How to choose a VPN that will protect your privacy (Guest Post by IVPN) June 2, 2013
Posted by Chris Mark in Uncategorized.Tags: cybercrime, cybersecurity, data protection, data security, online privacy, privacy, VPN
add a comment
This article is written by Christopher Reynolds, head of business development at IVPN – a VPN service, and EFF member, dedicated to protecting users’ online privacy. I don’t often allow guest posts but Mr. Reynolds and IVPN have done a great job of providing valuable info. Certainly worth taking a look!
Online privacy is coming under increasing attack from governments around the world. Legislation such as CISPA in the US, the CCDP in the UK and Australia’s data retention proposals, have generated real worry among privacy-conscious internet users over our law enforcement’s desire to increase their powers of surveillance to unprecedented levels. This culture of fear is driving more and more people toward commercial Virtual Private Networks (VPNs), which promise to protect user data and offer online anonymity. But choosing a VPN that actually protects privacy is not straightforward. In this blog post I will go over the key issues you must consider before signing up to any VPN service.
Data retention
The biggest issue when it comes to using a VPN in order to protect your privacy is data retention. Government surveillance is primarily facilitated by the data retention policies of your ISP. In Europe your ISP’s data retention policy is mandated by the EU Data Retention Directive, which forces all European ISPs to retain users’ personal information for between 6 months and 2 years after the user leaves the ISP’s service. This data includes web logs, which essentially means a record of every website you’ve visited and the times you visited them. The data your ISP holds won’t typically contain email logs – despite popular perception- unless you use your ISPs own email service. But it will include which third party email services you use and when you’ve used them. (more…)
With Privacy the Sum May Be Greater than the Parts February 17, 2012
Posted by Chris Mark in InfoSec & Privacy, Risk & Risk Management.Tags: Chris Mark, data protection, mark consulting group, markconsultinggroup.com, privacy, Target
add a comment
Information Security can be described as the protection of data while privacy is defined as the appropriate use of data. Volumes of data is collected on all of us every day. Some of the data we voluntarily provide in exchange for additional benefits and services (airline mile programs, loyalty shopper programs, for example). Other data we unknowingly provide such as shopping history. Regardless, we expect the custodians of the data to use it appropriately and maintain privacy. Unfortunately, sometimes company’s pursuit of profits causes them to walk a very fine line as far as privacy is concerned. The following is an example of where a company arguably violated the tenets of privacy while possibly not violating any laws.
According to a story reported recently, Target figured out a teenage girl was pregnant from her shopping history and inadvertently told her family. The end result is that 1) Target knew (statistically they are right 90% of the time), and 2) Target, by sending pregnancy related coupons to the girl, informed her family that she was pregnant, without her knowledge or consent. Here is how it happened. (more…)
Global Security, Privacy, & Risk Management 