Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

CIS 2015-Rationing Identity in the Internet of Things- Steve Wilson

988 views

Published on

The usual response to identity problems like fraud has been to pile on more identity. On the Internet now we have too much identity! Too much identifiable data seeps out of everything we do online. But in the Internet of Things, Personal Information may pour from everything we do, period. Do we need every new appliance to have its own privacy policy? It depends on whether networked devices are working for their buyers or their vendors. Here we’ll look at how smart devices are smart enough to control data flows and protect their users’ identity and privacy.

Published in: Technology
  • Be the first to comment

CIS 2015-Rationing Identity in the Internet of Things- Steve Wilson

  1. 1. Rationing Identity in the Internet of Things Cloud Identity Summit 2015, La Jolla © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED Steve Wilson @Steve_Lockstep Vice President & Principal Analyst
  2. 2. A data torrent is building © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED 2 • Today data is leaking all across cyberspace • And we aint seen nothin yet! • Ray Kurzweil predicts cars will soon generate data at 1GB/sec • Torrents of data are core to IoT • How much will be personal? • Regulators are concerned. “Tracking & Hacking” Senator Ed Markey http://www.markey.senate.gov/imo/media/doc/2015-02- 06_MarkeyReport-Tracking_Hacking_CarSecurity%202.pdf
  3. 3. For every device a policy • In Feb 2015, people noticed that the new Samsung smart TV with voice operated remote control had a privacy policy: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party” • The TV transmits speech to an outsourced bureau for processing and analysis. © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED 3
  4. 4. For every device a policy So your TV now has a Privacy Policy. Your electric car has a privacy policy (Tesla collects your radio listening history). Your thermostat has a privacy policy ... © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED 4
  5. 5. 5
  6. 6. 6 Yes, your kid’s doll now has a Privacy Policy. © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED
  7. 7. Is Consent broken? • Can consent work for IoT privacy? • Some say consent can’t work online at all • Consent has been given a bad name by cynical exercises like Facebook’s Data Usage Policy, which they claimed provided consent for the infamous 2014 Mood Study. http://www.forbes.com/sites/kashmirhill/2014/06/28/facebook- manipulated-689003-users-emotions-for-science/ © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED 7
  8. 8. Is Consent broken? 8 Data Use PolicyDateof Last Revision: November 15, 2013 I. Information we receive and how it is used Information we receive about you Wereceive a number of different types of information about you, including: Your information Your information is theinformation that'srequired when you sign up for thesite, as well as theinformation you chooseto share. • Registration information: When you sign up for Facebook, you arerequired to provideinformation such as your name, email address, birthday, and gender. In somecases, you may beable to register using other information, likeyour telephonenumber. • Information you choose to share: Your information also includes theinformationyou chooseto shareon Facebook, such as when you post a status update, upload a photo, or comment on a friend's story. It also includes theinformation you chooseto sharewhen you communicatewith us, suchas when you contact us using an email address, or when you takean action, such as when you add a friend, like a Page or a website, add a place to your story, useour contact importers, or indicateyou arein a relationship. Your name, profile pictures, cover photos, gender, networks, usernameand User IDare treated just like information youchooseto makepublic. Your birthday allows us to do things likeshow you age-appropriatecontent and advertisements. Information others share about you Wereceive information about youfrom your friends and others, such as when they upload your contact information, post a photoof you, tag you in a photo or status update, or at a location, or add you to a group. When peopleuseFacebook, they may storeand shareinformation aboutyouand others thatthey have, such as when they upload and managetheir invites and contacts. Other information we receive about you Wealso receive other types of information aboutyou: • Wereceive data about you whenever youuseor arerunning Facebook, such as when you look at another person's timeline, send or receivea message, search for a friend or a Page, click on, view or otherwiseinteract with things, usea Facebook mobileapp, or makepurchases through Facebook. • When you postthings likephotosor videos onFacebook, wemay receive additional related data (or metadata), such as thetime, date, and place you took thephotoor video. • Wereceive data from or about thecomputer, mobilephone, or other devices you useto install Facebook apps or to access Facebook, including when multipleusers log in from thesamedevice. This may includenetwork and communication information, such as your IP address or mobile phonenumber, and other informationaboutthings likeyour internet service, operating system, location, thetype(including identifiers) of thedeviceor browser you use, or thepages you visit. For example, we may get your GPS or other location information sowecan tell you if any of your friends are nearby, or we could request deviceinformation to improvehow our apps work onyour device. • Wereceive data whenever you visit a game, application, or websitethat uses Facebook Platform or visit a sitewith a Facebook feature(such as a social plugin), sometimes through cookies. This may includethedateand timeyou visit thesite; theweb address, or URL, you'reon; technical information abouttheIP address, browser and theoperating system you use; and, if you arelogged in to Facebook, your User ID. • Sometimes weget data from our affiliates or our advertising partners, customers and other third parties that helps us (or them) deliver ads, understand onlineactivity, and generally make Facebook better. For example, an advertiser may tell us information aboutyou(likehow you responded to an ad on Facebook or on another site) in order to measuretheeffectiveness of - and improvethequality of - ads. As described in "How weusetheinformation wereceive" we also put together data from theinformation wealready have about you, your friends, and others, so wecan offer and suggest a variety of services and features. For example, we may makefriend suggestions, pick stories for your News Feed, or suggest people to tag in photos. Wemay put together your current city with GPS and other location informationwehave about you to, for example, tell you and your friends about peopleor events nearby, or offer deals to you in which you might beinterested. Wemay also put together data about you to serveyouads or other content that might bemorerelevant to you. When we get your GPS location, weput it together with other location information wehaveabout you (likeyour current city). But we only keep it until it is no longer useful to provideyou services, likekeeping your last GPS coordinates to sendyourelevant notifications. We only providedata to our advertising partners or customers after wehaveremoved your nameand any other personally identifying information from it, or havecombined it with other people's data in a way that it no longer personally identifies you. Public information When weusethephrase"public information"(which wesometimes refer to as "Everyoneinformation"), wemean theinformation you chooseto makepublic, as well as information that is always publicly available. Information youchooseto makepublic Choosing to makeyour information public is exactly what it soundslike: anyone, including peopleoff Facebook, will beable to see it. Learn more. Choosing to makeyour information public also means that thisinformation: can be associated with you (i.e., your name, profile pictures, cover photos, timeline, User ID, username, etc.) even off Facebook; can show up when someonedoes a search on Facebook or on a public search engine; will be accessible to theFacebook-integrated games, applications, and websites you and your friends use; and will be accessible to anyonewho uses our APIs such as our Graph API. Sometimes youwill not beableto select an audience when you post something (likewhen you writeon a Page's wall or comment on a news article that uses our comments plugin). This is becausesometypes of stories arealways public stories. As a general rule, you should assumethatif you do not seea sharing icon, theinformation will bepublicly available. When others shareinformation about you, theycan also chooseto makeit public. Information that is always publicly available Thetypes of information listed below arealways publicly available, and they are treated just like information youdecided to makepublic: • Name: This helps your friends and family find you. If you are uncomfortablesharing your real name, you can always delete your account. • ProfilePictures and Cover Photos:Thesehelp your friends and family recognizeyou. If you are uncomfortablemaking any of thesephotos public, you can always deletethem. Unless you delete them, when you add a new profilepictureor cover photo, thepreviousphoto will remain public in your profilepictureor cover photo album. • Networks:This helps you seewho youwill besharing information with beforeyou choose"Friends and Networks"as a custom audience. If you are uncomfortablemaking your network public, you canleave thenetwork. • Gender: This allows us to refer to you properly. • Usernameand User ID: These allow you to giveout a custom link to your timelineor Page, receive email at your Facebook email address, and help make Facebook Platform possible. We may enable access to public information that has been shared throughour services. We may allow service providers to access information so they can help us provideservices. We are able to suggest that your friend tag you in a picture by scanning and comparing your friend's pictures to informationwe'veput together from your profilepictures and theother photos in which you've been tagged. If this feature is enabled for you, you can control whether wesuggest that another user tag you in a photo using the“Timelineand Tagging” settings. Learn more at:https://www.facebook.com/help/tag-suggestions Deleting and deactivating your account If you want to stopusing your account, you can either deactivateor deleteit. Deactivate Deactivating your account puts your account on hold. Other users will no longer see your timeline, but we do not deleteany of your information. Deactivating an account is thesameas you telling us not to delete any information becauseyou might wantto reactivateyour account at somepointin thefuture. You can deactivateyour account at: https://www.facebook.com/settings?tab=security Your friends will still see you listed in their list of friends whileyour account is deactivated. Deletion When you deleteyour account, it is permanently deleted from Facebook. It typically takes aboutonemonth to deletean account, but someinformation may remain in backup copies and logs for up to 90 days. You should onlydeleteyour account if you aresureyou never want to reactivateit. You can delete your account at: https://www.facebook.com/help/contact.php?show_form=delete_account Learn moreat: https://www.facebook.com/help/?faq=356107851084108 Certain information is needed to provideyou with services, so weonly deletethis information after you deleteyour account. Someof thethings you do on Facebookaren’t stored in your account, likeposting to a group or sending someonea message(whereyour friend may still have a message you sent, even after you deleteyour account). That information remains after you deleteyour account. II. Sharing and finding you on Facebook Control each timeyou post Whenever you postcontent (likea status update, photoor check-in), you can select a specific audience, or even customizeyour audience. To do this, simply click on thesharing icon and choosewho can seeit. Choosethis icon if you want to makesomething Public. Choosing to makesomething public is exactly what it sounds like. It means that anyone, including peopleoff Facebook, will beable to seeor access it. Choosethis icon if you want to sharewith your Facebook Friends. Choosethis icon if you want to Customizeyour audience. You can also usethis to hideyour story from specific people. If you tag someone, that person and their friends can see your story no matter what audienceyou selected. Thesame is true when you approvea tag someoneelseadds to your story. Always think beforeyou post. Justlikeanything elseyou post ontheweb or send in an email, information you shareon Facebook can becopied or re-shared by anyonewho can seeit. Although you choosewithwhomyoushare, theremay beways for others to determineinformation about you. For example, if you hideyour birthday so noonecan seeit on your timeline, but friends post “happy birthday!” on your timeline, peoplemay determineyour birthday. When you comment on or "like" someoneelse's story, or writeon their timeline, that person gets to select theaudience. For example, if a friend posts a Public story and you comment on it, your commentwill be Public. Often, you can see theaudience someoneselected for their story beforeyou post a comment; however, theperson who posted thestorymay later changetheir audience. So, if you comment on a story, and thestory’s audiencechanges, thenew audiencecan see your comment. You can control who can seetheFacebook Pages you've"liked" by visiting your timeline, clicking on the Likes box on your timeline, and then clicking "Edit." Sometimes you will not seea sharing icon when you post something (likewhen you writeon a Page's wall or comment on a news article that uses our comments plugin). This is becausesometypes of stories are always public stories. As a general rule, you should assumethatif you do not seea sharing icon, the information will bepublicly available. Control over your timeline Whenever you add things to your timelineyou can select a specific audience, or even customizeyour audience. To do this, simply click on thesharing icon and choosewho can seeit. Choosethis icon if you want to makesomething Public. Choosing to makesomething public is exactly what it sounds like. It means that anyone, including peopleoff Facebook, will beable to seeor access it. Choosethis icon if you want to sharewith your Facebook Friends. Choosethis icon if you want to Customizeyour audience. You can also usethis to hidetheitem on your timelinefrom specific people. When you select an audiencefor your friend list, you are only controlling who can seetheentirelist of your friends on your timeline. Wecall this a timelinevisibility control. This is becauseyour friend list is always available to thegames, applications and websites you use, and your friendships may bevisibleelsewhere (such as on your friends' timelines or in searches). For example, if you select "Only Me" as theaudiencefor your friend list, but your friend sets her friend list to "Public," anyonewill beable to see your connection on your friend's timeline. Similarly, if you chooseto hideyour gender, it only hides it on your timeline. This is becausewe, just like theapplications you and your friends use, need to useyour gender to refer to you properly on thesite. When someonetags you in a story (such as a photo, status updateor check-in), you can choosewhether you want that storyto appear on your timeline. You can either approveeach story individually or approveall stories by your friends. If you approvea story and later changeyour mind, you can removeit from your timeline. When you hidethings on your timeline, likeposts or connections, it means thosethings will not appear on your timeline. But, remember, anyonein theaudience of thoseposts or who can seea connection may still seeit elsewhere, like on someoneelse's timelineor in search results. You can also delete your posts or changetheaudience of content you post, which means youcan removepeoplefrom or add peopleto the audienceof thecontent. Peopleon Facebook may beable to see mutual friends, even if they cannot seeyour entirelist of friends. Somethings (likeyour name, profile pictures and cover photos) do not havesharing icons becausethey are always publicly available. As a general rule, you should assumethat if you do notseea sharing icon, the information will bepublicly available. Finding you on Facebook To makeit easier for your friends to find you, weallow anyonewith your contact information(such as email address or telephonenumber) to find you throughtheFacebooksearch bar at thetop of most pages, as well as other tools weprovide, such as contact importers - even if you havenot shared your contact information with them on Facebook. You can choosewho can look up your timelineusing theemail address or telephonenumber you added to your timelinethrough your Privacy Settings. But remember that peoplecan still find you or a link to your timelineon Facebook through other peopleand thethings they shareabout you or through other posts, like if you are tagged in a friend's photo or post something to a public page. Your settings do not control whether peoplecan find you or a link to your timelinewhen they search for content they havepermissionto see, likea photo or other storyin which you’vebeen tagged. Access on phones and other devices Once you shareinformation with your friends and others, they may beableto sync it with or access it via their mobilephones and other devices. For example, if you sharea photo on Facebook, someoneviewing that photo could saveit using Facebook toolsor by other methods offered by their deviceor browser. Similarly, if you shareyour contact information withsomeoneor invitesomeoneto an event, they may be ableto useFacebook or third party applications or devices to sync thatinformation. Or, if one of your friends has a Facebook application on oneof their devices, your information (suchas thethings youpostor photosyoushare) may bestored on or accessed by their device. You should only shareinformation withpeopleyou trust becausethey will beable to saveit or re-share it with others, including when they sync theinformation toa device. Activity log Your activity log is a place where you can go to view most of your information on Facebook, including things you’vehidden from your timeline. You can usethis log to manage your content. For example, you can do things likedelete stories, changetheaudience of your stories or stop an application from publishing to your timelineon your behalf. When you hidesomething from your timeline, you arenot deleting it. This means that thestory may be visibleelsewhere, like in your friends’ News Feed. If you want to deletea story you posted, choosethe deleteoption. What your friends and others shareaboutyou Links and Tags Anyonecan add a link to a story. Links are references to something on theInternet; anything from a websiteto a Page or timelineon Facebook. For example, if you are writing a story, you might includea link to a blog you are referencing or a link to theblogger’s Facebook timeline. If someoneclicks on a link to another person’s timeline, they’ll only seethethings that they areallowed to see. A tag is a special typeof link to someone’s timelinethat suggests that thetagged person add your story to their timeline. In cases where thetagged person isn’t included in theaudienceof thestory, it will add them so they can seeit. Anyonecan tag you in anything. Onceyou are tagged, you and your friends will beable to seeit (such as in News Feed or in search). You can choosewhether a story you'vebeen tagged in appears on your timeline. You can either approve each story individually or approveall stories by your friends. If you approvea story and later changeyour mind, you can always removeit from your timeline. If you do not want someoneto tag you, weencourageyou to reach out to them and givethem that feedback. If that does not work, you can block them. This will prevent them from tagging you going forward. Social reporting is a way for peopleto quickly and easily ask for help from someonethey trust. Learn moreat: https://www.facebook.com/note.php?note_id=196124227075034&__adt=3&__att=iframe If you are linked to in a privatespace (such as a message or a group) only thepeoplewho can see the privatespacecan see thelink. Similarly, if you are linked to a comment, only thepeoplewho can seethe comment can seethelink. Other information As described in the"what your friends and others shareabout you"sectionof this policy, your friends and others may shareinformation aboutyou. They may sharephotos or other informationaboutyouand tag you in their posts. If you do notlikea particular post, tell them or report thepost. Groups Once you are in a Group, anyonein that Group can add you to a subgroup. When someoneadds youto a Group, you will belisted as “invited” until you visit theGroup. You can always leave a Group, which will prevent others from adding you toit again. Pages Facebook Pages are public pages. Companies usePages to share information about their products. Celebrities usePages to talk about their latest projects. And communities usePages to discuss topics of interest, everything from baseball to theopera. BecausePages are public, information you sharewith a Page is public information. This means, for example, that if you post a comment on a Page, that comment may beused by thePageowner off Facebook, and anyonecan seeit. When you "like" a Page, you create a connection to that Page. Theconnection is added to your timelineand your friends may seeit in their News Feeds. You may be contacted by or receive updates from thePage, such as in your News Feed and your messages. You can removethePages you've"liked" through your timelineor on thePage. SomePages contain content that comes directly from thePageowner. Page owners can do this through online plugins, such as an iframe, and it works just likethegames and other applications you usethrough Facebook. Becausethis content comes directly from thePageowner, that Pagemay be able to collect information aboutyou, justlikeany website. Page administrators may haveaccess to insights data, which will tell them generally about thepeoplethat visit their Page(as opposed to information aboutspecific people). They may also know when you’vemadea connection to their Pagebecauseyou’veliked their Page or posted a comment. To control who can see theFacebook Pages you'veliked, visit our Help Center. III. Other websites and applications About FacebookPlatform Facebook Platform (or simply Platform) refers to theway we help you shareyour information with the games, applications, and websites youand your friends use. FacebookPlatform also lets youbring your friends with you, so you can connect withthem off Facebook. In thesetwo ways, FacebookPlatform helps you makeyour experiences on theweb morepersonalized and social. Remember that thesegames, applications and websites arecreated and maintained by other businesses and developers who arenot part of, or controlled by, Facebook, so youshould always makesureto read their terms of service and privacy policies to understand how they treat your data. Controlling what informationyousharewith applications When you connect witha game, application or website - such as by going to a game, logging in to a website using your Facebook account, or adding an app to your timeline - we give thegame, application, or website (sometimes referred to as just "applications"or "apps") your basic info (wesometimes call this your "public profile"), which includes your User IDand your public information. Wealso give them your friends' User IDs (also called your friend list) as part of your basic info. Your friend list helps theapplication makeyour experience more social because it lets you find your friends on that application. Your User IDhelps theapplication personalizeyour experiencebecauseit can connect your account on that application withyour Facebookaccount, and it can access your basic info, which includes your public information and friend list. This includes theinformationyouchooseto makepublic, as well as information that is always publicly available. If theapplication needs additional information, suchas your stories, photosor likes, it will have to ask you for specific permission. The“Apps” setting lets you control theapplicationsyouuse. You can seethepermissions youhavegiven theseapplications, thelast timean application accessed your information, and theaudienceon Facebook for timelinestories and activity theapplication postson your behalf. You can also removeapplications you no longer want, or turn off all Platform applications. When you turnall Platform applications off, your User ID is no longer given to applications, even when your friends usethoseapplications. But you will no longer beable to useany games, applications or websites through Facebook. When you first visit an app, Facebook lets theapp know your language, your country, and whether you are in an age group, for instance, under 18, between 18-20, or 21 and over. Agerange lets apps provideyou with age-appropriatecontent. If you install theapp, it can access, storeand updatetheinformation you’ve shared. Apps you’veinstalled can updatetheir records of your basic info, age range, language and country. If you haven’t used an app in a while, you should consider removing it. Onceyou removean app, it won’t be ableto continueto updatetheadditional information you’vegiven them permission to access, but it may still hold theinformation you havealready shared. You always can contact theapp directly and request that they deleteyour data. Learn more at:https://www.facebook.com/help/how-apps-work Sometimes a game console, mobilephone, or other devicemight ask for permission to sharespecific information with thegames and applications youuseon that device. If you say okay, thoseapplicationswill not beableto access any other information about you withoutasking specific permission from you or your friends. Sites and apps that useInstant Personalization receiveyour User ID and friend list when you visit them. You always can removeapps you’veinstalled by using your app settings at: https://www.facebook.com/settings/?tab=applications. But remember, apps may still beableto access your information when thepeopleyou sharewith usethem. And, if you’veremoved an application and want it to deletetheinformation you’vealready shared with it, you shouldcontact theapplication. Visitthe application’s pageon Facebook or its own websiteto learn moreabout theapp. For example, Apps may havereasons (e.g. legal obligations) to retain somedata that you sharewith them. Controlling what is shared when thepeopleyou sharewith useapplications Just likewhen you shareinformation by email or elsewhereon theweb, information you shareon Facebook can be re-shared. This means that if you sharesomething on Facebook, anyonewho can seeit can shareit with others, including thegames, applications, and websitesthey use. Information wereceiveabout you, including financial transaction data related to purchases madewith Facebook, may beaccessed, processed and retained for an extended period of time when it is thesubject of a legal request or obligation, governmental investigation, or investigationsconcerning possibleviolationsof our terms or policies, or otherwiseto prevent harm. Wealso may retain information from accounts disabled for violations of our terms for at least a year to prevent repeat abuseor other violations of our terms.. Access requests You can access and correct most of your personal data stored by Facebookby logging into your account and viewing your timelineand activity log. You can also download a copy of your personal data by visiting your “Settings” (General Account Settings page), clicking on “Download a copy of your Facebook data” and then clicking on thelink for your expanded archive. Learn more at:https://www.facebook.com/help/?faq=226281544049399 Notifications and Other Messages Wemay send you notificationsand other messages using thecontact informationwehavefor you, likeyour email address. You can control most of thenotificationsyoureceive, including ones from Pages you like and applications you use, using controls weprovide, such as a control included in theemail you receive or in your “Notifications” settings. Friend Finder Weoffer tools to help you upload your friends' contact informationso thatyouand others can find friends on Facebook, and invitefriends who do not useFacebook tojoin, and so wecan offer you and others better experiences on Facebook through suggestions and other customized experiences. If you do not want us to storethis information, visitthis help page at:https://www.facebook.com/contact_importer/remove_uploads.php. If you giveus your password, wewill deleteit after you upload your friends' contact information. Invitations When you invitea friend to join Facebook, wesend a message on your behalf using your name, and we may also includenames and pictures of other peopleyour friend might know on Facebook. We'll also send a few reminders to thoseyouinvite, buttheinvitationwill also giveyour friend theopportunityto optoutof receiving other invitationsto join Facebook. Memorializing accounts Wemay memorialize theaccount of a deceased person. When wememorialize an account, wekeep the timelineon Facebook, but limit access and somefeatures. You can report a deceased person's timelineat: https://www.facebook.com/help/contact.php?show_form=deceased Wealso may closean account if we receive a formal request that satisfies certain criteria. Affiliates Wemay share information wereceive with businesses that arelegally part of thesame group of companies that Facebookis part of, or that becomepart of that group (often thesecompanies arecalled affiliates). Likewise, our affiliates may share information with us as well. This sharing is donein compliance with applicablelaws including wheresuch applicablelaws require consent. Weand our affiliates may use shared information to help provide, understand, and improveour services and their own services. ServiceProviders Wegive your information to thepeopleand companies thathelp us provide, understandand improvethe services weoffer. For example, we may useoutsidevendorsto help host our website, servephotos and videos, process payments, analyze data, conductand publishresearch, measuretheeffectiveness of ads, or providesearch results. In somecases weprovidetheservicejointly with another company, such as the Facebook Marketplace. In all of thesecases our partners must agree to only useyour information consistent withtheagreement weenter into with them, as well as this Data UsePolicy. Security and bugs Wedo our best to keep your information secure, but weneed your help. For moredetailed information about staying safeon Facebook, visit theFacebook SecurityPage. Wetry to keep Facebook up, bug-freeand safe, but can’t make guarantees about any part of our services or products. Changeof Control If theownership of our business changes, wemay transfer your information tothenew owner so they can continueto operatetheservice. But they will still haveto honor thecommitmentswehavemadein this Data Use Policy. About instant personalization Instant personalization(sometimes also referred to as "Start now") is a way for Facebook to help partners (such as Bing and Rotten Tomatoes) on and off Facebook to createa morepersonalized and social experience for logged in users than a social plugin can offer. When you visit a siteor app using instant personalization, it will know someinformation aboutyou and your friends themoment you arrive. This is becausesites and apps using instantpersonalizationcan access your User ID, your friend list, and your public information. Thefirst time you visit a siteor app using instant personalization, you will seea notification letting you know that thesiteor app has partnered with Facebook to providea personalized experience. Thenotification will give you theability to disableor turn off instant personalization for that siteor app. If you do that, that siteor app is required to deleteall of theinformation about youit received from Facebook as part of theinstant personalizationprogram. In addition, wewill prevent that sitefrom accessing your information in thefuture, even when your friends usethat site. If you decidethat you do not wantto experienceinstant personalization for all partner sites and apps, you can disableinstant personalizationfrom the“Apps” settingspage. If you turn off instant personalization, thesepartner third party sites and appswill not beableto access your public information, even when your friends visitthosesites. If you turn off an instant personalizationsiteor app after you havebeen using it or visited it a few times (or after you havegiven it specific permission to access your data), it will not automatically delete information aboutyouit received through Facebook. Likeall other apps, thesiteis required by our policies to deleteinformation about you if you ask it to do so. How it works To join theinstant personalizationprogram, a potential partner must enter into an agreement with us designed to protect your privacy. For example, this agreement requires that thepartner delete information about you if you turn off instant personalization when you first visitthesiteor app. It also prevents the partner from accessing any information about you until youor your friends visit itssite. Instant personalizationpartners sometimes usean email hash process to seeif any of their users are on Facebook and get thoseusers' User IDs. This process is similar to searching for someoneon Facebook using an email address, except in this case, theemail addresses are hashed so no actual email addresses are exchanged. The partner is also contractually required not to useyour User IDfor any purpose(other than associating it with your account) until youor your friends visit thesite. When you visit a siteor app using instant personalization, weprovidethesiteor app with your User IDand your friend list (as well as your age range, locale, and gender). The siteor app can then connect your account with your friends' accounts tomakethesiteor app instantly social. Thesitecan also access public information associatedwith any of theUser IDs it receives, which it can useto makethem instantly personalized. For example, if thesiteis a music site, it can access your music interests to suggestsongs you may like, and access your friends' music interests to let you know whatthey arelistening to. Of courseit can only access your or your friends’ music interests if they are public. If thesiteor app wants any additional information, it will haveto get your specific permission. Public search engines Your public search setting controls whether peoplewho enter your nameon a public search engine may seeyour public timeline(including in sponsored results). You can find your public search setting on the “Privacy Settings and Tools” settings page. This setting does not apply tosearch engines that access your informationas an application using Facebook Platform. If you turn your public search setting off and then search for yourself on a public search engine, you may still seea preview of your timeline. This is becausesomesearch engines cache information for a period of time. You can learn more about how to request a search engineto removeyou from cached information at: https://www.facebook.com/help/?faq=13323 IV. Advertising and Facebook content Advertising Facebook offers a range of products that allow advertisers to reach peopleon and off Facebook. In addition to theinformation weprovidein this section, youcan also learn more about advertising products, how they work, our partnerships, and thecontrols youhave, by visiting our “Advertising on Facebook” page. When wedeliver ads, we do not shareyour information (information that personally identifies you, suchas your nameor contact information) with advertisers unless yougiveus permission. Wemay provide advertisers with information whenwehaveremoved your nameand other personally identifying information from it, or combined it with other informationso that it no longer personally identifies you. For example, we may tell an advertiser how its ads perform or how many peopleviewed or clicked on their ads or install an app after seeing an ad. So wecan show you content that youmay find interesting, wemay useall of theinformation wereceive about you to serveads thataremorerelevant to you. For example, this includes: • information youprovideat registration or add to your account or timeline, • things you shareand do on Facebook, such as what youlike, and your interactionswith advertisements, partners, or apps, • keywords from your stories, and • things weinfer from your useof Facebook. For many ads weserve, advertisers may choosetheir audienceby location, demographics, likes, keywords, and any other information wereceiveor infer about users. Hereare someof theways advertisers may target relevant ads: • demographics and interests: for example, 18 to 35 year-old women who livein theUnited States and likebasketball; • topics or keywords:for example, “music” or peoplewho likea particular song or artist; • Pagelikes (including topics such as products, brands, religion, health status, or political views): for example, if you likea Page about gluten-freefood, you may receive ads about relevant food products; or • categories (including things like"moviegoer" or a "sci-fi fan"): for example, if a person "likes" the "Star Trek" Page and mentions "Star Wars" when they check into a movie theater, wemay infer that this personis likely to bea sci-fi fan and advertisers of sci-fi movies could ask us to target that category. In addition to delivering relevant ads, Facebook sometimes pairs ads with social context, meaning stories about social actions that you or your friends havetaken. For example, an ad for a sushi restaurant’s Facebook Pagemay bepaired with a News Feed story that oneof your friends likes that Page. Wealso sometimes servethesesametypes of ads on other sites or may servejust thesocial context (such as with ads served by others), so that theads aremorerelevant to you. Just likeany other content you shareon Facebook, only peoplewho you’realready sharing with on Facebook would seeit when it is paired with an ad. We also allow advertisers to reach peopleon Facebook using theinformationthey already have about you (suchas email addresses or whether you havevisited their websitespreviously). You can learn moreabout ads, social context, and our partnerships, including therelevant settings and controlsavailable to you, by visiting theAdvertising on Facebook page. If an advertiser chooses to run ads, weservetheads to peoplewho meet criteria theadvertiser selects. So, if someoneviews or otherwiseinteracts with thead, theadvertiser might assumethatthepersonmeets thecriteria they selected (for example, that theperson is an 18-to-35-year-old woman who lives in theU.S. and likes basketball). Werequire advertisers to comply with our Advertising Guidelines, including provisions relating to theuseof sensitivedata. Advertisers and their partners sometimes usecookies or other similar technologies in order to serveand measureads and to maketheir ads moreeffective. Learn moreabout cookies, pixels and similar technologies. When you post a story on Facebook and an advertiser sponsorsit, nothing changes abouttheaudienceof thepost. Only thepeoplewho could originally seethepost (thepeopleyoushared it with) areeligible to seeit. Facebook content Welike to tell you about someof thefeatures and tools your friends and others useon Facebook, to help you havea better experience. For example, if your friend uses our friend finder tool to find morefriends on Facebook, wemay tell you about it to encourageyou to useit as well. This of coursemeans your friend may similarly see suggestions based onthethingsyoudo. But wewill try to only show it to friends that could benefit from your experience. Your friends and theother peopleyou shareinformation with oftenwant to shareyour information with applications to maketheir experiences on thoseapplications morepersonalized and social. For example, oneof your friends might want to usea music application that allows them to seewhat their friends are listening to. To get thefull benefit of that application, your friend would want to givetheapplication her friend list – which includes your User ID – so theapplication knows which of her friends is also using it. Your friend might also want to sharethemusic you “like” on Facebook. If you havemadethat information public, then theapplication can access it just likeanyoneelse. But if you’veshared your likes with just your friends, theapplication could ask your friend for permission to sharethem. You can control most of theinformation other peoplecan sharewith applications theyusefrom the“App” settings page. But thesecontrols do not let you limit access to your public informationand friend list. If you want to completely block applicationsfrom getting your informationwhen your friends and others usethem, you will need to turn off all Platform applications. This means that you will no longer beable to useany third-party Facebook-integrated games, applications or websites. If an application asks permissionfrom someoneelseto access your information, theapplicationwill be allowed to usethat information only in connection withthepersonthatgavethepermission, and no one else. For example, someapps useinformation such as your friends list, to personalizeyour experienceor show you which of your friends usethat particular app. Logging in to another siteusing Facebook Facebook Platform lets youlog into other applications and websitesusing your Facebookaccount. When you log in using Facebook, wegivethe siteyour User ID (just like when you connect with any other application), but wedo not shareyour email address or password withthatwebsitethrough thisprocess withoutyour permission. If you already havean account on that website, thesitemay also beable to connect that account with your Facebook account. Sometimesit does thisusing what is called an "email hash", which is similar to searching for someoneon Facebook using an email address. Only theemail addresses in this caseare hashed so no email addresses are actually shared between Facebook and thewebsite. How it works Thewebsitesends over a hashed version of your email address, and wematch it with a databaseof email addresses that wehavealso hashed. If thereis a match, then we tell thewebsitetheUser ID associated with theemail address. This way, when you log into thewebsiteusing Facebook, thewebsitecan link your Facebook account to your accounton thatwebsite. About social plugins Social plugins are buttons, boxes, and stories (such as theLikebutton) thatother websitescan useto present Facebook contentto you and createmoresocial and personal experiences for you. Whileyou view thesebuttons, boxes, and stories on other sites, thecontentcomes directly from Facebook. Sometimes pluginsact just likeapplications. You can spot oneof these plugins becauseit will ask you for permission to access your informationor to publishinformationback to Facebook. For example, if you usea registration plugin on a website, the plugin will ask your permission to shareyour basic info with the websiteto makeit easier for you to register for thewebsite. Similarly, if you usean "Add To Timeline" plugin, the plugin will ask for your permission to publishstories aboutyour activities on that websiteto Facebook. If you makesomething public using a plugin, such as posting a public comment on a newspaper's website, then that websitecan access your comment (along with your User ID) just likeeveryoneelse. If you post something using a social plugin and you do not seea sharing icon, you should assumethat story is Public. For example, if you post a comment through a Facebook comment plugin ona site, your story is Public and everyone, including thewebsite, can seeyour story. Websites that usesocial plugins can sometimes tell that you haveengaged with thesocial plugin. For example, they may know that youclicked on a Like button in a social plugin. We receive data when you visit a sitewith a social plugin. We keep this data for a maximum of 90 days. After that, weremoveyour nameand any other personally identifying information from thedata, or combineit with other people's data in a way that it is no longer associated with you. Learn moreat: https://www.facebook.com/help/social-plugins V. Cookies, pixels and other similar technologies Cookies aresmall pieces of data that are stored on your computer, mobilephoneor other device. Pixels are small blocks of codeon webpages that do things likeallow another server to measureviewing of a webpageand often are used in connection with cookies. Weusetechnologies likecookies, pixels, and local storage(like on your browser or device, which is similar to a cookiebut holds moreinformation) to provideand understanda rangeof products and services. Learn moreat: https://www.facebook.com/help/cookies Weusethesetechnologies to do things like: • makeFacebook easier or faster to use; • enablefeatures and storeinformation aboutyou(including on your deviceor in your browser cache) and your useof Facebook; • deliver, understand and improveadvertising; • monitor and understand theuseof our productsand services; and • protect you, others and Facebook. For example, we may usethesetools to knowyou arelogged in to Facebook, to help you usesocial plugins and sharebuttons, or to knowwhen you areinteracting with our advertising or Platform partners. Wemay ask advertisers or other partners to serveads or services to computers, mobilephones or other devices, which may usea cookie, pixel or other similar technology placed by Facebook or thethird party (although wewould not shareinformation that personally identifies you with an advertiser). Most companies ontheweb usecookies (or other similar technological tools), including our advertising and Platform partners. For example, our Platform partners, advertisers or Page administrators may usecookies or similar technologies when you access their apps, ads, Pages or other content. Cookies and things likelocal storagehelp makeFacebook work, likeallowing pages to load faster because certain content is stored on your browser or by helping us authenticateyouto deliver personalized content. To learn moreabout how advertisers generally usecookies and thechoices advertisers provide, visit the Network Advertising Initiativeat http://www.networkadvertising.org/managing/opt_out.asp, theDigital Advertising Allianceat http://www.aboutads.info/, theInternet Advertising Bureau (US) at http://www.iab.netor theInternet Advertising Bureau (EU) at http://youronlinechoices.eu/. Refer to your browser or device's help material to learn what controls you can often useto removeor block cookies or other similar technologies or block or removeother data stored on your computer or device(such as by using thevarious settings in your browser). If you do this, it may affect your ability to use Facebook or other websites and apps. VI. Someother things you need to know Safeharbor Facebook complies with theU.S.-EU and U.S.-Swiss SafeHarbor frameworks as set forth by theDepartment of Commerce regarding thecollection, use, and retention of data from theEuropean Union. To view our certification, visit theU.S. Department of Commerce's Safe Harbor websiteat: https://safeharbor.export.gov/list.aspx. As part of our participation in theSafeHarbor program, we agree to resolvedisputes youhavewith us in connection with our policies and practices through TRUSTe. If you would liketo contact TRUSTe, visit:https://feedback-form.truste.com/watchdog/request Contact us with questionsor disputes If you havequestions or complaints regarding our Data UsePolicy or practices, pleasecontact us by mail at 1601 Willow Road, Menlo Park, CA 94025 if you residein theU.S. or Canada, or at Facebook Ireland Ltd., Hanover Reach, 5-7 Hanover Quay, Dublin 2 Ireland if you liveoutsidetheU.S. or Canada. Anyonemay also contact us through thishelp page:https://www.facebook.com/help/contact_us.php?id=173545232710000 Responding to legal requests and preventing harm Wemay access, preserve and share your information in responseto a legal request (likea search warrant, court order or subpoena) if wehave a good faith belief that thelaw requires us to do so. This may include responding to legal requests from jurisdictions outsideof theUnited Stateswherewehavea good faith belief that theresponseis required by law in that jurisdiction, affects users in that jurisdiction, and is consistent withinternationally recognized standards. Wemay also access, preserve and share information when wehavea good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, youand others, including as part of investigations; or to preventdeath or imminent bodily harm. Usernames and User IDs Usernames and User IDs are thesame thing – a way to identify you on Facebook. A User IDis a string of numbers and a usernamegenerally is somevariation of your name. With your username, you get a custom link (a Facebook URL, such as www.facebook.com/username) to your timelinethat you can giveout to peopleor post on external websites. If someonehas your Usernameor User ID, they can useit to access information about you through the facebook.com website. For example, if someonehas your Username, they can type facebook.com/Usernameinto their browser and seeyour public information as well as anything elseyou've let them see. Similarly, someonewith your Usernameor User ID can access information about you through our APIs, such as our Graph API. Specifically, they can access your public information, along with your age range, language and country. If you do not want your information tobeaccessibleto Platform applications, youcan turn off all Platform applications from your Privacy Settings. If you turn off Platform youwill no longer beable to useany games or other applications until youturn Platform back on. For moreinformation abouttheinformation that apps receive when you visit them, seeOther websites and applications. If you want to seeinformation availableabout you throughour Graph API, just type https://graph.facebook.com/[User IDor Username]?metadata=1 into your browser. Your Facebook email address includes your public usernamelikeso: username@facebook.com. People can useyour Facebook email address to send you messages and anyonein a messageconversation can reply to it. How weusetheinformation wereceive Weusetheinformation wereceive about you in connectionwith theservic How we use the information we receive • for internal operations, including troubleshooting, data analysis, testing, research and service improvement. The word “research” appeared twice in the 9000+ word policy, which Facebook said was sufficient to mean users had provided consent to the experiment. © CONSTELLAT ON RESEARCH NC 2010 – 2015 ALL R GHTS RESERVED
  9. 9. Being genuine about privacy So we argue consent online has been set up to fail. If a digital company really wishes to get end users’ consent for secondary data usage, it’s not hard to ask. A Privacy Policy should set out what PII is collected, why it is collected, how and when. © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED 9 And it’s not as if consent is the only way to manage privacy. Apple has made consent rather moot, by promising to resist the temptation to monetise the personal data it has. That is, to handle data in the end users’ interests.
  10. 10. Data flows in an Internet connected car © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED 10 Car SW EULA! Driver’s medical devices? Passenger devices Smart Traffic Control Smart Billboards Service Equipment Other Vehicles CONNECTED CAR Driver Data flowing into the car from smart devices will reveal details of the driver and others. Data flowing from the car may carry those details and other signals. Electronic Car Key Biometric? Smart Watch? Smart Driver License Digital Driver License App
  11. 11. Why? Innumerable parties have reasonable interests in the data from the Internet of Cars, much of which will be overtly personal, or otherwise identifiable, and hence will be PII. Remember that Privacy Principles do not forbid collection of PII; rather they require collection be reasonably necessary, proportionate, and open. © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED 11 • Car companies • Parts’ makers • Mapping apps • Geo-location services • Service outlets • Safety systems • Electricity system • DMV • Police • Regulators • Parking garages • Insurance companies • Advertisers
  12. 12. To manage privacy in this potentially chaotic environment, we need to impose some structure.
  13. 13. Stack thinking © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED 13 It is timely that the FIDO Alliance has sought to clarify how authentication and physical identity may be separated from identity and federation.
  14. 14. Decoupling Identity © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED 14 Relationships Identities Attributes, Signals Presentation Transport ‘The Cloud Identity Summit heard from many speakers about the need for an identity layer. Constellation Research has been working on a layered model that separates identity from the constituent attributes, signals, assertions or and/claims.’ See “Identity Management Moves from Who to What”, Constellation Research, 2015.
  15. 15. Decoupling Identity © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED 15 Relationships Presentation Transport IdentitiesIdentitiesIdentitiesIdentities Attributes, SignalsAttributes, SignalsAttributes, SignalsAttributes, SignalsAttributes, SignalsAttributes, Signals ‘Opening #CISID15, Ping Identity CEO Andre Durand talked about binding the carbon to the silicon. Solid binding is tricky, yet loose association is all too easy, which will lead to PII veritably gushing from the IOT, if we are not careful. We need to decouple identity and devices, ideally using the embedded crypto of smart devices, to impart pedigree on automatically generated data, without giving away our identities.’
  16. 16. © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED 16 https://www.constellationr.com/ research/fido-alliance-update-track- standard FIDO research Relevant to this presentation, Constellation’s latest instalment in a long running research series on the FIDO Alliance is currently available without charge.
  17. 17. © CONSTELLATION RESEARCH, INC. 2010 – 2015 ALL RIGHTS RESERVED 17 Thank you Steve Wilson steve@constellationr.com @steve_lockstep M: +61 414 488 851

×