Categories
datacappy dsdefender oliverwjones

TikTok Under Scrutiny: The Need for a Comprehensive Data Privacy Strategy

The House of Representatives recently approved a legislative measure that might either outlaw TikTok or compel its divestment. This decision stems from dual concerns: Firstly, there’s apprehension about the potential for TikTok, given its extensive influence and capabilities, to mold public opinion in the United States through the content it disseminates. Secondly, the extensive data harvesting practices of the platform raise alarm. Both issues are significant and warranted earlier intervention. A critical flaw in the legislation, however, is its exclusive focus on TikTok without considering the broader landscape of applications that exploit user data for their benefit.

The power TikTok wields in shaping public discourse became evident when it motivated users to contact their congressional representatives en masse to express opposition to the proposed ban, thus demonstrating its capacity to potentially manipulate public sentiment. This incident underlines a significant concern for national security.

The core of TikTok’s dominance lies in its data collection capabilities, driven by an opaque algorithm that remains a mystery outside of TikTok and its parent company, ByteDance. Critical questions about the app’s operations, such as whether it employs background keystroke logging or the final recipients of the collected data, and whether artificial intelligence is used to profile its users, are of paramount concern not only to the lawmakers for national security reasons but should alarm the users as well.

The legislative attention on TikTok overlooks the expansive and equally vital issues of data privacy and potential abuse. The presence of foreign threats indeed warrants concern, yet the overarching practices of data collection across the board pose a substantial risk that should not be ignored. The persistent cyber-attacks on major corporations, exemplified by Microsoft’s battle against Russian malware, highlight the ever-present danger of data breaches. This situation points to the urgent necessity for a comprehensive strategy that safeguards data and upholds privacy across the entire digital landscape, rather than isolating specific platforms. Adopting such a holistic approach is imperative for tackling the multifaceted challenges of data security and protecting user privacy in our globally connected digital environment.

Categories
datacappy dsdefender

Orwel’s Surveillance plus Machiavellis’s Realpolitik

The assertion that our current political and social order is being guided by the tenets found in Machiavelli’s “The Prince” and Orwell’s “1984” is a complex one, often depending on perspective and the specific contexts within different countries or regimes. While it’s not accurate to say that these texts are handbooks actively guiding leaders and social structures, elements and themes from both works can certainly be observed in contemporary political and societal dynamics.

Machiavelli’s Realpolitik

Machiavelli’s pragmatism, focusing on the acquisition and maintenance of power, can sometimes be reflected in the actions of modern political leaders and governments. Strategies that prioritize power, control, and stability, potentially at the expense of ethical considerations, echo Machiavelli’s advice. This includes political maneuvering, alliance formation, and sometimes undermining democratic principles or norms to achieve or maintain power. However, it’s important to note that not all political action today is Machiavellian; there are numerous examples of leaders and movements prioritizing ethical governance, transparency, and democratic ideals.

Orwell’s Surveillance and War

Orwell’s portrayal of surveillance in “1984” is eerily prescient of today’s surveillance capabilities and the issues surrounding privacy, data collection, and state oversight. The extent to which technology has enabled governments and even private entities to monitor individuals is a significant concern, touching on Orwell’s warnings about the loss of privacy and freedom.

Orwell’s idea of a constant state of war also has parallels today, not necessarily in the form of perpetual traditional warfare, but in the ongoing conflicts, “War on Terror,” and other endless military engagements that some countries participate in. These conflicts can serve to justify increased governmental control, surveillance, and the curtailment of civil liberties, under the guise of national security—a theme Orwell explored as a means of control and manipulation by the state.

Are These Tenets Guiding Us?

While elements from both “The Prince” and “1984” can certainly be identified in modern society, it would be an oversimplification to say that our current political and social order is being directly guided by these tenets. Many democratic societies actively work against such dystopian outcomes, valuing transparency, accountability, and individual freedoms, and striving to balance security with privacy.

It’s also critical to recognize the role of public awareness, advocacy, and resistance in shaping political and social orders. The very fact that these works are studied, discussed, and critiqued suggests an active engagement with their themes and a desire to avoid the dystopian realities they describe.

In summary, while not direct blueprints, the themes of power dynamics, surveillance, and societal control explored in “The Prince” and “1984” offer valuable lenses through which to view and critique our contemporary world. They serve as cautionary tales, reminding us of the importance of vigilance, accountability, and the safeguarding of democratic values and human rights.

Categories
datacappy dsdefender oliverwjones

French Cyberattack affecting half of the French population

In late January 2024, France experienced its largest cyberattack to date, affecting approximately 33 million people, nearly half of the nation’s population. This significant breach targeted two French health insurance service providers, Viamedis and Almerys, responsible for managing third-party payments for medical insurance companies. The compromised data includes sensitive personal information such as civil status, date of birth, social security numbers, health insurer names, and policy coverage details for insured individuals and their families. However, it’s been reported that banking information, medical records, healthcare reimbursements, postal addresses, phone numbers, or emails were not believed to be affected by the breach​​​​.

This incident underlines the critical vulnerabilities in the digital infrastructures of health care systems and raises significant concerns regarding the protection of personal data. The cyberattack was orchestrated via phishing, exploiting healthcare professionals’ logins to gain unauthorized access. The French data protection authority, CNIL, and the affected companies have confirmed the scale and sensitivity of the data involved, prompting an immediate investigation to understand the full extent of the breach and to identify the perpetrators​​.

The implications of this cyberattack extend beyond the immediate risk of identity theft and fraud for the individuals affected. It emphasizes the growing challenge of securing sensitive personal data against increasingly sophisticated cyber threats. The incident serves as a stark reminder of the potential consequences of digital vulnerabilities, particularly in systems as critical as health care, where the stakes for privacy and data security are exceptionally high.

The breach also highlights the necessity for robust cybersecurity measures, continuous vigilance, and rapid response strategies to mitigate the risks and impacts of such incidents. It underscores the importance of strengthening the digital infrastructure and security protocols within the healthcare sector and beyond, to safeguard against future attacks that threaten personal privacy and the integrity of critical systems.

This event should serve as a catalyst for broader discussions and actions on improving cybersecurity measures, enhancing data protection policies, and fostering a culture of security awareness among all stakeholders involved in handling and protecting personal data.

Sources: link 1, link 2, link 3

Categories
datacappy dsdefender

Surveillance Capitalism

Surveillance capitalism is a term coined by Harvard professor Shoshana Zuboff. It describes a new form of capitalism that monetizes data acquired through surveillance. This economic system is based on the commodification of personal data with the core purpose of profit-making. Here’s a breakdown of its key characteristics:

  1. Data Surveillance and Collection: Companies collect vast amounts of data on individuals through various technologies and interactions. This can be through social media, online searches, mobile apps, smart devices, and more. The data include personal details, behavior, choices, and even emotions.
  2. Analysis and Profiling: The collected data is analyzed to create detailed profiles of individuals. These profiles help predict and influence behavior, preferences, and decisions. It’s not just about understanding what users do, but also about predicting what they will do next.
  3. Behavior Modification: One of the more controversial aspects is the potential for this detailed knowledge to be used to influence and modify behavior. This can be seen in targeted advertising, personalized content feeds, and other methods that can subtly shape an individual’s actions and choices.
  4. Economic Exploitation: The ultimate goal is economic gain. By understanding and influencing behavior, companies can sell more effectively, create new markets, and change consumer behavior to benefit their bottom line. Advertisers and other third parties often pay large sums for access to these insights.
  5. Power Asymmetry: There is a significant power imbalance between the entities that collect and analyze the data (typically large corporations) and the individuals from whom the data is collected. This raises concerns about privacy, consent, and the lack of control individuals have over their personal information.
  6. Legality and Ethics: Surveillance capitalism operates in a somewhat gray area of legality and ethics. While much of the data collection is technically legal, often enabled by user agreements and terms of service, there is an ongoing debate about whether these practices are ethical or whether they should be regulated more strictly.
  7. Societal Impact: Critics argue that surveillance capitalism has broader effects on society, including undermining democratic processes (through manipulation of political advertising, for example) and exacerbating socioeconomic inequalities by enabling more granular discrimination against certain groups of people.

Surveillance capitalism is at the forefront of debates about privacy and the role of technology in society. It raises important questions about the future of personal autonomy in the digital age and has prompted calls for stricter data protection laws and ethical guidelines for the use of personal information.

Categories
datacappy dsdefender oliverwjones

Opt-in Surveillance

Admittedly, chatGPT got us started on this article… It brings up some great points and we thought you’d like them as well!

The concept of “opt-in surveillance” raises important philosophical and practical questions about genuine choice and consent in the digital age. While, on the surface, many services appear to offer choices, the real dynamics underlying these choices are more complex:

  1. Ubiquity of Services: Many digital services, like Google, Facebook, and others, have become so integral to daily life and professional requirements that opting out can significantly hamper one’s ability to communicate, work, or socialize. In many contexts, using these services is less a choice and more a necessity.
  2. Illusion of Choice: Even when alternatives exist, they might not be practical. For instance, while one can use non-mainstream search engines that prioritize privacy, they might not offer the same efficiency or results as industry giants like Google.
  3. Opaque Terms of Service: Most digital platforms require users to agree to terms of service before using their products. These documents are often lengthy, filled with legal jargon, and are not thoroughly read by the average user. Even if users read them, they often don’t have the option to negotiate terms; it’s typically an “all or nothing” agreement.
  4. Data Collection by Default: Many services, especially free ones, collect data by default. While some allow users to limit data collection, these settings can be hard to find, understand, or modify.
  5. Network Effects: Some platforms, especially social media, have value tied to the number of users. If all your friends and family are on a particular platform, there’s considerable social pressure to join, regardless of the platform’s privacy policies.
  6. Economic Constraints: Privacy-focused services often come with a price, as they don’t monetize user data. Not everyone can afford to pay for privacy, leading to a situation where privacy becomes a luxury.
  7. Lack of Awareness: Not everyone is aware of the extent to which their data is collected, stored, and utilized. Without this knowledge, users can’t make informed decisions about using a service.
  8. Interconnected Data Ecosystems: Even if one opts out of a specific service, their data can still be accessed indirectly. For example, a person might not use a particular social platform, but if their friends do and share information about them (like photos or tags), their data becomes part of the platform’s ecosystem.

While “opt-in” suggests a proactive and informed choice, the reality is that many people feel they have little to no choice when it comes to using digital services. Given this landscape, there’s a growing call for clearer regulations, more transparent business practices, and increased public education about digital rights and privacy.

Categories
datacappy dsdefender oliverwjones

10 ways to protect your personal information from AI

Artificial intelligence (AI) is an increasingly powerful tool that is being used by companies and governments around the world to process and analyze vast amounts of data. While AI can be used for many beneficial purposes, such as medical research and fraud detection, it also has the potential to be misused or to infringe on our privacy.

  1. Use a VPN: A virtual private network (VPN) is a tool that encrypts your internet traffic and hides your IP address, making it more difficult for AI to track your online activities or identify your location. By using a VPN, you can protect your online privacy and prevent data breaches.
  2. Be Careful What You Share Online: One of the easiest ways for AI to collect personal information is through social media platforms and other online services. Be careful about what you share online, including sensitive information such as your full name, address, or phone number.
  3. Use Strong Passwords: AI can be used to crack weak passwords, so it’s essential to use strong, complex passwords for all your online accounts. Use a combination of letters, numbers, and symbols, and avoid using the same password for multiple accounts.
  4. Enable Two-Factor Authentication: Two-factor authentication (2FA) is an extra layer of security that requires you to enter a code or use a biometric factor in addition to your password to access your accounts. This can help protect your personal information from AI.
  5. Keep Your Software Up to Date: Keeping your software up to date is essential to protect against security vulnerabilities that could be exploited by AI. Make sure to regularly update your operating system, web browser, and other software to the latest version.
  6. Limit the Information You Provide: When creating accounts or filling out forms online, only provide the minimum amount of information required, and avoid giving out sensitive information such as your social security number or financial details.
  7. Be Cautious About Public Wi-Fi: Public Wi-Fi networks can be insecure and are often targeted by hackers and AI tools. Avoid using public Wi-Fi for sensitive activities such as online banking or shopping, and if you do need to use public Wi-Fi, use a VPN to protect your personal information.
  8. Use Anti-Malware Software: Malware and viruses can be used by AI to collect personal information from your device. Use anti-malware software to scan your device regularly and remove any malicious software.
  9. Be Cautious About Emails and Messages: Phishing attacks are a common method used by hackers and AI to collect personal information. Be cautious about emails and messages that ask you to provide sensitive information or click on links.
  10. Read Privacy Policies Carefully: When using online services or apps, make sure to read the privacy policies carefully. Look for details about what information is collected, how it’s used, and whether it’s shared with third parties. If you’re not comfortable with the terms, consider using a different service or app.
Categories
datacappy dsdefender

Don’t Post Kids’ Privacy Away

Your infant grandson sitting on the (endlessly patient) family dog. His older sister’s kindergarten portrait. The giddy dance they perform every time you play “Yellow Submarine.” They’re all moments you cherish and want to remember. And you know your friends would love them, too. So you do what so many of us do now. You share them. Not just with your closest confidants, but with hundreds of “friends” and countless people you’ll never meet.

Those sweet faces, oblivious to the insatiable hunger of our social media feeds, are also data. Bits of information to be sold, bought, and built into profiles that billion-dollar corporations use to hone their algorithms and perfect their advertising.

This is the information economy, built on tracking our online movements and gathering clues about who we are, how we live, and what we value. As adults, we began participating in this economy as soon as we opened our first email account, ordered a book from Amazon, and posted a shot of our outstretched legs on a sandy beach. We made that choice, even if we didn’t realize then just how much we were giving away in exchange for convenience and connections.

But are we making that choice for our kids and grandkids, too? Are we unwittingly shoving them into this new reality—where every click and image is recorded and analyzed—without their consent? Is that fair?

Big Tech runs on the personal information—the data—we feed it. With it, developers and engineers shape our world. The apps we use, websites we visit, ads we see—they’re all built on our data. Because of that, the companies behind those services and products know a whole lot about us. Governments, which acquire much of that data for their own purposes, do as well.

Where that leaves us is anybody’s guess. We’re the guinea pigs in a worldwide, multi-generational experiment that is far from over. But we should leave our kids out of it. At the very least, we should respect them enough to let them decide if they want to participate.

By sharing photos of their first lost tooth and new birthday dress, we’re handing over their personal information—their age, their preferences, their faces, their anonymity—to Big Tech.  All before they have any idea what we’re taking from them.

Don’t love your kids and grandkids any less. Snap all the photos of them you can. But think twice before posting those images. Behind those smiles is information, and it’s not entirely yours to share.

Reprinted with permission from PrivacyParent.com

Categories
datacappy dsdefender

Five Easy & Important Tech Resolutions

Every year we make New Year’s resolutions. Sometimes we succeed, often we don’t. Either way, resolutions can be useful. They indicate an awareness that something about the way we live needs to change. For many of us, the way we use technology—smartphones, fitness trackers, social media—needs to change. So here are a handful of resolutions aimed at improving our relationship with tech. They’ve got two things going for them: they’re important and they’re easy to achieve.

  1. Delete old apps. It’s not just the apps you use that soak up your data. Long-ignored and dormant apps—even if they’re closed—are still gathering information and conveying it to the companies that operate them. If there’s an app on your phone  you haven’t used in a month, you probably don’t need it. Delete it. As a bonus, with fewer apps junking up your phone, it will probably work better.
  2. Turn off voice assistants like Siri and Google assist. Yes, they’re listening to you. Are they recording what you say? Sometimes. Are Apple and Google using your voice commands for their benefit? Definitely. What’s in it for you? Not a lot. Turn them off.
  3. Set your social media accounts to private. Instagram has a private setting. So do Facebook and the others. Use them. If you’re going to use social media, keep your posts visible only to the people to whom you’re directly connected.
  4. Try enjoying being disconnected. Be happy you missed that event everyone’s posting about and went for a walk in the woods with a friend instead. Embrace JOMO. The Joy Of Missing Out. You’ll be happy you did.
  5. Don’t use public WiFi. You’re working in a coffee shop and in need of a WiFi signal. Be careful. Public WiFi networks are notoriously vulnerable to hackers and “man in the middle” attacks. Instead, use an LTE signal or, better yet, buy a VPN from a trusted provider like Datacappy VPN with an integrated, ad-blocking browser.

Reprinted with permission from privacyparent.com

Categories
datacappy dsdefender

Does Surveillance Technology Live in Your Town? Find Out!

Atlas of Surveillance is an Open Source effort designed to inform people of surveillance technology where they live. Do you want to know what types of tracking occurs in your city? This website is a great place to start. Atlas of Surveillance also has a glossary to help you understand common police surveillance terms. Maybe you can join the effort! Make sure you know how and where it’s being used and always use a VPN when out on public Wi-Fi to encrypt your data and mask your location. It’s your privacy and YOU own it.

Categories
datacappy dsdefender oliverwjones

What’s Your Name? Data Brokers Are Selling It Right Now.

Go ahead. Search for yourself online. Your address? EASY. Your telephone number? EASY. Your family members? EASY.

Anyone wanting to find out information about you can pay quick $ for a detailed file. Public records are, well, public. Marriage licenses, driver licences, property ownership, voter registation, vehicle registration, you name it. Currently, public records are not protected and data brokers have full access. Your own government and state/local agencies are the ones who sell your information to these data brokers. If you are an activist of any kind and someone wants to harrass you, it’s not hard to find you. Read here about the nuances and difficulty in trying to scrub your personal information from the internet. We have to keep this conversation alive and spread the word. Your privacy is at grave risk.