Marketwire recently published the Top 10 Privacy Issues Predictions for 2011. This list came from Proofpoint, one of many companies specializing in protecting private data. As one might expect, their predictions focus on data protection, and at the top of their list were social media and mobile GPS location information, but breach notification laws and various solutions to business identity theft figure prominently, as well.
Mobile GPS location information latest threat. Proofpoint believes our real time location information from our mobile GPS will become an area of serious concern for retailers and consumers unlike. Some protection technologies already use this information. This seems a logical step.
A national breach notification law. There are currently 46 states that have some sort of breach notification law either passed or before lawmaking bodies. Proofpoint it feels a national breach notification law is "imminent."
Social media comes into play. Social media, like Facebook and MySpace. Proofpoint expects to see "blended attacks" on the rise, moving from e-mail to Facebook or SMS in efforts to get more information. Proofpoint says nearly ¼ of all online time is spent social networking. They are also predicting at least one massive breach of a social media site.
A Note on Social Networking
Social networking appeals to identity thieves because it takes advantage of our natural inclination to be nice. When a friend sends me pictures, I usually look at them. We all do, that’s why they are our friends. And when they recommend we look at a link, we will usually do that, too. There are email harvesters that capitalize on this fact, and even your guide has been hit.
A particularly nasty e-mail harvester going around this year points to "pharmamed.php" – I have received this a couple of times, and I actually closed my yahoo account because it was compromised, with apologies to all my friends for the inconvenience. Clicking on the link snags e-mail lists from your contacts file quite effectively, and emails a copy of itself to a few of your friends. Since they know you, they usually open it, and the process happens over and over again. Just like a virus.* (I run solid antivirus protection on my computer, and it didn't even raise a flag.)
But that web page is not just making a nuisance of itself, it’s collecting all of our e-mail addresses for new identity theft campaigns. Look for reports of "phishing attacks" to increase the through 2011 and beyond.
Proofpoint also predicts stricter data regulation world wide, and the first fines from the Massachusetts Privacy Law (passed in March 2010).
In response to all this, Proofpoint says that companies will adopt an environment more tolerant of social media, because they will be creating policies about acceptable use and using more secure technologies, technologies like data encryption, which helps protect them from the breach notification laws we mentioned earlier.
Overall, it would be nice to see our government taking a more active interest in identity theft. It may not be the root of all social ills, but it is definitely correctible. For starters, how about a universal means of identification, hopefully keyed to our biometrics.
UPDATE: The information below was published with the original article, however the "Information Technologies Development Institute" page, published in Lithuanian, no longer functions in Google tranlation
.*WHOIS information on the domain (exit.lt) says it’s registered to Information Technologies Development Institute (also known as ITPI.) The institute claims IT research, development and education.
