The US Federal Trade Commission (FTC) is calling for stricter regulations on companies that gather and sell personal information. The FTC said in a recent report (PDF) that it believes Congress should look to enact a new set of laws that will allow consumers to control when and how their personal information gets used for …
So you buy a (eg) Sammy telly or DVD player and it wants, really, really wants to give you the full experience, obviously nothing to do with hoovering up data.
It'll give you iPlayer or whatever and other hub related stuff and of course if you are unwise enough to feed it your post code (or use Maps) and your name (optional to be honest) then they have a pretty full profile, especially if you have a Sammy phone as well to fill in some gaps. Oh they've got most of that anyway via some form of info gather via Apple or MS or Google, this is just reinforcement data, perhaps given a higher probability of being valid.
Yeah, try and legislate that if you can, if you even know what you are legislating about and what rights you are trying to protect and if your constituents even care. Legislation will almost certainly be out of date before it is agreed.
The world is changing rather fast due to this internet thing. I'm not sure what I want protected any more or even what that might actually mean.
Oh, the article is about a bunch of well meaning American legislators and here's me living in England.
Ho hum, more data to hoover up above - fill your boots Goog int al, if you can parse it.
Strange that they missed some big harvesters.
They seemed to have missed Facebook and Google, for starters.
Re: Strange that they missed some big harvesters.
See Brian Krebs:
(a) Experian Sold Consumer Data to ID Theft Service, http://krebsonsecurity.com/2013/10/experian-sold-consumer-data-to-id-theft-service/
(b) Experian Lapse Allowed ID Theft Service Access to 200 Million Consumer Records, http://krebsonsecurity.com/2014/03/experian-lapse-allowed-id-theft-service-to-access-200-million-consumer-records/
And it's not just the FTC taking an interest but the Congressional Committee on Commerce, Science, & Transportation, too, http://www.commerce.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=a5c3a62c-68a6-4735-9d18-916bdbbadf01&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=b06c39af-e033-4cba-9221-de668ca1978a
On 16 June 2014, 19 days time, Mr Hieu Minh Ngo will be sentenced in a court in New Hampshire, having already been found guilty of 15 charges related to identity fraud, http://krebsonsecurity.com/wp-content/uploads/2013/10/NgoIndictment.pdf
He conned personal data out of Experian for months and his scheme only came to an end when the US Secret Service told Experian it was happening. The new Hampshire judge may have a few choice words for Experian, as well as Mr Ngo.
Which has nothing to do with us over here in the UK, of course, we don't have "data brokers", we have "credit referencing agencies", that's quite different.
Experian is one of the Government Digital Service's five remaining "identity providers" on whom their invisible identity assurance scheme depends. Nothing to see here, http://www.dmossesq.com/2014/03/rip-ida-16-june-2014.html
Re: Strange that they missed some big harvesters.
They also missed the NSA.
FTC proposes legisation that lets consumers have control over their information
Translation: FTC proposes a law that has zero hope of passing once Google and the other companies that make billions off using/trading our information get through lobbying.
Yeah, I'd love to see some legislation along these lines that had some teeth passed, but I'm not going to hold my breath. If they do pass it, there will surely be holes that companies that only use but don't sell the information will be unaffected by (Google, Facebook) or companies that do sell the information will simply be required to give consumers "better" disclosures - but it'll still be opt out, making such legislation meaningless.
Whatever gets out of Congress and past whoever occupies the Presidency will not do this. If anything, they'll make it worse. Hell legalize it probably.
My problem is there's a huge disconnect between these agencies/corporations and the 'subject' of the collection. We also have enough examples of social engineering used to 'hack' the system. And that's just the visible examples. How will any 'firm' know they are dealing with the correct 'subject', or their designated representative (another can of worms). Talk about mushrooming the problem!
[I've never had privacy (security clearance) but I can see a nova bomb about to detonate.)
- Hi-torque tank engines: EXTREME car hacking with The Register
- Review What's MISSING on Amazon Fire Phone... and why it WON'T set the world alight
- Product round-up Trousers down for six of the best affordable Androids
- Antique Code Show World of Warcraft then and now: From Orcs and Humans to Warlords of Draenor
- Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...