Advocates: Free Market Doesn't Work for Online PrivacyAdded 7th Dec 2012
Web and mobile device users have little understanding about how much of their personal data is collected online, making it difficult to rely on free-market competition for solutions to privacy concerns, privacy experts told the U.S. Federal Trade Commission Thursday.
The FTC or the U.S. Congress needs to set clear online privacy rules, said some speakers at an FTC workshop on comprehensive online data collection. Other speakers suggested that competition among Internet and device companies and privacy notification efforts by industry groups can work, even if some Web users don't seem to care or understand about data collection.
Some services, including search engines, browsers and social networks, are offering their products based on privacy tools or policies, Markham Erickson, general counsel for the trade group the Internet Association.
Consumers will punish companies with bad privacy practices, added Stuart Ingis, counsel for the Digital Advertising Alliance, another trade group. "The market reacts when they see a business practice they don't like," he said.
There's still an open question about the harm to consumers from data collection, some speakers said.
Harm to a consumer's reputation may be a factor, but "if you can't articulate what the harm is, you can't prevent it," said Howard Beales, a business professor at George Washington University and former director of the FTC's Bureau of Consumer Protection. "If the only harm we're worried about is speculative possibilities of what might happen at some point in the future, what we're likely to do is preclude a lot of really useful new services on the horizon that none of us has thought of yet."
But it's difficult for Web and mobile users to make informed decisions about Web-based products because much of the data collection happens behind the scenes, other speakers said. "It's hard to compete on something people don't know about," said Ashkan Soltani, an independent security researcher and consultant.
When researchers ask people about online data collection, many have little knowledge of the topic, said Lorrie Faith Cranor, a privacy researcher and computer science professor Carnegie Mellon University. Many people, when first learning about comprehensive data collection, find it "very creepy," although some people's opinions improve when learning the data collection is generally used to deliver targeted ads and customized services, she said.
"They also feel like, 'I seem to have given a blank check for these companies to collect my data and do whatever they want with it,'" she said.
Still, some Web users are acting in ways that suggest they understand data collection, Beales said. Many Web users are starting to use multiple networks, multiple devices and multiple browsers and are deploying encryption technologies, he said.
No online company has a "single, comprehensive view" of a Web user's personal data, Beales added. "Consumers really have diversified their risk," he said. "There's nobody that's sitting on a choke point that everything goes through and that has a comprehensive picture of what's going on.
Part of the focus at the FTC workshop was on deep-packet inspection, or DPI, a technology that can be used by ISPs and some other companies to inspect the content of packets as they travel across the Web. The problem, however, isn't with DPI, but with how it's used, Erickson said.
ISPs can use DPI for several good reasons, including preventing cyberattacks, Erickson said. But concerns about DPI have come up when it's used in real time to deliver targeted advertising, he noted.
Erickson and several other speakers cautioned the FTC and other policy makers to focus on bad uses of technology and not aim regulations at technologies. "We should be careful not to demonize the technology, but rather, go to the uses," he said.
Some speakers called on policy makers to trust the market to take care of online privacy problems, and allow vendors give consumers choices on when they are tracked, but others questioned that approach.
"Putting the industry who wants to track you in charge of opting out of tracking seems like putting the fox in the hen house," said Christopher Calabrese, legislative counsel for the American Civil Liberties Union. "How could I as a consumer trust you to opt me out when your entire business model is based on tracking?"
Cisco today announced Managed Threat Defense, a set of security services for the enterprise that Cisco is providing through two new operations centers to remotely support intrusion-detection, incident response and forensics, among other services.
Sometimes a security patch isn't all it's cracked up to be. The security researcher who first found a vulnerability affecting more than 20 different router models says the patch meant to fix it only hides the initial weakness and doesn't remove it whatsoever.
Salesforce.com recently celebrated its 15th year in existence, and as the SaaS (software-as-a-service) vendor races toward US$5 billion in revenue its influence on the industry is being felt more than ever. At the same time, some signs indicate that Salesforce.com is having a few growing pains, as well as showing some trappings of the mega-vendors it once mocked with its "End of Software" marketing campaign.
Can your tablet withstand a 2-meter drop or be submerged in water for 30 minutes and keep functioning? The new $5,000 tablets from Xplore Technologies can.
A malware campaign of yet-to-be-determined origin is infecting jailbroken iPhones and iPads to steal Apple account credentials from SSL encrypted traffic.
Mainframe operators using BMC software may now be able to enjoy the speedy, devops-style development pace that is quickly becoming the norm for customer-facing mobile applications and Internet services.
Dell released a new virtualized storage accelerator appliance called Fluid Cache for SAN on Tuesday, designed to help customers keep data-intensive applications working quickly under load.
Gone are the days when a company could deploy a standalone security appliance to protect an entire network, McAfee network security general manager, Pat Calhoun says.
Verizon today issued its annual data-breach investigations report, a study of what happened in 1,367 known cases across dozens of industries in 95 countries last year, and the most common form of attack was breaking in through Web applications.
The panic over the Heartbleed bug is proving to be a convenient distraction for hackers using standard techniques in a fresh wave of attacks targeting at least 18 U.S. universities, according to a computer security researcher.
A notorious Windows leaker dubbed 'Wzor' says Microsoft will issue yet another update to Windows 8.1 later this year, evidence of an even-faster acceleration in the company's development tempo.
Jurors in the Apple v. Samsung case have heard a lot of big numbers in the past few weeks.
Wireless technology changes quickly. This matters if you're running a business, as faster Wi-Fi can improve employee productivity as well as customer service. These advances in wireless tech are therefore worth watching.
As CIO at Boeing, Ted Colbert is no stranger to the Internet of Things. For more than a decade, the aerospace giant has deployed thousands of communications-enabled smart devices to sense, control and exchange data across the factory floor, on the battlefield, and within the company's 787 Dreamliner aircraft.
Falling hardware sales and the cost of layoffs hit IBM's profit hard in the first quarter, sending it down 21 percent from a year earlier.