One of the best things about my job is that I'm paid to give you my opinion about recent news, and occasionally dig in to something deeper to help you as a reader better understand how that news impacts your privacy. This past month has seen a flurry of activity on the subject, too. Some stories make me celebrate, while others just make me shake my head in amazement.
With more and more battling in Washington D.C. (and around the country) over various privacy issues, I wanted to take a few minutes and simply take a high-level fly by at the months' headlines, and share my thoughts with you about the bigger picture. You might find it disturbing, you might find it enlightening, but in the end I believe you will be better informed. And that's really all I can offer in an article or blog.
I have to give it to the FTC, they have a lot of ground to cover, and they really do a remarkable job, given the task before them. But the recent "sting" operation on data brokers was really just a drop in the bucket, compared to what we give away in social media without a second thought.
So when I learned what happens when you click the "Like" button on Facebook I have to admit it was a real eye opener. And while I may be better informed than many people about the nature of scams, I am pretty sure most of us would fall short of the legal standards set up for companies when we "Like" or "Share" something online.
I'm just going to keep it real here - when I started researching this article it had less to do with privacy as a whole, and more to do with a proposed law in California intended to protect citizens from snooping drones. As I got deeper into the material, though, a dark question began to form in my mind - what, precisely, is really private these days?
The sobering fact is that our evolving society has forced us to redefine how we think of privacy, and there is very little we can continue to classify as "private" in our daily lives.
I had thought that skimming as a means of identity theft was already taken care of. I hadn't heard about an instance of it for several months now - then I opened up my newsfeeds to check on the pulse in the identity theft world. Boy, was I wrong!
Stopping skimmers should be pretty straight-forward: make sure your ATM machine is on a video camera, and keep your gas pumps internal circuitry locked up. But this doesn't seem to be happening yet. I would have figured that companies wanting to protect their customers would have taken these measures when the problem first crept up.
Unfortunately, that isn't the case, and skimmers are still not only active throughout the US, it would seem they are getting even more clever.
Occasionally I have to take a moment to just vent my opinions about the state of privacy laws, practices, and identity theft. The high-tech approach being taken by law enforcement agencies that is geared toward finding terrorists seems to be bringing in far more information about the average person, though. Whether there are laws on the books that have to be wiggled around, or there are simply no laws covering the specific technology yet, law enforcement agencies are moving forward with implementing technologies that are increasingly invasive with regards to our private lives.
The 2012 Consumer Sentinel Network Identity Theft report shows a surprisingly quick growth in financial frauds committed against the government. A good deal of these are probably related to fraudulent tax returns being filed by identity thieves, which has been a growing concern for the past several years, but the category includes things like driver's license fraud as well.
And unfortunately, I'm not aware of any identity theft protection program that would cover a government agency. This presents a whole new problem to contend with.
CNet News rolled over my feed the other day with a story about how the IRS doesn't need warrants to grab your email, I had to check twice to make sure I wasn't reading The Onion again.
The story is apparently true. It's not clear whether bills that are already in consideration will change that, either.
So not only is it a good idea to keep financial communications out of your email for identity theft reasons, but also if you expect to have any privacy with the government.
EPIC often brings things to my attention that I may have missed. The FBI's Next Generation Identification system fits nicely in that category.
NGI is exactly what the name implies, an exponential growth from the IAFIS (Integrated Automated Fingerprint Identification System) covering way more than just fingerprints. NGI looks to aggregate photos, digital information, criminal histories, warrants, various biometric identifiers, even DNA information all in one database. It's easy to make the argument that CISPA isn't even relevant legislation, because NGI is already being built and its program expanded.
When I read about the New York gun confiscation I was mildly interested at first. As a veteran I'm not sure it's possible to "not care" about how the Constitution is treated. But when I learned that it seemed HIPAA-protected information was being used, my interest went way up.
Official stories on the incident are varied, and there seems to be confusion in the media about whether this was a deliberate abuse of authority, a zealous enforcement of New York's new SAFE Act, or a simple administrative mix up. The case will carry on for a while, to be sure, but the initial news seems pretty dismal.
Being an identity theft expert can expose you to some of the worst sides of humanity, and it can get pretty gritty. So I'm always glad to see something like SNOPA come across the newsfeeds.
The bill is geared to stop the unethical business of forcing employees, applicants, and students to provide access to their Facebook page (or YouTube, or MySpace, or what-have-you.) The bill passed the House of Representatives last year, but died in the Senate. This year SNOPA comes back, insisting that the government do something about protecting our online privacy.