Dear all
Please post comments by Friday 27th for the 1%.
The role of databases is incredibly topical in light of the current events happening in Europe and Africa. Governments currently see cyber crime as one of the major threats for the future.
For example:
http://www.bbc.co.uk/news/uk-england-london-24077094
What are your thoughts on large databases that hold various details about our lives? Are there advantages in Facebook holding highly detailed datasets on our daily lives? What are the disadvantages of these online datasets if we proffer the information willingly? If these datasets are demanded (e.g. the Census), can we trust the data holders and if not, what should we do?!
Your thoughts please.
Paul
If people want to steal they will find a way. People used to break into homes through windows so we improved security, we got double glazing, locking windows and re-enforced glass. Is it not just a part of life that if people want something bad enough they'll find a way to get it?
ReplyDeleteAs for the likes of Facebook or Tinder or any other web based program which people put a lot of their personal details up on, its a personal choice. But I do think people should be made more aware of the possible risks associated with putting some much personal data in one place. When I was younger I was always told don't write down your passwords cause someone could find, don't use the same password for more than one thing. How many passwords would one person have to remember now for all the different websites they use, at least 5 possibly over 20. That's a lot of different passwords. So most people have a selection of passwords they repeatedly use, so if one website has this information stole then this leaves the person open to fund on other websites.
For the likes of the Census you have to tell the government about your personal life, but for facebook and such its a person choice and sometimes I don't feel people should give away as much information as they do, but its a matter of people learning what is reasonable to put online and what is not. As with home security some people will learn quicker and be more accepting of new security measures than others.
In the 21st century I think it's almost impossible to function without someone somewhere holding electronic information about you, I don't think there's any choice regarding that. I do think however that people should be maybe a little more mindful when it comes to offering personal data for free online. It's well known now that even prospective employers will trawl open source information on an individual to asses their suitability for a position, so keep your facebook private folks :P
ReplyDeleteThings like government acquired data for census etc is inevitable, and the only reasonable approach is to regulate the data custodians accordingly, but it does raise some issues. e.g If the data is held is on a server in another country then who legally can access it?
As always though technology moves faster than the legal system can keep up with, which is why some measure of personal responsibility should be practised.
This comment has been removed by the author.
ReplyDeleteBeing able to hack computers and other forms of technology seems to be reasonably simple in today’s modern era. Even 5+ years ago we were able to access each other’s mobile phones using a certain app and connecting via Bluetooth. We knew it wasn’t right, but on such a small scale what was the real problem? 14 year olds hadn’t really much to hide. However, reading the news article on the BBC website highlights how much the ability to hack servers and computers has advanced. What once had to be an app that you would allow to be accepted onto your phone (regardless of knowing minimal details about the app) has now developed into a KVM device. The technology is impressive but the way in which it is used is obviously wrong. Theft on any scale annoys me greatly. Having two friends now that have had money taken from their account I am fully aware of the aftermath- blacklisted name, waiting for the refund of your money etc. It annoys me greatly to know someone has worked for that money and some ‘hacker’ can take it so easily. But that falls down to the problem of the security surrounding the account. One friend had their account essentially emptied before their bank noticed whilst the other was alerted as soon as a strange order was placed. All companies should have tighter and stricter security to prevent this from happening. The company should 'know' their customer and the data stored online provides them with more than enough scope for them to become aware of what is the norm for a certain customer and what may be an unusual buy. This also applies to the KVM device. Knowing this technology exists there should be a system in place to block it.
ReplyDeleteSimilar to discussions prior to this blog post, databases containing my details doesn’t really bother me, granted that it is being used in a safe and secure manner. These databases can prove to be invaluable in different sectors of the economy.
Last week Facebook was able to create a video of ‘My Year & My Friends’- it was a nice idea and what I have uploaded to Facebook has all been solely my own choice- apart from a few times when my phone may have been left unattended. Essentially no harm has really ever come to me using Facebook as my parents had educated me extensively growing up about the problems with the ‘web’. Therefore I learnt what details to post and what I would keep private. Alternatively I respect those who don’t use Facebook at all. I like and am aware that there are other ways of communicating with people i.e. the old-fashioned ways of communication and mystery, where every aspect and detail of the individuals’ life isn’t available to all your Facebook friends. I also understand the problems that arise from these online data sets with programmes including ‘Catfish’ highlighting such issues where an individual’s identity is often copied and used having detrimental impacts on others. However, that’s the risk we take when we upload this information.
At this stage, regarding the Census, I don’t know how else we could go about the storage of this information? I realize each individuals view on privacy will vary but why should we worry about other people knowing such information as our wage? The Census is so useful across many disciplines. Personally I think it would be foolish to ‘do-away’ with the data. Hacking happens, identity theft happens, fraud happens, so maybe the only way forward is to improve the security systems supposedly ‘protecting’ this information rather than altering the information actually stored?
That is an interesting point you make with regards to to improving security systems instead of actually changing the information stored! I tend to agree that security systems protecting the data needs to be advanced.
DeleteYes. Data holders should have the latest technology/practices to keep our data safe. We expect our banks to be highly secure physically so data should be treated similarly.
DeleteI think when it comes to census data, or medical details, we give up this type of information about ourselves freely as it is expected of us, however I do feel that government agencies should act more responsibly with the data. A quick Google search brought quite a selection of different examples where personal details have been lost, however you would think that lessons would have been learnt by now about memory sticks !!!
ReplyDelete2013 Suffolk county council…An unencrypted USB memory stick was found containing information from the county’s adult and community services department.
2012 Greater Manchester Police…..An unencrypted USB stick containing details of witnesses with links to serious criminal investigations
2012 South London Health Trust…….Records on 600 maternity patients and their newborn children were lost by misplacing unencrypted USB sticks
Regarding the article I guess as technology becomes more advanced in general, the criminal will never be too far behind in terms of attempting to find ways to access our details.
With the likes of Facebook and other social type websites, it is the choice of the individual regarding the amount of personal information which is given and subsequently stored. Personally I can’t see any advantages in them having loads of details about me, I prefer the minimalist approach.
Hi Laura. I agree with you that a minimalist approach is probably the safest. The quizzes and games that circulate on FB can pose security issues and prey on the bored and ignorant. BBC ran another article that's relevant to this. http://www.bbc.com/news/technology-34922029
DeleteHi Laura - I work for Local Government in London and every computer that I am aware of at the council has had its USB drive disabled - they aren't taking any chances. Makes it a bit more difficult to work though!
DeleteHi Paul, that's a good start. I guess it prevents people from 'taking things home' to work on, if they felt the need.
DeleteI suspect some of those memory stick lost memory sticks were connected to taking things out of the office for meetings/working on at home.
Yes. I also think if someone wanted, they could just take photos of screens on their phones.
DeleteIt depends really on who holds them and why. It's no real secret that on things like Google and Facebook the product being offered is the user-base! Under normal circumstances the average persons data is largely worthless, but in volume the data can become very valuable. The value is both to company holding and gathering the data and interested parties, usually in marketing.
ReplyDeleteThere are obvious advantages to these large databases that go beyond the marketing and advertising side of things, health organizations having large datasets about people can help target medical aid and model the spread of potential infectious diseases and help planning in those situations. The disadvantages are equally obvious, what if the data falls into wrong hands? This happens all the time, some of my own personal data was once stolen from Sony after hackers made inside the PSN network back in 2011, they only got my name and what is now my old email address but still it is an example of how common and easily these things can happen.
I think with the increased potential for linkage between different datasets there needs to be severe penalties for companies that fail to protect user data though with something like the census it would be quit difficult to hold the government to account if it was improperly used or protected.
Large datasets have an array of advantages, e.g. help plan for future medical care and disadvantages, .e.g hacking of bank accounts and with the continual expansion in technology the strength of these disadvantages is starting to get a bit more worrying ( referring to the BBC article and the KMV device). This is kind of scary to think that people can make these devices then go onto to lie about who they are to get into various businesses. Like I have said from the beginning of these online blogs, I have never thought twice about signing up to sites and online shopping, it was almost like a second nature. It never bothered me who had my details/ what they could do with them. However my opinion of this has changed in the past few days as I found out someone had hacked my bank account and tried to buy £800 of Tom Ford clothing on my card. My bank acted very fast on this and I’m sorry to say to this person but you will most definitely not be receiving your clothing any time soon.
ReplyDeleteI’ve always thought of Facebook as a harmless site. You as the user decide what information you want to share with your friends as well as restricting certain people from viewing your profile. I’m finding it quite difficult to think of the advantages of facebook holding detailed data sets. Personally I think the disadvantages outweigh the advantages as there is a large risk of cyber crime/bullying over Facebook alongside the threat of people being able to hack your account. In terms of datasets which are demanded, e.g. the Census I think we can trust them. The sole purpose of these datasets are to plan for the future, to make sure our society is sustainable for future generations. Any dataset which is created or used by the government I definitely think we can trust. If social media sites and websites started to demand census like information then this would be a major concern.
I am in complete agreement with Fiona - if people want to steal, they will find a way. I think whether or not we chose to share our information with some websites and not others, our personal information will always be accessible one way or another.
ReplyDeleteI don't agree with Kevin that we need to take some measure of personal responsibility for the personal data that we share. From the moment we are registered at birth we are placed on a database, when we pass our driving test, when we open a bank account, when we apply for a credit card, when we use the NHS, when we access a public wifi network, our personal information goes onto an infinite number of databases. Surely it is impossible in this age to restrict who we share our personal information with?
Yes I think there are advantages with social media sites holding such detailed datasets on our daily lives - it could be a unique tool which may be used to identify society trends. For example, the data may be used to identify patterns of suicides which no other dataset could do - after all, Facebook is a part of our daily lives (be honest - how many times do you log onto Facebook in a day?) and could hold vital information in societal trends.
I think we need to trust that the holders of our personal data have mitigation plans in place in the case that datasets do fall into the wrong hands. After all, the Santander "cyber plot" was crushed by the Metropolitan Police before any damage was done.
I think as technology has advanced the more accessible data have become. There are huge advantages to sharing data and making bigger databases like the census available. In the case of the census, the benefits to society far outweigh any threat that might arise from these data being hacked and stolen.
ReplyDeleteIn terms of sharing of personal data on facebook, I think people in general don't understand the implications of what they share online especially when it comes to personal data. For example, I am a Child Welfare Officer for my local athletics club and we are advised not to carry lists of children's names and DOB's with us to races as these are personal data and could potentially be lost at fall in the hands of identity thieves. However I know parents (including myself) that go on FB and wish their kids a happy 8th birthday! Not only that I give away my location too! So this is an instance of where sharing all this data about ourselves might not be clever. Is there any advantage to sharing information about ourselves on FB, well yes there is! It is a great way of keeping connected to friends, family and colleagues through personal FB pages, groups etc.
I think where the challenges lie are in the data protection legislation, the technology is changing so fast that different ways of protecting personal data are required.
I think it’s impossible to avoid having your personal details stored in at least a few large databases. At the very least everyone’s data is included in census records and most people will also have a wide range of other personal data stored by various organisations. We all know about the advantages of large datasets in terms of research, planning, development, service provision etc. We have also seen recently about the risks of large datasets and the potential consequences of them being stolen. In the case of census data, details being stolen may be an invasion of privacy, but the personal costs are not as harmful as your bank details being stolen for example.
ReplyDeleteWhen it comes to Facebook and similar platforms, the information provided is entirely up to the individual. We know there is the potential for information to be accessed by unauthorised people so each of us should be responsible for the information we publish online. However, I also believe that any organisation which keeps a database of user information should be held accountable for any data they are trusted to store. These organisations should be encouraged to invest heavily in their data security systems, especially where there is a threat to peoples’ money, health or safety. In a perfect world our data would be 100% secure but the technology used by those who wish to illegally access it will always develop faster than the security measures. It is up to the data holders to be able to react quickly to minimise the risk. In the meantime it would be advisable to keep your personal information private, where possible.
I agree with you Stewart, It needs to be a two way street when it comes to publishing personal details online. Yes we have control over what we should and should not post but organisations should definitely up their security systems to prevent any information that we have posted with confidence to their site, being hacked or leaked out into the public eye.
DeleteI am always on Facebook but I realise how important it can be to keep your data private. I agree with Kevin that we should all take some responsibility in protecting our personal information. My Facebook page is private and I think twice before 'checking in' - no one really cares if you're at Starbucks or the gym anyway so you might as well keep that private. On a serious note, we should all take more care when giving away personal information online. It is fine to do some online shopping etc, but it is definitely worth reading the small print to find out if your information will be passed on to third party sites.
ReplyDeleteThis might be slightly off topic but thought some of you might find it interesting. I have read an article recently about Facebook introducing a digital assistant called 'M' (similar to Siri or Cortana) to their messenger app. This article touches on privacy issues and explains that, at present, M does not use information that you have shared on Facebook. It is, however, building a database of your information. This might be something to look out for in the future. (https://gigaom.com/2015/08/26/facebook-announces-a-new-digital-assistant-m/)
I agree with Claire on many things! Not only on the positive aspects of Facebook (how else could so quickly and easily see what our friends are doing on the other side of the world?!) but also on the census. The census is a very powerful data source for research and I believe the benefits outweigh potential threats. I also agree with Kathryn and her thoughts on the census being used to plan for the future. However, as Laura wrote, there are many incidents where this type of data, like medical records, can be 'lost', so more care could be taken to protect this information. If we are providing the data we could at least be reassured that it will be protected in some way?
That is an interesting point about third party sites. Sometimes we share our information with sites which we believe to be trustworthy without reading the small print. They then share your data with their 'partners' who may not be as protective with it.
DeleteLarge databases containing personal information can have many advantages for example with regards to improving our understanding of health and medical care. However as already mentioned by others they can have many detrimental impacts with regards to the privacy of personal data. Personal information stored in databases is increasingly being targeted by hackers and fraudsters, for example as referred to in the link about the ‘cyber plot’ to steal from the Santander bank.
ReplyDeleteWith regards to Facebook it can be advantageous for it to store datasets on people’s daily lives because after all that is why the majority of people use it so they can find out what other people are doing/interested in etc. It also is a great way of keeping connected with friends and keeps the user up to date with what is occurring in the world around them.
However personal information stored on Facebook and similar sites for example Twitter can have disadvantages due to cyber-crime. This is becoming an increasing problem in our technologically advanced society whenever the data falls into the wrong hands. Although there are data protection measures in place to keep data secure but this doesn’t eliminate the risks. I agree with Fiona that people who want to steal our data will find ways and means of doing even if we are careful with the data that we share online.
In my opinion the Census data is more trustworthy as it is carried out by the government and it is for the benefit of society as a whole. However I acknowledge that this doesn’t eliminate the potential of data being misused.
As more stories like the one on BBC news come to light, awareness of security appears to be growing. The device used is commercially available (I sure these people will sell you one if interested http://www.kvmswitchtech.com). Basically the guy tried to con staff in the bank to let him install it. Luckily, that time it failed. Maybe 10 years ago it would have worked as people weren't so aware of security over IT equipment. The human element is often the weakest. Laura mentions the lost USB keys. A funny story I from my work (not my current employer) was that a guy wearing a white coat walked in a trolley, loaded a photocopier onto it and walked out again. The funny part was that the director of Finance held the door open for him :-)
ReplyDeleteMore common would be clicking on links in emails or in pop-ups that lead to malicious software being installed on your machine.
Bringing this back to large databases ... unless all staff are trained about the danger, and the system administrator is serious about it, the potential is there for hackers to take advantage of it. And when they do, they can access huge quantities of data! I try to never have credit cards stored, and to never use the same password on different sites.
Posting a couple of photos on Facebook isn't really exposing much. But I certainly wouldn't sign up to Ashley Madison (for more than just this reason!!).
I think that if we willingly sign up to organisations like Facebook, Google and Apple then we ought to know what we are letting ourselves in for. These companies have proved time and again that they are less than trustworthy. We agree to their terms and conditions and the vast majority of us don’t read them before we tick the little box so we must shoulder some of the burden. I’m sure most of us wouldn’t understand much of the terms and conditions anyway and would struggle to get through the sheer volume of what we are agreeing to. But we sign up because we want the services on offer and feel that our websites being tracked for targeted advertising is a small price to pay. Plus the fact that these corporations can seemingly use much of our personal data in ways we can’t even imagine.
ReplyDeleteIn 2014 a security expert in the City of London set up a free wifi hotspot with one of the conditions being that “the recipient agreed to assign their first born child to us for the duration of eternity.” Six people signed up but still an amusing and apposite point was made.
I’m sure that personal data held on the Census is liable to security issues – it seems that nothing is unhackable. I suppose we could give false information (albeit I believe that is against the law!) In the 2001 census almost 1% of the population of the United Kingdom gave their religion as Jedi making it the fourth largest religion in the country.
The DVLA profits from selling private data to parking enforcement companies. Do we know that the Office for National Statistics won’t decide to sell our data to private companies. I’m sure there are plenty of insurance companies who would like access to our NHS records. Perhaps it won’t be long before they can simply buy it
Hi Paul. You raise an interesting point on the terms and conditions. I'm surprised that only 6 people signed up. I'm sure those same terms or worse could be incorporated into a million applications and no-one would notice. I'm waiting for a day that someone challenges this in court saying that it's totally unrealistic to expect people to read and understand the fine print. I like the model where requested permissions are shown clearly shown before installing apps on an android phone.
DeleteOverall, I think it is good that there are large databases holding details about ourselves especially NHS databases. It is obviously beneficial that doctors and hospitals have our history available immediately. For example, my daughter had to have an emergency operation a couple of years ago. However, it does feel like you are carrying on your life in a virtual goldfish bowl.
ReplyDeleteThe whole point of Facebook, I suppose, is that it does hold detailed information about our lives.
If I offer information willingly to online datasets, the disadvantages I can see are possibilities that the data is not stored securely or that it can be intentionally passed on to third parties.
For data that is demanded such as the census or tax returns, then in theory we should be able to trust the data holders. Most organisations have cyber security prevention measures. A concerned person could ask what security measures are in place but being told them may be a security issue in itself.
Holdings of large databases has many advantages for both governmental organizations and the health sector. Information about individuals are readily available in emergency situations as well as for broad scale government aid and intervention. As for Facebook and other social media platforms, it is the person's own personal choice as to what they put up there. Open Source databases are to aid persons development, however, Facebook is a place where individuals personally control what information goes on it, so it is their choice to opt-out of giving away sensitive information. Examples as such as Twitter, with geotagging allows persons to show persons their locations thus proffering information to the public.
ReplyDeleteLike the example, large databases such as banks keeps large databases on their customers and when hacked creates a large pool of information on people for hackers to get.. Which is one diadvantage of datasets.