Article 43
Tuesday, November 30, 2010
Top 10 Privacy Issues For 2011
The prevalence of mobile devices with personally identifiable LOCATION-BASED INFORMATION and the increasing use of social media are top concerns for 2011.
With more personal information available on the Internet, in everyday consumer applications and stored in corporate databases, risks to consumers and companies will only grow in the next year.
In addition, increasing regulations and new laws will force many organizations in 2011 to review their handling of private information and implement new programs to minimize their risks. To deal with these increasing threats and obligations, more organizations will create stronger privacy policies and turn to encryption, web filtering and secure managed file transfer.
Proofpoint predicts the following trends will dominate privacy discussions in 2011:
1. The PRIVACY and confidentiality of location-based information will become a major concern for both consumers and corporations. With the rise in mobile GPS information, companies will have to protect both personally identifiable information (PII) of employees, customers and partners, and also create new policies for handling location-based information. Not only will real-time information about location be a vulnerability, but companies will have access to information about where people (or their devices) spend much of their time.
2. At least one major SOCIAL MEDIA site will experience a major breach. According to Neilsen, nearly a quarter (22.7%) of all online time is spent social networking. With more people on social networks and more personal information available via those networks, the potential for exposure of that data is likely.
3. Stricter regulations will be passed worldwide. Privacy regulations in the HEALTH CARE, FINANCIAL SERVICES and critical infrastructure industries like energy and TELECOMMUNICATIONS will likely see new regulations dictating what needs to be protected and what to do when data loss occurs.
4. Expect a national data breach notification law. Notification laws like Californias SB 1386 exist in 46 of 50 states today. A federal law is imminent.
5. Blended threats will increase. While email is still the number one threat vector for personal information loss, threats from newer communications channels is increasing, especially in the form of blended threats where the target is first attacked through email, then directed to Web or social media.
6. At least one company will be prosecuted under the broad-reaching Massachusetts Privacy Law (201 CMR 17.00). In March of this year, the Massachusetts Privacy Law went into effect, mandating that any company that “owns or licenses personal information” whether stored in electronic or paper form about Massachusetts residents must comply with its privacy requirements, including notification of breaches and encryption of stored or transmitted personal data. Although the state has yet to enforce the law, 2011 will likely be the year that companies begin seeing penalties. In addition, we may see more laws of this type passed in 2011. Nevada also has a similar law.
To deal with these threats, the following additional trends will emerge among businesses:
7. Companies will move away from outright bans on social networks, IM or web mail to allowing those services, but applying stricter corporate policies on these new services as well as investing in secure web gateways to monitor use. New innovations such as Facebook mail give enterprises yet another good reason to put better policy and technology controls around the corporate email system.
8. More companies will create policy around acceptable use. Email leaks such as the recent Google corporate memo exposure are heightening awareness in companies that policies need to be created about what content is considered sensitive and enforce them both through technology and through training.
9. More companies will encrypt more data. Three factors are converging to make 2011 the year of encryption adoption. (1) More regulations today require encryption. (2) Itגs become a best practice in many industries. (3) Its easier to implement and less confusing for users. With processing power increasing and companies innovating, encryption has become faster and easier to implement and use.
10. More interest in secure managed file transfer. Driven by privacy considerations and security flaws in FTP, more companies will be implementing reliable ways to send files securely. With data breach notification laws in place in nearly every state, companies cannot risk losing data through FTP security issues.
Section Privacy And Rights •
View (0) comment(s) or add a new one •
Printable view • Link to this article •
Home •
Monday, November 29, 2010
DPI is Back
Shunned Profiling Technology on the Verge of Comeback
By Steve Stecklow and Paul Sonne
Wall Street Journal
November 24, 2010
One of the most potentially intrusive technologies for profiling and targeting Internet users with ads is on the verge of a comeback, two years after an outcry by privacy advocates in the U.S. and Britain appeared to kill it
The technology, known as “deep packet inspection,” is capable of reading and analyzing the “packets” of data traveling across the Internet. It can be far more powerful than “cookies” and other techniques commonly used to track people online because it can be used to monitor all online activity, not just Web browsing. Spy agencies use the technology for surveillance.
Now, two U.S. companies, KINDSIGHT INC and Phorm Inc., are pitching deep packet inspection services as a way for Internet service providers to claim a share of the lucrative online ad market.
Kindsight and Phorm say they protect people’s privacy with steps that include obtaining their consent. They also say they don’t use the full power of the technology, and refrain from reading email and analyzing sensitive online activities.
Use of deep packet inspection this way would nonetheless give advertisers the ability to show ads to people based on extremely detailed profiles of their Internet activity. To persuade Internet users to opt in to be profiled, Kindsight will offer a free security service, while Phorm promises to provide customized web content such as news articles tailored to users’ interests. Both would share ad revenue with the ISPs.
Kindsight says its technology is sensitive enough to detect whether a particular person is online for work, or for fun, and can target ads accordingly.
“If you’re trying to engage in one-stop-shopping surveillance on the Internet, deep packet inspection would be an awesome tool,” says David C. Vladeck, director of the Federal Trade Commission’s Bureau of Consumer Protection. When deep packet inspection is used for targeted ads, the FTC has made it clear that broadband providers “should, at a minimum, notify consumers that the ISP was mining the information and obtain clear consumer consent,” Mr. Vladeck says.
Kindsight, majority owned by telecommunications giant Alcatel-Lucent SA, says six ISPs in the U.S., Canada and Europe have been testing its security service this year although it isn’t yet delivering targeted ads. It declined to name the clients.
“These are tier-one ISPs we’re working with,” says Mike Gassewitz, Kindsight’s chief executive. He says his company also has been placing ads on various websites to test the ad-placement technology and build up a base of advertisers, which now number about 100,000.
Two large ISPs in BrazilOi, a unit of Tele Norte Leste Participacoes SA, and Telefonica SAחcurrently have deals with Phorm. Oi, Brazil’s largest broadband provider with about 4.5 million customers, has launched the product initially with about 10,000 people in Rio De Janeiro.
“We want to grow that,” says Pedro Ripper, Oi’s strategy and technology director.
A spokesman for Telefonica says it is testing the service on about 1,000 broadband customers and will evaluate the results before deciding whether to roll it out. “The user has the choice to enable or disable the service anytime he or she wants to,” the company said in a statement.
Phorm is hoping to introduce its service in South Korea and eventually in the U.S. “It is designed from the ground up to ensure one thing and that is privacy,” says Kent Ertugrul, Phorm’s chief executive.
Kindsight and Phorm say the ISPs don’t provide them with subscribers’ real identities. Both also say they don’t collect any personal information, read email, store users’ browsing histories or monitor sensitive sites such as health blogs. Subscribers must “opt in,” or give their consent to participate, both companies say.
Both the Kindsight and Phorm systems study people’s behavior and interests based on the websites they visit to show them relevant ads. Mr. Gassewitz says that unlike web-based tracking methods, which generally create a single behavioral profile no matter how many people share a computer, Kindsight can “generate multiple characters per human.”
“If I come online and I’m in work mode, I will show up as a very different character than when I go online Saturday morning and I’m in recreation mode,” he says. The targeted ads would reflect which “character” is online.
Mr. Gassewitz calls that some of Kindsight’s “secret sauce.” The company this year filed a patent on its “character differentiation” technology.
A new revenue source would mark a welcome change for ISPs. The companies have been under pressure to offer ever-faster Internet services at lower prices, while Google Inc. and other companies raked in billions of dollars selling ads. Targeted ads based on people’s interests or behavior generally fetch higher fees.
ISPs “feel like they have data and they ought to be able to use it,” says Tim McElgunn, chief analyst at Pike & Fischer Broadband Advisory Services. “They really desperately want to.”
This isn’t the first time ISPs have tried this. Two years ago, ISPs in the U.S. and Britain signed deals with companies offering deep packet inspection services and a cut of ad revenue.
Those pacts fell apart after a privacy outcry. In the U.K., an uproar ensued after BT Group PLC admitted it had tested Phorm’s technology on some subscribers without telling them. Last year, BT and two other British ISPs that explored deploying Phorm’s serviceVirgin Media Inc. and TalkTalkחabandoned it.
In the U.S., controversy erupted in 2008 over the practices of a company called NebuAd Inc., which planned to use deep packet inspection to deliver targeted advertising to millions of broadband subscribers unless they explicitly opted out of the service. At a congressional hearing, Bob Dykes, the company’s founder, was grilled over its policy. NebuAd stopped doing business last year; several U.S. ISPs who signed deals with NebuAd have been hit with class-action lawsuits accusing them of “installing spyware devices” on their networks.
In an interview, Mr. Dykes said, “If I had to do things over again, I would have figured out how to architect an opt-in model.”
The companies now offering ad services based on deep packet inspection believe they have learned how to make the services acceptable to privacy advocates and Internet users. This includes asking for permission up front and offering people incentives to receive targeted ads, such as Kindsight’s free security service, which includes identity-theft protection. Customers can pay a monthly fee to receive no ads.
In Brazil, Phorm is emphasizing customized content on partner websites if people agree to opt in. For example, users visiting a sports website might see articles about their favorite teams (gleaned from an analysis of their surfing habits), providing an online experience different from other people.
“Receive your favorite content in an easy and practical way and without spending money!” says Oi’s main opt-in screen for the Phorm service, called Navegador. “We guarantee your privacy! No personal information is input in the program, so your privacy is guaranteed!”
Oi’s Mr. Ripper says more than half the subscribers offered the service in the initial launch have opted in to date. “We were very happy with it,” he says. He says two outside auditors verified Phorm’s privacy-protection settings.
Until 2007, Phorm was known as 121Media Inc. It delivered targeted ads, particularly pop-ups, to users who downloaded free software. The ads were “based on an anonymous analysis of their browsing behavior, which is likely to indicate their commercial and lifestyle interests,” according to corporate filings.
Several Internet security companies, including Symantec Corp., flagged part of 121Media’s adware system as “spyware.” Microsoft’s Malware Protection Center called it a “trojan,” or malicious software disguised as something useful.
Facing “a combination of public perception and legal and technological challenges,” 121Media said it shifted its focus in 2005 from the desktop-adware business to ISPs.
It eventually shuttered its adware business and renamed itself Phorm. The company is led by Mr. Ertugrul, a Princeton-educated, former investment banker who in the early 1990s formed a joint venture with the Russian Space Agency to offer joy rides to tourists in MiG-29 fighter jets. The venture was later sold.
In February 2008, Britain’s biggest ISPsBT, Virgin Media and TalkTalkחannounced plans to implement Phorm’s service. Those plans quickly unraveled.
Suspicions earlier had arisen among some BT subscribers who discovered they were being routed through an unfamiliar Internet address when they tried to visit a website. Some of them contacted BT and were advised their computer might be infected with a virus, according to a person familiar with the matter.
A BT spokesman said it is “standard procedure” to take customers through “a number of steps to try and identify the issue” if they call with a question about their service.
In fact, the subscribers were part of tests BT conducted in 2006 and 2007 using Phorm’s technology. When BT disclosed the testing in April 2008, the backlash was fierce, with online protests by privacy advocates and government investigations. Four members of the board of directors later resigned, including former AT&T chief executive David Dorman and ex-Coca-Cola Co. president Steven Heyer, citing differences with Mr. Ertugrul. Messrs. Dorman and Heyer declined to comment.
The three ISPs eventually bailed out. “Phorm was bad news,” says David Smith, deputy commissioner of Britain’s Information Commissioner’s Office, which oversees data protection. He says he’s not surprised Phorm is looking for clients abroad. “It was pretty clear that no one was going to touch them in the UK.”
Kindsight’s roots trace to an in-house project known as Project Rialto at Alcatel-Lucent, where Mr. Gassewitz once worked as a vice president of strategic planning.
A 2007 job posting on Project Rialto’s website described the company’s work as developing “systems that can handle [a] massive volume of data for in-depth analysis of user behavior to enable targeted advertising.”
Project Rialto eventually became Kindsight, a spinoff. At an Alcatel-Lucent conference held in September 2008 in Beverly Hills, Mr. Gassewitz spoke at a session called “Merging Technology and Advertising.” A summary of his comments, posted on Alcatel’s website, reads in part: “Through technologies like deep packet inspection,” Internet service providers “can gather even more information about consumers” than rivals such as Google or Facebook.
Mr. Gassewitz also talked about “significant privacy concerns,” the summary says, and stressed that ISPs must find a way to provide measurable value to consumers “to avoid backlash.”
To win over Internet users to its services, Kindsight plans to offer what it has described as a “free, always-on, always-up-to-date security service.”
“Say hello to your new best friend” it said on its redesigned website in 2008. The company later dropped the slogan. “That was early days,” says Mr. Gassewitz.
Before giving away the security service free, Kindsight plans to display an opt-in screen to ISP users that explains how its technology analyzes “web sites visited and searches conducted to assign a numerical value to various interest categories.” The “score” is used to deliver relevant ads.
In market-research tests in North America, France and the U.K., Kindsight found that about 60% of users were willing to take the service free in exchange for receiving targeted ads, he says. Another 10% were willing to pay for it.
Mr. Gassewitz says six ISPs have tested Kindsight’s security service on subscriber groups as big as 200,000. Mr. Gassewitz says, “There was no profiling occurring, no advertising occurring, no data collection occurring.”
Oi’s Mr. Ripper believes that the technology’s time has come. “The Internet is becoming more and more a platform to deliver very targeted messages,” he says. As for deep packet inspection, “Everyone is going to get there. It’s just a matter of timing.”
Section Privacy And Rights • Section Broadband Privacy •
View (0) comment(s) or add a new one •
Printable view • Link to this article •
Home •
Wednesday, November 24, 2010
Holiday Hunger 2010
This Thanksgiving, 42.4 million Americans 13.7% of the population—are receiving benefits from the Supplemental Nutrition Assistance (SNAP) program, more commonly known as Food Stamps. The number is up from 36.2 million LAST YEAR and has risen by 15 million since the start of the recession in December 2007.
People with limited assets are typically eligible for SNAP if they earn a poverty-level income.
There are many reasons for the increase in the number of SNAP recipients. First, the American Recovery and Reinvestment Act passed last year widened eligibility for Supplemental Nutritional Assistance so that more adults without dependents could qualify. The Recovery Act also increased benefits, providing additional relief to some of the countrys poor individuals and families, while at the same time serving as an effective economic stimulus. The assistance provided by SNAP is like a direct cash transfer, which recipients spend quickly, returning to their local economies.
In addition to widened eligibility, the increase use of Food Stamps reflects a higher POVERTY RATE and increased unemployment. Earlier this year, the Census Bureau reported that the poverty rate rose from 13.2% in 2008 to 14.3% in 2009. As EPI Economists noted in an analysis of that data, “When unemployment skyrockets and job seekers cannot find work, incomes fall and poverty rises.”
Section Dying America •
View (0) comment(s) or add a new one •
Printable view • Link to this article •
Home •
Monday, November 22, 2010
Why US IT Jobs Aren’t Coming Back
As the economy recovers, the jobs are going to India and other cheap-labor nations
By Galen Gruman
Infoworld
November 18, 2010
The recession may be technically over and IT spending may rise slightly in 2011 and beyond (per Gartner and IDC projections), but U.S. and European IT workers won’t benefit. The technology jobs created and reinstated by the economic recovery will be in India, China, and other countries with cheaper workers. In fact, an additional 600,000 American and European jobs in IT will disappear in the five years from 2010 through 2014, on top of the 500,000 lost in the 2008-2009 period.
That’s according to bleak research released today by the Hackett Group, a consultancy specializing in helping companies save costs through techniques that, ironically, include outsourcing. “Theres NO END IN SIGHT for the jobless recovery in business functions, such as IT and corporate finance, in large part due to the ACCELERATED MOVEMENT OF WORK TO INDIA and other offshore locations,” the report says.
A key reason is that as companies have moved to DIGITAL PROCESSES, those processes aren’t tied to specific physical locations. “Another driver is the ongoing standardization and commoditization of work, making it more portable. In conjunction with cheaper bandwidth and technology that enable ‘digitization’ of work and automation of workflow, standardization has made execution of many business support processes entirely independent of the physical location of assets and resources, along with the origin and destination of the work,” the report says.
If there’s a bright spot, it’s that IT offshoring appears to have leveled off. Instead, companies are accelerating the offshoring of financial jobs, such as accounting and procurement, and Hackett predicts that by 2014, the annual number of finance jobs offshored will for the first time exceed the number of IT jobs offshored.
But the reason that the annual number of job losses from IT offshoring is stabilizing is because companies have spent the last four years moving IT jobs offshore in vast numbers. It now appears to be financial jobs that companies are looking to offshore en masse, the report says, hoping to duplicate the savings achieved in IT operations.
And IT (as well as finance and HR) face another job-destroying trend, Hackette says: increased automation. “Full transactional process automation and enablement of self-service options will eventually eliminate much HR, IT, finance, and procurement work altogether and will continue to be the most sustainable strategy for structural efficiency improvement,” the report says. So at some point, Indian and other offshore IT workers will go through what U.S. and European ones are now.
Section Dying America •
View (0) comment(s) or add a new one •
Printable view • Link to this article •
Home •
Saturday, November 20, 2010
CWA Victory At Alcatel-Lucent
November 18, 2010
Last December Alcatel-Lucent decided to OUTSOURCE IT’S ENTIRE IT and Finance Operations worldwide. IT work would be done by HP who subsequently contracted out the functions our members performed in Alpharetta, Georgia and NAPERVILLE, ILLINOIS to A COMPANY called ADEA. The finance functions in Alpharetta were contracted to WIPRO.
Our members were offered VTP and offered jobs in the two companies doing the same work, in the same place and carrying over many of their wages and benefits - BUT NOT THEIR UNION.
We demanded bargaining rights of WIPRO and threatened to file charges with the National Labor Relations Board if they did not comply. We did not have to take that step. We are happy to report that we have just signed a Contract with WIPRO for those employees, one of the first (maybe only) Union contracts for this company in the United States. WIPRO, based in India, is the third largest outsourcing company in India with operations all over the world.
ADEA refused to bargain with us. We filed charges with the NLRB and have just received a settlement agreement. They are posting notices (and emailing them to every employee) reminding workers of their right to be in a Union, recognizing the CWA as the exclusive representative of the workers in this bargaining unit, agreeing to bargain with us and not delay bargaining, and not to interfere in any way with the rights of their employees to be in a Union. Bargaining will begin soon.
Although the numbers are small, the principle is very important. These workers had a right to keep their Union when Alcatel-Lucent moved their entire offices over to these subcontractors. We pushed the issue and in both cases and our rights were recognized.
Section American Solidarity •
View (0) comment(s) or add a new one •
Printable view • Link to this article •
Home •
