jump to navigation

“A Victory?…for Democracy?”…Muslim Brotherhood Wins Egyption Presidency June 17, 2012

Posted by Chris Mark in News, terrorism.
Tags: , , , , , , ,
5 comments

It was just announced that the Muslim Brotherhood’s Mohammad Morsi was leading and expected to win the Egyption presidency in the first election since the removal of Hasni Mubarak from the Egyptian presidency.  Egypt was one of the countries that revolted in the Arab Spring of 2012.  Interestingly, Mr. Morsi is being elected in a democratic election.  What is the significance?  Many in the US have labored under the belief that if given the choice ALL people would choose a government similar to the US.  In 2003, at the National Endowment of Democracy, President George Bush said:

“This freedom deficit … has terrible consequences for people in the Middle East and for the world. In many Middle Eastern countries, poverty is deep and it is spreading. Women lack rights and are denied schooling, whole economies remains stagnant while the world moves ahead,” Bush said.   (more…)

Social Media as a Privacy Tool? June 14, 2012

Posted by Heather Mark in privacy.
Tags: , , , , ,
add a comment

As one that closely follows the intersection of privacy and technology I read with great interest a paper released by Google entitled “Vanity or Privacy? Social Media as a Facilitator of Privacy and Trust.”  The paper is to be presented at the  2012 ACM Conference on Computer Supported Cooperative Work.  The paper is relatively short and presented as though it was undertaken in the nature of academic research.  I doubt I need to replay for the reader Google’s recent privacy issues and its recent changes to the company’s privacy policy.  With that in mind, it is difficult to read the short paper as anything other than a justification for these recent changes.   Unfortunately for Google, the paper is patently one-sided and the premises themselves are flawed, to put it mildly. It should be noted that the authors of the paper do include the following caveat: “While these examples offer no judgment on whether social media is good for privacy in any absolute sense, they do support our contention that it is possible to design social media systems that are engaging and supportive of privacy and trust.”

Before I delve into the paper itself, it is important to provide some baseline definitions for privacy and trust, particularly with respect to the online environment.  Privacy has traditionally been defined as the right to be let alone.   (more…)

Of Payments, Privacy and Social Networks June 13, 2012

Posted by Heather Mark in Industry News, InfoSec & Privacy.
Tags: , , , , , ,
add a comment

By now, many of you have probably heard about the smartphone app creatively and aptly named “Girls Around Me.” For those that have not heard, it is essentially an application that aggregates the “check in” location data of women using Facebook, foursquare, and other social, location based services.  It then displays for the user the locations and names of “girls around” him (or her, I don’t think the app discriminates).  The app promises to “turn your town into a dating paradise.”  For privacy professionals, the app sparks an interesting debate.  Is privacy infringed if the person in question volunteers the information.  On one side of the argument are those that would say “no – if the user has volunteered information then privacy is not compromised by the application.”  The converse of that argument, however, is one that centers on a definition of privacy that hinges on the appropriate use of information.  If the user did not volunteer the information in an effort to join this “dating paradise” then privacy is certainly infringed.  Certainly, one can see that the application in the wrong hands has the potential for misuse.  But, what if we use the information for good, rather than evil? (more…)

“One Adam Twelve, One Adam Twelve…”: Security Theater & Doggies Doo June 11, 2012

Posted by Chris Mark in security theater.
Tags: , , , , ,
add a comment

Chris’ Dog BO

Today on Yahoo News Canada is a story in which it is claimed that Jerusalem such a problem with dog poop that they are enacting a program in which they will match offending doggy doo against a master DNA database.   According to a statement from the Jerusalem municipality: “The municipality pilot project calls for establishment of a database of dog DNA to allow us to reduce the soiling of pavements, parks and public spaces,”  In short, the city plans on DNA profiling 70-80% of the 11,000 dogs that live in Jerusalem and then, if there is a “pile” of DNA on the sidewalk, someone will pick it up, send to a lab, test it, and then the owner of the offending pooch will be fined $193.  This plan is so ridiculous that it does not merit much discussion but…for the sake of this blog let me use an example from a previous post. (more…)

Collective Security & the Payment System June 11, 2012

Posted by Heather Mark in Laws and Leglslation, PCI DSS, Politics.
Tags: , , , , , , , ,
1 comment so far

I recently attended an event focused on payment security and fraud prevention.  It was an outstanding event and the presentations and panels were incredibly valuable – not something that I frequently say about payment security events these days.  However, one term came up a couple of times that got me thinking.  That term was “collective security.”  As many of you know, I have a background in public policy and my dissertation was, in fact, on US foreign policy and our strategic interests abroad, so the mention of collective security set off my poli sci radar.  But I wondered if collective security was really an appropriate phrase for what we’re doing in the payments industry.  To address that question, it is necessary to first define collective security in its traditional sense.

Collective security was first formally introduced by the Peace of Westphalia in 1648, a series of treaties that put an end to a number of wars that had been plaguing Europe.    Very simply put, collective security is an arrangement in which all stakeholders agree that their security depends upon the security of each of the other stakeholders.  (more…)