Home Your Tech Mobility Mobile computing security 'worse than the wild, wild west', says FTC
Mobile computing security 'worse than the wild, wild west', says FTC Featured

According to the US Federal Trade Commission’s (FTC) Bureau of Consumer Protection business, regardless of size has a legal responsibility to properly disclose what information it collects then to secure it and finally dispose of sensitive consumer and employee information.

In a case against Compete, a web analysis company that uses web tracking software (Compete Toolbar) to collect personal data without disclosing the extent of what it collects the FTC has ordered that in future the company must obtain consumers express consent. The company captured: usernames and passwords; searches conducted; credit card and financial account information, security codes and expiry dates; social security number and more.

In another recent case the FTC found seven “rent to own” firms using DesignerWare software spied on their renters by using so called “location tracking software” that captured screen shots, key stroke logging and activated and took web can pictures of users all without notice or consent. The software also contained a “kill switch” that could be used to disable the computer if payments were late.

Even Google got caught in September 2012 and had to pay a record setting penalty of $22.5M to the FTC over circumventing Apple’s Safari browser (iPad, iPhone and Mac) by placing cookies which delivered targeted advertisements to users. “No matter how big or small all companies must abide by FTC orders… and keep their privacy promises…” See iTwire story

So serious is the FTC that they have just fined developers of Path, a social networking app US$800,000 for collecting personal information from children without parental consent by interrogating users mobile address books. FTC has a special US Children’s Online Privacy Protection Act (COPA) that helps to protect children under 13 years.

The FTC is now looking at privacy issues for mobile apps (smartphones and tablets). The issue has only started since smart mobile computing devices have virtually dominated phone sales. See iTWire story

Staff have prepared a string of recommendations titled “Building Trust Through Transparency” which if implemented would ensure that smart phones include a “do not track” feature. The majority of recommendations are about informing the consumer what information is collected to allow them to make an informed decision – do you care if location data is collected to give you a list of local restaurants?

Implementing the FTC policy won’t be easy. At the top end it will require mobile phone OS makers (Apple, Google, Microsoft and Blackberry) to secure the system API’s against data leaks from geolocation, contact lists, calendar information and photos etc. API’s will need to inform the user if an App is trying to access such data. A great suggestion was that the OS makers develop a dashboard system that analyses what Apps access and to provide a “one button” do not track facility.

At the next tier the App developers, advertising networks and analytics companies will most likely lose access to the data that has made them a lot of money. Recommendations included having a plain simple disclosure policy – what is collected and what it is used for. Apps would also be required to alert the user and obtain “just in time” consent before use.

Even ISP’s and Telco’s will be drawn into the web needing to ensure compliance.

WEBINAR 26/27th May

Thinking of deploying Business Intelligence (BI)? So are your competitors.

And the most important, fundamental, tool for delivering your BI information to your users? Dashboards.

THIS IS ONE NOT TO MISS SO REGISTER NOW

DON'T MISS OUT - REGISTER NOW!

FREE WHITEPAPER - RISKS OF MOVING DATABASES TO VMWARE

VMware changed the rules about the server resources required to keep a database responding

It's now more difficult for DBAs to see interaction between the database and server resources

This whitepaper highlights the key differences between performance management between physical and virtual servers, and maps out the five most common trouble spots when moving production databases to VMware

1. Innacurate metrics
2. Dynamic resource allocation
3. No control over Host Resources
4. Limited DBA visibility
5. Mutual ignorance

Don't move your database to VMware before learning about these potential risks, download this FREE Whitepaper now!

DOWNLOAD!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Connect

 

 

 

 

Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities