Actually, more of a flood. Your personal and corporate data is leaking and leaking badly. And it is going to get a lot worse. It used to be that if you wanted to spy on somebody or a company, you actually had to go outside and spend boring hours just watching. You have all seen the police story TV shows with the detectives sitting in a dark car drinking bad coffee and talking about their strange personal problems, all to watch a door. They still drink bad coffee and talk about their strange personal problems, but they now sit in a comfy office as they simultaneously watch dozens or even hundreds of doors and people both now and in the past.
Almost two years ago I wrote about John Nolan’s book Confidential: Business Secrets – Getting Theirs, Keeping Yours. It was all about keeping others from finding out your business or personal secrets, and some ethical and legal ways to find their secrets. Since he wrote that book the world has changed, and nowhere more than in the leakage of your data.
Smart electric meters allows the government and almost any company with a few dollars to find out when you are home, when you turn on any unusual equipment at your company or operate at unusual hours, or when you are burning the midnight oil in the office because of a new project or major problem. Since these meters communicate wirelessly, and probably not very securely, it is available to pretty much anyone. The electrical industry wants to install these on every home and most businesses in the US.
Car insurance companies now want to install gadgets that monitor your driving – where you go, where you stop, how fast you are going and how much braking you do. Some car rental companies are doing the same thing.
Your cell phone knows where you are and how you got there, even without turning on the GPS option.
Governments, from local police to national agencies, can and in some cases are already using this information. New York State wants to collect DNA from even misdemeanors to add to their database.
You may not be able to do much about the smart meters, insurance companies and all of the surveillance cameras out there, other than remember there is an election in the US this November. However, you can avoid contributing to your data leakage yourself.
Friends of ours are on a fabulous vacation. Their friends on Facebook are getting an almost day-by-day depiction of this dream trip. That is a lot of people who know they are not home, and not likely to be back for a while.
Did your CTO just announce that the merger talks are going very well when she posted on Facebook or LinkedIn that she and your CFO are off to Boise? LinkedIn has a “My Travel” application that allows you to easily share your upcoming trips and current location with your network. Most professionals have a hundred or more connections on LinkedIn. It is possible that one of them does not really like you or your company.
Facebook, just eight years old, has 845 million active users, 483 million of them active daily. You have all heard the stories of Facebook postings that perhaps should not have been made. One law firm in the US indicated that Facebook plays a role in 20% of divorces. How many businesses have been damaged by inappropriate, perhaps only in hindsight, Facebook postings?
Google knows where you are planning to travel to and how you probably are going to get there. Are your Google searches broadcasting what is interesting to you or your company? Are you using Google to search for new partners, suppliers, products or people?
The European Union regulators, led by the French privacy watchdog CNIL (Commision Nationale de l’informatique et Des Libertes), are “deeply concerned” about Google’s new policy, and have strong doubts about its compliance with the EU and individual European countries data protection legislation. Google’s response to a request from EU regulators to delay the introduction of the new policy was essentially “No.” Peter Fleisher, Google’s global privacy counsel, wrote shortly before the change went into effect, “As we’ve said several times over the past week, while our privacy policies will change on 1st March, our commitment to our privacy principles is as strong as ever.” That makes me feel so much better.
While Google makes promises to guard data about you, it is legally bound to respond to subpoenas and other requests from any government. That is also true at Facebook, Yahoo, LinkedIn or any other social media site. In the US, those “requests” under the Patriot Act are themselves classified and even talking about a specific order can be a criminal offense. Last August, Google admitted that it handled over European data to US authorities under the Patriot Act, as did Microsoft earlier in the year. The EU certainly has every reason to be concerned about the security and privacy of their citizens’ and companies’ data.
What to do about Google? You have some options.
- Don’t ever sign in to Google. This is a problem for Gmail and Picasa since you have to sign in for them. Even if your company email does not end in @gmail.com, it could still really be Gmail. Many small- and medium-sized companies use Gmail as their email provider.
- Use different products like Microsoft’s Bing for searching and Yahoo’s Flickr for photos.
- Use separate browsers for different functions. Use Google’s Chrome to sign in to email. Use Firefox to sign in to Picasa. Use Internet Explorer to search the web with Google, without signing in. Now you look like three different people to Google and it won’t link your activities. Google’s ad manager is specific to each browser.
- Create separate Google identities for different functions. You then, of course, have to keep that straight.
- Sign in to the Google Dashboard. Go through each service to make sure it is correct. If you enabled a Google feature called Web History, you might want to turn that off or at least delete some of that history.
- You can review what Google thinks you are interested in, and remove or edit categories, in the Ads Preferences Manager. You can even turn off targeted ads. You still get ads, they are just not targeted “just for you.”
You might be surprised what Google guessed as your age and gender.
If you want to be completely anonymous, you can use a service like Tor to mask your Internet address. Requests to retrieve email or get search results appear to be coming from a different computer (IP address). They can, however, slow down your access to the Internet and may be prohibited by your company.
Depending on your point of view, things will get better or worse in the future. Increased dependency on mobile media like smart phones and tablets will increase the desire for and the danger from all of this data integration.
What you don’t do is tell your employees to not use social media or Google, even in the office. What you should do, however, it make appropriate use of social media a part of your new employee or contractor onboarding process and annual security and ethics training updates. Make sure they understand that a casual posting on Facebook or LinkedIn can have serious repercussions to the company, and maybe to them personally. Just because someone trusts their Facebook friends with their personal secrets does not mean they have the right to trust them with your business secrets.
The last word:
Social media is important to individuals and businesses. If you are not yet embracing social media in your business, I suggest you look at SocialSteve’s blog. He explains the “why” and “how” of incorporating social media successfully and productively in your business.
Keep your sense of humor.