Feeds

EFF report identifies which internet firms 'have your back' on data

Twitter is tops, but big-name fails from Verizon, Apple, and others

3 Big data security analytics techniques

The annual Electronic Frontier Foundation (EFF) report on data protection among online firms has shown lax privacy standards among some of the biggest names in the business when the government comes knocking at the door.

A total of 18 companies were assessed on their privacy policies and T&Cs, stated procedures for handling government data-mining expedition requests, and their overall level of transparency. These factors were then ranked alongside what they'd actually done in the real world when asked by the authorities, plus any lobbying efforts undertaken on the issues in Congress.

The report's dunces were Verizon and MySpace, with both companies getting zero out of a possible six gold stars (a curiously child-like scoring system, in this hack's opinion), with Apple, AT&T, Comcast and Yahoo! only scraping a single star apiece. Amazon and Comcast managed two stars each.

"Apple and AT&T are members of the Digital Due Process coalition, but don't observe any of the other best practices we're measuring. And this year, as in past years, MySpace and Verizon earned no stars in our report. We remain disappointed by the overall poor showing of ISPs like AT&T and Verizon in our best practice categories," the EFF states.

The star pupils, with the full six gold stars (and presumably a pat on the head from teacher) were Twitter and West Coast ISP Sonic.net. Twitter has defended the rights of users ranging from Occupy protestors to French racists, and Sonic.net makes a point of minimizing data retention times to a legally-required bare minimum and not cooperating with IP-hunting legal shysters.

Google and Microsoft got praise for raising awareness of National Security Letters (NSLs) – government-issued investigatory orders with a tight gagging clause that can be enforced without judicial oversight. The NSL orders have now been ruled unconstitutional by a US court, though that decision is pending appeal.

But Google also got a demotion for a change in its official policy on informing users if they are under investigation. This year, the Chocolate Factory changed its T&Cs on user notification to promising to tell them "when appropriate," which the EFF considers so nebulous as to allow a whole host of shenanigans.

But Google gets praise for pioneering the practice of transparency reports, a practice adopted last year by Dropbox, LinkedIn, Sonic.net, SpiderOak, and Twitter, and more recently Microsoft. Such reports are fast becoming key to informing users on privacy practices, but there are still plenty of companies managing petabytes of data that shun them, including Amazon, Apple, AT&T, and Verizon.

"Readers of this year’s annual privacy and transparency report should be heartened, as we are, by the improvements major online service providers made over the last year," the report concludes.

"While there remains room for improvement in areas such as the policies of location service providers and cellphone providers like AT&T and Verizon, certain practices – like publishing law enforcement guidelines and regular transparency reports – are becoming standard industry practice for internet companies." ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.