Data in the News – September 2019
Welcome to our monthly look at data stories that are hitting the headlines ...
This month it’s Google’s turn to be in trouble with regulators as it is accused of secretly feeding personal data to advertisers by using hidden web pages. It seems these hidden web pages undermine its own policies and circumvent EU privacy regulations that require consent and transparency.
According to the FT, the Irish regulator is investigating whether Google uses sensitive data, such as the race, health and political leanings of its users, to target ads. In his evidence, Johnny Ryan, chief policy officer of the niche web browser Brave, said he had discovered the secret web pages as he tried to monitor how his data were being traded on Google’s advertising exchange, the business formerly known as DoubleClick.
“This practice is hidden in two ways: the most basic way is that Google creates a page that the user never sees, it’s blank, has no content, but allows . . . third parties to snoop on the user and the user is none the wiser,” said Mr Ryan. “I had no idea this was happening. If I consulted my browser log, I wouldn’t have had an idea either.”
According to research by MoneyGuru, your personal identity can be purchased online for less than £800. Criminals can access your bank details, online shopping profiles, social media, and email information, for just £744.30, according to MoneyGuru’s research into the value of logins for 26 of the most commonly used accounts available on the dark web.
This includes usernames, passwords, email addresses and any personal details associated with the account, such as your name, address and phone numbers. The data shows someone’s credit card, debit card, online marketing and PayPal login information can be bought for about £619.40.
Details for Airbnb, British Airways, Uber and Expedia accounts cost as little as £26.40.
Meanwhile, Apple ID, Netflix, Spotify, Tidal and Steam account information is easily purchasable for £27.90.
British Airways is once again at the centre of a security scare after researchers uncovered a flaw with its e-ticketing system. Researchers from Wandera said the flaw could expose passenger data including their flight booking details and personal information such as names, telephone numbers, email addresses etc.
This nugget comes only a few weeks after BA was last month fined a record £183.39 million by the Information Commissioner’s Office for a data breach last year that affected half a million customers.
The truth of what a no deal Brexit will bring is uncertain. In fact the only certainty is uncertainty!
Potential impacts of no-deal Brexit were detailed in a recent leaked Cabinet Office paper. Transferring personal data from most European countries to the UK possibly becoming illegal at 11pm on 31 October? That didn't even make the list.
Although some would say the latter lacks the drama of other possibilities a no-deal Brexit might trigger, a no-deal Brexit looks almost certain to block the open flow of personal data between the European Economic Area and Blighty, at least for a while. Keeping flows open would require some kind of deal on data.
At present, personal data can flow between the UK and the rest of the EEA, and the withdrawal agreement negotiated by the UK and the EU would preserve this until at least 2020. But Parliament has rejected it three times and newish prime minister Boris Johnson has theatrically refused to discuss it with the EU unless it makes big concessions, which it has so far refused to consider.
A poll of economists by Reuters in early August put the chances of a disorderly no-deal Brexit at 35 per cent, the highest level since the company started asking the question two years ago.
Although the respondents are guessing about the future like everyone else, a no-deal Brexit at the end of October at least looks worth preparing for.