Facebook Dominates Social Networking, Garnering 95% of Consumers Social Networking Time

December 26, 2011

Social networking is all but synonymous with Facebook according to new an analysis of comScore data and charted by web publisher Ben Elowitz of Wetpaint.

The service commands 95% of all social networking time, a remarkable feat essentially accomplished in just 4 ½ years.

Facebook’s fortunes took off when the disastrous mismanagement of MySpace, horrific lapses in privacy and safety features (think of the news stories of early 2009 when MySpace had to acknowledge removing 90,000 convicted sex offenders) and tawdry ads placed on user’s pages disgusted their user base and marketers alike.

How much has Facebook learned from MySpace’s foibles?

While Facebook has largely avoided the label of being a haven for sexual predators, they have been slow to provide consumer with customer support or assistance, and they have trampled consumer privacy so many times that last month’s FTC charges against the company for deceiving consumers by failing to keep their privacy policies is but one incident in a long line of penalties and fines Facebook has faced for their practices. Of note is the $9 million dollar fine levied by the Canadian Privacy Commissioner’s office in 2009, the Facebook Buzz debacle, and the current demand by European countries for changes, see Europeans calls on Facebook to adapt data-privacy changes to comply with local laws.

It is tempting to believe that Facebook is an unstoppable juggernaut, but that may change if another, more respectful alternative comes along.


Giving Technology This Season? Use McAfee’s 10 Tips to Keeping Devices Safe

December 21, 2011

Tech items are wish-list toppers again this year, and if you’re among the millions planning on giving devices, don’t forget to include the safety, privacy and security tools and education that are needed to ensure the recipient is protected. This festive tip sheet from McAfee helps identify areas to think about.


Half of U.S. Drivers say Potential distraction issues Discourage Buying New Media Features in Cars

November 16, 2011

Concerns about driving distractions when using media features like navigation and Wi-Fi would deter half of U.S. users from purchasing these features according to a new survey from Altman Vilandrie & Company and uSamp.

In spite of safety concerns, the demand for new technologies in cars is strong, including media features like WiFi. This is especially true among younger drivers aged 18-24 who are twice as likely (40%) to say in-vehicle media capabilities influenced their most recent car purchase compared to older drivers.

The most desirable in car technology features? Voice-controlled navigation, real-time traffic updates, and the opportunity to turn their vehicles into wireless “hotspots” to enable internet access. Respondents were also interested in voice output–hearing emails, text messages, and social networking information.

The study also found that 70% of respondents have privacy concerns over the potential use of their driving data by car manufacturers and wireless carriers, though surprisingly those privacy concerns don’t extend to insurance providers. More than a third of respondents said they hoped to have their insurance rates determined by monitored driving habits.


Consumers Suspicious of Sharing Personal Data with Companies

October 20, 2011

A whopping 88% of U.S. and Canadian consumers say they believe companies are primarily collecting personal information for their own benefit, nearly that many (85%) are often concerned about how much of their information is being held by others, and 74% don’t believe they benefit from sharing information according to an October 2011 survey from LoyaltyOne.

And even though 52% of survey respondents said they believe their information is being used to provide better service, only 9% strongly agree that this is the case.

This represents a very healthy skepticism on the part of consumers and shows that between the spread of internet safety messaging, and being burned by companies, has shifted the perception of average citizens towards sharing information. According to the survey, nearly one in three (32%) consumers has been notified their personal information was stolen or compromised.

Expectations for benefits are low

The survey also found that less than half believe that sharing their personal information will give them benefits like receiving tailored offers, advanced information, communications targeting their interests, easier purchasing processes, and preferred treatment or product improvements.

Companies beware

It would seem that consumers are tiring of the constant request for personal information by companies. Nearly a quarter of surveyed users (23%) say they have chosen against making a purchase due to uncertainty over how a company would use their personal information, and this percentage jumps to 30% of respondents who have received notification of a data breach and to 37% among respondents who have actually been negatively affected by a data compromise.

What consumers are doing to avoid information exposure

To limit the amount of information shared when general respondents do make a purchase, 41% say they pay with cash – this behavior jumps to 52% among those compromised by a data breach. 43% (jumps to 55%) say they refuse to provide a salesperson with their information, and 12% (jumps to 25%) say they have canceled memberships or opted out of loyalty programs.

Unfortunately, it doesn’t look like the survey asked about another common method for refusing to provide personal information – many people simply fake information in any field that’s not tied to billing or their address (hard to get the goods if you fake these). It would have been interesting to learn how many users go this route as I suspect the percentage is fairly high.

The data presented through this survey presents a very compelling argument for companies to provide real benefits in exchange for information, quit asking for information they don’t absolutely need, and to better protect information from data breaches. We’ll see if they take heed, but I’m not holding my breath.


Double Check those Daily Deals

October 19, 2011

If you are among the legion enamored with the ‘great deals’ delivered to your inbox every morning, pay attention: Those deals may be inflated to look better than they really are.

A story on Thumbtack.com found that 80% of the daily deals quoted ‘standard’ prices that were higher than what you’d get by visiting or calling the stores to inflate the sense of getting a good deal.
While the sample size was small – 5 from Living Social and 5 from Groupon – the false spin on the discounted rate should raise eyebrows; and maybe a lawsuit or two for misleading advertising.


The urge to inflate is understandable, but not acceptable. In order to promote your services on daily deal sites, a company has to offer a steep discount. If the discount is too steep, and there isn’t a cap on the number of users accepted, a company may not recover from their generosity.

This tale makes for an excellent lesson in digital literacy and savvy shopping for teens and tweens just getting into online shopping – and maybe a remedial lesson for a few who have been shopping online for some time.

Just because a site offers a ‘deal’, doesn’t mean it is a good deal. Do your homework. Is the price really the best price? Is the offer from a company with a great reputation? Are you so excited by the ‘deal’ that you purchase something you don’t actually want? In cases, where you end up working directly with the company, do you end up giving more information to the company than they should have about you? Beyond the terms and conditions of their ‘offer’ do you know their terms and conditions for maintaining your privacy?

There is nothing wrong with using daily deal sites, in fact I’ve made several purchases from these sites myself. The problem comes if you assume that the offer is as good as the deal says it is. Take a few moments to check it out before you click that link. Because not all things that glitter are gold.


Internet Word of the Month – Hackerazzi

October 18, 2011

The rapid evolution of new internet related words is nearly as fast as the development of new technologies making it a struggle to keep up – even for dictionaries. To help you stay up to speed with this new techno-lingo, here’s our second word-of-the-month.

This month’s word? Hackerazzi…..

Have fun incorporating it into your lexicon!


Who has Primary Responsibility for Internet Safety, Security & Privacy?

October 18, 2011

If we could only figure out the answer to this question we could sue the irresponsible company, government entity, person, or standards body and get on with things – or not.

Unfortunately, the ugly truth is that we all share in the responsibility of protecting ourselves and others online – and like any project undertaken by committee things can get messed up.

There are five key stakeholder groups when it comes to protecting the internet: Industry companies & organizations; Governments & regulators; Law enforcement & oversight boards; Individuals & families; and Schools & other educational resources. Here is an overview of who should be responsible for which safety elements:

Government & regulators have primary responsibility to ensure internet services aren’t built without proper safety, security and privacy impact evaluations. Government is responsible to ensure clear regulations are in place and responsible for tightly monitoring products that impact consumers daily lives. It is the role of government to ensure these products are in compliance with baseline safety features, and this responsibility must extend to internet products and services; particularly since so many internet companies have demonstrated a failure to design, test and implement for safety, security and privacy.

Society has also tasked government with ensuring the dissemination of public service messages yet much of the current internet safety, security and privacy messaging fails to provide useful, actionable information. The result is that a high percentage of the population remains unaware of the safeguards they need to have in place to be safer online.

Government & regulators also have the primary responsibility of protecting consumer data. For most consumers, information posted and exposed by the federal, state, county and local government agencies represents your greatest risk of becoming a victim of identity theft.

There is a world of difference between requiring governments to be transparent in their actions – often called sunshine laws or freedom of information legislation – to guarantee access to data held by the government, and the wholesale exploitation of consumer’s information by posting birth, marriage, death, property, power of attorney, voter records, criminal records, and more online where individual criminals, would be stalkers, freaks or wholesale criminal organizations can leverage the data in a way that threatens the safety, security, privacy and financial stability of every man, woman and child in the country.

While I support “right-to-know” laws, these need to focus on government actions and stop at the door of private individuals.

Companies have primary responsibility when they provide consumers access to products or services that can hurdle them through cyberspace at warp speed, collect, trade, and sell consumer data. Unfortunately, feeding the bottom line wins out over protecting consumer interests in most cases and companies simply provide consumers access to services and urge them to go have fun; while make it nearly impossible to really understand the safety, privacy and security tradeoffs they’ve just made.

Companies have the primary responsibility to enforce their codes of conduct and ensure users have a reasonable level of safety and control over their data destiny. We hold amusement parks responsible for negligent conditions that allow injuries to occur, it is reasonable to apply the same standard to ‘virtual’ amusement parks. In their own online environments they must be the first line of consumer defense.

Companies have primary responsibility to post notices when a product is about to be expanded and to inform consumers about changes that will add new levels of safety and privacy. As companies rush to add great new features they too often cut corners. Being first with a feature, or a fast follower, requires tradeoffs and all too often the first thing cut and the last piece reluctantly added are safety, security and privacy elements that specifically help users manage their exposure.

Service providers will continue to innovate and this is good for everyone. However, consumers have the right to be informed about each new feature that affects their exposure to risk, and be able to determine whether the risk potential is appropriate for themselves and their families. Automatic ‘upgrades’ without notification can bear a strong resemblance to ‘bait and switch’. The Internet industry has for years promoted self-regulation of online tools & services, but they have largely failed to deliver adequate safeguards for consumers.

Here is a standard by which companies should be measured when considering whether they have stepped up to their responsibilities:

Consumer Internet Safety and Privacy Rights – A Standard for Respectful Companies

ALL Internet users have the expectation of a safe Internet experience, and respectful companies strive to provide quality safety and privacy options that are easily discovered and used by consumers.  Your safety and privacy, as well as the safety and privacy of your family on the Internet should be core elements of online product and service design.

In a nutshell, online consumers should demand these rights:

  1. Establishing safety and privacy settings should be an element in the registration, or activation of a specific feature’s, process.  This includes informing you in easily understood language about the potential consequences of your choices. This allows, and requires, you to make your own choices, rather than being pushed into hidden, default settings.
  2. During the registration or activation process, articles of the terms and conditions, and privacy policy, that might affect your privacy or safety, or that of a minor in your care, should be presented to you in easy to understand language, not in a long, complicated legal document in small font.
  3. You should expect complete, easily understood information and age appropriate recommendations about every safety and privacy feature in a product or service.
  4. You should expect to easily report abuse of the products or abuse through the products of you or someone in your care.
  5. You should expect a notice or alert if a significant safety or privacy risk is discovered in an online product or service you or someone in your care is using.
  6. The provider needs to publish on a regular basis statistics demonstrating how well the company enforces its policies.  Such statistics should include; the number and types of abuse reports, number of investigations conducted, and number and type of corrective actions taken by the provider.
  7. When services or products are upgraded, you have the right to be informed of new features or changes to existing features and their impact on your – or your child’s – safety or privacy in advance of the rollout.
  8. When the terms of use or privacy policy of any provider are about to change, you have the right to be informed in advance of the changes and their impact on your – or your child’s – safety and privacy.
  9. When a provider informs you of changes to their features, privacy policy, or terms and conditions, they should provide you with a clearly discoverable, way to either opt out, or block the change, or to terminate your account.
  10. When terminating an account, your provider should enable you to remove permanently and completely all of your personal information, posts, photos, and any other personal content you may have provided or uploaded, or that has been collected by the provider about you.

Law enforcement has primary responsibility to monitor society’s safety, prevent crime and bring to justice those who break the law. Yet, this is a tall order when adequate laws & regulations are missing to facilitate enforcement, adequate safety features weren’t built into the products to minimize the potential for exploitation, and there has been a critical failure to allocate the funding, training and resources law enforcement needs in order to provide the level of safety we expect.

Crime has always enjoyed better funding than law enforcement, but without assurances of basic safety the public will not be able to fully realize the tremendous opportunities the Internet has to offer – and criminals will run rampant.

Schools have primary responsibility for teaching youth and adults the tools and skills they need to be successful members of society. Mastering the Internet and the necessary safety security and privacy skills need to use the internet successfully are critical life skills. But, no one has taught teachers how to teach Internet safety, or provided a solid curriculum for classrooms. While on the one hand we seem flooded with ‘safety information’ there is a shortage of factual, practical, flexible and free information for consumers to take action on. To address this issue, the LOOKBOTHWAYS Foundation has created the NetSkills4Life curriculum. The first 4 lessons of the full K-12 interactive online and FREE curriculum is available to the public now, more lessons are being developed as quickly as possible.

Families have the primary responsibility of teaching their children how to become honest, ethical and capable adults. In today’s world that includes teaching our children to be honest, ethical and capable online. While this is a unique challenge that parents of previous generations have not had to master, it’s time to suck it up and learn how to pass these skills on to our children.

Technology advances and a parent’s job is to keep up. Did parents whine when cars were created and they had to teach their kids to drive and understand traffic safety? What about when phones were invented? Did parents throw up their arms and give up?   The internet has been a critical part of society for at least 10 years now so step up and learn; you don’t have to be a techspert (technical expert) to successfully help your children master the tools and responsibilities they need to be successful.

Parents have the responsibility to say YES to their children’s online activities. Far too many parents (and schools) take the kneejerk ‘no’ response route and this is perhaps the worst possible choice. Failing to allow youth to learn to use the internet sets them up to fail when they finally get out from under their parent’s reach.  Or it forces youth to sneak behind their parents back and use the internet without the support and guidance of a parent.

Instead, parents need to teach the skills and social responsibilities needed to use new online tools and when youth have demonstrated they have mastered both the skills and the responsibilities they need to be allowed to use the services that are appropriate for them. This also means that parents have the responsibility to respect the age restrictions placed on sites, and to teach their children to respect these age boundaries.

Individuals have the primary responsibility for their own safety and ethical use – certainly from the time they reach adulthood. Childhood is a transitional phase where children gain more responsibility as they show they can master situations. For example, while a 16 year old may not be ready to take full responsibility for their online security or privacy, they are ready to be held fully responsible for their online behavior towards others.

In spite of being able to identify the responsibilities of all these stakeholder groups, the internet has not become a safer place.

What’s missing? Commitment.  Each stakeholder group must become more committed and invest more in Internet safety, security, privacy, and in creating a positive online environment. Beyond that commitment each stakeholder group must deliver on three key action areas – providing education, creating a safer product, services and online environment infrastructure, and enforcing the safety, security, privacy, and respect of everyone online. This must happen in a far more coordinated method that is being employed today.

Integration of initiatives is complicated, but the level of collaboration required is not new. We’ve done it in other areas like road safety, drug safety, health issues, etc. it is past time that we put the same level of collaboration in place online.

Without synchronized efforts by all stakeholder groups the web of safety will continue to have gaps that far too many consumers of all ages will fall through.

Seen as a table, responsibilities look like this:


FTC Asked to Investigate Use of Supercookies

October 2, 2011

The House of Representatives bipartisan privacy caucus has asked the FTC to look into companies’ use of supercookies – which are like traditional tracking cookies on steroids.

A basic “cookie,” is a small file that websites install on consumers’ computers and other internet connected devices that allow the website or service to track the user’s online activities.  These cookies can be deleted by a user, effectively wiping out a website’s ability to track that user.

Supercookies on the other hand, are capable of re-creating users’ profiles even after people delete regular cookies, and these new tracking methods are almost impossible for computer users to detect, according to researchers at Stanford University and University of California at Berkeley and reported in the Wall Street Journal.

In a letter written by Reps. Ed Markey (D-Mass.) and Joe Barton (R-Tex.), the co-chairmen of the bipartisan privacy caucus, they state that the use of supercookies invades user privacy and may be a violation of the FTC’s unfair and deceptive acts guidelines.

Speaking on the subject, Barton said, “I think supercookies should be outlawed because their existence eats away at consumer choice and privacy.”

Among the companies researchers identified as having employed supercookies are MSN.com and Hulu.com; both companies have said they have since taken action to change their tracking.

It will be interesting to see how the FTC rules on supercookie technology implementations; we can only hope that consumer privacy comes out on top.


FTC: Trample Children’s Privacy, and You’ll Pay the Price

August 31, 2011

The FTC has levied a $50k fine against the developer of such children’s apps as Zombie Duck Hunt, Truth or Dare and Cootie Catcher, Emily’s Girl World, Emily’s Dress Up and Emily’s Runway High Fashion, for collecting information from children without first gaining parental consent.

W3 Innovations was charged with collecting and storing children’s email addresses and allowing children to post personal information on public message boards, a violation of the Children’s Online Privacy Protection Act (COPPA) which requires parental consent for data collection about or from a child under the age of 13.

The apps found in violation of COPPA laws were marketed towards children in the Apple App store where more than 50,000 downloads were made before the FTC discovered the company was encouraging children to independently enter personal data through the games according to an article on digitaltrends.com. Additionally, the Emily apps encouraged children to email comments to “Emily” on the Emily blog.

Jon Leibowitz, the chairman of the commission said in a statement, “The F.T.C.’s COPPA Rule requires parental notice and consent before collecting children’s personal information online, whether through a Web site or a mobile app. Companies must give parents the opportunity to make smart choices when it comes to their children’s sharing of information on smart phones.”

This marks the first mobile COPPA case the FTC has reviewed, and it is unlikely to be the last. While I wholly support the protection of children’s privacy and regulations around obtaining parental consent, the antiquated methods currently employed to gain this consent need some rethinking.

In an age of instant access, companies and parents must be able to exchange an information request and verifiable consent within moments or the experience for the child wanting to play a game is really poor.

Industry, it’s time to step up to better methods for authentication and approval, those who don’t will find their apps aren’t used.



Get every new post delivered to your Inbox.

Join 1,765 other followers