When to Change Platforms?
A group forum at Slashdot.
Add comment March 6th, 2008 Joel
The Price of Using Personal Data
Great article by Cory Doctorow at the Guardian on the ease with which we require personal data from consumers and the immense responsibility of protecting this personal data—a responsibility that is often overlooked when we decide as a company that we “need” that data.
He writes: “The world’s toughest privacy measures are as a wet Kleenex against the merciless onslaught of data acquisition. Data is acquired at all times, everywhere.” He then details an experience that we in the U.S. won’t find all that foreign: having to hand over all sorts of personal data (”name, home address, phone number, email and so on”) in order to purchase a monthly travel card for the London Underground. Yeah, we here in the States have heard of that practice—ever try to go into a grocery store and sign up for one of their “preferred shopper” cards that are required to receive sale prices at the register? And why would they need your phone number? To call you about all the great deals you’re missing out on any given week?
Doctorow’s point is this: we’ve got all this data out there, but it’s pretty obvious that no one’s getting the importance of having it out there, even after giant debacles like (in the U.K.) the HMRC (Her Majesty’s Revenue and Customs) data breach that exposed the personal and financial data of 25 million British citizens, as well as the corporate and government data breaches here in America. Remember Ohio? The GAP company?
With the Real ID Act of 2005 regulations coming into effect soon, we’ll also have ID cards that contain even more information encoded on that little strip of bar code, much more damaging info like Social Security numbers, birth certificate info and the like, all gathered into one, big, national database of everyone’s info. The benefits are demonstrable, sure, but the costs and responsibilities? Scary, if you ask me.
Add comment January 23rd, 2008 Joel
Wikia Search Goes Live—The SEO Community Holds its Collective Breath
Well, Jimmy Wales and Wikia released an early version of Search Wikia two weeks ago. It’s been in the works for quite a while, and brings the Wikia Foundation’s vision of a freely-licensed user feedback oriented search engine to fruition. It’s also the open source search engine that’s most threatening to proprietary monoliths like Google, whose secret algorithm has spawned a whole industry of search engine optimization experts, consultants and literature.
It’s not that Wikia’s destined to topple that tower, anytime soon or at all. But with the enormous popularity of its contributor-fed enyclopedia Wikipedia and lesser-known Wiktionary, Wikitravel and other information sources, Wikia’s got an immediate and worldwide user pool from which to draw. Since creating an inroad into such a monopolized industry is close to impossible for the lack of such an audience, it will be interesting to see over the next few months and years whether or not Wikia can capitalize on their previous success, or is doomed to failure.
A few preliminary observations:
- Searching for a consumer information term (my test was “bankruptcy”) yields a combination on the first page of 1) legal org websites (http://www.nacba.org/), 2) consumer ad-based, lawyer-location services (http://bankruptcy.findlaw.com/), and 3) spam (won’t post links because why would you care?). My gut tells me the spam sites won’t be up for long if Wikia gains any amount of popularity, since it’s these that users will push down first. However, the difference between the legal organizational websites and the lawyer brokerage (or finder services, whatever) is a little different. Some of the latter LOOK spammy, but they’re providing an actual consumer service with the lawyer-locater service. It will be interesting to see how users classify these sites, and whether Wikia will only rely on feedback or will rely on user habits as well to determine site value, like Google does.
- Searching for a specific company term (I used “eBay”), the results are a little strange from what Google shows. The top site is, in fact, eBay, but the URL listed is a redirect, not the company’s home page. When you click on it, you get to the home page, but through this redirect URL. This is likely because Wikia doesn’t have the site map submission feature that Google does. I must say, it’s not very user-friendly without that. The second site is the German eBay site, then third UK. Germany shows up again twice more on the first page (eBay stores dot DE, then eBay motors dot DE). The fifth site hit is a map showing the actual date and time at eBay. Hmmm… This term could use a bit of work. Of course, you can tell where early users are located, since the German sites are all ranked a full five stars by users, presumably in Germany. If they’re not going to determine a location based on IP, then it’s not going to make finding things very easy.
All in all, some interesting first experiences with Wikia. We’ll all be watching carefully to see where it goes from here.
Add comment January 22nd, 2008 Joel
SMB Legal Cases: eBay v. Innovate!
Midway through 2007, eBay seller Osvaldo Izquierdo Colon was greeted by takedowns of his auctions by high-performance car parts manufacturer Innovate! Technology, on an allegation that by selling its car parts on eBay at substantial discounts, Colon was violating a “Minimum Advertised Pricing” agreement that Innovate! maintains with its “authorized distributors and retailers.” Using this reasoning, Innovate! took down over 100 of Colon’s car parts auctions.
What’s interesting about this particular case is that Innovate! claimed in addition to the unauthorized pricing on its products, that Colon committed copyright infringement of its intellectual property by including user manuals with the car parts up for auction.
To stop all of his auctions from being taken down, Colon sued Innovate! in a district court to prove that he was not infringing any intellectual property copyrights. And that’s where eBay comes in.
Innovate! decided that one small unauthorized dealer was not going to bring a big enough haul to justify their legal fees, so in court they stated that eBay had legal liability in the matter for the repeated infringements of its sellers. Normally, eBay steers clear of getting involved in infringement disputes, only serving to take down infringing items and the like at the request of sellers and other individuals.
But when they found out that Innovate! was dragging them into court, they sued Innovate! as well for abuse of the DMCA process.
Of course, protecting its prices as a specialty product manufacturer is vital for a SMB like Innovate!. The courts are excellent recourse for a company to stand up to stealing of its business or ideas in any form. However, Innovate! seems to have gotten greedy and therefore made itself vulnerable on both the additional copyright infringement allegation—which the seller, Colon, may have had a good case against in court, as evidenced by Innovate!’s choice to go after a bigger fish in eBay—as well as its decision to implead eBay and face the legal whipping that a major corporation like eBay can give.
Copyright infringement law can be a SMB’s best friend, because it can help smaller businesses compete in a large market based on protection of innovations and ideas. But it doesn’t make anyone bulletproof, as the collectively-gulping execs from Innovate! can surely attest.
Add comment January 7th, 2008 Joel
Guess What Percentage of All E-Mail is SPAM
If you said almost 100 percent, you’d be pretty close to the truth, according to a new study published by Barracuda (blogged by CNet as well). Their annual spam report claims that anywhere from 90 to 95 percent of all e-mail is spam. That’s pretty amazing!
In 2001, the percentage of spam was only at 5 percent, and it grow exponentially to around 70 percent in 2004. Now, we’re buried in the stuff, according to Barracuda.
Of course, whenever you read a report like this issued by a company whose livelihood is made by preventing or stopping the source of the catastrophe, you’ve got every right to be skeptical. But don’t let it stop you from being very afraid that at this rate, we’ll reach 100% by next year.
…wait….
Add comment December 12th, 2007 Joel
Blogger Anonymity Under Fire
Constitutional rights proper don’t usually come up when you’re talking about B2B marketing strategies or company/client relations. Legal matters in those arenas are generally more of the copyright infringement, identity and data protection, and regulatory compliance.
However, with the growing popularity of blogs for businesses trying to reach potential customers in their fields, a few recent news stories have raised issues of blogger identity facing anyone who writes or posts on the Internet.
Bloggers writing under psuedonyms at datruthsquad.blogspot.com and orthomom.blogspot.com have faced lawsuits in separate cases over alleged defamatory remarks made by the bloggers themselves and individuals who posted comments to blog posts on their respective sites. The comments involve criticism over political issues, in both cases of the local variety.
In both cases, plaintiffs have filed subpoena requests to Google to reveal the identity of the blogger in question, including account information, e-mails and other data that Google might have. The request in the Orthomom case, which received a court decision early last month, was struck down by the New York Supreme Court, citing the U.S. Constitution as the foundation for its decision and the freedom of speech it grants citizens to make political commentary anonymously.
The case of daTruthSquad, which has followed a very similar trajectory, has yet to be ruled upon. But the Electronic Frontier Foundation filed a motion to quash the Google subpoena, and all signs point toward a ruling in favor of the blogger.
Of course, many SMB bloggers may not find themselves in a remotely similar situation, since company blogs for the purpose of customer relations are less likely to involve anonymous writing, and certainly even less likely to involve political commentary that might result in legal action (i.e., generally local in nature). Company-sanctioned writing activities in general don’t enjoy the same legal protection that private citizens do, especially if it involves mud-slinging toward a competitor. That can be a big no-no.
However, exceptional cases are the most tricky in a legal sense, and so company bloggers should be aware of the power of anonymous writing. Often company bloggers are personal bloggers as well, splitting their writing styles and subject matter accordingly. In any case, for all of us writing out there, it’s an issue that should be well studied for any possible personal application.
Add comment December 7th, 2007 Joel
British Government Considers Criminal Penalties for Data Breaches
Recently, the UK information commissioner has challenged organizations, including the British government, to take data protection more seriously by calling for criminal penalties to be levied on organizations who “knowingly and recklessly flout data protection principles.”
This response comes from a high-profile data breach at Her Majesty’s Revenue and Customs (HMRC), which had a laptop containing taxpayer records from various financial institutions stolen from an employee’s car last month. Other recent UK agencies and businesses that have experienced loss or theft of data include the National Health Service, a Southend children’s social service agency (whose stolen laptop was put up for sale on eBay!), Serco and Marks & Spencer.
Of course, recent data breaches profiled on this blog in the United States include the GAP company, as well as the state of Ohio.
However, the House of Lords in the UK is taking the information commissioner’s recommendation seriously as a state mandate. According to the commissioner, Richard Thomas, the Information Commissioner’s Office would only impose the criminal negligence penalties for “blatant” acts that were indicative of “gross negligence”; they would not likely prosecute an isolate incident of forgetting a laptop in a car unless that were the result of a larger, chronic data security problem.
With data standards like HIPAA and Sarbanes-Oxley in the United States, criminal and civil sanctions have been part of our vocabulary over the past half-decade or so. However, with no centralized technology officer or commissioner and office like Britain boasts, the enforcement of these standards has been inconsistent, and enactment of these and competing regulations has been slow and reactionary. If such a measure does pass in the UK, it could mean a greater hand for the British ICO, which recently handed out financial penalties to 11 financial institutions for lax data security. Clearly, Thomas and his office are interested in active enforcement of these laws.
Add comment November 20th, 2007 Joel
More Political Spam—’Bots for Ron Paul
In a followup to my last post on boundaries between political campaigning and spamming, I’ve been struck by the news passed on recently by several news sources about spambots campaigning for Republican candidate Ron Paul.
Paul’s campaign has been marked from the start by a massive online presence that sets him apart from not only Republican candidates but also Democratic candidates as well. Paul’s grassroots, online efforts have led to tangible results in the form of exceptional monetary contributions that have made the campaign as well-funded as those of leading, name Republican candidates. Yesterday this fundraising enthusiasm came to a head when Paul’s staff reported contributions reaching $4.2 million in a single, 24-hour period of time during a major funds push.
But some of Paul’s supporters have been overzealous, it seems. Many spam administrators have seen a rise in e-mails with titles such as “Ron Paul Stops Iraq War!” or “Vote Ron Paul 2008!” and the requisite spam-blocker-defeating gibberish at the end of the e-mails. No one’s sure quite who’s doing it, but the consensus seems to fall on misguided supporters. Paul’s been praised extensively on sites like Digg and YouTube, and supporters have crashed political blogs and forums with pro-Paul rhetoric, raising the question of whether or not strategic online support by a small band of loyal followers is just that, or a botnet. If the effects are the same, what IS the difference??
An E-Commerce News article on the topic offers another option: the spam could be coming from an opponent, banking on spam’s evil reputation to discredit Paul. The secondary effect of that blow is that spam e-mails with links to YouTube, for example, cause YouTube to remove the videos linked. For a candidate like Paul, who can’t get as much mainstream media visibility, those removals are key.
Spam is a powerful tool, originally because it’s so easy to create and send, but now because the backlash against spam carries all sorts of implications for companies and other organizations who send business e-mails to clients and potential clients. A charitable fund drive, a new product, a new website or online networking tool or affiliation…if you’re using technology to grow your business as you should be, you’ll want to get out word of your innovations or new practices.
And if an online fund raising machine like Ron Paul could be derailed or at least tarnished by the very means that got him to his current, enviable position, then watch that your marketing don’t cross over into questionable areas involving spam or other disreputable practices. The backlash could be greater harm than the campaign was help.
Add comment November 6th, 2007 Joel
“Fundraising Creativity” or Spam?
Though this post isn’t directly on the topic of IT security or business strategies with managed services, I believe the subject matter could be useful food for thought for SMBs or organizations seeking creative ways to contact clientele.
A political article popped up in my blog roll this morning about an “innovative” fundraising approach by Senator Chris Dodd, a Democratic presidential candidate who has been overshadowed by the superstar names running for the Democrat ticket but perhaps saved any chance of campaign success by a solid showing at the NBC debate this week.
The article recounts how Dodd has taken the approach of addressing campaign contributors and others on his mailing list with a more personal style—writing in a casual tone, addressing the recipient as “friend,” signing the e-mail with his first name only. The thing that caught my attention in particular was the subject line Dodd decided to use: “Fw: Re: Update?” A previous e-mail started his faux-internal-e-mail approach, with a heading of “Real Quick.”
Let’s see…feigning friendship, asking for money…when you add the fact that Dodd includes a link in the body of the e-mail to his campaign contribution site, most e-mail users will recognize the fact that Dodd’s e-mail won’t make it past spam blockers. And then, if you stop to think about it, you’ll realize there’s a good reason why it won’t: it IS dangerously close to being spam.
Now, a person on the Dodd mailing list has opted to receive the mailings, so the “unsolicited” element to UBE isn’t applicable. But still, if a standard SMB approached customers in this way, it could feasibly be illegal under the CAN-SPAM Act of 1993, depending naturally on if it followed the measures stipulated by the law.
Of course, political spam, either supporting or smearing a candidate, has been sent extensively over the last few years with impunity, so it should be no surprise that Dodd’s tactics are not only considered above the law, but innovative and commendable.
Funny world. Since most political campaigns have become big business entities, with all of the money needed to have a chance at winning an election, we in the SMB industry should be the first to notice the double standard involved here.
Now THAT’s personal….
Add comment November 2nd, 2007 Joel
How Much Do You Spend on Security?
Here come the numbers…
A recent study by the Computing Technology Industry Association covering 1,070 various organizations around the world revealed that the average IT budget in 2006 devoted 20%, or one-fifth of the entire budget, to security. The last few years show a distinct trend in this budget allocation area: 2004, 12%; 2005, 15%; 2006, 20%.
One might be quick to point to growing concerns over spam, viruses, phishing and other security threats to the small and medium sized business as instrumental in this rise over the past three years. However, a study by Merrill Lynch profiled in ITNews demonstrates that, according to 50 North American CISOs, compliance requirements rather than security concerns are the number one motivating factor behind increases in security software purchases.
It’s great to note that the HIPAA and Sarbanes-Oxley compliance requirements regarding data security are motivational to CISOs. Any business will fall under at least one of these federal mandates, since the Sarbanes-Oxley accounting practice requirements apply to any business, not just a major corporation. And touting tight security of customer data with a more voluntary measure like the PCI DSS requirements for credit card information is a great way to gain traction in the area of customer confidence and loyalty.
Add comment November 1st, 2007 Joel