Facial Recognition, Privacy

Facebook and Facial Recognition? A Bad Combination!

If we have learned anything over the years, social media platforms, and particularly Facebook have undertaken many initiates that are less than ethical. With the latest news that most people will start to see facial recognition options in their Facebook platform today, privacy advocates are sounding alarms. And for good reason! What is missing is the information needed for an informed public on this topic. Most Facebook users will not realize the ramifications of letting Facebook use facial recognition.

Before looking at what this means now, we need to explore a bit of history. Let’s take a look back at some of Facebook’s less than stellar moments:

  • Back in 2014 it became known that Facebook conducted research on approximately 700,000 users without their knowledge. The research was intended to learn how users would react – emotionally – to either all positive or all negative information on their feeds. As someone who both teaches and also conducts research, this is a fundamental ethical breach of research guidelines. When conducting research, there is an ethical requirement to obtain Informed Consent. As a part of this, participants know that they are involved in a research project, what the research is, how it will be used and they can withdraw at any time, etc. Facebook ignored this and proceeded without any Informed Consent. Thus, the impacts on people could have been detrimental to their mental health with no plan to mitigate.
  • Increasingly since the 2016 US federal election, Facebook has come under fire for its lack of process, policies and actions that easily enabled foreign third parties to directly impact the election.
  • And while Zuckerberg testified before the US Congress, which looked as comfortable for him as getting your teeth pulled without lidocaine, he nonetheless showed up. In Canada however, Facebook was a no-show to discuss privacy breach issues of Canadian citizens.
  • In July 2019, Facebook was levied a $5 billion fine to settle a US Federal Trade Commission data privacy probe. 
  • And just last month, the US federal appeals court rejected Facebook’s effort to undo a 2015 class-action lawsuit claiming that it illegally collected and stored biometric data for millions of users without their consent in Illinois. 

In looking at just these few examples, any reasonable person would question why Facebook would need and/or want to collect facial recognition data. And, make no mistake. They are “collecting” facial recognition data. 

We have already seen how some governments are using facial recognition data to create states of surveillance. Think of China for one. The United Kingdom is another jurisdiction that has delved into facial recognition and, as we have seen, the results in many cases proved to be wrong in 98 percent of the time.

So, while there could be applications for national security, once there is proven technology, and of course, there are laws established to protect citizens, I have to question what possible need is there for Facebook to implement facial recognition in its platform. We have an established pattern for Facebook not adhering to laws and collecting information and using information in less than ethical ways. 

Facial recognition, when in the wrong hands, can be used in a variety of harmful ways. The mere fact that an individual does not have control over his or her image is alarming. If in the wrong hands’, could images potentially be used in the creation of deep fake videos or other images? Such deep fakes could show a person committing a crime, stating information against a government – which in some countries could result in detention or worse – or even stating slanderous comments against a person, an employer, etc. All of which could have negative impacts as the person then has to prove that they were not the person captured in a video. Now many would argue that you don’t store biometric data with images such as drivers’ licences, etc. That is nice in theory, but as we have seen with Facebook, what should happen, doesn’t always happen. So yes, it could happen.

And perhaps more disturbingly is that Facebook has stored our digitized face since we started using it – without our permission. (This was part of the Illinois lawsuit.) The question is…to what end? Some argue that the market for facial recognition is poised to reach $9.6 by 2022. There is definitely money to be made for Facebook. And, with the technology that they are working on, it won’t be just your face. It will be your posture, the way you walk and possibly even how you dress that will make you identifiable. 

As an individual, the implications are deeply concerning. As most of live in societies where privacy is a human right, Facebook – and others – will be using facial recognition to absolutely remove this human right. And sadly, most of us don’t even realize that this is happening. When we do, it will be too late.

If like me, you have already scaled back on using Facebook, the implementation of facial recognition has definitely been the tipping point to back away completely.

Now the question is, will this be a tipping point for you?

Heather MacLean, Privacy

Six Things to Do When Your Bank Has Been Hacked

Each day we hear about different companies that have experienced a hack or data breach. Somehow however, when we learn it is was bank that was hacked, it is quite different. Many more of us become very concerned for our privacy and more importantly, we become extremely concerned about our financial security. Rightly so. Our entire lives are now digital and at risk.

While we can’t turn back the clock and we can certainly hope that we won’t get a notification from our bank that we were one of the victims. We want to be one of those who weren’t impacted. If however, we are not so lucky there are some steps that can be taken to lessen the impact. Here are six things you can do immediately when your bank has been hacked:

  1. Update all passwords and security questions.
  2. Don’t use the same password for multiple accounts.
  3. If you use a password manager, maybe consider not using it for your banking. Keep your banking passwords separate and distinct.
  4. Be diligent in checking your online statements – both credit cards and banking and immediately report abnormalities to your provider.
  5. When monitoring your accounts, don’t just look for large purchase that you don’t recognize. Look for any abnormality. You could have a serious of purchases under $20.
  6. Monitor your credit rating. If your bank was breached, ask for credit monitoring and protection.

These are just six things that you can do immediately. If you are still worried about your privacy, contact us for more detail on how you can implement other privacy measures.

TaylorMade Solutions, Heather MacLean

Data Privacy, Breaches and the Impact on Your Bottom Line

Why Boards of Directors Are Losing Sleep Over Data Breaches

 

Like many news stories, we become numb to the constant barrage of data breaches and begin to think that it is both normal and acceptable. In fact, just last month it was revealed that thousands of patient records were held for ransom in Ontario home care data breach in Canada. Similarly, data breaches in the healthcare sector continue to plague the United States

Sidebar: In the Ontario case, the breach was announced in June 2018; however, the full extent of the situation is only coming to light recently because of the group claiming responsibility, reached out to CBC. In addition, some of the victims claim they have not yet been notified.

If you are business owner or a member of a board of directors, news reports of this nature are likely causing you to lose sleep. And, if they don’t, they should. Data privacy, breaches and the impact on the business’ bottom line should be top of mind. Protecting, or not protecting, the personal data of your customers/clients and/or employees is serious business. It could cost you thousands, millions or even result ceasing operations. Regardless, as a business owner or a board member, the fiduciary duty may be more than you are aware of. Data or security breaches should never be thought of as normal and a course of business operations. More than ever board members need to demand that the proper investment and human resources are allotted to protecting the organization’s data. It is also no longer acceptable to not have awareness and increase your knowledge about data protection and cybersecurity risk management.

If you are a consumer, you should never accept that data breaches are normal. You should also never accept that your privacy is a thing of the past. Data is valuable. Your data is extremely valuable to you and your piece of mind. You own your data.

Increasingly privacy laws are being strengthened and for good reason. As consumers we have a right to protect our personal information. And, if this information isn’t adequately protected by businesses or organizations, then they should be liable for this breach and the ramifications for those who data they hold.

The good news is that many business leaders know and understand that data breaches and privacy do matter. They matter to boards of directors because they do have significant financial ramifications. For example, with the General Data Protection Regulation now enforceable it means significant fines for anyone doing business in Europe. In fact, the research is clear. More and more Boards are considering the critical importance of IT oversight and cybersecurity. According to Price Waterhouse Coopers (PWC) “less than one-fifth of directors are satisfied with the current levels of expertise on their boards. Only 19 percent say they have enough IT/digital expertise and don’t need more, and only 16 percent say the same about cybersecurity.”

So, what does this all mean? It means dollars. It means thousands, hundreds of thousands and possibly millions of dollars in fines and penalties. Some organizations are still playing Russian Roulette in the sense that will gamble with the fines at the time that an incident occurs. An interesting approach for a one-time event. However, the gamble may not pay off when board members are held accountable too. Or, if customers and investors walk away. Additionally, the probability that it is a one-time event is both naïve and short-sighted.

The risk of a data breach increases daily and the time to act is now. The time for consumers and investors to hold the feet of executive teams and boards of directors is now.

Want to talk more about privacy, communications and board governance? Connect with us.

BOOK REVIEW: Have You Been Hacked Yet?

There is no shortage of books on the market about cybersecurity. Some detail cyberattacks. Some detail the history of cybersecurity or cyber warfare. And of course, there are more and more books emerging on how to protect yourself online.

This latest book review is on Have You Been Hacked Yet? By Dr. Natalia Stakhanova.  Dr. Stakhanova is by no means a slouch when it comes to cybersecurity. In addition to being an Assistant Professor at the University of New Brunswick, which has a stellar and robust history in cybersecurity, Dr. Stakhanova is the New Brunswick Innovation Research Chair in Cyber Security. In her spare time she is also the co-founder and CEO of CyberLaunch Academy, an initiative focused on promoting science and technology for children.

From the book’s synopsis:

“….this book gives a gentle introduction into the practical aspects of your daily security. It introduces the most common risks associated with the daily use of modern computing technology. Building on that, the book articulates the importance of, and demonstrates the use of, various types of defence strategies to protect you as a user.”

And now the review:

From first glance at the Table of Contents, I feel that most people would not be intimidated by reading this book. For the most part, the language is straightforward. It covers all the things that one would want to learn about in order to help protect their families and themselves.

When getting into the content, Dr. Stakhanova explains things clearly and easily. I particularly like that she covers off just how easy it is for someone to fall victim to cybercrime. She makes it easy to understand that these criminals play on our emotions, our concern for others and our need to help to scam us. So many people are embarrassed to admit that they have fallen victim that we often don’t have a true picture of just how many people have been scammed.

One of my favourite chapters has got to be Chapter 2. Dr. Stakhanova explains what our digital valuables are and why we should protect them. It is a very common sense perspective, but we often don’t take the time to stop and think about it this way.

I also appreciate the time she has taken to focus on social engineering. I know far too many people who have succumbed to social engineering and/or those who fail to see the concerns around how much information they are sharing online. I hope that this helps change behaviour.

There is, of course, lots of other good information in the book. It is the first edition and I know that Dr. Stakhanova will be making some edits to update some information and fix a few “bugs” shall we say.

So, who is this book for? It is definitely a book for those who know they should be more careful but don’t know what they should be doing about it. It’s a book for those who want to better understand how to protect and educate their children. It’s a great resource for consumers that want to learn how to be “safe” or “safer” online. There are two people in my life that I will be giving this book to immediately.

Want to talk more about cybersecurity, privacy and how you can be protected? Connect with us.