It’s time to publicly shame United Airlines’ so-called online security

Dear executives of United Airlines, I have some advice for you. 1: Fire whoever is in charge of your online security. 2: Burn down the building in which they worked; it may be tainted. 3: Salt the ground so nothing ever grows there again, to be safe. 4: Hire somebody competent who will not infuriate your users while simultaneously compromising their security.

I know I probably sound like a disgruntled passenger who just had an unpleasant airline experience. Not so! I am actually fond of United, have flown hundreds of thousands of miles with them, and have upper-tier status with them. But I’m also an engineer who writes about security.

It was bad enough when they replaced their free-form password security questions with drop-down selections — I am not making this up — for “Your favorite artist,” “Your favorite pizza topping,” etc., citing — I am still not making this up — the threat of keylogging malware.

This has already been appropriately eviscerated by Josephine Wolff in Slate, and, in fairness, it’s a kind of idiocy that seems to be common to large organizations. Citibank UK did the same thing for years, before they realized how dumb it was.

The thing that bumbling bureaucrats like United’s security team never seem to realize is: you don’t make your systems more secure by making them hard to use. They will react by trying to make it easy again — by, for instance, picking the first answer in every option, rather than trying to remember both questions and answers that they did not devise and have no resonance for them.

(Similarly, you should not force your users to change passwords frequently, or their passwords will grow weaker, they will write them down in multiple places, etc. I’m looking at you, AOL-which-owns-TechCrunch.)

But even that was merely bad, eyeroll-provoking, frustration-inducing; whereas this week’s compounding sin provoked something more like righteous fury. This week they sent me an email saying:

         Your security questions will also be used as part of upcoming two-factor authentication to further protect your account — you’ll be asked to answer your security questions the first time you sign in from a device that we don’t recognize.

Read More

The Pokémon Go influence on new tech

Pokémon Go has changed the trajectory of the world on a scale just slightly smaller than Google Search and Facebook, but still to a magnitude that will be felt through all industries in the coming years. To many, it looks like a very simple game that incorporates a few unique and compelling features. But this game has taken technologies from niche research and gaming communities and thrust them into the world’s consciousness.

Suddenly everyone understands what “augmented reality” means and how an artificial digital world can be mapped onto the real physical world. Neither of these is new, but they garnered little attention until they appeared in a concrete, compelling and simple free game for every cell phone in the country.

Augmented reality is a technique for layering data from one or more virtual worlds onto the real physical world. It has been demonstrated and used in military situation awareness and aircraft maintenance applications for years. But it has barely escaped these kinds of niche communities.

Overlaying virtual and physical worlds seemed like a plaything for nerds until it was coupled with the ubiquitous cell phone. Then it became a way of enhancing how we interact with everything on the planet, from entertainment and emergency response to education and healthcare, to name but a few.

The mapping of virtual and physical worlds is exactly what Google Maps and all similar apps already do. But those limit themselves to layering information about objects, businesses and buildings, which actually have an almost identical physical presence. We are accustomed to the digital map knowing the route to our destination, the location of traffic jams and the operating hours of a company, as well as and providing customer experience reviews. Each of these comes directly from our older experience with paper maps, telephone directories and newspaper reviews. But creating entirely new and artificial information like PokéStops and PokéGyms is a revelation to most people. This begs the question: “What else can be mapped to the real world?” and “What value can be created by doing so?”

The game app displays Pokémon floating on your phone’s screen and overlaid on the real world immediately in front of you. This seems to be a very clever, though not difficult, trick to use in a game. It creates the simple perception that the digital and physical worlds are not really that separate. They may be just a thin veneer away from merging or interacting in some way. In this initial game foray, any interactions are illusory — but in the future, that might not be the case.

Does any of this matter beyond entertaining mobile games? Can it be applied to fields that impact the way we are educated, protected, served and healed in the real world?

Obvious entertainment apps

A Disney version in which guests find virtual Disney characters while walking around a theme park is one obvious and compelling application. Guests will be enticed to explore new areas of the theme park, enter new restaurants and navigate the gift shops as they pursue a virtual Mickey, Minnie or Donald character appearing on their phone.

The entertainment giant can decide when and where these virtual characters appear, contributing to crowd control, restaurant business, gift purchases and a richer experience in the theme park. The daily parades may be augmented with character capture and even virtual performances that occur on the floats and in sync with the live characters.

Certain characters and assets may appear only at specific theme parks, motivating guests to purchase multi-park tickets so they can capture everything that is available. When coupled with the company’s wristband technology, certain characters, power-ups and valuable digital objects can be made to appear only for guests who are registered at one of the resorts. The ownership of a digital object might also convey a discount at a gift shop or enter the player into a drawing for a character dinner.

Theme parks currently organize wildly popular food and wine festivals. They could similarly organize dedicated Peter Pan days in which all of the characters from those stories appear, to be followed the next week by Pirates of the Caribbean or The Jungle Book. Because these are virtual, the cost to change them out is significantly decreased from physical venues.

Movies can extend their reach beyond the theater and television. Audiences can walk the streets of New York City or Chicago encountering an overlay of their favorite movie at the same location. They can play the mysteries of The da Vinci Code while visiting The Louvre. Augmented reality can display the buildings of Star Fleet Academy on the streets of San Francisco. Or view the rubble of the destroyed city of Chicago in the Divergent series while you walk the Miracle Mile. See virtual characters rappelling down the sides of real buildings, just as they did in the movie.

Video games can also be navigated via the real world. Build your Minecraft world directly on top of your real house, in your own backyard, or augment your school building with the characters of your own choosing. Imagine a quiet school hallway which, when viewed through your cellphone game, is actually teeming with dozens of crazy animals that were created and placed there by the students themselves.

Museum displays can come alive, showing the painter creating the work from the beginning right in front of you and overlaid with the location of the actual finished painting. Or view Italian sculpture as it appeared when it was new and standing in the original courtyard in which it was displayed.

The number of entertainment and education applications has almost no boundary. So little has been done that everything lies in the domain of the possible future.

Compelling healthcare apps

When a guest at a hotel, restaurant, mall or theme park collapses with a heart attack, can you find the nearest defibrillator device? They are everywhere in our society, but completely invisible in an emergency. Open your Emergency Services app and see a local map with the location of every AED, fire extinguisher, fire alarm and emergency phone clearly displayed. The app will guide you quickly to exactly what you need.

You are 80 years old and can’t remember where you left your prescription bottle. With a smart bottle and the Pokémon Go map technology, simply open your phone and it will guide you straight to the bottle. But, did you take your pills today? The same smart bottle places a floating poké-pill in your phone and you “capture it” by taking a pill out of the bottle and making the motions to ingest it. If you do not take your pills for several days, there are multiple poké-pills floating on the bottle’s location.

But the app is smart enough to know that the solution is not to take them all at once to catch up. Instead, it encourages you to take only 1.5 or 2 doses to catch up (or whatever is medically appropriate). Then the game servers keep track of your mistake and notify a care provider if there is a potential problem developing. Using a telemedicine app, a nurse practitioner can call you directly to discuss the situation.

If you have home care monitoring equipment, you can take your temperature, blood pressure, heart rate, weight and even blood chemistry. That data can be overlaid on the face-to-face video call so the healthcare provider can maintain direct contact with you while also viewing all your vital statistics.

A cell phone can become the most important piece of healthcare equipment in the world.

All of these possibilities have been unleashed by the reboot of a 20-year-old Japanese card game targeted at children. There is really no question about whether some of these applications will be created. The real question is how fast will they appear and how many it will take before this technology touches 100 percent of the population of the country.

Read More

The IoT threat to privacy

As the Internet of Things becomes more widespread, consumers must demand better security and privacy protections that don’t leave them vulnerable to corporate surveillance and data breaches. But before consumers can demand change, they must be informed — which requires companies to be more transparent.

The most dangerous part of IoT is that consumers are surrendering their privacy, bit by bit, without realizing it, because they are unaware of what data is being collected and how it is being used. As mobile applications, wearables and other Wi-Fi-connected consumer products replace “dumb” devices on the market, consumers will not be able to buy products that don’t have the ability to track them. It is normal for consumers to upgrade their appliances, and it most likely does not occur to them that those new devices will also be monitoring them.

After an Electronic Frontier Foundation activist tweeted about the unsettling similarity of the Samsung Smart TV privacy policy — which warned consumers not to discuss sensitive topics near the device — to a passage from George Orwell’s 1984, widespread criticism caused Samsung to edit its privacy policy and clarify the Smart TV’s data collection practices.

But most people do not read privacy policies for every device they buy or every app they download, and, even if they attempted to do so, most would be written in legal language unintelligible to the average consumer. Those same devices also typically come with similarly unintelligible terms of use, which include mandatory arbitration clauses forcing them to give up their right to be heard in court if they are harmed by the product. As a result, the privacy of consumers can be compromised, and they are left without any real remedy.

Increased corporate transparency is desperately needed, and will be the foundation of any successful solution to increased privacy in the IoT. This transparency could be accomplished either by industry self-regulation or governmental regulation requiring companies to receive informed and meaningful consent from consumers before collecting data.

Generally, industries will respond if their customers demand more privacy. For example, after surveys revealed that new-car buyers are concerned about the data privacy and security of connected cars, the Alliance of Automobile Manufacturers (a trade association of 12 automotive manufacturers) responded by developing privacy principles they agreed to follow.

Businesses can self-regulate by developing and adopting industry-wide best practices on cybersecurity and data minimization. When companies collect user data, they must take responsibility for protecting their users; if they do not want to be responsible for the data, they should refrain from collecting it in the first place.

Some companies, such as Fitbit, embed privacy into their technology. The benefit of industry self-regulation is that each industry can create standards specific to the needs of their customers and the sensitivity of the data they collect.

Layered privacy policies should be a best practice adopted by many industries, and Creative Commons licenses could serve as useful models. Those licenses have a three-layer design: the “legal code” layer, the “human-readable” layer and the “machine-readable” layer.

The “legal code” layer would be the actual policy, written by lawyers and interpreted by judges. The “human-readable” layer would be a concise and simplified summary of the privacy policy in plain language that an average consumer could read. The “machine-readable” layer would be the code that software, search engines and other kinds of technology can understand, and would only allow the technology to have access to information permitted by the consumer.

These best practices would make tremendous progress in protecting the privacy of consumers, but they are not enough. Companies must be legally bound to the promises they make to their customers. The use of pre-dispute mandatory arbitration clauses in terms of use have become standard in many industries. These clauses deny consumers their right to pursue a remedy in a court of law, usually without their knowledge, because they are buried in indecipherable fine print.

The Consumer Financial Protection Bureau has found that arbitration clauses’ bar on class actions further hurts the public interest because lawsuits often generate publicity about a corporate practice, and, without them, consumers may not have access to that information. The agency has therefore proposed prohibiting mandatory arbitration clauses for most consumer financial products and services.

The Department of Education has also proposed a rule that would prohibit the use of pre-dispute mandatory arbitration agreements by for-profit schools, giving students who have been exploited the right to sue their schools. The Federal Trade Commission should consider proposing a similar rule that would prohibit the use of pre-dispute mandatory arbitration agreements by companies that sell IoT products.

Because this is such a complex problem, involving countless industries and implicating various privacy concerns, an adequate solution will require participation by consumers, businesses and the government. Consumers must demand to know what data is collected and how it is used. Industries should develop best privacy practices that match their customers’ expectations.

The Federal Trade Commission should bring enforcement actions for deceptive practices against companies that do not comply with their own privacy policies, holding them accountable to their customers. It should also consider prohibiting pre-dispute mandatory arbitration clauses, so that consumers can have a cause of action when their privacy is violated.

But before this can happen, consumers must demand to know what data is collected by their devices in the Iot.

Read More

A prescription for preventing 3D printing piracy

In the year 2000, the music business was still strong. Record companies produced albums and shipped these physical objects to the stores that sold them. The internet was slowly becoming a system of mass consumption and distribution, but most consumers still purchased physical media. And while the record industry was aware of piracy online, the threat seemed minimal.

Then came Napster.

The music industry tried to stop this large-scale piracy by pursuing both the platforms and individual downloaders — including poor college students. But public opinion turned against the industry. After all, stealing digital music is intangible; it’s different than physically swiping actual CDs or tapes from brick-and-mortar stores. And while today many people access their music legally, it’s safe to say that music industry revenues have yet to recover.

What do pills have in common with MP3 downloads? More than you might think

3D printing, another revolutionary and disruptive technology, makes it cheap and easy to produce physical objects. And just as home copying has changed the copyright industries beyond recognition, 3D printing is poised to do the same to patent-based industries.

That means practically any business that makes physical objects will potentially face a Napster scenario. It may not happen to everyone, but as printer technologies improve and more materials — such as proteins, specialized polymers, metals and other chemicals — become available for printing, it will happen to many.

Take the pharmaceutical industry. Just like a musical recording, where most of the costs are incurred while producing the initial release (hiring the musicians, booking the studio, editing and the like), the bulk of the cost of developing a new pill goes into the front end: research and development, clinical trials and getting through the FDA approval. In fact, the raw ingredients may cost only a few pennies. And 3D printing — or digital manufacturing and distribution, as it’s also known — will make reproducing and delivering these pills, lawfully or unlawfully, much easier.

Houston, we have a (patent) problem

If people felt sorry for those poor college students being picked on by the big music industry, imagine how the public will feel about patients with inadequate insurance availing themselves of necessary but pirated prescriptions.

Digitally manufactured pills are not far off. In 2015, the FDA approved the first 3D-printed pill, Spritam levetiracetam, an epilepsy drug manufactured by Aprecia. The manufacturer claims that the 3D-printed pills are actually more effective, because their layered structure is more easily absorbed by the body, courtesy of the way 3D printers work. With 50 patents on its unique proprietary process, the company also claims that its IP is protected. Aprecia may be the exception today, but it has proved that medicines can be printed.

The pros and cons of a DIY maker culture

Despite the potential for threats to IP, 3D printing promises a wealth of benefits, like customization, both to consumers and, if they handle things right, manufacturers. With 3-D printed pharmaceutical medications, doses can be readily tailored to the needs of each patient, much like when pharmacists compound ingredients to make a custom pill for each individual. Likewise, prosthetic limbs are being created to fit each patient exactly.

That is not the only positive aspect of 3D printing. As printers get cheaper, they’ll no doubt begin to appear in pharmacies, which will print pills only as needed, cutting down on costly waste, spoilage and storage. That’s terrific news for the pharmaceutical industry, but there’s a darker side, too. In time, nearly anyone will be able to make the components for almost anything — patented or not, protected or not, dangerous or not.

If a 3D printer in every home sounds a bit far-fetched, a forecast by Gartner predicts that 3D printer shipments will more than double every year between 2016 and 2019, and notes that lower-end models, like those costing less than $2,500, are expected to grow to 40.7 percent of offerings by 2019. Gartner also predicts upwards of $100 billion loss a year in intellectual property worldwide because of 3D printing, because of not only pirating, but industry disruption.

Planning strategically now for a 3D-printed future

Much can be learned from how various industries have dealt with new technology. For the music industry, Napster met the effective end of legal exclusivity in copyrights. When distribution channels shifted and everyone with a computer could download and reproduce songs, copyright became hard to enforce. As soon as a record company sued one infringer, another popped up, like a nightmarish game of Whac-A-Mole. As a result, the value of the copyrights quickly degraded.

However, as we have also seen, not all IP or the products it protects will go down in value. Some things will become more valuable — and that’s where today’s executives should prepare.

There are numerous ways companies can proactively plan for the impact that 3D printing technology will have on their business. By investing in quality control and supply chain protection now, pharmaceutical companies, for example, can protect their patents and their market share by ensuring that their supply chain is pure, that their quality is guaranteed and that their customers are getting a safe medication, even when that reassurance costs more. This will appeal to consumers who want to be sure they are getting the real deal when it comes to medication — FDA-approved and quality controlled — not an illegitimate knock-off.

Preparing for the ways that 3D printing will affect the market doesn’t always have to be costly or go against the grain. For example, appliance or automobile manufacturers may encounter sales loss if third-parties 3D print replacement parts at a lower cost than those that are manufacturer-issued. Instead of fighting against this likelihood, manufacturers would do well to adopt the third-party business model of 3D printing spare parts to order. This reasoning can apply not only to heavy manufacturing, but also to medicine, bringing down the costs of so-called “orphan drugs,” those currently not manufactured because of their low potential for profit.

Alternatively, manufactures could skirt similar issues by creating a design that requires a specific type of material, one not compatible with 3D technology. Materials and shapes that have to be mixed or joined in certain ways, for instance, do not easily lend themselves to digital manufacturing technology. Remember, though, that when financial incentives combine with evolving technologies, these types of plans may be short-lived.

Even with the advent of 3D printing, we will still live in a world where legitimate businesses are engaged in the licensed manufacturing and distribution of copyrighted works and respect intellectual property. Patent owners could license manufacturing rights to legitimate 3D printing companies — the official 3D printer of Nike products, say — in which only authorized entities could make the official products. That way, patent owners would get income, 3D printing companies could develop new markets and buyers could get legitimate, quality-controlled products.  This could be done with branded and lower-cost white labelled options.

Along with all the good that digital technology can bring, a major challenge to patents and other forms of intellectual property may be in the offing. Major industry disruption will soon follow. Only this time, with changes perhaps as long as five to 10 years down the line, manufacturers have time to prepare for it and pivot.

Read More

The human role in a bot-dominated future

Imagine a world where bots are ubiquitous… a world where nearly every online interaction takes place with a Siri, Alexa, Cortana or some soon-to-be-named artificial being. Here, banking is a breeze, as a customer service bot can quickly extrapolate your banking preferences from your online search history. In this world, your cupboards and refrigerator are always full, because your groceries are reordered every week automatically, based on consumption data.

But in such a world, where bots provide the ultimate convenience of a futuristic lifestyle, is there still room for human help?

At the most recent F8 Conference, Facebook CEO Mark Zuckerberg made some bold claims about a bot’s place in the future of commerce. Using 1-800-Flowers as an example, Zuckerberg argued that by integrating bot chats into the sales process, a customer would never have to dial 1-800-Flowers or speak to a human again. In theory, using chat with bot support can expedite the buyer-seller interaction and bring the consumer closer to a sale. While Zuckerberg may be correct to say that customers much prefer chat interaction to using the phone, we can’t necessarily leap to the conclusion that their preference includes chatting with a robot.

Human interaction is, and has always been, vital to a high-quality customer experience. Even Facebook supports this claim, as they’ve partnered with several companies to help with the hand-off from bot to human during live chats. Facebook COO, Sheryl Sandberg, has publicly stated that, “…we simply don’t have the technology yet to actually imagine that a bot could replace humans in the sales process.”

So, what is the human role in a bot-dominated future?

Remember that frustration every time you call customer service and end up with an automated voice (IVR)? That’s where we are with bot chats. And guess what happens every time a bot fails? You end up talking to a real, live customer service representative — back to square one.

There’s no doubt we’ve come a long way with artificial intelligence, but for the strides we’ve made, we’re still a ways away from the creation of a bot that can successfully pass all facets of the Turing test. While a bot can handle a good portion of a conversation with a human, there will undoubtedly be times when it gets confused and fails (especially when it comes to switching from one topic/area to another). In these situations, your bot chat gets handed over to a human to complete your engagement.

Even with all the buzz today, the bot is nothing new. In the late 1990s, when AOL Instant Messenger was all the rage, I remember chatting with SmarterChild. At its core, SmarterChild was essentially an early version of a bot. You could chat with it about school, life or sports — much like you would do with your real friends. SmarterChild worked great (most of the time) and seemed quite sophisticated. Though, in fairness, a majority of the chats were conducted by twelve-year-olds.

So, the real question today is whether the bot is really going to define the future, or are we all just falling for the same hype we did when we were ‘tweens?

To answer this question, it’s important to understand the technology behind a bot. While we’ve seen tremendous strides and advances in computer technology and software development over the last 20 years, bot technology has essentially been siloed into two categories: those based on simple logic trees (SLT) and those that rely on natural language processing (NLP) or machine learning (ML).

An SLT bot relies on the traditional logic tree to gather information and redirect the user. For example, an insurance bot may ask several questions to determine which policy is ideal for you. If your answers match what the bot has anticipated, the experience will be seamless. However, if your answers stray from those predicted and stored in the bot database, you might hit a dead-end. If you’re lucky, you’ll be handed off to a human to complete the interaction. If you’re not, you’ll end up in bot purgatory. Most bot technology today relies on SLT.

An NLP and machine learning (ML) bot is meant to function more like a real conversationalist by picking up keywords and phrases from the user’s input to gather information, instead of requiring direct answers to specific questions. In theory, this category of bot sounds like the better option. Examples of this type of bot are Apple’s Siri and Amazon’s Alexa.

While Siri and Alexa are pretty good at simple functions like giving the weather or telling a joke, they still have a ways to go with complex functions and lengthy commands.

Regardless of whether you are engaging with an SLT or NLP bot, the likelihood of ending up needing to speak to a real person is incredibly high. SLT bots often lack the complexity we expect from technology today, while we are unable to fully utilize the technology necessary for NLP or ML bots at this point.

Fortunately, customers enjoy the efficiency of interacting with a real person. While the trend is moving away from long, formal conversations, customers still expect the same quality of service from chat, whether live or bot. In fact, a recent study by American Express found that 78 percent of customers have bailed on a transaction or not made an intended purchase because of a poor service experience. The same study also found that 67 percent of customers have hung up the phone out of frustration when they could not talk to a real person. In most of those cases, the customer was forced to endure a dialogue with a bot.

We will likely see a two-stage industry transition as we attempt to adopt bot technology into daily transactions. The first will be very human interaction-intensive, as real people will be required to take over every interaction that a bot fails to handle. The risk of a poor customer experience is simply too much for top brands to stomach, so staffing their engagement centers to take over when the bot fails will be a very real side effect.

It seems inevitable that at some point ML and NLP will allow for a bot to become more intelligent, to a point where the failure rate is minimal. At that time, it isn’t unreasonable to believe that a majority of interactions will take place on bot channels. Will the bot channels stand alone, or will they be integrated into the existing channel landscape? If they exist on their own, what happens to the other channels?

In a scenario where the preferred customer engagement moves away from a brand’s website and onto a bot channel like Facebook Messenger, a question of scale is presented. Even with low failure rates, the number of human hand-offs will most likely grow because of the sheer volume of engagements that will likely occur.

It’s more than likely that we’ll see exponential adoption of bot technology, but human capital for engagement is both inevitable and necessary for sales and customer support. Depending on the lifetime value of the customer and the margin of the product, the specific value of an engagement with a real person can be very significant.

As we prepare for a more automated future, it’s important to not forget about the role of the human in engagement. And, as great as R2-D2 was in “A New Hope,” we all must remember that there was a human in that bot.

Read More

It’s okay for Pikachu to watch you — as long as you want it to

Millions who downloaded the new Pokémon Go app are living in a brave, new, augmented reality world. For the early adopters (meaning apparently everyone you know) on iOS devices, it meant unknowingly granting Pokémon Go the permission to fully access their Google accounts.

You’ve got to risk it all to catch ‘em all, right?

Wrong. Thankfully Niantic, the company that developed Pokémon Go, acknowledged the mistake and issued a fix. Pokémon Go modified its implementation to request only “basic profile data” — user ID and email address — from Google accounts.

This brings me some peace of mind as my 15-year-old roams the park, my office, the supermarket and the park again in search of furry creatures. Yet, although the company’s privacy policy is thorough, I am left with the lingering sense of unease I feel with almost every other app. I am okay with their treatment of my son’s data today, but it’s up to the company if they want to change the way they use or share his data tomorrow.

Developers need to collect data from users to create apps and experiences like Pokémon Go, but we often feel resigned to choose between Pikachu or privacy. A University of Pennsylvania study published last year found that 58 percent of Americans have come to accept that they have little control over what companies can learn about them, even though they would like to be in control.

It doesn’t have to be this way. Businesses must be intentional, responsible and clear about the data they collect, and provide their customers with real choices. Powerlessness breeds mistrust, and a system based on mistrust benefits no one. On the other hand, earned trust drives adoption and lasting success.

There are three simple steps companies can take to earn trust:

-Stay lean. Do you need to know when someone is scheduled for a doctor’s visit? Do you need access to their 27 selfies in front of a national monument? Focus on the data you need and leave the rest alone.

-Build in security. There is no one-size-fits-all security solution. The volume and type of data to which your company has access will determine the appropriate security measures.

-Engage your consumers. Help people see the value you’re bringing to them by using their data. Chances are they will be happy to trade in their data for a customized experience.

This doesn’t mean consumers are off the hook. We shouldn’t just shrug and breeze through privacy notices accepting whatever permission levels are required. We don’t realize just how powerful we can be if we take full ownership of our data. Replace “data” with the word “dollars” and the value exchange becomes a lot more tangible. Indifference and inaction toward data collection become a lot more absurd. Information is currency.

As the lifeblood of any business, consumers have a unique opportunity to leverage their trust as a way to regain control of their data. Opting out is the most direct path, but not necessarily the right one for you (or the most fun).

Here are a few other things people can do to take back control of their data:

-Learn about and use the privacy and security settings on your computer and phone and help others to understand how they work.
-Take it to social media and spread the word about the companies that do great things, as well as those that do “bad things” around data.
-Support organizations that advocate for better privacy, and use products built with a focus on privacy.

Today I am choosing to trust Pokémon Go with my son’s data, because I have read and understood the terms. But I am just one person, and I happen to be a lawyer. In the long term, we need a commitment from both companies and consumers to make conscious choices about data.

Read More

SurveyMonkey study finds social media apps ruled mobile in first half of 2016

A new study from SurveyMonkey Intelligence revealed the 30 most-downloaded and most-used apps in the American iOS and Android app stores so far this year.

Social media apps like Facebook, Snapchat and Instagram ruled over mobile games in the first six months of 2016.

Because Pokémon Go was released in the U.S. on July 6, that wildly popular new title didn’t even show in the rankings. Only one game cracked the top-10-most-downloaded list, Slither.io. And no game titles appeared under the top 30 most-used apps in the U.S.

Music apps made a strong showing, ranging from expected entrants like Pandora and Spotify to newer entrants (Musical.ly).

As well-intentioned as their developers may be, health and fitness apps didn’t crack the top 30 in either most-downloaded or most-used rankings.

The report found that, as is typical, the most-downloaded apps are not the most used.

The top five most-downloaded apps were Messenger, Snapchat, Facebook, Instagram and Color Switch, whereas the top five most-used apps were Facebook, YouTube, Messenger, Google Maps and Play Store.

To find something that isn’t owned by either Facebook, Apple or Google on the most-used app list, you need to go down to the 13th slot where Snapchat is ranked.

“Fully 40 percent of the most-used apps come pre-loaded on the operating system, highlighting the importance of Android and iOS to Google and Apple, and giving some insight into Facebook’s ongoing desire to control this deeper layer of the stack,” the report said.

Here are the full charts:

Read More