Tag: privacy

Home > Posts tagged "privacy"
Can Your Website Visitors Really Trust You?

Should your website or blog have a privacy policy? Why would you want to have one? Are there any laws that require a privacy policy? Do small businesses (like bed and breakfast inns) need a privacy policy? What should my privacy policy include? Having a privacy policy is not something most small businesses think about when they think about content for their website. But should they? The short answer is yes. Why have a privacy policy? [caption id="attachment_550" align="alignright" width="300" caption="Image courtesy http://www.flickr.com/photos/mynetx/"][/caption]As of this writing, for most small businesses (there are exceptions for some businesses in health care or financial services industries, or if you collect information from children under 13 years of age), no US laws require that your website have a privacy policy. Don't stop there, however, as there are other considerations. 1. US Efforts to Regulate Internet Content. In the US legal arena, the federal government continues its efforts to regulate internet usage in a variety of ways. As these efforts continue to change, it would not be surprising to find that they result in either mandatory privacy policies, or provide additional protection for sites with privacy policies. If that should happen, having a reasonable and appropriate policy in place will be a very good thing. 2. Efforts to Regulate Internet Content by Other Countries. Since many (perhaps most) B&B's serve guests from other countries, and their websites are seen in other countries, the laws of those regions or countries may come into play if you collect data (including booking information) from citizens of those countries. 3. Privacy Expectations of Visitors. Despite study after study showing that the majority of people using websites are concerned about their privacy to some degree, many websites do not have a privacy policy. Studies of the "Top 100 Websites" show…

Google Security Hole = Big Problems in the Cloud?

We tweeted the TechCruch story about the site which, if you visited while logged in to a Google account, sent you an email proving it had just harvested your email information. Scary, isn't it? Well, the screenshot of the website, itself (no, we didn't visit it to see if it was true - besides, it was down by the time we got there . . . ) got us thinking about security and how this occurred. That's when it clicked - this looks very suspiciously like the Firesheep exploit - erroneously blamed by some "experts" on insecure WiFi networks, while in fact it is based upon insecure transmission of cookies by your browser, which can happen on any network, wired or not. Firesheep can intercept cookies and log in as another user for a specific list of popular websites (including Facebook, Twitter, etc.). It looks as if this new website is doing the same thing, but in a different way - instead of snooping on your network for open cookies, it is looking for the Google login cookie and "stealing" it, then proving it has stolen your login validation by sending you an email. Regardless of the method used, if a website is able to steal your login cookie (or other information), this points up a vulnerability in not only your Gmail account, but in anything that uses that Google login. This would include your personal iGoogle page, your Gmail account, your analytics and Webmaster Tools accounts, and - perhaps most dangerous - access to all your Google Apps. That's right - if you or your company has decided to migrate to Google's cloud-based applications, and if you use your Google login to gain access to them, then any website can steal your Google credentials and gain access to your…

Privacy and Social Media – Strange Bedfellows?

When you think about it, attempting to provide security in a medium (social media) where the objective is to share (at least to some degree) personal aspects of your life, doesn't make much sense. Perhaps that is one of the reasons that Mark Zukerberg of Facebook famously declared that privacy is dead. But is it? Should it be that way? Even with Facebook moving the goal posts every few weeks, and changing the way you control access to your data, and sometimes defaulting to very poor choices, you still have some opportunities to control what you share outside your circle of friends (real friends, I mean, not just Facebook "friends"). What's the probem? We may all have different ideas of what we are willing to share with others - depending, at least partly, on how well we know them. That's the reason that "one size fits all" privacy doesn't work. Whether you believe in sharing everything, or sharing very little, chances are the next person has a different view about what information they want to share. Understandably, businesses want to share lots of information about the business, but individuals often want to restrict some of their more personal information. However, many individuals use personal accounts for business information, and the lines between business and personal get blurry. An eye-opening example Recently a reporter published an article called Confessions of an Online Stalker. He did it to research just how much personal information is available for free on the internet. He chose a person who is very "plugged in" - having several online businesses, lots of social media presence, etc. What he was able to learn about his "target" was surprising, even to the target (the reporter eventually met him and revealed the information to him). For example, he knew where…

×