terriko: Evil Soup (evil soup)
Cross-posted from Web Insecurity

I often get into discussions about whether people really do care about privacy, given that they give away personal information regularly when they share with friends via Facebook or other services. A recent report suggests that people do care, at least when it comes to banking and shopping:


The Edelman study released in February 2012 shows that consumer concerns about data privacy and security are actively diminishing their trust in organizations. For instance, 92% listed data security and privacy as important considerations for financial institutions, but only 69% actually trusted financial institutions to adequately protect their personal information. An even sharper disconnect can be seen with online retailers, with 84% naming security of personal information as a priority but only 33% trusting online retailers to protect it.


The blog of the Office of the Canadian Privacy Commissioner (from which I drew this quote) sums it up in the title: Privacy: Not just good business, but good for business.

But I have to wonder, do these numbers indicate that privacy-preserving businesses will be winning customers, or will we simply see claims of privacy that aren't backed up by carefully constructed systems? Do consumers really care about privacy or do they just say they care? How will consumers evaluate potentially spurious privacy claims? In Canada we at least have the privacy commissioner who brings issues to light, and worldwide we have the Electronic Frontier Foundation, but while both organizations are astute and do their best, privacy claims are something that will need to be evaluated by organizations like Consumer Reports that are used by consumers when making decisions about where they spend and keep their money. Right now, by and large, we only hear about the relative privacy of an organization when a breach occurs.

I attended a talk on Internet voting yesterday and the speaker quoted an official in DC who claimed that, "voters like internet voting, so it must be secure," which is really quite a terrifying quote if you think about it. The speaker joked, "does this mean that because my kid likes cake, it must be healthy?" It really clearly demonstrates first that users of the system have very little understanding of its safety (despite strides in the area, internet voting as currently implemented is rarely secure) but also that officials who roll out such systems have little understanding of the flaws of the system and are much too willing to overlook them for convenience sake. If this is the case with voting, it's hard to believe that business would avoid such cognitive mistakes.
terriko: Evil Soup (evil soup)
There's an interesting article up on NYT regarding Facebook's definition of "active users" for the purpose of its IPO. Here's the boing-boing link to the story for those who are sick of NYT's paywall nonsense interacting badly with privacy settings. But really, the interesting part is this:

In other words, every time you press the “Like” button on NFL.com, for example, you’re an “active user” of Facebook. Perhaps you share a Twitter message on your Facebook account? That would make you an active Facebook user, too. Have you ever shared music on Spotify with a friend? You’re an active Facebook user. If you’ve logged into Huffington Post using your Facebook account and left a comment on the site — and your comment was automatically shared on Facebook — you, too, are an “active user” even though you’ve never actually spent any time on facebook.com.

“Think of what this means in terms of monetizing their ‘daily users,’ ” Barry Ritholtz, the chief executive and director for equity research for Fusion IQ, wrote on his blog. “If they click a ‘like’ button but do not go to Facebook that day, they cannot be marketed to, they do not see any advertising, they cannot be sold any goods or services. All they did was take advantage of FB’s extensive infrastructure to tell their FB friends (who may or may not see what they did) that they liked something online. Period.”


The article goes on to point out that at least Facebook tries to count engaged users, unlike the way Twitter or Google have been criticized for counting users. So don't be too hard on them for that.

But here's the real kicker, and the first thing I thought of when I saw the paragraphs above:

The big question is how Facebook can put all of its “active,” er, engaged users in front of advertising?


So... will we see small ads with every like button? Am I going to get ads stuck on the end of the text messages I get with my friends' status updates? Having had this "flaw" in their numbers pointed out, it may behoove Facebook to demonstrate how this is an untapped resource on the advertising front... It's actually tempting to brainstorm about this as a creativity exercise, no matter how obnoxious excessive monetizing seems to me as a user.
terriko: (Default)
Bunch of posts elsewhere:

Web Insecurity: Free Wordpress themes considered harmful



It's illegal in many places to compromise someone's site to force them to serve up spammy links. But it's not illegal to put them in a Wordpress theme and then offer it for free...

Web Insecurity: To whom are you confessing?



The Catholic church has given its blessing to a new iPhone app that helps you prepare for confession. The Office of the Privacy Commissioner of Canada isn't so sure they'd approve it, though, pointing out the the developer collects a lot of information and doesn't provide a policy about how it will be used.

Geek Feminism: “How could they not have known?!”



A post about how our male compatriots are often floored by the sort of sexism women deal with daily. Also about FatUglyorSlutty.com, troll visualizations, and ...

*grin* In that post, I wrote "my male gamer buddies don’t have people freaking out or getting, er, excited when they speak on voice chat" and it took some effort to resist adding "but some of them should. Yum." Seriously, some of my gaming buddies have incredibly sexy voices and on the entirely too rare occasion when one of them sings on teamspeak... mmm...

I know, TMI, but I've wanted to brag about my hot gamer guys all day. ;)
terriko: (Default)
New post up over on Web Insecurity. Here's a preview:

Facebook now enabling annoying phone calls and paper junk mail?




Sophos points out that Facebook has made yet another change to the way it handles your information: this time, allowing third-party developers access to contact information on Facebook.

Now, part of me wants to just shrug: it's always been technically possible for third party developers to get access to this information because of the current state of web security.


Read the rest here.

(But the short version is that you might just want to take your phone number and address out of your facebook profile.)
terriko: (Default)
Some fun recent stuff:



And then some more sad stuff in the form of a round-up of the links I've seen lately about women leaving academia. Poignant for me given that I've got a contract that'll take me away from academia... although I'm actually leaving mostly for the "work that has impact" reason and not so much for the others.

And then one thing that I didn't write (but I wish I had):

Let's say that fighting sexism is like a chorus of people singing a continuous tone. If enough people sing, the tone will be continuous even though each of the singers will be stopping singing to take a breath every now and then. The way to change things is for more people to sing rather than for the same small group of people to try to sing louder and never breathe.


Isn't that just the way of it? Thanks Mary for sharing that one.
Page generated Jun. 9th, 2025 10:14 pm
Powered by Dreamwidth Studios