Have you ever Binged or Googled for your own name, address or phone number? It’s good to do it now and then, and the result may be shocking. You don’t have to be a celebrity to be mentioned on the net. Most of us occur on the net in quite many places, often a lot more than we imagine.
You can decide how much you reveal to the public in the profiles of your own accounts. But that’s not the full picture. Every time you participate in something under your own name, it may be published on the net, with or without your consent. This kind of publicity is hard to track, and next to impossible to control.
This is what the European court of justice (ECJ) tried to control in a ruling in May 2014. In short, a man from Spain found previously published data to be embarrassing and outdated. The site refused to take down the data and Spanish authorities ruled that there was no legal ground to demand deletion of the lawfully published content. The European court did however rule in favor of him and demanded Google to hide these pages in search results. According to the court, Google has to delete “inadequate, irrelevant or no longer relevant” data from search results.
I’m an advocate of digital privacy and our rights to control our digital footprint. And this is sort of a win for privacy-fighters. But I have mixed feelings about this decision and will not open any sparkling bottles. I think the track that ECJ has entered will turn out to be a dead end.
First of all, trying to create ways to control net content is good. We are dealing with a delicate balance between freedom of speech and peoples’ right to privacy. But most of us probably agree that a net totally without content control isn’t desirable.
But trying to solve this problem with the search engine companies is like creating a giant reality distortion field. The data does not go anywhere even if it’s hidden in Google searches. As a matter of fact, all you have to do is to use a non-European version of Google. And that’s not all. Google is even planning to inform users that items have been hidden from the search result they are viewing. Convenient with a reminder that you should search again with the US version, isn’t it?
Search engines are of great importance for what pages we find and read. But many are probably overestimating this importance now when social media is getting more popular. Nowadays we do not only find our stuff by searching, a significant part is virally spreading links. These links also bypass the reality distortion field totally.
The right to be forgotten is a great principle. But I think it should be restricted to the actual content and not services that help you find it. What we need is a globally working system for content take-down requests. These requests need to be approved by some kind of authority and the system must have built-in safeguards against misuse for censorship. Yes, keep in mind the delicate balance between freedom of speech and privacy. The neutrality of search engines should at the same time be controlled and guaranteed. If something is wrong, let’s fix reality instead of creating a reality distortion field.
Congratulations anyway to Mario Costeja González who won the case against Google. That’s an achievement even if the outcome is questionable. And the funny thing is naturally that you would have no clue who Mario Costeja González is, and that his house had to be sold to pay debts, without this thing called right to be forgotten.
BTW, if your search turned up something you don’t like and you are a European citizen, then you can continue to Googles removal process. We don’t know yet how this will work when the masses start to request removals. The process will probably be an uphill battle, so don’t hold your breath. It will be interesting to see how this develops.
Image by stockimages @ freedigitalphotos.net
European Cyber Security Month (or National Cyber Security Awareness Month as it’s known in the US) is just around the corner. And considering the recent disclosure of Yahoo’s massive data breach, it seems like a good time for companies to give some consideration to their cyber security policies. One person glad to see it arrive is F-Secure Cyber Security Advisor Erka Koivunen. Erka, who’s advised people, companies, and even governments on how to protect themselves from online threats for years, wants to let people know that security is more than relying on the latest technologies or devices for protection. It’s just as much about processes and practices as it is about technology. That’s why Erka is participating in an “Ask me Anything” session on Reddit called “How to Create a Culture of Security.” Erka will answer your questions about what you, your colleagues, and your boss need to know about being hacked. Plus, Erka will be joined by Cosmin Ciobanu from the European Union Agency for Network and Information Security (better known as ENISA, the organized of European Cyber Security Month) to provide some additional insights on how to improve security in workplaces around Europe. This will be Erka’s second AMA, having previously fielded a range of questions about online privacy in an AMA conducted last Data Privacy Day. The AMA session will kick-off at 8 AM EST/3 PM EET on October 4th. We’ll update this blog post with the link as soon as it’s available, so check back here so you don’t miss out.
Protecting yourself on the internet used to be a lot simpler -- mostly because you weren't always on the internet. Now we can be online from when we wake up until when we go to sleep. We seamlessly shift from chatting to shopping to banking -- rarely sticking to one device or platform for too long. Most of us aren't just a Mac or PC or an Android anymore -- we're all of the above. “I, and I think most people, have a cross-platform household – I use several different devices with different operating systems on a daily basis," F-Secure security advisor Sean Sullivan explains. The old paradigm of just protecting your PC or your phone can leave your devices exposed to threats. And even the best security software in the world won't protect your public Wi-Fi connection from being snooped on, possibly exposing your most private details, including passwords. That's why we've launched F-Secure total security and privacy, which combines F-Secure SAFE and F-Secure Freedome. F-Secure SAFE is a multi-device internet security suite that protects all your devices. Freedome is a VPN offers a simple way to encrypt your communications over public Wi-Fi and change your virtual location to access geo-blocked sites and services while blocking malicious websites and online tracking. You can still purchase F-Secure SAFE and Freedome separately. And there have been recent improvements to both, including: Silent upgrades that ensure SAFE is automatically updated Parental controls now available on all supported SAFE platforms Ability to create Freedome Wi-Fi hotspots with Android devices while VPN is turned on "Buying separate products to protect iOS, Windows, Macs and whatever else isn’t just expensive, but it means you have to get used to different pieces of software designed to do the same thing," Sean explains. F-Secure total security and privacy is now available for a free trial here. If you're a current SAFE customer, you can't upgrade to total security and privacy but you should receive a discount offer for Freedome. "Bundling protective measures into packages to run on different devices is more economical and more user friendly, both of which are good for security.” Cheers, Sandra [Image by Hans Kylberg | Flickr]
Reports that half a billion Yahoo accounts were hacked in 2014 "by a state-sponsored actor" were confirmed today by the tech giant. This hack of "names, email addresses, telephone numbers, birth dates, encrypted passwords and, in some cases, security questions" is the largest in the company's history and one of the most consequential breaches of all time. Our security advisor Sean Sullivan told CNN what Yahoo users need to know right now: [youtube https://www.youtube.com/watch?v=kO-70yKF4bE] He also gave a longer interview to Data Breach Today about the wider implications of the hack. The most important takeaway from this attack is you should always use an extra layer of protection -- in this case Yahoo's two-factor authentication on all your accounts -- and never reuse any important password. Even though Yahoo's passwords stored your passwords with encryption, it's still possible for criminals to get access to them, especially if they are weak. A former Yahoo employee told Reuters that the answers to security questions were deliberately left unencrypted to help catch fake accounts more easily because fake accounts that used the same answers over and over. Sean always uses nonsense answers for so-called security questions so they aren't guessable by anyone who knows him or follows him on social media. He recommends you do the same. So what should you do now? Sean recommends you "walk, not run" to your Yahoo account to disable your security questions and change your password -- and change them on any other site where you've used them to something unique. Make sure you create non-human passwords -- not patterns like yahoo1985. Make them long and difficult to remember. If they're between 20 and 32 characters, they are nearly uncrackable, as our senior researcher Jarno Niemelä recommends. And to deal with all that complexity, use a password manager like our F-Secure KEY, which is free on one device. You can also store your nonsense answers to your security questions in there. Then turn on two-factor authentication, if you haven't already. If you're wondering who might have carried out such a massive attack, Sean does have a hypothesis. [Image by Christian Barmala | Flickr]