Friday, October 25, 2013

Uh-oh, are we almost ready to get all off Linked-In???

Technically, it is quite a wonder.

The newest brain-child of our rolodex provider is called Intro. Read here the details of this seemingly little app. LOOK in this picture how it innocently adds details about the senders of your mails INTO the emails themselves? how does that magic works? well, it seems to work by becoming the middle man for all your mails.

Another interesting read is here, looking at the potential consequences of this app, legally and regarding privacy. I am particularly fond of a couple of the questions proposed by this article.

  • In position number one, we find "Attorney-client privilege", but in fact what is questioned here is the focus on sensitive material that you may be exchanging through your mail - with your insurance, with your bank, with doctors, with your lawyers. Yes. For instance "Hospitals and health systems are responsible for protecting the privacy and confidentiality of their patients and patient information" (HIPAA Guidelines), and it is a good thing. Doctors cannot disclose any part of conversations you have with them, unless you specifically request them to, and sign a release. Discussing your condition by email now could make a leak possible, and your health provider could not be blamed.
  • Toward the end, point number 9. The understanding of what is private to each of us is, well, a private matter. LinkedIn, nor anybody else, should take this decision on your behalf. 
The saving grace of all this is that Intro is (so far) an additional app that you have to volontarily install on your Iphone and/or Ipad. Once installed, it creates a security profile and a special email, ready for syphoning. 
So the solution is quite clear - just don't even think to install this wonderful new product, and lets all keep an eye on how it all proceed... after having been an early adopter, I am ready to quit LinkedIn if a tool like Intro makes its way into the main app. 

It ties in quite nicely in my previous blogs about Data Privacy HERE and HERE

As BishopFox says, If I were the NSA, and I hear mobile phones were routing their emails through LinkedIn…well I know where I’m having my next birthday party.

Friday, October 11, 2013

The international POV on Data Privacy laws

I promised back in July that I would provide some notes about data privacy legal impacts in the cloud. I started writing down such notes - but I came to realize very fast that I could not do so without gaining a better view on where there are specific provisions about data privacy and how these can be in conflict.
That took me some time. I guess it is a work in progress; every day new content is published, new questions seem to arise; but I feel it is a good start, and a necessary one before talking about the cloud.

I am sharing an overview of my findings here, always please bear in mind that this is personal research and I have no claim to any legal title - if in doubt, please do yourself a favor and seek legal counseling.

International law coverage

Lets start by looking at this map. It is based on what I know, and I just updated it with my most recent readings... but even if (IF) it should be complete now, readers beware: it will not be tomorrow, so lets consider it a starting point.