Category Archives: Privacy

Privacy

Protecting privacy online

A recent article in Business Week stated that that “studies have shown that 87% of the U.S. population can be uniquely identified via only a date of birth, sex and five-digit residential zipcode.” In countries like Canada, postal codes can pin point geographic targets with even greater precision than zip codes (in many cases, to the specific portion of a specific street). This suggests that Internet users, whether Canadian, American or otherwise should be very careful about disclosing any personal information to websites if they are concerned about retaining their anonymity.

Another concern is the increasing number of services offered by search engines such as Google which require users to log in. Its probably best to log out after any such use in order to reduce the risk that search queries will be logged.

Jajah – Read the find print

ExtremeVOIP warns potential users of a new VOIP service, Jajah, to read the fine print. According to ExtremeVOIP: The company’s privacy policy and EULA, however, seem to imply that the service could be used as a window into a user’s online activities, including monitoring a user’s surfing habits and the content a user posts to message boards and web sites, sending him spam, disclosing personal information to third parties without control and consent, and even potentially allowing a third party to eavesdrop on the conversation.

However, upon a closer look, many of the provisions may not be as bad as they appear. They may simply be the result of inconcise drafting by the author of the terms of use and the privacy policy or the company’s desire to warn customers of the potential risks involved. However, it does appear to show that there is growing sensitivity to security and privacy issues. Lawyers acting for Internet companies need to pay additional attention to the wording of contracts and privacy policies they create for their clients.

GMail to host corporate emails?

The ZDnet Google Blog has a posting that suggests Google Mail may in the future offer a domain hosting service. Such a service offering, which would compete with Yahoo’s small business email hosting offering, would allow a small business to use Gmail as their email “server”. Personally, I think such a service would not appeal to anything but a very small business. After all, Google’s privacy policy allows the company to sell its assets subject only to providing notice to users before they become subject to a different privacy policy. For a medium or large business entity, I don’t think reliance on a “privacy policy” is sufficient. Such an entity would likely require very definitive and non-modifiable confidentiality and privacy obligations before entrusting their email hosting to a third party.
Continue reading GMail to host corporate emails?

Bell Canada and Privacy

I’ve blogged in the past about Canadian privacy implications of outsourcing the the US. Well, recently I discovered that Bell Canada has been offering a number of services to small and medium sized enterprises (SMEs) that appear to be hosted in the US and where it appears that Bell customers are not being notified of that fact. In response, I wrote Bell’s Privacy Ombudsman to express my concern. I was pleased to hear that Bell is reviewing their privacy policy and marketing materials for such services and intends to take steps to both notify customers of this fact as well as obtain their express consent. Hopefully more Canadian companies will follow Bell’s example with respect to obtaining express consent.

RFID Zapper

RedFerret had a link to this do-it-yourself RFID Zapper. It can be used to deactivate (a better word is probably “destory”) RFID tags found in commonly purchased consumer products. This is done by subjecting the RFID tag to a strong electromagnetic field in order to “fry” its internal electronic components. The plans on the site are based on building the zapper using a disposable camera case. My view is that privacy advocates who wish to deactivate RFID tags on items they’ve purchased should construct a device they can use at home. Not a disguised portable device that might be better suited to assisting shoplifters.