Privacy

Almost every worker has done it: gotten in a little Facebook updating, personal e-mailing, YouTube watching and friend calling while on the clock. Such indiscretions often went undetected by company management everywhere but the most secure and highly proprietary companies or governmental agencies. Not anymore.

Firms have become sharp-eyed, keenly eared watchdogs as they try to squeeze every penny's worth of their employees' salaries and to ensure they have the most professional and lawsuit-proof workplaces.

Have you ever wondered why you get so many unwanted spam text messages and e-mails? The answer might be found in China.

A 22-year-old Korean man named Kim is under arrest for purchasing lists of Koreans’ personal information, such as cell phone numbers and e-mail addresses, which had been hacked in China. After spending 1 million won ($880) for 31 million items of data since July of last year, Kim posted an Internet ad and sold off 10 million such items.

Thousands of patients at a University of Calgary clinic are being warned their personal health information could have been compromised after viruses infected a medical computer.

Two types of viruses — one that can shut down a computer, the other that allows hackers to remotely control or access information — attacked the computer at the U of C’s Sunridge Medical Clinic, said Dr. Cathy MacLean, head of the department of family medicine.

If a stranger came up to you on the street, would you give him your name, Social Security number and e-mail address? Probably not.

Yet people often dole out all kinds of personal information on the Internet that allows such identifying data to be deduced. Services like Facebook, Twitter and Flickr are oceans of personal minutiae — birthday greetings sent and received, school and work gossip, photos of family vacations, and movies watched.

Last October, WikiLeaks got a hold of the U.K.'s Ministry of Defense's Defence Manual of Security, a 2,400-page, restricted document designed to help government officials "maintain information security in the face of hackers, journalists, foreign spies, and others." And this morning, the site published a 32-page U.S. counterintelligence investigation, which included plans to "damage and destroy" WikiLeaks' "center of gravity." Why does this keep happening?!

Privacy is not dead in the era of online social networking. It just needs careful curation.

That was the message Saturday from Danah Boyd, a social-media expert who works for Microsoft Research and who was Saturday's keynote speaker at the South by Southwest Interactive (SXSWi) festival here.

South Korea said Friday it would launch a probe into security systems of major retailer Shinsegae and 24 other companies after private data on some 20 million customers was leaked.

The move came a day after police arrested three South Koreans for selling private information, including IDs, passwords and addresses, of more than 20 million compatriots online.

Far more personal information on students than is necessary is being collected by public schools, according to the Fordham Law School Center on Law and Information Policy, which investigated education records in all 50 states. States are failing to safeguard students' privacy and protect them from data misuse.

If the public wants online privacy it had better fight now for laws to protect it because businesses won't and individuals don't have the clout, security expert Bruce Schneier told RSA Conference.

The longer information-privacy policies go unset, the more likely it is that they never will be set, says Schneier, an author of books about security and CTO of security consultant BT Counterpane. As young people grow up with broad swaths of information about them in the public domain, they will lose any sense of privacy that older generations have.

Social networking sites such as Facebook, LinkedIn, and Xing have been reporting exponential growth rates. These sites have millions of registered users, and they are interesting from a security and privacy point of view because they store large amounts of sensitive personal user data.