GDPR

Auto Added by WPeMatico

Egnyte releases one-step GDPR compliance solution

Egnyte has always had the goal of protecting data and files wherever they live, whether on-premises or in the cloud. Today, the company announced a new feature to help customers comply with GDPR privacy regulations that went into effect in Europe last week in a straight-forward fashion.

You can start by simply telling Egnyte that you want to turn on “Identify sensitive content.” You then select which sets of rules you want to check for compliance including GDPR. Once you do this, the system goes and scans all of your repositories to find content deemed sensitive under GDPR rules (or whichever other rules you have selected).

Photo: Egnyte

It then gives you a list of files and marks them with a risk factor from 1-9 with one being the lowest level of risk and 9 being the highest. You can configure the program to expose whichever files you wish based on your own level of compliance tolerance. So for instance, you could ask to see any files with a risk level of seven or higher.

“In essence, it’s a data security and governance solution for unstructured data, and we are approaching that at the repository levels. The goal is to provide visibility, control and protection of that information in any in any unstructured repository,” Jeff Sizemore, VP of governance for Egnyte Protect told TechCrunch.

Photo: Egnyte

Sizemore says that Egnyte weighs the sensitivity of the data against the danger it could be exposed and leave a customer in violation of GDPR rules. “We look at things like public links into groups, which is basically just governance of the data, making sure nothing is wide open from a file share perspective. We also look at how the information is being shared,” Sizemore said. A social security number being shared internally is a lot less risky than a thousand social security numbers being shared in a public link.

The service covers 28 nations and 24 languages and it’s pre-configured to understand what data is considered sensitive by country and language. “We already have all the mapping and all the languages sitting underneath these policies. We are literally going into the data and actually scanning through and looking for GDPR-relevant data that’s in the scope of Article 40.”

The new service is generally available on Tuesday morning. The company will be makign an announcement at the InfoSecurity Conference in London. It has had the service in Beta prior to this.

Powered by WPeMatico

Box expands Zones to manage content in multiple regions

When Box announced Zones a couple of years ago, it was providing a way for customers to store data outside the U.S., but there were some limits. Each customer could choose the U.S. and one additional zone. Customers wanted more flexibility, and today the company announced it was allowing them to choose to multiple zones.

The new feature gives a company the ability to store content across any of the 7 zones (plus the U.S) that Box currently supports across the world. A zone is essentially a Box co-location datacenter partner in various locations. The customer can now choose a default zone and then manage multiple zones from a single customer ID in the Box admin console, according to Jeetu Patel, chief product officer at Box.

Current Box Zones. Photo: Box

Content will go to a defined default zone unless the admin creates rules specifying another location. In terms of data sovereignty, the file will always live in the country of record, even if an employee outside that country has access to it. From an end user perspective, they won’t know where the content lives if the administrators allow access to it.

This may not seem like a huge deal on its face, but from a content management standpoint, it presented some challenges. Patel says the company designed the product with this ability in mind from the start, but it took some development time to get there.

“When we launched Zones we knew we would [eventually require] multi-zone capability, and we had to make sure the architecture could handle that,” Patel explained. They did this by abstracting the architecture to separate the storage and business logic tiers. Creating this modular approach allowed them to increase the capabilities as they built out Zones.

It doesn’t hurt that this feature is being made available just days before the EU’s GDPR data privacy rules are going into effect. “Zones is not just for GDPR, but it does help customers meet their GDPR obligations,” Patel said.

Overall, Zones is part of Box’s strategy to provide content management services in the cloud and give customers, even regulated industries, the ability to control how that content is used. This expansion is one more step on that journey.

Powered by WPeMatico

BigID lands in the right place at the right time with GDPR

Every startup needs a little skill and a little luck. BigID, a NYC-based data governance solution has been blessed with both. The company, which helps customers identify sensitive data in big data stores, launched at just about the same time that the EU announced the GDPR data privacy regulations. Today, the company is having trouble keeping up with the business.

While you can’t discount that timing element, you have to have a product that actually solves a problem and BigID appears to meet that criteria. “This how the market is changing by having and demanding more technology-based controls over how data is being used,” company CEO and co-founder Dimitri Sirota told TechCrunch.

Sirota’s company enables customers to identify the most sensitive data from among vast stores of data. In fact, he says some customers have hundreds of millions of users, but their unique advantage is having built the solution more recently. That provides a modern architecture that can scale to meet these big data requirements, while identifying the data that requires your attention in a way that legacy systems just aren’t prepared to do.

“When we first started talking about this [in 2016] people didn’t grok it. They didn’t understand why you would need a privacy-centric approach. Even after 2016 when GDPR passed, most people didn’t see this. [Today] we are seeing a secular change. The assets they collect are valuable, but also incredibly toxic,” he said. It is the responsibility of the data owner to identify and protect the personal data under their purview under the GDPR rules, and that creates a data double-edged sword because you don’t want to be fined for failing to comply.

GDPR is a set of data privacy regulations that are set to take effect in the European Union at the end of May. Companies have to comply with these rules or could face stiff fines. The thing is GDPR could be just the beginning. The company is seeing similar data privacy regulations in Canada, Australia, China and Japan. Something akin go this could also be coming to the United States after Facebook CEO, Mark Zuckerberg appeared before Congress earlier this month. At the very least we could see state-level privacy laws in the US, Sirota said.

Sirota says there are challenges getting funded as a NYC startup because there hadn’t been a strong big enterprise ecosystem in place until recently, but that’s changing. “Starting an enterprise company in New York is challenging. Ed Sim from Boldstart [A New York City early stage VC firm that invests in enterprise startups] has helped educate through investment and partnerships. More challenging, but it’s reaching a new level now,” he said.

The company launched in 2016 and has raised $16.1 million to date. It scored the bulk of that in a $14 million round at the end of January. Just this week at the RSAC Sandbox competition at the RSA Conference in San Francisco, BigID was named the Most Innovative Startup in a big recognition of the work they are doing around GDPR.

Powered by WPeMatico

A flaw-by-flaw guide to Facebook’s new GDPR privacy changes

Facebook is about to start pushing European users to speed through giving consent for its new GDPR privacy law compliance changes. It will ask people to review how Facebook applies data from the web to target them with ads, and surface the sensitive profile info they share. Facebook will also allow European and Canadian users to turn on facial recognition after six years of the feature being blocked there. But with a design that encourages rapidly hitting the “Agree” button, a lack of granular controls, a laughably cheatable parental consent request for teens and an aesthetic overhaul of Download Your Information that doesn’t make it any easier to switch social networks, Facebook shows it’s still hungry for your data.

The new privacy change and terms of service consent flow will appear starting this week to European users, though they’ll be able to dismiss it for now — although the May 25th GDPR compliance deadline Facebook vowed to uphold in Europe is looming. Meanwhile, Facebook says it will roll out the changes and consent flow globally over the coming weeks and months with some slight regional differences. And finally, all teens worldwide that share sensitive info will have to go through the weak new parental consent flow.

Facebook brought a group of reporters to the new Building 23 at its Menlo Park headquarters to preview the changes today. But feedback was heavily critical as journalists grilled Facebook’s deputy chief privacy officer Rob Sherman. Questions centered around how Facebook makes accepting the updates much easier than reviewing or changing them, but Sherman stuck to talking points about how important it was to give users choice and information.

“Trust is really important and it’s clear that we have a lot of work to do to regain the trust of people on our service” he said, giving us deja vu about Mark Zuckerberg’s testimonies before congress. “We know that people won’t be comfortable using Facebook if they don’t feel that their information is protected.”

Trouble at each step of Facebook’s privacy consent flow

There are a ton of small changes, so we’ll lay out each with our criticisms.

Facebook’s consent flow starts well enough with the screen above offering a solid overview of why it’s making changes for GDPR and what you’ll be reviewing. But with just an “X” up top to back out, it’s already training users to speed through by hitting that big blue button at the bottom.

Sensitive info

First up is control of your sensitive profile information, specifically your sexual preference, religious views and political views. As you’ll see at each step, you can hit the pretty blue “Accept And Continue” button regardless of whether you’ve scrolled through the information. If you hit the ugly grey “Manage Data Setting” button, you have to go through an interstitial where Facebook makes its argument trying to deter you from removing the info before letting you make and save your choice. It feels obviously designed to get users to breeze through it by offering no resistance to continue, but friction if you want to make changes.

Facebook doesn’t let advertisers target you based on this sensitive info, which is good. The only exception is that in the U.S., political views alongside political Pages and Events you interact with impact your overarching personality categories that can be targeted with ads. You can opt out of being targeted by those too. But your only option here is either to remove any info you’ve shared in these categories so friends can’t see it, or allow Facebook to use it to personalize the site. There’s no option to keep this stuff on your profile but not let Facebook use it.

Facial recognition

Facebook is bringing facial recognition back to Europe and Canada. The Irish Data Protection commissioner who oversees the EU banned it there in 2012. Users in these countries will get a chance to turn it on, which is the default if they speed through. It’s a useful feature that can make sure people know about the photos of them floating around. But here the lack of granularity is concerning. Users might want to see warnings about possible impersonators using their face in their profile pics, but not be suggested as someone to tag in their friends’ photos. Unfortunately, it’s all or nothing. While Facebook is right to make it simple to turn on or off completely, granular controls that unfold for those that want them would be much more empowering.

[Update: This article has been updated to reflect that Facebook indeed can offer facial recognition in Europe and Canada.]

Data collection across the web

A major concern that’s arisen in the wake of Zuckerberg’s testimonies is how Facebook uses data collected about you from around the web to target users with ads and optimize its service. While Sherman echoed Zuckerberg in saying that users tell the company they prefer relevant ads, and that this data can help thwart hackers and scrapers, many users are unsettled by the offsite collection practices. Here, Facebook lets you block it from targeting you with ads based on data about your browsing behavior on sites that show its Like and share buttons, conversion Pixel or Audience Network ads. The issue is that there’s no way to stop Facebook from using that data from personalizing your News Feed or optimizing other parts of its service.

New terms of service

Facebook recently rewrote its terms of service and data use policy to be more explicit and easy to read. It didn’t make any significant changes other than noting the policy now applies to its subsidiaries like Instagram and Messenger. [Correction: But WhatsApp and Oculus have their own data policies.] That’s all clearly explained here, which is nice.

But the fact that the button to reject the new Terms of Service isn’t even a button, it’s a tiny “see your options” hyperlink, shows how badly Facebook wants to avoid you closing your account. When Facebook’s product designer for the GDPR flow was asked if she thought this hyperlink was the best way to present the alternative to the big “I Accept” button, she disingenuously said yes, eliciting scoffs from the room of reporters. It seems obvious that Facebook is trying to minimize the visibility of the path to account deletion rather than making it an obvious course of action if you don’t agree to its terms.

I requested Facebook actually show us what was on the other side of that tiny “see your options” link and this is what we got. First, Facebook doesn’t mention its temporary deactivation option, just the scary permanent delete option. Facebook recommends downloading your data before deleting your account, which you should. But the fact that you’ll have to wait (often a few hours) before you can download your data could push users to delay deletion and perhaps never resume. And only if you keep scrolling do you get to another tiny “I’m ready to delete my account” hyperlink instead of a real button.

Parental consent

GDPR also implements new regulations about how teens are treated, specifically users between the ages of 13 (the minimum age required to sign up for Facebook) and 15. If users in this age range have shared their religious views, political views or sexual preference, Facebook requires them to either remove it or get parental consent to keep it. They also need permission to be targeted with ads based on data from Facebook’s partners. Without that permission, they’ll see a less personalized version of Facebook. But the system for attaining and verifying that parental consent is a joke.

Users merely select one of their Facebook friends or enter an email address, and that person is asked to give consent for their “child” to share sensitive info. But Facebook blindly trusts that they’ve actually selected their parent or guardian, even though it has a feature for users to designate who their family is, and the kid could put anyone in the email field, including an alternate address they control. Sherman says Facebook is “not seeking to collect additional information” to verify parental consent, so it seems Facebook is happy to let teens easily bypass the checkup.

Privacy shortcuts

To keep all users abreast of their privacy settings, Facebook has redesigned its Privacy Shortcuts in a colorful format that sticks out from the rest of the site. No complaints here.

Download your information

Facebook has completely redesigned its Download Your Information tool after keeping it basically the same for the past eight years. You can now view your content and data in different categories without downloading it, which alongside the new privacy shortcuts is perhaps the only unequivocally positive and unproblematic change amidst today’s announcements.

And Facebook now lets you select certain categories of data, date ranges, JSON or HTML format and image quality to download. That could make it quicker and easier if you just need a copy of a certain type of content but don’t need to export all your photos and videos, for example. Thankfully, Facebook says you’ll now be able to download your media in a higher resolution than the old tool allowed.

But the big problem here was the subject of my feature piece this week about Facebook’s lack of data portability. The Download Your Information tool is supposed to let you take your data and go to a different social network. But it only exports your social graph, aka your friends, as a text list of names. There are no links, usernames or other unique identifiers unless friends opt into let you export their email or phone number (only 4 percent of my friends do), so good luck finding the right John Smith on another app. The new version of Download Your Information exports the same old list of names, rather than offering any interoperable format that would let you find your friends elsewhere.

A higher standard

Overall, it seems like Facebook is complying with the letter of GDPR law, but with questionable spirit. Sure, privacy is boring to a lot of people. Too little info and they feel confused and scared. Too many choices and screens and they feel overwhelmed and annoyed. Facebook struck the right balance in some places here. But the subtly pushy designs seem intended to steer people away from changing their defaults in ways that could hamper Facebook’s mission and business.

Making the choices equal in visible weight, rather than burying the ways to make changes in grayed-out buttons and tiny links, would have been more fair. And it would have shown that Facebook has faith in the value it provides, such that users would stick around and leave features enabled if they truly wanted to.

When questioned about this, Sherman pointed the finger at other tech companies, saying he thought Facebook was more upfront with users. Asked to clarify if he thought Facebook’s approach was “better,” he said “I think that’s right.” But Facebook isn’t being judged by the industry standard, because it’s not a standard company. It’s built its purpose and its business on top of our private data, and touted itself as a boon to the world. But when asked to clear a higher bar for privacy, Facebook delved into design tricks to keep from losing our data.

Powered by WPeMatico

Highlights and audio from Zuckerberg’s emotional Q&A on scandals

“This is going to be a never-ending battle,” said Mark Zuckerberg . He just gave the most candid look yet into his thoughts about Cambridge Analytica, data privacy and Facebook’s sweeping developer platform changes during a conference call with reporters today. Sounding alternately vulnerable about his past negligence and confident about Facebook’s strategy going forward, Zuckerberg took nearly an hour of tough questions.

You can read a transcript here and listen to a recording of the call below:



The CEO started the call by giving his condolences to those affected by the shooting at YouTube yesterday. He then delivered this mea culpa on privacy:

We’re an idealistic and optimistic company … but it’s clear now that we didn’t do enough. We didn’t focus enough on preventing abuse and thinking through how people could use these tools to do harm as well … We didn’t take a broad enough view of what our responsibility is and that was a huge mistake. That was my mistake.

It’s not enough to just connect people. We have to make sure those connections are positive and that they’re bringing people together.  It’s not enough just to give people a voice, we have to make sure that people are not using that voice to hurt people or spread misinformation. And it’s not enough to give people tools to sign into apps, we have to make sure that all those developers protect people’s information too.

It’s not enough to have rules requiring that they protect the information. It’s not enough to believe them when they’re telling us they’re protecting information. We actually have to ensure that everyone in our ecosystem protects people’s information.

This is Zuckerberg’s strongest statement yet about his and Facebook’s failure to anticipate worst-case scenarios, which has led to a string of scandals that are now decimating the company’s morale. Spelling out how policy means nothing without enforcement, and pairing that with a massive reduction in how much data app developers can request from users makes it seem like Facebook is ready to turn over a new leaf.

Here are the highlights from the rest of the call:

On Zuckerberg calling fake news’ influence “crazy”: “I clearly made a mistake by just dismissing fake news as crazy — as having an impact … it was too flippant. I never should have referred to it as crazy.

On deleting Russian trolls: Not only did Facebook delete 135 Facebook and Instagram accounts belonging to Russian government-connected election interference troll farm the Internet Research Agency, as Facebook announced yesterday, Zuckerberg said Facebook removed “a Russian news organization that we determined was controlled and operated by the IRA.”

On the 87 million number: Regarding today’s disclosure that up to 87 million people had their data improperly accessed by Cambridge Analytica, “it very well could be less but we wanted to put out the maximum that we felt it could be as soon as we had that analysis.” Zuckerberg also referred to The New York Times’ report, noting that “We never put out the 50 million number, that was other parties.”

On users having their public info scraped: Facebook announced this morning that “we believe most people on Facebook could have had their public profile scraped” via its search by phone number or email address feature and account recovery system. Scammers abused these to punch in one piece of info and then pair it to someone’s name and photo. Zuckerberg said search features are useful in languages where it’s hard to type or a lot of people have the same names. But “the methods of react limiting this weren’t able to prevent malicious actors who cycled through hundreds of thousands of IP addresses and did a relatively small number of queries for each one, so given that and what we know to day it just makes sense to shut that down.”

On when Facebook learned about the scraping and why it didn’t inform the public sooner:  “We looked into this and understood it more over the last few days as part of the audit of our overall system,” Zuckerberg said, declining to specify when Facebook first identified the issue. [Update: Facebook later specified that the sophisticated scraping had been picked up in the past few weeks during the audit, recently confirmed, and that the company disclosed the situation as soon as it had details ready.]

On implementing GDPR worldwide: Zuckerberg refuted a Reuters story from yesterday saying that Facebook wouldn’t bring GDPR privacy protections to the U.S. and elsewhere. Instead he says, “we’re going to make all the same controls and settings available everywhere, not just in Europe.”

On if board has discussed him stepping down as chairman: “Not that I’m aware of,” Zuckerberg said happily.

On if he still thinks he’s the best person to run Facebook: “Yes. Life is about learning from the mistakes and figuring out what you need to do to move forward … I think what people should evaluate us on is learning from our mistakes … and if we’re building things people like and that make their lives better … there are billions of people who love the products we’re building.”

On the Boz memo and prioritizing business over safety: “The things that makes our product challenging to manage and operate are not the trade-offs between people and the business. I actually think those are quite easy because over the long-term, the business will be better if you serve people. I think it would be near-sighted to focus on short-term revenue over people, and I don’t think we’re that short-sighted. All the hard decisions we have to make are trade-offs between people. Different people who use Facebook have different needs. Some people want to share political speech that they think is valid, and other people feel like it’s hate speech … we don’t always get them right.”

On whether Facebook can audit all app developers: “We’re not going to be able to go out and necessarily find every bad use of data,” Zuckerberg said, but confidently said, “I actually do think we’re going to be able to cover a large amount of that activity.”

On whether Facebook will sue Cambridge Analytica: “We have stood down temporarily to let the [U.K. government] do their investigation and their audit. Once that’s done we’ll resume ours … and ultimately to make sure none of the data persists or is being used improperly. And at that point if it makes sense we will take legal action if we need to do that to get people’s information.”

On how Facebook will measure its impact on fixing privacy: Zuckerberg wants to be able to measure “the prevalence of different categories of bad content like fake news, hate speech, bullying, terrorism … That’s going to end up being the way we should be held accountable and measured by the public … My hope is that over time the playbook and scorecard we put out will also be followed by other internet platforms so that way there can be a standard measure across the industry.”

On whether Facebook should try to earn less money by using less data for targeting: “People tell us if they’re going to see ads they want the ads to be good … that the ads are actually relevant to what they care about … On the one hand people want relevant experiences, and on the other hand I do think there’s some discomfort with how data is used in systems like ads. But I think the feedback is overwhelmingly on the side of wanting a better experience. Maybe it’s 95-5.”

On whether #DeleteFacebook has had an impact on usage or ad revenue: “I don’t think there’s been any meaningful impact that we’ve observed… but it’s not good.”

On the timeline for fixing data privacy: “This is going to be a never-ending battle. You never fully solve security. It’s an arms race,” Zuckerberg said early in the call. Then to close Q&A, he said, “I think this is a multi-year effort. My hope is that by the end of this year we’ll have turned the corner on a lot of these issues and that people will see that things are getting a lot better.”

Overall, this was the moment of humility, candor and contrition Facebook desperately needed. Users, developers, regulators and the company’s own employees have felt in the dark this last month, but Zuckerberg did his best to lay out a clear path forward for Facebook. His willingness to endure these questions was admirable, even if he deserved the grilling.

The company’s problems won’t disappear, and its past transgressions can’t be apologized away. But Facebook and its leader have finally matured past the incredulous dismissals and paralysis that characterized its response to past scandals. It’s ready to get to work.

Powered by WPeMatico

Facebook knows literally everything about you

Cambridge Analytica may have used Facebook’s data to influence your political opinions. But why does least-liked tech company Facebook have all this data about its users in the first place?

Let’s put aside Instagram, WhatsApp and other Facebook products for a minute. Facebook has built the world’s biggest social network. But that’s not what they sell. You’ve probably heard the internet saying “if a product is free, it means that you are the product.”

And it’s particularly true in this case because Facebook is the world’s second biggest advertising company in the world behind Google. During the last quarter of 2017, Facebook reported $12.97 billion in revenue, including $12.78 billion from ads.

That’s 98.5 percent of Facebook’s revenue coming from ads.

Ads aren’t necessarily a bad thing. But Facebook has reached ad saturation in the newsfeed. So the company has two options — creating new products and ad formats, or optimizing those sponsored posts.

Facebook has reached ad saturation in the newsfeed

This isn’t a zero-sum game — Facebook has been doing both at the same time. That’s why you’re seeing more ads on Instagram and Messenger. And that’s also why ads on Facebook seem more relevant than ever.

If Facebook can show you relevant ads and you end up clicking more often on those ads, then advertisers will pay Facebook more money.

So Facebook has been collecting as much personal data about you as possible — it’s all about showing you the best ad. The company knows your interests, what you buy, where you go and who you’re sleeping with.

You can’t hide from Facebook

Facebook’s terms and conditions are a giant lie. They are purposely misleading, too long and too broad. So you can’t just read the company’s terms of service and understand what it knows about you.

That’s why some people have been downloading their Facebook data. You can do it too, it’s quite easy. Just head over to your Facebook settings and click the tiny link that says “Download a copy of your Facebook data.”

In that archive file, you’ll find your photos, your posts, your events, etc. But if you keep digging, you’ll also find your private messages on Messenger (by default, nothing is encrypted).

And if you keep digging a bit more, chances are you’ll also find your entire address book and even metadata about your SMS messages and phone calls.

Downloaded my facebook data as a ZIP file

Somehow it has my entire call history with my partner’s mum pic.twitter.com/CIRUguf4vD

— Dylan McKay (@dylanmckaynz) March 21, 2018

All of this is by design and you agreed to it. Facebook has unified terms of service and share user data across all its apps and services (except WhatsApp data in Europe for now). So if you follow a clothing brand on Instagram, you could see an ad from this brand on Facebook.com.

Messaging apps are privacy traps

But Facebook has also been using this trick quite a lot with Messenger. You might not remember, but the on-boarding experience on Messenger is really aggressive.

On iOS, the app shows you a fake permission popup to access your address book that says “Ok” or “Learn More”. The company is using a fake popup because you can’t ask for permission twice.

There’s a blinking arrow below the OK button.

If you click on “Learn More”, you get a giant blue button that says “Turn On”. Everything about this screen is misleading and Messenger tries to manipulate your emotions.

“Messenger only works when you have people to talk to,” it says. Nobody wants to be lonely, that’s why Facebook implies that turning on this option will give you friends.

Even worse, it says “if you skip this step, you’ll need to add each contact one-by-one to message them.” This is simply a lie as you can automatically talk to your Facebook friends using Messenger without adding them one-by-one.

The next time you pay for a burrito with your credit card, Facebook will learn about this transaction and match this credit card number with the one you added in Messenger

If you tap on “Not Now”, Messenger will show you a fake notification every now and then to push you to enable contact syncing. If you tap on yes and disable it later, Facebook still keeps all your contacts on its servers.

On Android, you can let Messenger manage your SMS messages. Of course, you guessed it, Facebook uploads all your metadata. Facebook knows who you’re texting, when, how often.

Even if you disable it later, Facebook will keep this data for later reference.

But Facebook doesn’t stop there. The company knows a lot more about you than what you can find in your downloaded archive. The company asks you to share your location with your friends. The company tracks your web history on nearly every website on earth using embedded JavaScript.

But my favorite thing is probably peer-to-peer payments. In some countries, you can pay back your friends using Messenger. It’s free! You just have to add your card to the app.

It turns out that Facebook also buys data about your offline purchases. The next time you pay for a burrito with your credit card, Facebook will learn about this transaction and match this credit card number with the one you added in Messenger.

In other words, Messenger is a great Trojan horse designed to learn everything about you.

And the next time an app asks you to share your address book, there’s a 99-percent chance that this app is going to mine your address book to get new users, spam your friends, improve ad targeting and sell email addresses to marketing companies.

I could say the same thing about all the other permission popups on your phone. Be careful when you install an app from the Play Store or open an app for the first time on iOS. It’s easier to enable something if a feature doesn’t work without it than to find out that Facebook knows everything about you.

GDPR to the rescue

There’s one last hope. And that hope is GDPR. I encourage you to read TechCrunch’s Natasha Lomas excellent explanation of GDPR to understand what the European regulation is all about.

Many of the misleading things that are currently happening at Facebook will have to change. You can’t force people to opt in like in Messenger. Data collection should be minimized to essential features. And Facebook will have to explain why it needs all this data to its users.

If Facebook doesn’t comply, the company will have to pay up to 4 percent of its global annual turnover. But that doesn’t stop you from actively reclaiming your online privacy right now.

You can’t be invisible on the internet, but you have to be conscious about what’s happening behind your back. Every time a company asks you to tap OK, think about what’s behind this popup. You can’t say that nobody told you.

Powered by WPeMatico

Clairvoyant launches Kogni to help companies track their most sensitive data

 As we inch ever closer to GDPR in May, companies doing business in Europe need to start getting a grip on the sensitive private data they have. The trouble is that as companies move their data into data lakes, massive big data stores, it becomes more difficult to find data in a particular category. Clairvoyant, an Arizona company is releasing a tool called Kogni that could help.
Chandra… Read More

Powered by WPeMatico

UK’s Carphone Warehouse fined nearly $540k for 2015 hack

 The UK’s data watchdog has handed mobile phone retailer Carphone Warehouse a £400,000 fine — just shy of the £500k maximum the regulator can currently issue — for security failings attached to a 2015 hack that compromised the personal data of some three million customers and 1,000 employees.  Read More

Powered by WPeMatico

Collibra snags $58M Series D led by Iconiq and Battery Ventures to simplify data governance

 Collibra, a company that wants to help firms understand data governance, announced a $58 million Series D funding round today led by Iconiq Capital and Battery Ventures.
All of the investors involved in this round were coming back for another dip in the well. In addition to Iconiq and Battery Ventures, early Collibra investors Dawn Capital, Index Ventures and Newion Investments also participated. Read More

Powered by WPeMatico

NuCypher is using proxy re-encryption to lift more enterprise big data into the cloud

 After spending time at a London fintech accelerator last year, enterprise database startup ZeroDB scrapped its first business plan and mapped out a new one. By January this year it had a new name: NuCypher. It now will try to persuade enterprises to switch to their specialized encryption layer to enhance their ability to perform big data analytics by tapping into the cloud. Read More

Powered by WPeMatico