If Ottawa thinks the census is invasive, what about the 64 trackers that popular websites install on visitors’ computers?
An interesting article from the Globe and Mail a few Saturday’s ago. More interesting were the comments on this article. They ranged from political jabs at Harper to security advice on browsers, cookies, etc. All valid… even the jabs at Harper ! One piece of advice I would add to businesses would be to ensure you have a web usage policy in place as well as the technology to help you inforce this policy… an ounce of prevetion… as the saying goes.
Here is the rest of the article…
In January of this year, researchers at the San Francisco-based Electronic Frontier Foundation tried an experiment. The online privacy advocacy group set up a Web page, and collected and stored the browser information of everyone who visited it.
There were no tricks. The site would not steal any data or urge casual visitors to install tracking software. It would simply log the same basic information almost all Internet users in the world inadvertently hand over each time they visit a website, including their time zone and Internet-protocol (IP) address – important clues to their location.
The most alarming result of the study of more than 470,000 Web surfers is that 83.6 per cent of them had an instantly identifiable, totally unique fingerprint: Their particular combination of settings and information was unlike that of any other user, increasing the chance they could be personally identified, even though they had done nothing but make a few clicks of the mouse.
Ontario’s privacy commissioner Ann Cavoukian says that banning employees from visiting social media sites, such as Facebook and Twitter at work isn’t a good idea.
“I think it’s a mistake,”Cavoukian said. She completely understands why in today’s environment some businesses may favour an outright ban, but says such prohibitions are almost always counterproductive.
What the commissioner has neglected to mention, is the fact that although a ‘blanket ban’ is not the solution, neither is unsecured open policy.
To leverage the advantages that twitter, facebook and other social networking/user generated content sites bring to your business, you have to allow access and mitigate the security risks associated with them.
I am a whole hearted advocate of saying ’yes’ to these Web 2.0 sites - as long as you have both a usage policy to educate your ‘users’ AND a security solution in place that can categorize pages on these sites in real time - thus giving you the ability to maximize the advantages, without compromising your security posture.
Read the story as reported on itbusiness.ca
The Federal Privacy Commissioner’s annual report for 2008 was released to parliament today. It is clear that the focus is on the need to protect personal information online. The commissioner is cautioning the public to take greater responsibility for securing their privacy and thinking twice about what they post on the Internet. The need to be ‘Connected’ vs ‘privacy and security’… the ultimate balacing act.
“Many young people are choosing to open their lives in ways their parents would have thought impossible and their grandparents unthinkable. Their lives play out on a public stage of their own design as they strive for visibility, connectedness and knowledge,” says Jennifer Stoddart, the Privacy Commissioner of Canada.
Read the full report.
Facebook just released as statement with respect to the findings of the office of the Privacy Commisioner. Glad to see that the message of a coordinated effort being the key to true security in the Web 2.0 space is being re-iterated.
The Commissioner also recognised, as we (Facebook)do, that privacy and user control on the social web is a new area, which requires websites, users and data protection authorities to work together.
Here is the article in the Ottawa Citizen about the original findings of the Privacy Commissioners with respect to ‘serious privacy gaps in Facebook’ and her ‘ultimatum’.
“The proposed legislation strikes an appropriate balance between the investigative powers used to protect public safety and the necessity to safeguard privacy and the rights and freedoms of Canadians.”
Another excerpt from the press release…
…”technologies have also provided new ways of committing crimes such as distributing child pornography. We must ensure investigators have the necessary powers to trace and ultimately stop crimes.”
Here are some thoughts from the Canadian Privacy Law Blog and the Gartner Blog on this legislation.
Your thoughts ?? Does it change things for you ? How does this affect your security policies ? Does it ?
Michael Geist recently posted an article on a ruling by a Canadian arbitrator regarding Google’s Gmail and Lakehead University Faculty Association’s concerns about the prospect of surveillance by U.S. authorities under laws such as the USA Patriot Act.
The arbitrator concludes: “One should consider e-mail communications as confidential as are postcards.”
You can read his post as well as additional coverage on Wired Campus.
Particularly interesting to me as the concern for email security / level of privacy for Canadians comes up quite often in conversations with customers and partners about hosted solutions…especially if the Data Centers reside outside of Canada. Not sure I would equate email to postcards … but as someone commented, perhaps closer to cell phones.
