I recently wrote about a modest proposal to solve the issue of companies and governments misusing your personal data: make them pay you money for the use of your information. While this won’t work for criminals and terrorists groups, it does provide additional legal tools to go after them.
I’m not seeing a big rush to implement this idea, so what other alternatives do we all have?
Complicating the issue is that there is no US Federal law protecting your or your company’s data, or even requiring that you be notified when someone has a data breach impacting your data. Instead, 46 States plus DC, Puerto Rico and the US Virgin Islands have breach notification laws. Most are based on California’s law, but the restrictions and penalties vary by State. Most jurisdictions, but not all, exempt reporting a breach if the data “stolen” was encrypted. If you are curious, the missing four states are Alabama, Kentucky, New Mexico and South Dakota.
Many of us have signed up for the US national Do Not Call list run by the Federal Trade Commission. In the 10 years since the DNC registry was opened, the FTC has opened over 100 cases and collected $118 million in penalties and $737 million in refunds and recovered monies. If a company is calling you inappropriately, go to the DNC web site and file a complaint. You can also verify that all of your numbers are in the registry at the same site. At home, our policy is to not accept any solicitations over the phone. Telling the caller that up front usually makes for a very short call.
We can also click on “unsubscribe” links on annoying emails. In my experience, it works fairly well with real companies and very badly for emails from cybercriminals. My advice: if it is a company or organization that you do business with, initiated the conversation, or one you know to be a real entity, go ahead and unsubscribe. Remember, if you provide your email address as part of an inquiry or transaction, the company or organization can construe that as permission to contact you again with that email address. Since companies may have multiple types of emails, you may have to unsubscribe multiple times. Each new transaction resets the permission, so this tends to not be a once and done operation.
If the annoying email is clearly SPAM or from someone or something you do not know, do not reply or click anything. At a minimum, you are validating that someone is reading that email address; worst case you may be loading malware onto your system or network.
What if we could opt-out from the data collectors out there? Well, maybe we can. A friend recently sent me an article on how to opt out of companies that mine and sell your data. After a little research, I suspect this will be a very frustrating exercise for anyone. Some examples:
- LexusNexis requires supporting documentation as to why you want to opt-out, like a police report documenting that you are a victim of identity theft. There are also some comments indicating that in some cases you have to pay to have them remove the information they have obtained at no cost to them.
- A number of the companies require that you mail (i.e., paper in an envelope with a stamp) or fax the information to them. Seems strange since they gathered the information online.
- A number of companies just won’t let you opt-out.
- Not surprisingly, you must provide some personal information in order to opt-out, often including at least part of your SSN. While clearly necessary that they opt-out the appropriate data, it is probable that some companies are mining the opt-out requests.
- When successful, the removal of your data seems to be temporary. If you do opt-out from one or more of these companies, you should go back at least once a year and do it again.
Unfortunately, government organizations like the NSA or the British equivalent GCHQ use the tracking cookies used by the commercial data gatherers and companies like Google. These cookies allow the NSA to find your communications in the middle of all other Internet data. Companies like Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple all provide the NSA with access to everything you store or access with them: emails, documents, chats (audio and video), photos, and connection logs (when and for how long you were logged in). Since the NSA can break almost any encryption scheme, if you encrypt your documents and emails make sure you use at least a 256-bit encryption key and keep the key to yourself, changing it often, like daily. NSA can break this too, but it takes them some time. Oh, and don’t just encrypt the stuff you don’t want them to see. That is like a red flag in front of a bull. Encrypt everything. And remove the cookies from each of browsers every day.
Now, if we could only opt-out from the NSA we would all be a lot safer and our data a lot more secure.
The last word:
Thomas Jefferson spoke five languages. He founded the University of Virginia because of his love of science, invention, architecture, religion and philosophy, and he established West Point. He was also the principal writer of the Declaration of Independence, first US Secretary of State, and the third President of the US. While President, he doubled the size of the United States with the Louisiana Purchase, then sent Lewis and Clark to explore the new frontier, as much for scientific knowledge as a gigantic mapping task. As one of the American Founding Fathers, he strongly believed in democracy and the rights of man.
He talked and wrote about liberty often. Almost exactly 220 years ago, he wrote, “I would rather be exposed to the inconveniencies attending too much liberty than to those attending too small a degree of it.” (12/23/1793)
Over 150 years before the proven failures of socialism, he wrote “Were we directed from Washington when to sow and when to reap, we should soon want bread.” Remember this as the US government takes over health care
Thomas Jefferson is often quoted as saying, “A government big enough to give you everything you want, is a government big enough to take away everything that you have.” While I believe Mr. Jefferson would have embraced this idea, this quotation or variants of it are not found in any of his writings. However, he did say, “Most bad government has grown out of too much government.”
He also wrote, “The strongest reason for the people to retain the right to keep and bear arms is, as a last resort, to protect themselves against tyranny in government.” He also quoted criminologist Cesare Beccaria that “laws that forbid the carrying of arms … disarm only those who are neither inclined nor determined to commit crimes. Such laws make things worse for the assaulted and better for the assailants, … for an unarmed man may be attacked with greater confidence than an armed one.” In all of the recent mass shooting incidents in the US, only the attackers were armed.
Keep your sense of humor.