Vivre entre les lignes
À partir de faits d’actualité ou de la vie quotidienne, ce carnet explore comment des informations, des programmes et des machines organisent nos relations avec les autres êtres humains, les organisations et même la société tout entière. Car, par-delà la compréhension de la société de l’information dans laquelle nous évoluons, il nous faut apprendre à y vivre et à en influencer démocratiquement les développements.
In brief: Sectors of education, government, health care and financial services are the most affected
During the years 2005, 2006 and 2007, there would have been in the United States and Canada more than 976 losses or thefts of personal data affecting over 313 million records. This finding results from an analysis of statistics published (in French, a short press release available in English) in June 2009 by Benoît Dupont, who holds the Canada Research Chair in Security, Identity and Technology, and Benoît Gagnon, a lecturer at the School of Criminology, both of University of Montreal. The actual numbers are probably much higher, particularly for Canada, where, unlike in the United States, there is no legal requirement for organizations to disclose incidents. “The most publicized in recent months has undoubtedly been the TJX case. This company, which owns in Canada the Winners and HomeSense brands, was stolen the credit card numbers of 94 million North American and UK customers in 2006.” More than half of these incidents results from either to stolen hardware (e.g. laptops), or of the negligence of employees (e.g. human error in setting up a system). Computer hacking is involved in only 22.7% of incidents.
No sector of activities is spared. However, those of education (29.0%), government (17.1%), health (15.6%) and financial institutions (15.6%) are the four main sources of reported incidents. The authors are particularly concerned about the health care sector which is currently investing in the implementation of electronic health records “without having actually communicated to the public the risks associated with this computerization process and the means to ensure the security of the medical and personal information of patients. It is therefore imperative that the discourse of public organizations be reviewed, in order to properly inform citizens about the implications of the growing digitization of government records. While many organizations promote the full computerization of their activities by invoking both the criteria of efficiency and security, we must admit that the second argument is undermined when confronted to reality. “What the authors do not emphasize, moreover, is that the financial and health sectors have identical bad scores while in the first is the most comprehensively computerized and the second the least!
Individuals about whom the compromised files were mainly:
- users of public services (35.1%),
- employees of organisations (22.8%), and
- customers of businesses (20.9%).
Unfortunately, the study gives no indication of the type of impacts on people that these incidents had. Indeed, this is not the same thing if files have simply been lost without any significant sequel or whether identity thefts has plunged individuals in a Kafkaesque hell that disrupted their life for weeks. This is clearly a weakness of this type of research which “aims to measure the amount of personal information compromises (…) to understand what were the key vulnerabilities to which organizations were exposed.” Individuals’ vulnerabilities and life experiences remain in the shadows. One also notes that the jargon of the field talks about information security and personal data protection rather than about security and protection of human beings.
Laisser un commentaire
Catégories : Brèves, Observations
Mots clés: Canada, Éducation, Financial Services, Health Care, Personal information, Security, USA
In the Wake of the Inquiry by the Privacy Commissioner of Canada
Extension in writing of a radio column aired on July 23, 2009 on the Citoyen Numérique on 101.5 Radio Montreal.
Notion addressed: Information (including personal information) and information technology play increasing roles in the lives of individuals, groups and societies
Facebook has had its share of controversies about:
- its attempts to become perpetual owner of the personal information put online by its users;
- the sale of this information to commercial enterprises;
- the use of such information to produce targeted advertising;
- the inability of users to delete the information they put online, even after having closed their page and their Facebook account.
On 16 July 2009, the Privacy Commissioner of Canada released a report of findings of an investigation following a complaint filed by the Public Interest Clinic and the Canadian Internet Policy ( CIPPIC) against Facebook Inc. under to theLaw on the Protection of Personal Information and Electronic Documents Act. The report itself is bulky. It makes the equivalent of about 150 pages. This reflects the complicated and ramified nature of Facebook which is more than a web site, but a real informational ecosystem involving hundreds of thousands of partners, most of them commercial. Many have already summarized or commented the conclusions of this report on the handling by Facebook and its partners of the users’ personal information.
By contrast, there has been much less discussion about those who conduct the bulk of the production and communication of personal information on Facebook. This is not Facebook. Nor Facebook’s business partners. In fact, the bulk of handling of personal information is done by Facebook’s users themselves.
The Privacy Commissioner of Canada has deliberately chosen not to deal with the users’ handling in the report. Then again, users of social networking sites (i.e. probably you who read this) are also subjected to legal obligations similar to those of corporations operating the social networks as well as their partners. A reality we must be reminded of. Lire la suite »
Laisser un commentaire
Catégories : Chroniques radio, Observations
Mots clés: Facebook, Information: source of conflicts, Personal information, Privacy Commissioner of Canada
In Brief: About the “dagan”, a record controlled by Chinese government officials
This New York Times story tragically shows how much one’s whole life could depend on a single personal file. High school files of successful poor students are proven money-makers for some corrupt state workers. They could sell these up to the of equivalent $7,000 US to rich dunces who will then steal the person’s identity and good grades to access higher education or good jobs. They thus leave their victims with no future as the dagan is indispensable and is practically impossible to restore once destroyed, lost or stolen.
Laisser un commentaire
Catégories : Brèves, Observations
Mots clés: China, Identity Theft, Information: strategic resource, Personal information
About one obstacle to thinking about our relationships through information
Notion addressed: Information (including personal information) and information technology play multiple growing roles in every aspect of the lives of individuals, groups and societies.
I was planning to write my own reading of the inquiry and recommendations of the Privacy Commissioner of Canada on the management of personal information by Facebook. However, I too often stumbled on the words “privacy” in the documentation of the Commissioner and articles from the media and other commentators. Too often not to publish beforehand this cautionary piece.
Early in my work, I became cautious with the use of the term “privacy“. It has so many different meanings that it becomes a genuine barrier to communication. More importantly, its use has become customary whenever it comes to discussing personal information handling. So much so that it now constitutes a real obstacle to the exercise of thinking specific usages and their social roles and implications. As a result, we also observe technical, social, economical and commercial failures. Lire la suite »
Laisser un commentaire
Catégories : Observations, À propos de VELL
Mots clés: "Privacy", Facebook, Information: multiple roles, Personal information, Privacy Commissioner of Canada, Social Assessment
In Brief: When commercial enterprises go in court on the question of who owns the information of users of social sites
Power.com is a website that allows people who use multiple social sites (Twitter, Myspace, LinkedIn and others) to manage all their communications from a single location. Facebook had filed a lawsuit against Power.com for copyright violation, unfair competition and illegal access to its website, by asking its subscribers their user name and password. This latter practice, Facebook claims, violates the privacy and security of subscribers.
Vs. 
Power now has filed a countersuit arguing, inter alia, that Facebook unduly restricts subscribers’ access to their personal information items when it prevents them from using it as they want (including through the tool offered by Power, of course). Moreover, Power.com proclaims the absolute right of the internet users on its own content, including personal profiles, messages, media, and other contact information as well as the right to access, disseminate, transfer or aggregate such content on any platform, or authorize third parties to do it for them (and such third party could be Power, just as obviously).
In short, dear reader, two commercial companies are preparing to fight in the judicial arena, each as champion for our fundamental rights of cybercitizens.
Questions: Who authorized such third parties to defend our rights on our behalf?
Since, apparently, this is about our rights, will the judge ask our opinion about it? Or in other words, who represent us, the users courted for our patronage and our personal information?
What will happen to our rights if our two champions decide to a settlement, away from the judge’s scrutiny, or even to a confidential agreement away from our own knowledge?
A story to follow…
Sources: The Washington Post, Justice News Flash.com
Laisser un commentaire
Catégories : Brèves, Débats
Mots clés: Control over information, Facebook, Information: source of conflicts, Personal information, Power.com
Of the word “anonymous” and of the poorly understood notions of appellative and identifiability in the wake of the disclosure of one blogger’s identity.
Notion addressed: The identifiability of a person described by a set of information does not necessarily result from the use of identifiers or not.
Here is a commonplace Web news story:
“Noisette Sociale (Social Hazelnut) has blogged under a pseudonym for two years. (…) In the middle of a conflict between bloggers, the real identity of Noisette Sociale was unveiled by way of an anonymous commentary.
“I did not play a character. I did not invent anything. I wrote without taboo. I was telling a lot about me without protect myself. I was very naive. I lost big in this.”
(…) Noisette Sociale took the decision to close her blog” because of concerns about “the possible consequences of such disclosure on her life and her close ones.”
Observably, the incident was echoed through the blogosphere. What caught my attention was the use of the word “anonymous” by several. Some examples:
“I wonder what to think of someone who blogs anonymously, than is closing her blog because she was recognized.”
However, this statement does not apply to Noisette Sociale who clearly knew she used a pseudonym.
“Can we really expect to remain anonymous? It seems incredible to have thought so.”
Indeed. However, how many commentators and journalists still speak of how Internet permits anonymity?
In fact, the very word “anonymous” is a source of confusion. For bloggers and other cybercitizens - and even experts - it would be useful to clarify, both the word and the reality. Lire la suite »
Laisser un commentaire
Catégories : Observations
Mots clés: Anonymity, Identification, Internet, Personal information
