Overheard - Defining parameters for data encryption

From 201 CMR 17.00: STANDARDS FOR THE PROTECTION OF PERSONAL INFORMATION OF RESIDENTS OF THE COMMONWEALTH / Definitions section

“Encrypted,” transformation of data through the use of a 128-bit or higher algorithmic process, or other means or process approved by the office of consumer affairs and business regulation that is at least as secure as such algorithmic process, into a form in which there is a low probability of assigning meaning without use of a confidential process or key.

Overheard - Privacy and Google Street View

Google’s Street View can be a helpful tool, but it is meant to help Google sell ads and make money, not protect your privacy. Brian Cooper, Google Street View Continues to Raise Privacy Concerns

So how can you protect yourself? First, check your address using Street View. To report a concern with Street View imagery, enter the address you desire and click “Search Maps.” Then, click “Street View” in the thought bubble that appears on the map. Once the “Street View” image appears, click “Report a Concern” in the bottom left corner of the Street View image and enter the details of your complaint.

Overheard - Twitter privacy issues not new

“Twitter has been around for years, but only recently has it become the tool-de-jour for people in the public eye. Along the way we’ll see the inevitable story of losing a job because of Twitter, a marriage broken up over Twitter, probably a tear-jerking tale of a family being reunited by Twitter, and then something new will be on the scene.” Nick Gillard-Byers, as quoted in Indiscreet Tweets

All the hoopla about Twitter brings back memories of what it was like when the Internet was new.  Right now there are concerns about privacy — next step will be cries about how advertising has ruined a good thing. Because you can bet your bottom dollar that ads will be coming to Twitter.

Overheard - What’s holding up electronic health records?

The $787 billion American Recovery and Reinvestment Act that passed Congress last week allocates $19 billion to establish centrally linked health data infrastructure to contain the health information of “each American” by 2014 and to set up the new office of the “National Coordinator for Health Information Technology.” Fred Lucas, ‘Exceptions’ in Stimulus Bill Allow Sale of Health Records

The banking industry successfully moved to electronic records. What’s really so different about health care?

For the life of me, I can’t understand what the holdup is for electronic health records. It seems like a no-brainer with a lot of components, like HIPAA already in place. Yesterday’s article in the Washington Post attempts to explain some of the issues — but as I read it, I found myself shaking my head.

I don’t buy “privacy” or “security” or even “lack of standards.”  Like all things, it probably comes down to money and profit.  Let’s hope Obama’s $19 billion finally gets the ball rolling.

Overheard: PGP is just an envelope

Perhaps you think your E-mail is legitimate enough that encryption is unwarranted. If you really are a law-abiding citizen with nothing to hide, then why don’t you always send your paper mail on postcards? Phil Zimmerman, Why do you need PGP?

Phil Zimmerman is an interesting guy. You may remember that the U.S. Attorney’s Office for the Northern District of California tried to put him in jail for making his email encryption program, Pretty Good Privacy, public. It was a crazy story.

So what’s he up to now? VoIP security.

Overheard: Leveraging rich presence — a marketer’s dream

Ignoring the fact that I find the whole concept of “presence management” a solution in search of a problem for most people, there’s the whole technical problem of trying to work within the various walled gardens…Until we have a single identity across networks, no method of managing presence will be effective. Dameon D. Welch-Abernathy,  Presence And Identity

Rich presence is simply networking on steroids. And people are right to be wary about how the information aggregated from rich presence opt-ins could be used by marketers.  Sure, Facebook backed down on Beacon — but you know its just a matter of time before the “tweet” saying you wish you were in Hawaii brings you snail mail brochures.  Our best protection right now is that there isn’t a way for marketers to leverage rich presence effectively.  We have too many networking identities.

Overheard: Gov’t wants total access to Google search records

The nation’s top spy, Michael McConnell, thinks the threat of cyberarmageddon is so great that the U.S. government should have unfettered and warrantless access to U.S. citizens’ Google search histories, private e-mails and file transfers, in order to spot the cyberterrorists in our midst. Ryan Singel, NSA Must Examine All Internet Traffic to Prevent Cyber Nine-Eleven, Top Spy Says

On a related note, the Bavarian police want the gov’t to sanction a Trojan to help them eavesdrop on Skype conversations.

Overheard: Real ID — Don’t trust anyone under 50

The Associated Press explains why the U.S. Department of Homeland Security is subtly dissing people over 50: “The over-50 exemption for Real ID was created to give states more time to get everyone new licenses, and [now comes the ugly part] officials say the risk of someone in that age group being a terrorist, illegal immigrant or con artist is much less.” In other words, if you’re over 50 the government pretty much thinks you’re harmless. If Homeland Security really believes that, it could make up for that slight by letting people over 50 keep their shoes on while going through airport security. Dale McFeatters, 50 Is The New Harmless

Washington Technology has an interesting article on the technology upgrades required for Real ID compliance. DHS released applications last month for $35 million in grants for the program and Congress recently approved another $50 million.

Overheard: Ask.com will trade you privacy for a cookie

“Now for the funny part. AskEraser will remain on until you click the AskEraser button again to turn it off, no matter how many times you visit the web site. How does the search engine remember your preferences? By placing a cookie on your computer that lasts for two years.” Brad Linder, Ask.com launches anonymizer tool

 AskEraser, an anonymizer that lets the user decide whether or not the engine is allowed to keep records of the user’s queries. Mark O’Neill was quick to point out that Ask.com has an advertising deal with Google and that AskEraser is not quite as private as it seems.

Overheard: Beacon alerts may be controversial, but they’re the future of advertising

Known as Beacon, the feature was one of several money-making ideas Facebook launched this month to try to turn its users’ actions - such as their online purchases and their stated preferences for certain brands - into recommendations that might influence the buying habits of their friends. Richard Waters Privacy fears over Facebook feature

Facebook rejected the claims [of violating privacy] and said that its users are given two chances to opt out of sending a Beacon alert to their friends. It claimed, “Information is shared with a small selection of a user’s trusted network of friends, not publicly on the Web or with all Facebook users They also are given multiple ways to choose not to share information from a participating site, both on that site and on Facebook.”