Transmitting personal data between applications doesn’t have to be for nefarious purposes. In fact, it’s often something that we users like and encourage — when we sign up for new services, we often volunteer our credentials from Facebook, Twitter, LinkedIn, Instagram and elsewhere.

Connecting these accounts means we don’t have to type in our personal information yet again in order to try some new thing; we can see which of our friends already use it, and we can cross-post our activities so we’re not constantly manually updating all these different networks.

You don’t have to try very hard to imagine why companies like this.

Singly offers this whole account-connection process as a service to developers, so they can get “merged, normalized and de-duplicated social data” aggregated together from at least 10 different APIs. This is similar to how developers might connect to Factual to get access to public datasets about places.

Singly is still in its very early stages; CEO Jason Cavnar told me that today just three applications are being built using Singly, and they are too young to name. But examples of apps that he thinks would benefit from Singly include any service that is built as an interface on top of existing information about users — like Mint, Flipboard, Showyou, Highlight, Sonar, Greplin, CloudMagic, Tungle, Nimble and Timehop.

Beyond social data, Singly is entertaining visions of connecting to credit card companies, utilities and other sources, all in the name of helping users dole out access to their personal data.

Singly started life as “The Locker Project” and attracted particular interest because co-founder Jeremie Miller founded the open source instant-messaging protocol Jabber. The company continues to open source its data-connection work, while offering it as a service to customers.

Early on, Singly had focused on hosting applications as well, but now it plans to be primarily an API provider, Cavnar said.

New Singly angel investors, along with Foundry Group, include Robert Stephens, the former CTO of Best Buy; Federated Media’s John Battelle; Esther Dyson; and Roger McNamee. Previous seed investors included Venrock, True Ventures, PivotNorth Capital (Tim Connors) and Freestyle Capital.

The company said today that 100 of the 6,200 it sold through Woot.com between October and December of 2011 may not have been properly reformatted.

In other words, they still contained the personal information of their previous owners — everything from email and social networking passwords to photos and documents.

What an incredible cock-up.

Motorola’s solution to the problem? To “actively pursue the return of the impacted refurbished units” (visit motorola.com/xoomreturn if you think you may have one). Also: offer customers whose personal data might have been compromised a two-year subscription to credit rating agency Experian’s ProtectMyID identity theft service.

A decent gesture, I suppose — unless some miscreant has already pilfered your personal information from the device in the four months it has taken Motorola to notice its mistake.

“Motorola sincerely regrets and apologizes for any inconvenience this situation has caused,” the company said in a statement.

Update: The peanut gallery chimes in:

can already see great Synergies in Google Motorolla Aquisition. Google has Personal data and Moto the means of sharing it @JohnPaczkowski

February 3, 2012 2:16 pm via webReplyRetweetFavorite

@yoda_2little

Chris

That means smartphone giants like Apple Inc. and Google Inc. will likely have to obtain user consent before gathering the data, delete the information after a certain period of time and keep it anonymous.

Read the rest of this post on the original site »

The company behind the now ubiquitous Android operating system came under fire after computer-security experts last week uncovered more than 50 malicious applications that were uploaded to and distributed from Google’s Android Market.
Some security experts said the incident shows Google, which doesn’t inspect Android apps before they are published, needs to do more to try to ensure the apps are safe before they are offered to smartphone users.

Google largely relies on users to rate apps and raise the alarm about any problems with them. It also requires consumers to give their consent for an app to access their personal data. But that approach isn’t enough, according to Chris Wysopal, chief technology officer of computer-security firm Veracode. “App stores need to get serious about vetting code before it is available for customer download,” Mr. Wysopal wrote on his blog.

Read the rest of this post on the original site

Data-gathering firms and technology companies are aggressively matching people’s TV-viewing behavior with other personal data—in some cases, prescription-drug records obtained from insurers—and using it to help advertisers buy ads targeted to shows watched by certain kinds of people.

At the same time, cable and satellite companies are testing and deploying new systems designed to show households highly targeted ads.

The goal: emulate the sophisticated tracking widely used on people’s personal computers with new technology that reaches the living room.

One of the most advanced companies, Cablevision Systems Corp., has rolled out a system that can show entirely different commercials, in real time, to different households tuned to the same program. It can deliver targeted ads to all the company’s three million subscribers concentrated in New York, Connecticut and New Jersey.

Read the rest of this post on the original site

Google earlier this year said that the camera-equipped cars it uses to mark the location of wireless networks and take pictures for its Street View service had for years inadvertently collected data from publicly accessible wireless networks. Google initially said that no significant personal data was collected, but last month admitted that emails and passwords had also been copied.

On Wednesday, U.K. Information Commissioner Christopher Graham, the regulator in charge of data protection, issued a statement saying that, as a result of the “significant breach” of law, his office would audit Google’s data-protection practices in the U.K. and ask the Mountain View, Calif., company to sign an official commitment affirming that such breaches wouldn’t occur again. The U.K. regulator had earlier found that Google didn’t collect meaningful personal details.

Read the rest of this post on the original site

Most of us view personalization and privacy as desirable things, and we understand that enjoying more of one means giving up some of the other. To have goods, services and promotions tailored to our personal circumstances and desires, we need to divulge information about ourselves to corporations, governments or other outsiders.

This tradeoff has always been part of our lives as consumers and citizens. But now, thanks to the Net, we’re losing our ability to understand and control those tradeoffs—to choose, consciously and with awareness of the consequences, what information about ourselves we disclose and what we don’t. Incredibly detailed data about our lives are being harvested from online databases without our awareness, much less our approval.

Read the rest of this post on the original site

Google has long claimed that the server log data it collects are a critical driver of innovation. Over the years, to appease privacy advocates, the company has tweaked its treatment of those data and the length of time it stores them. Google continues to collect IP addresses, though it makes them anonymous after nine months (it used to do so only after 18-24 months).

This may soon change. And not because of any initiative on Google’s (GOOG) part but because of one by Microsoft (MSFT).

Responding to Article 29 Working Party guidelines for protecting users’ personal data online, Microsoft this morning said its new search engine, Bing, will purge all the data it collects on users after six months. Not make the data anonymous, but purge.

“Today we sent a letter to the Article 29 Working Party notifying them of our intention to make a change to Bing’s data retention policy,” Bing Privacy Manager Reese Solberg wrote in a post to the Bing blog. “Specifically, we are reducing the amount of time we store IP addresses from searchers to 6 months. Currently we keep that information for 18 months before we delete it.”

Elaborating, the letter continues, “Generally, when Bing receives search data we do a few things: first, we take steps to separate your account information (such as email or phone number) from other information (what the query was, for example). Then, after 18 months we take the additional step of deleting the IP address and any other cross session IDs associated with the query.”

In conclusion, the letter describes Microsoft’s initiative succinctly: “Under the new policy, we will continue to take all the steps we applied previously–but now we will remove the IP address completely at 6 months, instead of 18 months.”

Microsoft’s move leaves Google in the uncomfortable position of being far less a friend to privacy than Microsoft. And hard as the company might argue in favor of storing user data, it will likely have to match Microsoft.

It’s difficult to claim that server log data are “a crucial arm in the battle to protect the security of our services against hacks and fraud” when a prominent rival is essentially claiming exactly the opposite.

Again, nice to hear this talk of a full data restoration after T-Mobile’s warning that all personal data had been permanently lost. Clearly, Microsoft (MSFT) is doing everything in its power to remedy the issue, which has led many to question the company’s protocols for redundancy and server failure, and beyond these, whether the software giant can even be trusted to safeguard user data. As Microsoft CEO Steve Ballmer told Network World, the Sidekick fiasco was “not good.”

“It is something we are going to have to address and explain to customers, our method and process and quality approach and what went wrong in that case and how we are making sure that it does not happen again,” Ballmer said. “Non-Sidekick users, we are not earning their trust back but I think people are going to say, ‘Hey, look, show me what you are doing to insure this does not happen to me.’”

Again, nice to hear this talk of a full data restoration after T-Mobile’s warning that all personal data had been permanently lost. Clearly, Microsoft (MSFT) is doing everything in its power to remedy the issue, which has led many to question the company’s protocols for redundancy and server failure, and beyond these, whether the software giant can even be trusted to safeguard user data. As Microsoft CEO Steve Ballmer told Network World, the Sidekick fiasco was “not good.”

“It is something we are going to have to address and explain to customers, our method and process and quality approach and what went wrong in that case and how we are making sure that it does not happen again,” Ballmer said. “Non-Sidekick users, we are not earning their trust back but I think people are going to say, ‘Hey, look, show me what you are doing to insure this does not happen to me.’”