Thursday, June 26, 2014

Big Data, Big Data Loss

More and more we are hearing about people’s personal data being lost by big companies.  Recently Target lost forty million customers’ credit card information and seventy million home addresses.  My first reaction was that I was really glad that I didn’t have any information with Target, but then I got to thinking…  We do shop at Target, and we do use credit cards, so maybe they did get some of my info.  However, as far as we know, we were lucky and were not part of the data breach. Target is in no way the only business to lose personal data, just one of the biggest recently.  A while back I had to do some research on Data Mining and Big Data providers, and this got me to thinking about how to avoid being on the next compromised data list.

http://datalossdb.org/index/largest

http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data

So I am a little paranoid by nature, and although I work in IT and am on computers all day most every day, I don’t use one at home for entertainment purposes.  I have no interest in Facebook, Pinterest, Twitter, and so on.  I do occasionally shop online, but only with companies I research first.  I do have a Linked-In account for professional networking and a Google Plus account for school.  I believe that because of my reduced foot print online that I am probably safer than most, but there is still way more information about me out there than I would like.  I was surprised to see that my home address and phone number were easily available for anyone to see, an old Department of Natural Resources accident report was still there from when my boat caught on fire 10+ years ago, a quick search from my home county showed every (usually deserved) speeding ticket I ever had, etc.

Part of this I can understand – Court records are public records, but what could someone do with that information?   Some of the others I can’t – How did my home address and phone number get out there? Turns out companies make extra money from selling your data to these Big Data Providers, who in turn sell it to others.  So when I had my utilities turned on, I paid them to do it… then they got a bonus selling my information to someone else.

Something as small as that seems like no big deal, but when you keep collecting all this information and putting it together, a pretty comprehensive snapshot can be made of someone’s private life.  Put all this information together (home address, phone numbers, contacts, property records, criminal or civil court records, browsing history, shopping habits), and maybe a bad guy can use it for bad purposes.

http://humphreybc.com/post/54668654006/a-few-tips-to-reduce-your-online-footprint

Now we have these Big Data providers collecting and organizing all this data (supposedly for marketing and such), so what happens when they have a breach?  Instead of some customers at Target, it is now anyone who has ever been on the Internet, bought anything online, etc., who is at risk for having their identity stolen and privacy compromised.  The more data they have, the more they can lose.

http://www.nbcnews.com/tech/tech-news/big-data-breach-360-million-newly-stolen-credentials-sale-n38741

Recently in Europe, a law was passed to essentially allow a person to opt out of Google’s data collection and have all data about themselves deleted from Google’s servers, kind of like a no call list for the Internet.  This is a great start, but what about all the others?  How can I opt out, or control what is available?  I really hope some regulations similar to this are enacted in the United States in the near future.

http://www.nytimes.com/2010/05/16/technology/16google.html?pagewanted=all

Posted by at 1 comment:
Subscribe to: Posts (Atom)