Yahoo Cuts How Long They Retain User Information

For years privacy advocates and the search engines have been waging a war between user's privacy rights and the search engines' right to run a profitable business. While the service that search engines provide is free to users, providing that service is far from free for the company that owns the search engine. All those free services are paid for through advertising. The more accurately target the audience that sees the ad the better the return on investment for the advertiser and the search engine. To that end search engines retain all types of information about the people who use their services. This information according to the search engines is anonymized, meaning that any personally identifying information is removed and your queries can't be tracked back to you personally. I personally have my reservations with that statement since digital information seems to persist even after you supposedly get rid of it. Also the major search providers also provide email services, which means that you might be logged in when you run a search (even if you didn't sign in manually).
While I must admit that collecting demographic information can add to the usefulness of a service as well as profitability to the search provider, many privacy advocates and groups are very concerned with the types of information collected, storage methods, privacy safeguards, and length of time that the information is kept. In answer to at least one of these concerns Yahoo has lessened the amount of time it holds onto user information to 3 months from 13. Currently Microsoft stores data for six months while the giant of search engines Google retains your information for 9 months. Since logic dictates that the longer your information is online the more opportunities criminals and unscrupulous organizations will have to pilfer your private data, let's hope the other search engines soon follow suit, in fact let's hope that they reduce retention time even more. The bottom line though is that aside from complaining to the companies that store your data the only data you really have control over is what is on your local machine and what information you willingly supply by using an online service. Until such time as search engine reduce the amount of time your information is retained your choices are limited to:

1. Keep your cache empty
2. Anonymize your browsing by using a proxy server
   
3. Don't log in to your email account during the same session as any searches that you wish to keep anonymous
4. Don't use the search engine owned by the same company as your email provider
5. Opt out of targetd advertising if available
   
6. Email your favorite search engine provider with your privacy concerns
7. Support one or more of the privacy watchdog groups that exist to protect your privacy
   

Unfortunately not using search engines is just not an option and in order for search engines to remain free they must continue to be funded through advertising. Our best weapons are awarenes and standing up to protect your privacy and freedom. Speak up and be heard!

BBC News - Yahoo throws down data gauntlet
Privacy International - http://pi.gn.apc.org/
Yahoo Privacy Policy - http://info.yahoo.com/privacy/us/yahoo/details.html
Google Privacy - http://www.google.com/privacy.html
MSN Privacy - http://privacy2.msn.com/en-my/fullnotice.aspx
Check out this interesting article at Google Watch - http://www.google-watch.org/bigbro.html

Run a Background Check – On Yourself

Every time you search a telephone number online you get pitched an ad to run a background check on the person you are searching for. Prices for these services can range anywhere from $4.95 to $49.95. What everyone doesn’t know is that you can get a background check on yourself…FOR FREE. Due to the F.A.C.T Act (Fair and Accurate Credit Transactions Act), the same federal law that requires the 3 major credit reporting agencies to provide a free credit report each year also covers other specialty consumer reporting agencies such as ChoicePoint. Not every type of report is subject to the F.A.C.T Act but many are, so if a company provides background/public records searches for hire then they likely have to provide you with the information that they compile about you.

Unlike a credit report, a specialty consumer report may contain a lot of additional information about you including; employment history, public records, check writing history, tenant history, and any insurance claims you’ve made. Another scary fact that many of us are not aware of is that there are databases that report your prescription drug purchases and medical history such as MedPoint, The MIB (Medical Information Bureau not Men in Black) and Intelliscript. The one reassuring point is that these reports are not easily accessible to private individuals other than the individual that the report pertains to. Many of these reports may only legally be supplied (purchased by) businesses and entities with a genuine business reason to obtain them and you must give those businesses permission to obtain the reports.

Just like a credit report these specialty consumer reports may contain errors, especially if you may have been the victim of identity theft. While there are many specialty consumer reporting agencies and listing them all here would be prohibitive I would suggest that you track down the ones you can find, at least the ones listed here and in Fact Sheet 6(b) from Privacy Rights Clearinghouse, and request your copy. Not all reporting agencies get their information from the same source so there may be differences from one report to the next. One final warning before I close: There are a LOT of scammers out there claiming to provide free credit reports or credit monitoring, so check that company out before you supply them with any of your information and NEVER pay for a free credit report. Remember the only official website (required by law) to request your free annual credit report is www.annualcreditreport.com. Specialty consumer reporting agencies are not required to maintain a website to request you file but they should have a toll free number and many do have websites with their contact information. Please see the links below for more information especially the ones for The FTC and Privacy Rights Clearinghouse.

ChoicePoint http://www.choicepoint.com/index.html

MedPoint http://www.ingenix.com/ContactUs/

MIB http://www.mib.com/html/request_your_record.html

Intelliscript http://www.rxhistories.com/how_it_works.html

Free Credit Report http://www.annualcreditreport.com

The FTC on Your Rights http://www.ftc.gov/bcp/menus/consumer/credit/rights.shtm

In Depth Fact Sheet from Privacy Rights Clearinghouse http://www.privacyrights.org/fs/fs6b-SpecReports.htm

The Patriot Hack - Great Title for a Great Post

I just read a really great blog post. It's actually an article reprinted on one of my favorite blogs, that isn't mine ;) In short the article written by Martin Eberhard, a co-founder of Tesla Motors, details some very useful tips on protecting your privacy online. Some of the comments after the article are quite thought provoking as well. Follow the link at the bottom of this post to the Blog of Tim Ferriss, author of my current favorite book The 4 Hour Work Week.

Click here for Martin Eberhard's article on privacy!

Hidden Safes

I'm sure everyone has seen those wonderful hidden safes, things like beer cans, shaving creme containers and fake electrical outlets...
Well, I have just seen one of the most innovative and hilarious 'hidden safes' EVER! I couldn't seem to get the picture to load here so click on this link --> http://www.spyville.com/brief-safe-underwear.html for a "brief" look at what I'm talking about.
I will do a real 'how to' post on hiding things around the house, but for now a giggle will have to do.

Fake Spyware Detectors and Government Traps

Who do you trust?

According to some people, everyone is in on "it". Is that software really deleting that file? Are proxy servers really anonymous or did the government publish that website?

Good question and I wish I had a convincingly definitive answer. Many businesses and law enforcement agencies employ what are known as "honey pots" - websites, servers or other computers intentionally left with weaknesses in their security in the hope of luring hackers and others of nefarious intent into trying to break in and then the website can glean intelligence on who's been trying to sneak in. This practice is legal and probably necessary in the fight against the criminal element. However, sometimes a hiker might step in the bear trap, so to speak. If you find yourself in a situation where you think you might run afoul of "The Man", get the hell outa there QUICK! Follow the tips elsewhere in this blog to clear your cache and wipe your file slack and swap/page file.

It is relatively well known that there is now spyware out there disguised as privacyware, so it's not too big of a stretch to think that, just maybe, that the proxy server you are using is actually some government shadow operation tricking people into giving them easy access to their comings and goings on the net. What better way to catch people trying to hide something than to offer them a free or easy way to hide it?

I don't necessarily subscribe to this theory but it is reason for pause. So you ask...

Who can you trust?

Since there are so many people out there concerned with their privacy these days it's hard to believe that any "spy" sites could last for very long on the net before somebody "outs" it, and spyware programs disguised as anti-spyware are exposed pretty quickly. Try to keep up to date on Usenet postings, bulletin boards, and blogs. Don't take any ONE persons word for something. If you want to surf anonymously use a proxy server such as Anonymizer, AND a free or pre-paid ISP.

I would be very suspicious of any website that sells privacyware and spyware at the same time. Look for companies that have been around for awhile. If you suddenly see a popup window screaming that you have spyware and it's not from a program that you installed yourself, DO NOT click any of the buttons on the popup. Use Windows Task Manager to close your browser. To do this in Windows 9X and XP, simultaneously hold and release the "Ctrl" "Alt' and "Delete" keys. Select the "Applications" tab, select the program to close and click the "End Task" button. Next scan your computer with a spyware detector that you do trust, you do have one installed already, don't you? My favorites are always the free versions, I like Spybot Search and Destroy and Adaware Personal. Sometimes it's too late for a spyware detector, or worse, you didn't install one until it's too late... ouch!

Unfortunately if that's the case it's beyond the scope of this article but there are a LOT of people that post instructions for getting rid of these atrocities. Just Google the name of the offending program or call a tech.

There are many blogs and forums dedicated to these topics and the privacy community is a generous bunch. The real die-hards still frequent privacy newsgroups and bulletin boards, and you can ask the folks there what they think of a particular solution. There's always someone out there willing to help, just to further the cause of our privacy. But remember not to take any ONE
person's word on a subject, even mine. After someone posts a reply to your query check back again in a day or so to see if anyone else has something to say. And if it sounds too go to be true........

Hide Your Identity With a Pseudonym and Free Email Accounts

Make no mistake, you can be tracked down by the information you leave behind on the internet. For instance if your email address is yourname-and-birthday@yourisp.com (face it LOTS of people include their birthday) and you let this email address out into the wild, say in a comment to a blog post, a chat room, online forum, or even a résumé/job post etc, it can be quite easy to find even more of your personal information. Think about it, many Internet Service Providers only serve a specific geographic location, if you exclude the big guys like SBC (even the big guys have subdivisions that someone might be able to find out about). Someone of nefarious intent can do a simple online search and find out what area your ISP serves. Just like that they have narrowed there search to a specific area. Next they just search for your name in that area. Kinda scary and that’s just from your email address.

Here’s the problem with all those great websites: Many of them require that you “Sign Up” to gain full access to what they have to offer. This “Sign up” process may require as little as an email address while others may want a lot more including your name, address, phone number, and first born male child. Ok, maybe that last one is a bit of a stretch but I think you can see where I’m going with this.

Just because someone asks you for information does not mean that you have to give it to them or that it be 100% true. Let me pose this scenario: You meet someone in a club while out of town on business and they are very nice, in fact you spend quite some time having intelligent conversation. Finally when it’s time to go home to your family (let’s say you’re married) and this nice person asks you for your number. The thought of your jealous spouse answering a call from strange man/women you met in a club just isn’t very appealing to you, but you don’t want to reject your new friend either. So you give him/her your cell number, or as happens more than you might think, you give him/her a fake number reasoning that you will most likely never see this person again.

This same strategy works marvelously with those annoying website “sign ups” only without the hurt feelings 2 days later when your new ‘friend’ realizes you gave them a bogus number. Unless I am purchasing a product or service from a website or creating some type of business relationship, I always use a pseudonym (fake name) and an email address from an online provider such as Yahoo or Hotmail. I generally use a real email address that I have set up with one of the online providers so that I can receive the information I requested and because many of these sites have gotten wise to this trick so they only grant you access or allow you to download the requested file after you confirm your email address by clicking a link in an email that the website sends you.

Don’t use your real name. Use a nickname or even a fake one. Do not make your name part of your email address except the one used for real business contacts and friends/family. The same goes for including your birthday or other private information. Remember your email address is seen by anyone you send mail to from that address.

By using a pseudonym and a free email account you not only protect your privacy but you are also creating a buffer from spam. If one of your free email accounts begins to get completely out of hand with spam you can always ‘throw it away’ and create a new one. If you have cultivated any real contacts with your ‘throw away’ account that you wish to keep you can always provide them with your new ‘throw away’ email address.

Anti-Spyware Saves Your Private Information

In an effort to protect users from themselves, most Anti-Spyware programs create backups of the very things they're supposed to delete. Now, I'm definitely not saying that you shouldn't use Anti-Spyware, far from it in fact. I can't begin to tell you how many times that Ad-Aware SE or Spybot S&D have saved my bacon. Many of these programs delete more than just spyware, they attempt to help you protect your privacy by deleting many of the "Recent" lists that Windows stores such as documents that you have recently opened or web pages you've visited. Many Anti-Spyware programs also delete cookies.
However: To keep users from accidentally deleting an important file or list (Let's face it, how many users really know what is safe to delete?) most of the programs store the information that they are "deleting" in a quarantine file, which is another nice way of saying, "You thought you deleted those files but we really backed them up so they can be retrieved later." Again let me say that Anti-Spyware programs are a GOOD thing, but there are some things most users don't realize, and the quarantine file is a biggest one. This is not a huge problem: the file is easily emptied and you can also tweak the program's settings to not store the files or to store them for a limited period of time. The problem is that many users won't know to change the settings or delete the file themselves. Many people may not even care, but for those of you who are concerned about your privacy, you should take the time to look into your particular program's settings, to see what is saved and what you can do about it. The only thing worse than being paranoid is having a false sense of security.

Is Google Maps a Threat to Indvidual Privacy?

Privacy groups are keeping a watchful eye on Google as it posts pictures of thousands of homes on their Street View website which is accessed through Google Maps. While being able to drop in to 360 degree photographic view Times Square from a map on their site is pretty cool, many privacy groups have expressed concern about what this may mean to individual privacy. Since the Street View project started Google has been outfitting cars with special cameras and sending them to drive the streets of the world snapping pictures of everything in their path, and everything along side of it.
The cause for concern is that someone may unknowingly be photographed in a compromising position (no more mowing the front yard in the nude for me), or that a criminal may use the information to case you home before he breaks in. For the first concern, if you're doing something you shouldn't; don't do it in public dummy! Law enforcement in many parts of the world already has a much better system of cameras feeding real-time data to "the man". Of course that's a whole other story. As for the crooks casing you place, that seems like a valid concern. Nothing is seen in the photographs online that couldn't be seen from the street, but at least before Google Streets the bad guys had to go out and look around in person.
Currently the database of photographs boasts 51 cities in the US as well as parts of Italy and France. Britain and Australia are on the way later this year. The sole purpose of the campaign is to capture pictures of streets and landmarks, not the people in them, however you just can't take a picture of a busy street and not expect to catch a glimpse of a person or a car license plate. To allay concerns that someone in a photo may be identified or a license lumber tracked down, Google has created a system that blurs most recognizable faces and license plates.
Yes, I said most. No automated system is perfect so Google allows users to report inappropriate images from within the application, and may request to have their pictures taken down. Though I think the "Report Inappropriate Image" link could have been more prominent it is easily located by clicking the "Help" link. Also what about the individuals that have been photographed and don't know to look at the website to see if they want their photos removed. After reviewing the photos available on the site I think they can add quite a bit of value for navigation, landmarks have always been easier to remember than street names. Also the photos a good enough quality to see the neighbors house and read some street signs, there was not enough detail to zoom in on any windows and see inside a house.
In all I think the risk to individuals privacy is minimal since the photos are low resolution and not real-time. The danger I see is in the precedent that this might set. Once everyone gets used to cameras everywhere, it will get easier to slip more intrusions into our private lives. I guess the best question to ask is, does the public have a reasonable expectation of privacy when in public. Does spying on the drug dealer on the corner openly selling his wares in full view place your privacy in danger or protect you from the bad guys? I won't tell you how to answer these questions because everyones limits are different. But I hope my rambling will cause you to pause for a moment to decide just where your limits do lie.

G8 Threatens Privacy!

Here are a couple of important (read: terrifying) tidbits that came out of the G8 Justice and Home Affairs Ministerial Meeting held June 11-13, 2008.
The G8 is pushing for its member states to monitor Mobile and ISP traffic for copyrighted material to further a high level treaty called the Anti Counterfeiting Trade Agreement (ACTA) that they are working on. So not only will your ISP be spying on you (in the interest of fighting piracy of course) but so will your cell phone company!
I do not condone piracy, but this seems a little too Orwellian to me. Next thing you know the governments could be strong arming service providers of all types to listen for “potential terrorists” engaging in suspicious or anti government talk. Hello!?!? You may as well use the Constitution for toilet paper!

Additionally the G8 wants to give airport customs officials the right to scan portable media players for copyrighted material. Giving customs officials the power to scan MP3 players, laptops and even mobile phones for illegally-obtained copyrighted material when passengers pass through borders seems ridiculous to me. Most likely these pirated items would have come from the internet and have absolutely NOTHING to do with a person physically flying to another country. Ok, you want to look in my luggage to find the 30 Madonna CDs I burned at home and I plan to sell in Bangkok, fine, but what the hell am I going to have on my laptop that I couldn’t download sitting in a Starbucks anywhere In the world.
Of course the owners of a copyright need protection but not at the expense of personal freedom. There HAS to be a better way than having some jackbooted thug digitally violate you in the interest of protecting some rich bastard’s profit margin!


Note: The G8 Justice and Home Affairs Ministerial Meeting is a forum allowing the G8 (Japan, Italy, Canada, France, USA, UK, Russia, Germany) Ministers responsible for justice and home affairs, the EU Commissioner for Justice, Freedom and Security, and the Secretary-General of the International Criminal Police Organization (ICPO) to meet and discuss matters of common interest. From: http://www.g8jha2008.jp/eng/what.html

Sources
http://www.g8jha2008.jp/eng/what.html
http://www.switched.com/2008/07/20/airports-may-scan-for-illegal-downloads-on-mobile-devices/
http://www.newlaunches.com/archives/g8_acta_think_twice_before_you_share_protected_content.php