Tag Archives: data collecting

December 15, 2018 · 11:00

The danger of not learning

When do we stop enabling a dangerous setting? That is at the foundation of all this. And the cause of it is not Facebook; it is LinkedIn that makes the error. First of all, when we consider the entire mess, LinkedIn did not break any law, they did nothing incorrect on an academic level, yet they were wrong to allowing this to happen.

The subject here is Zendesk. First of all, there is nothing wrong with Zendesk; they seem to be on the roll to get a service software solution sold. They have a proper website (www.zendesk.com), they have all the checks and marks in place. From my personal view, I do not believe that they have a proper designed website, but that might just be me. I personally do not believe in a web page that scrolls for almost a mile and has a dozen images replacing each other. It is what I would call a bad mobile site, and as the bulk of the decision makers are on mobile, this was not a good step. It has good parts too; their Career page has an original approach (post stamp view) which is very artsy. Their way to bring it is great, yet the execution is not great, so what gives?

It started when I started to get the promoted ads from Zendesk, now there is nothing wrong with that, I have been in customer service for well over a decade on an international level, so that I get this ad makes total sense. The issue starts that EVERY promoted part, demo, white papers and whatever else they are trying to bring, you cannot get them without filling in a form, and there is the first issue, the ‘Zendesk Capture’; Full Name, Work Email and Phone Number. Now, to be fair, their visibility is clear and as I said, they didn’t break any laws. Yet in this age, after all the hassle of Cambridge Analytica, after all the screw ups that Facebook has been tainted with, LinkedIn should not have allowed for this. I think that Zendesk made a massive mistake taking this marketing path in a day and age where details are captured all over the place. We might wonder if someone hacks that Zendesk computer, how many details would be captured.

Yet, when you look at their offering, they have a suite of arrangements, where the cheapest option is an annual plan from ‘Free – $9, per agent, per month‘, so they have the pricing right, they have the options and the seemingly have set it all in perfect motion, so why capture the data? True service minded corporations should be walking down the door.

And as I said, this is not about Zendesk, this is about LinkedIn. I consider the allowance of this path a massive mistake. It was only last week when we were alerted to another Facebook mishap with: “Approximately 15 million of the victims had their name and contact details disclosed. While the hackers were able to see personal information, including education and employment background and location check-ins, of a further 14 million.“, this was only last week and we see additional news a mere 8 hours ago, so when it comes to personal data, LinkedIn should not allow for ANY kind of data collection if someone wants to show how good they are and not allow any promoted material to be linked to data capture.

Is there an exemption?

Yes, I think it is not wrong that someone would merely hand out their email (not necessarily their work email) to receive the link to a white paper, although we can equally argue that the link could have been in the story they promoted. Optionally that paper could have been uploaded to LinkedIn and distribution went via LinkedIn, as this is a promoted ad, so we can assume that it had to be paid for and LinkedIn had a service minded need to complete the (optional) distribution. None of that was done.

All optional solutions to keep their user base data safe and LinkedIn did none of these.

And when we do get to LinkedIn, we get more (at https://www.linkedin.com/legal/ads-policy). Here we see:

Phishing. Do not use an ad to promote a website that tricks a user into providing personal or other information that can be used to exploit or cause harm to the users.

Well, clearly Zendesk is not into Phishing, and they never tricked anyone, yet the words “providing personal or other information that can be used to exploit or cause harm to the users“, you see, in the end Zendesk cannot guarantee the part of ‘exploit or cause harm to the users‘. If they get hacked that part becomes an issue and again, Zendesk had never done anything incorrect.

In the end, the policies of LinkedIn are flawed as I see them. LinkedIn should never have allowed for these steps to happen, if trust and data is their trademark, then they lost a container load of value just there. The capture of personal data is becoming more and more an issue and as such using advertisement to capture data (I admit that it must be freely given), we see a larger issue. People have shown to be not too bright at times, carelessly handing over their personal and work details.

So the actions of LinkedIn in this matter are regarded as highly questionable by me.

As for Zendesk? They might have made the wrong call to pursue a certain path, yet it seems that they are driven to visibility and growth, with a directors board that is 50% female (I think that this is a first for me to see one that is actually 50/50) and a global drive that could make them a serious player down the track. They have the suite, they seemingly have all the software elements (optionally missing a dashboard element) and they offer nearly all with free trials, so they have a serious A-game in place. I partially wonder why they even bothered trying to capture details in the first place. Ah, and they also have something called Zendesk Sunshine (at https://www.zendesk.com/blog/relate-announce-sunshine-sell-explore/), so as it seems, they have the makings of a dashboard solution too.

They could have gone with: “We have the best customer service software solutions. Prove us wrong!

So this is about the danger of not learning and LinkedIn is in the stage where they aren’t learning and optionally endangering the data (and profiles) of their customers. You see, in the end they might have a policy in place, yet data can end up going somewhere else and as such, in that shown danger a dozen times over, LinkedIn should never allowed for this step to happen in the first place, it does not matter who wanted to capture the data, or what for, it should not have been allowed for.

In this age where data details go somewhere else by the size of millions of users per transgression, not allowing this to happen would have been a first need and that was not done.

Bad LinkedIn, bad doggie!

 

Leave a comment

Filed under IT, Law, Media

Tagged as , , , , , ,

September 1, 2017 · 12:43

Want to bet on that?

The Guardian released a story last night, it released something a lot more important than you and I initially considered. You see, it intersects with articles I wrote in 2014, yet until today, and as we recently saw the issues that the Bank of England reported on, I now see a part I never considered, because, unless you are a banker it would not make sense. I admit that from the mere consumer point of view it seems like dodgy, even counterproductive to good business. So, I did not consider it, I did not inform you and for that I apologise. The writer of this story did not inform you either, but it was not the focus of her story so Mattha needs not apologise at all. Yet what is happening is a lot more important than you and I think and if I grasp back at what I found in 2014, there is every indication that GCHQ is actually aware of the situation, yet they decided to do nothing, endangering the sanity and social security of thousands of Britons, so should they apologise? Should Robert Hannigan, director of GCHQ apologise? I believe so, he should also get grilled in both houses (Lords and Commons), but that is not for me to decide (life would be so much fun if it was).

So as we are set in this path, let me explain what happened as per last night. Mattha gave us (at https://www.theguardian.com/society/2017/aug/31/gambling-industry-third-party-companies-online-casinos) the issue ‘how gambling industry targets poor people and ex-gamblers‘ the start is already an explosion of question by themselves. With: “The gambling industry is using third-party companies to harvest people’s data, helping bookmakers and online casinos target people on low incomes and those who have stopped gambling, the Guardian can reveal” we need to ask questions, but let me continue and give you a few more parts on these goods. the next items are “The revelations will add to calls for tighter regulation of the gambling industry more action to address problem gambling after the news on Thursday that online betting firm 888 had been penalised a record £7.8m because more than 7,000 people who had voluntarily banned themselves from gambling were still able to access their accounts“, as well as “The data is often gathered from raffle sites that offer cash prizes and gifts in weekly giveaways, he said. To apply for the prize draws, users must usually provide their name, date of birth, email and address. He claimed raffle companies would then sell the data, something customers have sometimes unwittingly consented to in lengthy terms and conditions agreements. One such site states: “The following sectors [including gambling] are the industry types you can expect to receive products, information, services or special offers from.”“. With these three quotes we have the first part of the equation filled. The article gives a lot more, but for now, here, that is what we need. So we see that people sign up for things they do not understand (we all do that), and for the most the initial thought was harmless enough. I have signed up for free premiere movie tickets, some of us for fashion items or even something as innocuous as a free bottle of perfume or after shave. It seems so harmless and when it comes to products it usually tends to be. Yet when it comes to free trips to certain destinations, for some of us, red flags go up, but at that point it is usually too late, we have already given out our details.

Now, we go back to January 2014. In my blog ‘Diary for a wimpy President‘ (at https://lawlordtobe.com/2014/01/18/diary-for-a-wimpy-president/) I set the stage that includes GCHQ. The setting was theft of IP on a massive scale, yet it was on equal terms the issue we see more common, the theft of personal data. The questions I posed were:

  • Have you identified your organisation’s key information assets and the impact it would have on your organisation if they were compromised or your online services were disrupted? [Alternative: what data is bankable?]
  • Have you clearly identified the key threats to your organisation’s information assets and set an appetite for the associated risks? [Alternative: what data is accessible?]
  • Are you confident that your organisation’s most important information is being properly managed and is safe from cyber threats? [Alternative: the value management of data you think you own]

it came with the footnote: “The alternative are not just views I opt for, consider that the data collection field goes into open commercial hands as it could be presented by March 31st, what are your options to purchase certain buckets of data?

We are now on par in the two sides, my blog three years ago and the new iteration that the Guardian shows. I admit, the Guardian shows a side I never considered before last night. You see, with the quotes we saw mentioned by me, we need to add the third side to what is not a pyramid, but optionally the specific view on a cube, or even more disturbing a buried dipyramid. Now, we cannot expect people to realise that this is happening, but GCHQ knew, there is no way it did not know, and missing that is a career breaker plain and simple. You see, to give you that part, we need to add the following items. The first was seen on August 21st with ‘UK credit and debit card spending ​growing​ at fastest rate since 2008‘. We need to keep a check on the quote “The number of card transactions increased by 12.3% over the year to the end of June, according to the banking trade body UK Finance, coming amid a boom in consumer debt that has been raising alarm bells at the Bank of England. The pace of growth in card payments was 10.6% in the 12 months to the end of December“, the second quote comes from two days ago in the Guardian. Here in the article ‘Credit card lenders ‘targeting people struggling with debt’‘ we see the two parts “Citizens Advice finds almost one in five people struggling with debts have had their card limit raised without request” as well as “Unsecured lending is returning to levels unseen since the 2008 financial crisis, raising alarm bells at the Bank of England that consumers may struggle to repay loans in another economic downturn, thus putting financial stability at risk“. I believed this to be a bad business practise, yet until last night I did not give it the merit it should have had. You see commercial bankers are for the most without a moral compass at best, what if they are joining hands with gambling places that do not care how they get the money? The banker gets the bonus because business was booming and his (or her) moral compass is limited to the cash leaving the door without the use of criminal activity, beyond that they will not care. Yet with hundreds of thousands getting into this scrap. How many gambled the gained credit? How many pushed a chance for instant wealth into a decade of depression without options? The weird part is that GCHQ had to be aware, they are our (mainly the UK) watchdogs and they let this just go on. The questions I asked three years ago show that GCHQ should have been aware and monitoring. If they did not do that, then we have a case of negligence that surpasses the age of MI5 and the Cambridge 5. the funny part in this is that those 5 “were contemporaries at Cambridge University in the 1930s, and were attracted to communism mainly because of the Wall Street crash” and now we see that the same thing is happening for merely the same bloody reason (but those tend to be on the other side of the exploitative equation nowadays), yet now every gambling capitalist gets to enjoy the fallout, or is that out falling?

The evidence?

Yes, some elements will demand the evidence. In my view we merely have to compare the two lists, one showing the unrequested credit rises and the second list are those on the gambling marketing list, with any surpass of 5% being enough to be seen as significant evidence. This now gives two issues, the one is speculative when we go with ‘Is this a shady move for banks to push Brexit out of the way?’ You might think this is conspiracy theory, but is it? How many setbacks can the UK deal with before the banks cry foul and beg for Brexit to be delayed because they are too big to fail? Is it that farfetched? I don’t believe so. The second part is on the location of the location of the gathered online betting location and how these ‘marketing lists‘ all made it out of the UK and in several cases out of the European Union, which now puts the actions (read: non actions) of GCHQ on the firing line of enquiries and inquisitive questions on how they are keeping the people of the UK safe. We might argue (and I would) that people who gamble only have themselves to blame, yet when we see ‘more than 7,000 people who had voluntarily banned themselves from gambling were still able to access their accounts‘, we see that the odds are intentionally stacked against them and I believe that ‘Gambling firm 888 penalised record £7.8m for failing vulnerable customers‘ is a joke, I consider that giving them a £78 million penalty would have been too soft for them, especially as their growth surpassed 63% in 2016. And that is merely ONE gambling holding. The issue is growing at an alarming rate, even as we see how in Australia councils are drawing lines on ‘out of bounds areas‘ whilst with such amazement that the new casino that is currently being built on the order of bad boy jimmy Packard is (with surprising amazement) to be exactly outside certain zoning issues, just like Star Casino, giving him all the freedom he needs and get to play without any level of limitation. Let’s just mark that one up to ‘coincidence‘ shall we?

That example shows a certain complacency between councils and certain playing players and we now see that such levels are apparently happening in the UK for online gambling and we see that there is no way that GCHQ was unaware, we merely need to wonder why there was no political intervention, because that question is becoming more and more important.

Issues, shown from 2014 onwards give rise to non-protectionism of an unacceptable shady character. The act that the Guardian now shows that certain players are given a wide berth of that gives them degrees of freedom that no company in the UK ever gets is also giving questions to the status of banks and lenders and whether we should allow them to operate in the UK. If you wonder about this statement you only have to consider the triggers of bankruptcy, personal insolvency and how it is that these lenders will get paid either way, through either collection or write offs. What happens when they are no longer allowed to write off these bad business actions? What happens when it needs to come from their own ‘profits’ and ‘bonus schemes’? How long until suddenly the online casino’s and lenders walk away and continue that in places where they can exploit all they like?

Can you now see that you are placed in an increasingly difficult place to grow the stability of your family? If not, consider that you might not be the gambler, but you are a member of that bank or lending corporation. If they cannot write off, they will charge you through the services you receive, either through administration fees or interest percentages. You would (and rightly so) complain about these fees, so you want no change, which is what they are banking on and that should not be allowed. The final statement in the article is also important. With “In a longer statement to its investors, the company said it had taken action to fix its self-exclusion systems, which it said arose when customers who self-excluded from some of its brands were able to gamble with others” we are confronted with the question that seeing ‘fix its self-exclusion systems‘. You see, I believe that they never properly worked in the first place; leaving us with the intent that they had too much to lose enforcing ‘self-exclusion‘ which in my book makes them guilty of intentional and reckless corporate negligence.

You see when we consider that courts are less willing to cut off liability due to intent, the scope of Liability in Intentional Torts is now a given. The plaintiff would be entitled to see the entire engineering part of the ‘self-exclusion system’ and with the failing it holds whoever goes after house 888 might have a legal setting to regain all their losses. Yet that is merely one online gambling house. The fact that none of them want to truly cooperate gives rise to the notion that too many players don’t want the broken system to be fixed, not until after they got out of it whatever they could and such a knowledge tends to give consideration that the burden on GCHQ will be higher and needs to be higher. Yet will the burden be unjustly set too high? Because that is the clear direction we seem to be going to and that is equally unjust. In the end it will turn out to be a counterproductive situation.

Are you willing to place a bet on any outcome here?

 

Leave a comment

Filed under Finance, Gaming, Law, Media, Politics

Tagged as , , , , , , , , , , , , , , , , , , , ,