Group items tagged

As your day ticks by, it seems that everything you do can leave a data trail. From your purchases online to the resumes you post, to health care transactions made with your insurance cards, you probably are exposing your own personal data to possible snooping, fraud, or identify theft. "Having so much sensitive information available makes it even more difficult for other organizations to release information that is effectively anonymous," says Latanya Sweeney, associate professor of computer science, technology and policy, and director of Carnegie Mellon's Data Privacy Lab. Sweeney demonstrated that birth date, gender and 5-digit ZIP code is enough to identify 87 percent of people in the U.S. One year ago, Sweeney started to pull together a group of faculty who were looking at issues relating to privacy and security, and working toward possible solutions. In the Internet age, few areas of our private lives-and what U.S. Supreme Court Justice Louis Brandeis called "the right to be left alone"- remain untouched by technology. Lorrie Cranor, associate research professor in the School of Computer Science, and director of Carnegie Mellon's Usable Privacy and Security Laboratory, describes Carnegie Mellon as "the place to be for privacy research." She explains, "There's a concentration of researchers and experts here that you just don't find at any other university." So how do these Carnegie Mellon experts suggest you protect yourself when you find the information technology that drives your everyday life to be more sophisticated than you are? Here is a sample of some of their creative solutions-your wake-up call for keeping your data "self" both private and secure.

Government Information Security Podcasts As a GovInfoSecurity.com annual member, this content can be used toward your membership credits and transcript tracking. Click For More Info Insights on the Insider Threat: Randy Trzeciak of Carnegie Mellon's CERT February 25, 2009 We all know the risk of the insider threat is high, but what are the specific vulnerabilities for which organizations should be particularly vigilant? In an exclusive interview, Randy Trzeciak of Carnegie Mellon's CERT program discusses recent insider threat research, including: Patterns and trends of insider crimes; Motives and means displayed in real insider cases; What employers and staffs can do to prevent and detect crimes. Trzeciak is currently a Senior Member of the Technical Staff for the Threat and Incident Management Team in the CERT Program at Carnegie Mellon University's Software Engineering Institute. He is a member of a team in CERT focusing on insider threat research, including insider threat studies being conducted with the US Secret Service National Threat Assessment Center, DOD's Personnel Security Research Center (PERSEREC), and Carnegie Mellon's CyLab.

"Using Facebook and Facial Recognition to ID Random People : A professor at Carnegie Mellon conducted a study recently and found that about one third of people he took snapshots of on campus could be identified using Facebook and a facial-recognition technology recently bought by Google. Not only that, but 27% of those folks had information on their Facebook profiles - like birth date or birthplace - that enabled him to correctly predict the first five digits of their Social Security numbers (you know, the part of your Social Security number that's supposed to be totally secret)."

I was at an advertising conference last week. Some folks are concerned that privacy advocates will press the government to regulate the most common of tracking technologies: behavioral targeting. That's the system that drops a cookie onto our computers to record many of our wanderings through the Web in hopes of targeting us with relevant ads. I had just written The Next Net, about how we'll be tracked on the mobile Internet. And I was thinking that if behavior targeting worries people, the data cascading from our phone use will terrify them. But there are also plenty of reasons to worry about regulation. First, there's a divide in our society between people extremely worried about erosion of privacy and others who appear, with their Web postings, videos and Tweets, to celebrate it. Which group wins? They both can. Take a look at this new friend-finding location-based application for Facebook, Locaccino. It comes out of Carnegie Mellon. The idea is that people can fine-tune their privacy profiles, deciding who can see where exactly they are, and who gets a blurrier vision, or none at all. The point is that millions of people are clearly eager to exchange all sorts of data. It's a way for them to learn, make friends, find things, and have fun. What's more, it supports a vibrant and innovative software market in a gloom-infested tech industry. Some of the innovation will go toward protecting privacy. Because privacy is something that both sides of this debate want and need, even if they don't agree on what it is. Regulations? The most important privacy regs, in my view, should mandate clear communications on how customer data will be used, and will limit tracking to those who have chosen to participate.

The nation's Social Security numbering system has left millions of citizens vulnerable to privacy breaches, according to researchers at Carnegie Mellon University, who for the first time have used statistical techniques to predict Social Security numbers solely from an individual's date and location of birth.