to be a fringe conversation, something people thought about only when Facebook or Google rolled out a "new" feature, or when targeted advertising got a little too stalkerish. After almost seven months of reports about various programs run by the National Security Agency and other government agencies, even the average user is beginning to think about what is public and what should stay private.
Consumers generally view online privacy as a "shared responsibility," but it ultimately begins with the user, Brendon Lynch, Microsoft's chief privacy officer, told Security Watch. In a survey of "tech-savvy" consumers in the United States, Belgium, France, Germany, and the United Kingdom, respondents said they want transparency about exactly what kind of data is being collected, how their data is being used, and who it is being shared with.
Murky Privacy Policies
Even so, only 22 percent of survey respondents on both sides of the Atlantic said they actually read the privacy policies in full before accepting them. This likely has more to do with the fact that privacy policies are difficult to read and very confusing to begin with, Lynch said. If the policies become simpler, people will know up front what they are agreeing to and would be able to make better decisions.
This sentiment was echoed during a "Data Privacy Day" panel at Open Trust Alliance's town hall event in New York City today. Sal Tripi, the chief privacy officer of Publishers Clearing House described how the company shrunk its privacy policy so that users could understand right away what was being collected and how it was being used. Users want to know what is happening with their data, but get lost when the language is vague and the information is spread out across multiple policies, he said.
Privacy as a Feature
Users are looking at companies for "technological innovation," and care less about detailed transparency reports, Lynch said. Customers expect strong privacy protections to be built into technology. They also want privacy controls that lets them manage their preferences, Privacy now needs to be a feature, Lynch said.
Companies need to start thinking about the "responsible" way to use data, as opposed to just depending on users to communicate their preferences.
This is particularly important with the prospect of wearable computing and Internet of Things, as there may be times when it wouldn't be realistic to ask for user consent. Certain devices will always be personal, such as wearables, and insisting users have to opt out of data collection just doesn't make sense.
At the OTA town hall event there was also some discussion of how users need to take advantage of the tools that are already available to them, such as turning on "Incognito" browsing on Android or selecting "Do Not Track" on iOS devices. Users concerned about location tracking need to turn off GPS or Wi-Fi networking when not in use. They can also look at app permissions and not install apps that ask for access to location data with no real reason, said Mark Goldstein, a strategic advisor for OTA.
There is a long way to go before we can say we have full control of our privacy online, but there are some things we can do, and companies are beginning to take user concerns seriously. It's a good start.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment