“Using software to monitor the transmission of data
from a Google Android mobile phone onto which a range of basic apps had been
downloaded – The Sunday Times (4th March 2012) discovered that
private information – including telephone numbers, email addresses and even the
phones location had been sent to companies in China, India, Israel and the
United States,” (p.9).
Now I’m not an ‘app’ person, but I’m becoming more
and more aware of people trying to access my personal information, which they
don’t need to have. It makes me very suspicious of what is going on behind the
scenes and where this might lead in the future. There are already too many
reports of identity theft, which can destroy the lives of the ‘real people.’
Of course, in some cases we must blame ourselves, as
according to a poll by YouGov, 70% of people do not read the terms and
conditions before agreeing to them. But then some of these terms and conditions
make ‘War and Peace’ look like a short read and where the language they use
ranks in the category of ‘bullshit baffles brains.’ So I imagine the majority
of these 70%, naively trust the service provider, thinking ‘what’s the worst
that could happen’ – which is great, until the worst does happen.
Another part of the problem is that the people
developing apps in many cases are simply focusing on the ‘app’ and the fortune
they hope to make from it – rather than the detail behind their service. As one
app owner said “since we are still beginners in the app development business,
we might have been a bit naïve and didn’t even think about such things. We will
contact the company trawling this information from our customers and ask what
the reasons are behind getting such information about users through us.”
Of course, asking and stopping are two different
things and I’d feel a little happier if the immediate response to these
allegations were to prohibit the ‘theft’ of one’s personal information.
What about Google’s new, all en-compassing privacy
policy, where the search engine has now combined all the information it holds
on users, gathered from its Gmail and YouTube services.
Google, which receives most of its $38 billion
annual revenue from advertising, says this will help to ‘personalise the
experience’ of users, allowing search results and accompanying adverts to be
tailored to their individual habits. Users cannot opt out, although there are
ways to minimise the amount of information Google can access.
Privacy campaigners have however branded the move
‘creepy’ and the European commission has questioned its legality.
And it doesn’t end there – “last month the scope for
fraud from the use of personal data was highlighted when US officials revealed
how Indian call centre staff had posed as ‘phantom debt’ collectors to swindle
millions of dollars out of more than 10,000 Americans,” (Mahmood, M and
Ungoed-Thomas, J; 2012; p13). “Officials think more than 20 million calls have
been made over the last two years with collectors using aggressive and language
to demand payments for debts that did not exist. The total cost of this one
fraud has been estimated at £3.2 million.”
As Mazher Mahmood and Jon Ungoed-Thomas mention “the
Indian authorities and British firms who take advantage of the low wages paid
to call centre staff have sought to play down the threat of security breaches.
When details of 1,000 British consumers were sold to newspapers by an IT worker
last year, the Indian government – anxious to preserve the reputation of an
industry worth an estimated £3.7 billion a year –described it as a freak
accident,” (p.13).
Senior officials in India said “as far as we are
concerned, officially the position is that there is no problem of people here
selling stolen personal information- simply because none of the banks or other
large companies pursue complaints against criminals stealing the data.”
Yet for a small sum of money the Sunday Times
reporters were able to get hold of 45 different types of data of customers
having Mastercards or Visa cards with banks using Indian call centres
including; first name, last name, address, account, city, postcode, alternate
number – that can be a mobile number, office number, date of birth, bank name,
name on card, card type, card number, start date, sort code and CCV (card code
verification) number.
So will we ever really know what’s happening with
our personal data, if we don’t have the technology to check for ourselves? We
are having to put our trust and ‘data’ in the hands of people, who clearly
don’t earn or deserve that trust, assuming that nothing bad will happen to us (which,
naively, is a bit like a smoker assuming that cancer is just something that
happens to someone else).
References
Henry, R. and Newlands, P. (2012). In a flash, your
details are on a server in Israel. Sunday Times, 4th March 2012,
p.9.
Mahmood, M and Ungoed-Thomas, J. (2012) Tuppence a
fact: the starting price for your stolen life. Sunday Times, 18th
March 2012, p.12-13.
No comments:
Post a Comment