In the wake of National Privacy Day this week, I was assaulted by a couple stories – both out of the UK. First, news that the NSA and GCHQ were targeting “leaky” phone apps – a la Angry Birds – to collect user data.
Reports the Guardian:
“The National Security Agency and its UK counterpart GCHQ have been developing capabilities to take advantage of „leaky“ smartphone apps, such as the wildly popular Angry Birds game, that transmit users‘ private information across the internet, according to top secret documents.
“The data pouring onto communication networks from the new generation of iPhone and Android apps ranges from phone model and screen size to personal details such as age, gender and location. Some apps, the documents state, can share users‘ most sensitive information such as sexual orientation – and one app recorded in the material even sends specific sexual preferences such as whether or not the user may be a swinger.”
As a power smartphone and app user I’m appalled at this latest transgression of my privacy, and to what end?
The other piece – this time from the BBC, covers allegations from Edward Snowden that the NSA also engaged in industrial espionage.
According to the BBC:
“Referring to the German engineering company Siemens, Mr. Snowden told ARD: „If there is information at Siemens that they [the NSA] think would be beneficial to the national interests, not the national security, of the United States, they will go after that information and they’ll take it.“”
Now that’s frightening in so many ways.
Look, there’s no way to completely protect your company data, but shouldn’t you at least try? Give your employees the tools they need to sync and share data between their devices, but first, use the systems you already have to identify that data, authorize who can do what with it, secure it and track who uses it, where and for what.
The tools are already there in your data center, why make it easier for governments or hackers to take your data?