Facebook (3)

Millions of Facebook users give up privacy to play words quiz

Over 17 million people have willingly (and in most cases unthinkingly) handed over huge amounts of their personal data to a company they know very little about in exchange for a graphic of their most-used words in status updates.

I know, right? It is, as Comparitech pointed out, essentially a privacy nightmare, but Facebook users can’t seem to get enough of it at the moment.

The quiz app, by Vonvon.me, works out what your most used words were in status updates this year, and presents them as a word cloud which you are then encouraged to share on your timeline. I’ve seen plenty on mine, and I bet you have too.

So far so straightforward – but how does the quiz app get that information? Yep, by mining the information you have posted/logged with the site.

According to Comparitech, that includes disclosing your:

  • Name, profile picture, age, sex, birthday, and other public info
  • Entire friend list
  • Everything you’ve ever posted on your timeline
  • All of your photos and photos you’re tagged in
  • Education history
  • Hometown and current city
  • Everything you’ve ever liked
  • IP address
  • Info about the device you’re using including browser and language

But it gets worse than that. The terms and conditions (that you have to sign up to when you authorise it to access your Facebook account, but which most people likely never read fully), allow Vonvon.me, among other things, to keep using non-identifying data for as long as they want, store it where they want, and sell it on to any third parties.

And all you got in return was a word cloud. Vonvon is not unusual in this, we’ve talked before about how most apps ask for far more permissions than they actually need to operate, and this is just one that’s gone viral.

But, as ever, it always pays to take care about what and who you hand your data over to. By all means take part in the Facebook quizzes and the like – but just take care about what they’re asking for in return.

Because your personal data is you, it has value and companies such as digi.me are working on ways that you can share it, on your own terms, for tangible benefits. Basically, it’s worth a lot more to you than a word cloud, so protect it!


Back up your Facebook – or risk losing everything

Imagine you go to log into Facebook one day and your account, well, just isn’t there anymore. Scary, right?

Well that was the reality for US journalist Jeff Bercovici when a hacker took over an old email address of his that was associated with the account, and proceeded to change every single thing about it, including deleting nine years’ worth of his Facebook activity.

No red flags, no second chances, everything gone. Not worth thinking about, is it?

You can read the full story here – he is clear that a lot of the blame lies with him, in not having two-factor authentification enabled for his account, and for using an old email address that was in fact so ancient, and so unused, that it had been released back into circulation.

But, those key facts aside, just how easily the hacker was able to change everything about Jeff’s account once he was inside makes for chilling reading. Everything that made the account personal – its name, the profile picture, other pictures, posts and comments – were all either changed or deleted.

Seemingly with no comeback, without raising any security flags for unusual behaviour and with no chance to undo and get them back.

Now, because Jeff is an influential tech journalist based in San Francisco with over 7,000 Twitter followers, this is where his story starts to diverge from the usual user experience, something he acknowledges in his article.

A few phone calls and some insider assistance later, and his account has been fully restored. But, as was clear from the initial customer service response above, Facebook considers that once data has been deleted for any reason, as far as they are concerned it is gone for good.

So, how can you stop this happening to you? While this hacker wanted Jeff’s verified user status for himself, there’s nothing to stop people breaking into any account and taking it over, so what can you do to protect yourself?

Of course, taking all available security measures is a key one, so make sure you have enabled Facebook’s Login Approvals, which texts you a code if you access Facebook from an unrecognised device – ie one that hasn’t been used to log into your account before – and needs that code imputed before you can continue.

But the single most important thing you can do is back up your account. If the key details, such as your contacts, posts and pictures are saved, then anything happening to your account will not be such a disaster, right?

And how can you do that? With digi.me of course  – you can connect your personal accounts, as well as pages, to our app and run regular syncs so that the most important information you are sharing with your Facebook friends is backed up and so can’t be lost.

Check it out here – it’s free to download and use, and you get premium features including universal search, flashback and export ability free for a month as well!

Having your data – or at least a copy of the most important parts – in a place that you own and control (in this case the digi.me library on your computer) is the single most effective thing you can do to make sure that your data stays where it belongs- with you.

And why wouldn’t you want to do that?


4 reasons why SAAS is not right for digi.me – or your personal data

We’re often asked why digi.me is designed to store data locally, rather than on our own servers, and the answer is as simple as it is complex – you owning and controlling your own aggregated data is the only solution that makes sense.

Privacy is the critical reason behind this, control, security and cost are others – but our whole business rationale is that gathering all your personal data securely in one place is vastly more valuable to each and every one of us than having it scattered around.

But crucially, it’s a decision based firmly in the reality of what is best for our users – so here’s the background behind our key reasons in a little more detail:

1) The privacy reasoning is relatively obvious – if you’re pulling everything about you into one big online library, you don’t want to leave the door open. As digi.me grows to become a full inventory of your life, covering all your social media updates and pictures as well as data from every area of your life including financial, health, purchase, travel and positional and even from the Internet of Things – would you really trust all of that to be held externally by one company?

Studies show that most of us have – rightly, given the continuing major upturn in hacks and security breaches – trust issues when businesses have a large proportion of a single area of that data, let alone all of it – so the obvious person to trust with it all is you.

As the owner, you store this data where you choose – digi.me never sees it and never stores a copy – and it’s yours to do what you want with. Cloud-based syncing with future releases will allow you to access this secure library of you from multiple devices, but you choose the cloud and your data is still encrypted within it. Whether you go with this option or solely local storage, we can’t see it, nor can anyone else.

2) Control is also important – if you’re in charge of your own data, then accessing it and deciding what happens with it is naturally your decision. A SAAS service will usually have terms and conditions (T&Cs) nominally placing you in control – but what happens if the company could no longer provide the service or if you wanted to take it elsewhere- could you actually do that in reality?

Your data today is held by many companies under terms governed by their T&Cs. Most allow you to retrieve your data yourself- and upcoming Data Protection acts (DPA), such as the new EU DPA, are making this an absolute right.

But because data – your information, often provided by you, about you – is so valuable, many of these companies such as Facebook and Twitter do not allow 3rd party companies to access and keep that data, even with your permission –  they can access it but must then throw it away.

This is, of course, because your data is valuable to them, because they can sell it on and profit from it. They don’t want another company to hold that commodity as well – but digi.me overcomes that because you yourself gather the information after downloading our app, we do not do it for you. (Of course, this is another layer in how your data is kept private, as we have mentioned before, because we provide the means to get your data, not your personal information itself.)

3) Security is another major issue with SAAS companies – servers full of valuable data from millions of people that has a significant financial worth are a very attractive honeypot for hackers and criminals in general.

It takes time and money to bypass modern security protocols so it makes sense to target servers storing huge amounts of data rather than going after one person at a time. And, as recent breaches show, even huge multi-nationals have weaknesses that can be – and increasingly are – exposed.

4) And if a company does go above and beyond in their efforts to keep your data safe, such as by adding individual encryption, then you run into the final issue – cost.

If a 3rd party service is going to perform all the sync processing to retrieve your data, organise, store and manage it and then provide services on top then the cost associated with this as well as the relevant processing storage and bandwidth is substantial.

But each of these key issues is completely and emphatically overcome if you retrieve and process your own data locally or in a cloud of your choosing.

You get guaranteed privacy and control, because only you have your data. Because it’s yours, you can retrieve it from other companies and store it. Because it’s all in one place, it’s safer and by using resources you have already paid for you avoid extra cost.

Digi.me therefore, precisely because it is not SAAS, brings vast and ongoing benefits to the personal data economy and to each individual. Additionally, it puts you at the centre of your digital life and gives you the base layer of the Internet of Me, where the power of data becomes centered on the individual rather than being held elsewhere.

data trade calculator

For trade not sale: digi.me and our role in the personal data economy

You may have seen digi.me quoted in a recent article in the FT about changes in the personal data economy which will lead people to only give information about themselves in return for something that benefits them.

This step change is certainly coming, and is arguably long overdue, but we have always believed it is about so much more than money, with a straight sale the least exciting thing we can do with our data.

Digi.me offers far greater benefits to both individuals and businesses than just the prospect of a sterile trade between data and cold, hard cash – it offers exchange of that information, with whom and when you choose, in return for any value which may be service, convenience or reward. Much more powerful and of ongoing benefit to your life.

Clearly, the data of each and every one of us has a monetary value to businesses. It tells businesses snippets of information about us, about what we are like and crucially what products or services we could be interested in or tempted by. But the key word there is snippets – this is snapshots of bits of personal information we have revealed about ourselves. Not whole, not wholly accurate, and therefore far from useful. But businesses use it because it’s still better than nothing.

How much better would accurate, rich data about each and every one of us be? Traded by the individual only with businesses they want to deal with, in exchange for service, convenience or reward.  That may be a health app to help you stay healthy or to allow you to share information with a doctor when you travel. It may be a new service to allow you to get more out of a product you use, it could be to tailor a service for you, it could be to allow you to directly engage with your bank on your credit history, and so on – innovation will flourish once you control your own data.  And that innovation will be much more than just selling your data to get tailored advertising!

Permissioned Access, coming to digi.me next year, does just this, turning this outdated and imperfect process on its head, with immediate and tangible benefits for both parties. Businesses can provide better services with more likelihood of deep consumer engagement if they know who they’re working with – and you can give them 100 per cent accurate and deep data going back months or years, with no errors thrown in.

If we’re getting personalised services based on actual data about ourselves, rather than some imagined self, we’re more likely to bite. There’s mutual trust, everyone’s happy, and the data for value exchange model becomes the new normal.

Here at digi.me we have always been crystal clear that the user regains control of their own data partly by having it under their control, which means stored in a local library on their computer or, with our coming release, encrypted in a cloud storage of their choice.

Crucially, we never see your data – you download our app and then populate it yourself, direct from your social networks, and then over the next year, your other data such as finance, health, from wearables and more. Under Permissioned Access, businesses will first have to demonstrate that they understand and will respect the importance and privacy of user data before they are certified and allowed to use our service. So we take your security and privacy, and that of your data, extremely seriously.

With the massive social media platforms of our age, the Facebooks, the Instagrams and the Twitters, has come the resigned understanding that, because we are allowed to use them for free, the inevitable trade is being tracked and our anonymised data sold on.

Companies like digi.me are working hard to show this does not have to be the model, that you can use us without us seeing or using your data, because we’re offering something new and different, which will change how you value your data forever.

Data exchange for value, whether service, convenience or reward, is where the personal data economy is undoubtedly heading – so remember you heard it here first.

*Want to also be the first to see new releases and get our new app when it is released? Download our desktop version for free.


Why digi.me knows that Exporting is GREAT!

As the Government launches its Exporting is GREAT campaign to encourage 100,000 new UK exporters into the market by 2020, our founder Julian Ranger explains why having access to a worldwide market has been great for digi.me

Physical exports have been a way of life for centuries – the trading of things that one country didn’t have with another one that did, but these days digital exports are growing in popularity and digi.me is in the vanguard.

Here at digi.me, our ground-breaking app is helping thousands of people take back control of their personal information – but why should that be restricted to the UK?

We have an international team and believe firmly that our product has merit around the world – and our current stats, which show we export both physically and digitally to over 150 countries, with our app content localised in 11 languages, bear this out.

Of course, shipping overseas in any form has its challenges, but we’ve had (and continue to have) a lot of support from UK Trade and Investment (UKTI) and are getting a lot of help from a European embassy overseas at the moment for an ambitious country-wide project we’re hoping to run there.

Clearly, there are some obvious ground rules to follow – you need to be clear on what your product or service brings to your target market, and what marks you out from your competitors. Do your research on what an individual country needs, and then go from there.

My previous experience of selling to the US Air Force and US Navy gave me confidence to know that anything is possible, and we started exporting with digi.me digitally immediately from set-up, with direct exports to France and the US following afterwards.

Now Toshiba has joined forces with us to distribute our market-leading personal data software across Europe, North and Latin America, which sees them partnering and promoting us through their marketing and social media channels, as well as pre-installing our app in a number of laptops and tablets in the Latin America marketplace. We’re also in our third year with the FNAC security pack in France, so are becoming well known over there as well.

As for our future exporting plans, we hope to be able to announce that European project soon, as well as open a US office, with US locals, to explore possibilities for digi.me there.

So our advice to anyone wavering about joining the international market would be to get out there and do it – you really won’t regret it.

*Exporting is GREAT will run for five years and provide advice and expertise to support businesses at every step of the way, from initial interest to market. This will include the year-long EIG Roadshow that will travel the length and breadth of the country, reinforcing the campaign’s core messages, giving face-to-face assistance to first-time exporters and using the latest technology to connect these businesses with live export opportunities. Online help will be available via www.exportingisgreat.gov.uk

Data privacy is entering a new age

Ten ways to keep your personal data safe online

The price of using websites and other online services is often giving away personal information about ourselves, but there are some quick and easy steps that we can all take to make that data as safe as possible.

The online world is often a strange one – we quite happily give information away to strangers that we would never dream of doing face to face, in the false belief it is what everyone is doing so must be safe.

And, while to a large degree it is, we do still need to take care, particularly not to give away unnecessary information that could be used for identify theft or just plain fraud.

So what should we be doing – and what must be avoided?

  1. Be clear who can see what – that means enabling, and checking, privacy settings for every social media site you use, and ensuring you only make payments through secured web pages when shopping or banking online.
  2. Have strong passwords – and don’t reuse them or write them down. We know this one is tricky. Great passwords, in terms of strength, are by their nature hard to recall, while easy-to-remember ones are not. But be savvy, because account security is everything – and enable two-stage authentication where you can, so you can get back into your account with minimal effort and fuss if you are hacked.
  3. Take care not to post information that is often used as security questions for internet banking services, such as your data of birth, mother’s maiden name or first pet. The more would-be fraudsters know about you, the easier it is to find, or convince someone to give them, the rest.
  4. Don’t fall for dodgy or so-called phishing emails – your bank, or other outlets that have card details, won’t ask for sensitive details over email, so beware any emails that do, no matter how official looking. If in doubt, call the institution on a number that you know is real.
  5. Be careful where you log-on – take care to disconnect from a session if using public computers in libraries, for example, and beware public wifi as its often not as secure as a home connection.
  6. On which note – make sure your home wifi is password-protected, so others can’t access it – both to try and get your details or piggyback on your data allowance.
  7. Keep spyware and virus scanners up to date on any device that you use to access the internet – viruses and keystroke loggers are both a big risk to your data
  8. Be wary about who you befriend online, and who you give personal information such as your address out to
  9. Beware what pictures and status updates tell a potential criminal about you – holiday pictures show you’re away from home, for example.
  10. Be sensible and always have your wits about you – only give out the information that is needed by any one site, don’t take risks with your personal information, or your safety, and if something feels wrong take heed and get yourself out of the situation.

The internet is a wonderful thing for so many reasons, but treat it with the respect it deserves and you’ll be able to just enjoy it and not fear it.

Facebook (2)

World’s biggest tech companies failing users on data privacy

Some of the world’s top tech companies are failing users over privacy, according to the most comprehensive research published on the subject.

Firms including Facebook, Google, Microsoft, Twitter, Yahoo, AT&T, Orange France and Vodafone were surveyed by an organisation called Ranking Digital Rights using 31 measures that focused on corporate disclosure of policies and practices that affect users’ freedom of expression and privacy.

After examining their user agreements, each was given a percentage grade, with no companies scoring over 65 per cent, and only six scoring 50 per cent. Seven companies – nearly half – only scored 22 per cent.

The report’s key findings were:

  • Disclosure  about  collection,  use,  sharing,  and  retention  of  user  information  is  poor.  Even  companies  that  make efforts  to  publish  such  information  still  fail  to  communicate  clearly  with  users  about  what  is  collected  about  them, with  whom  it  is  shared,  under  what  circumstances,  and  how  long  the  information  is  kept.
  • Disclosure  about  private  and  self-regulatory  processes  is  minimal  and  ambiguous  at  best,  and  often  non-existent.  Few  companies  disclose  data  about  private  third-party  requests  to  remove  or  restrict  content or  to  share  user  information – even  when  those  requests  come  under  circumstances  such  as  a  court  order  or subpoena.
  • In  some  instances,  current  laws  and  regulations make  it  more  difficult  for  companies  to  respect  freedom  of  expression  and  privacy.

“When  we  put  the  rankings  in  perspective,  it’s  clear  there  are  no  winners,”  said  Rebecca  MacKinnon,  director  of Ranking  Digital  Rights.  “Our  hope  is  that  the  Index  will  lead  to  greater  corporate  transparency,  which  can  empower users  to  make  more  informed  decisions  about  how  they  use  technology.”

With the report’s compiler highlighting that there no “winners”, it is clear that the losers are users creating and posting pictures and videos to platforms that are unclear at best about what they can actually do with them.

There was also wide differences in transparency within companies, with Facebook (owner of both Instagram and Whatsapp) found to make better disclosures about its flagship platform and the picture-sharing app than at Whatsapp, which did not always even publish privacy agreements in the right language.

Overall,  Google  ranked  highest  among the eight Internet  companies,  while  the  UK-based  Vodafone  ranked  highest among  telecommunications  companies. The Russian Mail.ru email service ranked the worst with 13 per cent.

The survey also found very low levels of web-based companies that allowed encryption of private content and control access, with the average score across the eight just six per cent.


Welcome, Sophie, to a world of happy memories you can enjoy forever

We’ve welcomed a new addition to the digi.me family recently, and it’s given us a reminder of the pleasure of making memories.

Little Sophie was born weighing 8lbs 8oz and, along with her mum, is doing well. Her proud parents have, of course, been taking lots of pictures of her, and as a family they are already making happy memories that they will want to keep and treasure forever.

That’s not been the only new arrival for us recently, as another of our staff had a baby boy, Edison, at the end of August and we released the latest version of our app (our biggest and ongoing baby!) earlier this month.

Making and sharing happy memories on our social media accounts is something most of us take for granted these days, but increasingly there is demand to keep our own physical back-ups of our happiest times as well, so we have somewhere to access them if a network crashes, a camera containing precious photos gives up the ghost, or the platform where we have posted them to share proudly with the world loses them or ceases to function.

It is when we are having our best times that the issue of keeping those memories safe forever should be at the forefront of our minds. Nothing lasts indefinitely, so having a copy of all our precious memories so that they are able to just makes sense.

With digi.me, you are now able to add your own memories and pictures manually, as well as back up pictures and statuses you have posted to a wide variety of social media accounts, so it really can be a full and true picture of who you are and what is important to you.

Don’t leave the continued presence of your most precious memories and pictures to chance, ensure their ongoing survival – and your ongoing ability to reminisce and remind yourself of favourite times now and in the future – by downloading our app and adding your life to it.

And to Sophie, digi.me’s youngest memory maker, we wish years of happy and memorable experiences, that she too in time will be able to look back on with our app and enjoy all over again.


digi.me’s founder Julian Ranger asks PM to stop cuts to skilled migration

Plans to cut the number of skilled workers with job offers coming to the UK as part of a general immigration crackdown  are likely to have a major impact on digital startups.

Fears over the move have seen more than 230 founders working in the tech industry, including our chairman Julian Ranger, sign an open letter to the Prime Minister, published in today’s Daily Telegraph,  asking him to look again at plans to redesign the Tier 2 system, which gives visas to skilled nationals from outside the EEA who have an offer of employment.

Julian said: “Small businesses are the high growth engines of the UK and skills are needed to maintain pace of growth.

“Whilst internal training, and supporting STEM initiatives in the UK are all required, there are times when there is no one of the requisite skills available in the UK and to maintain growth skilled people from outside the UK are required.

“If we want to maintain the UK as a centre of excellence in STEM areas then we need to be able to bring in the best to support our businesses – and cross-pollinate their knowledge and experience here too.”

As The Coalition for a Digital Economy (Coadec), the tech non-profit behind the letter, explains in a blog: “The bar is already pretty high – would-be migrants need to have a degree level qualification and a definite job offer, and the company that wants to hire them need to become accredited as sponsors, advertise (non-shortage) roles for 28 days in the UK first, and meet salary thresholds for the role.”

The full text of the letter, which has also been signed by Martha Lane Fox as well as the founders of TransferWise, Zopa, Unruly, Crowdcube, Nutmeg and Shazam, reads:

Dear Prime Minister,

We represent a cross-section of the UK’s digital startup and scale-up ecosystem, including the founders of Citymapper, DeepMind and SwiftKey. The UK has the largest and fastest growing digital economy in the G20, worth over 10% of GDP.

During the election campaign you argued that the UK should be ‘the startup nation in Europe, and one of the great startup nations in the world.’ We share this ambition and applaud your government’s long-standing support for the UK’s tech community. From SEIS to support for FinTech and the sharing economy, you have championed entrepreneurs and innovators in the interest of securing our country’s long-term economic growth.

However, finding talent with the right skills and experience we need to grow our businesses remains one of the biggest barriers to achieving that ambition. The UK has become a global tech hub thanks in large part to startup founders, investors and employees from across the globe, including many of us who were not born in Britain but choose to invest our time and talents here. We are very concerned that changes to immigration policy will make it more difficult to attract and recruit the talent high-growth companies need to compete and succeed in a global marketplace.

The government’s Migration Advisory Committee is currently examining proposals aiming to further restrict the Tier 2 system of skilled work visas and to reform the Entrepreneur Visa. Further restrictions on skilled migration could restrict the growth of our businesses and hurt the UK’s digital economy.

We call on you to ensure that any future changes to the immigration system make it easier, not harder, for qualified digital entrepreneurs to come to the UK to start their business, and for growing startups to hire top international talent.

It is of course also vital that we continue to support the growth of digital skills within the UK, and we stand ready to do our part.

trust (2)

TalkTalk hack: is stolen data really unencrypted?

The news that up to four million TalkTalk customers have had personal details stolen in a massive hack is serious enough – but suggestions that this crucial personal data may not have been encrypted seriously ups the ante.

The telecoms firm has revealed that information such as customers’ names, addresses, phone numbers, dates of birth, and partial bank details could now be in the hands of hackers. And we now know it may not have benefited from an extra layer of security known as encryption.

So what does this mean? Basically, unencrypted data is plain text – it can be read easily by anyone, without the need for special keys or passwords. But encrypted data is just that – encrypted. While hackers are able to steal it, they’re not necessarily able to read it or sell it on in any way – unless they have the key or code needed to unlock it, it is largely useless to them.

Encrypting data obviously has many uses, ranging from the obvious security benefits to companies holding personal data through to reassuring customers that hacks will not automatically see their personal information disseminated on the web.

It’s not a legal requirement, as TalkTalk’s CEO has been at pains to point out – but there’s a huge argument that it just makes sense to use it.

Hacking and cyber crime in general is on the increase, so no company is able to completely guarantee they will never be a victim, despite their best efforts. With this in mind, taking the best possible care with customer data, particularly sensitive information of exactly the type that can be used to scam people or clone online identities, just seems to make sense.

But that doesn’t seem to have been the case at TalkTalk, with CEO Dido Harding unable to guarantee all the data stolen was encrypted, although the company claimed that it had been kept securely (which is a very different thing).

But what does this all this talk of how secure the data was mean to us, the average user? Well, for starters, it’s a good lesson in finding out as much as we can about what each company who holds our personal data does with it, and how securely they treat it.

It’s also a good lesson, particularly if you may be one of those unfortunate TalkTalk victims, to keep an eye on your credit report, so you can see if anyone attempts to open new accounts in your name. If you do see any that you don’t recognise, contact your bank or financial services provider immediately, and also report any fraudulent activity to Action Fraud on 0300 123 2040 or http://www.actionfraud.police.uk.

Looking to the future, moving to a place where we each have control of our data so that we keep our most important details safe and secure ourselves and share them only with people or companies we want to or trust is an obvious next step in the personal data revolution.

While companies such as digi.me are working on making just this happen, across multiple industries, for now you can keep your social media content safe and backed up with our free app – click here to get your copy now.