Tag Archives: data


Back up your Facebook – or risk losing everything

Imagine you go to log into Facebook one day and your account, well, just isn’t there anymore. Scary, right?

Well that was the reality for US journalist Jeff Bercovici when a hacker took over an old email address of his that was associated with the account, and proceeded to change every single thing about it, including deleting nine years’ worth of his Facebook activity.

No red flags, no second chances, everything gone. Not worth thinking about, is it?

You can read the full story here – he is clear that a lot of the blame lies with him, in not having two-factor authentification enabled for his account, and for using an old email address that was in fact so ancient, and so unused, that it had been released back into circulation.

But, those key facts aside, just how easily the hacker was able to change everything about Jeff’s account once he was inside makes for chilling reading. Everything that made the account personal – its name, the profile picture, other pictures, posts and comments – were all either changed or deleted.

Seemingly with no comeback, without raising any security flags for unusual behaviour and with no chance to undo and get them back.

Now, because Jeff is an influential tech journalist based in San Francisco with over 7,000 Twitter followers, this is where his story starts to diverge from the usual user experience, something he acknowledges in his article.

A few phone calls and some insider assistance later, and his account has been fully restored. But, as was clear from the initial customer service response above, Facebook considers that once data has been deleted for any reason, as far as they are concerned it is gone for good.

So, how can you stop this happening to you? While this hacker wanted Jeff’s verified user status for himself, there’s nothing to stop people breaking into any account and taking it over, so what can you do to protect yourself?

Of course, taking all available security measures is a key one, so make sure you have enabled Facebook’s Login Approvals, which texts you a code if you access Facebook from an unrecognised device – ie one that hasn’t been used to log into your account before – and needs that code imputed before you can continue.

But the single most important thing you can do is back up your account. If the key details, such as your contacts, posts and pictures are saved, then anything happening to your account will not be such a disaster, right?

And how can you do that? With digi.me of course  – you can connect your personal accounts, as well as pages, to our app and run regular syncs so that the most important information you are sharing with your Facebook friends is backed up and so can’t be lost.

Check it out here – it’s free to download and use, and you get premium features including universal search, flashback and export ability free for a month as well!

Having your data – or at least a copy of the most important parts – in a place that you own and control (in this case the digi.me library on your computer) is the single most effective thing you can do to make sure that your data stays where it belongs- with you.

And why wouldn’t you want to do that?

data trade calculator

For trade not sale: digi.me and our role in the personal data economy

You may have seen digi.me quoted in a recent article in the FT about changes in the personal data economy which will lead people to only give information about themselves in return for something that benefits them.

This step change is certainly coming, and is arguably long overdue, but we have always believed it is about so much more than money, with a straight sale the least exciting thing we can do with our data.

Digi.me offers far greater benefits to both individuals and businesses than just the prospect of a sterile trade between data and cold, hard cash – it offers exchange of that information, with whom and when you choose, in return for any value which may be service, convenience or reward. Much more powerful and of ongoing benefit to your life.

Clearly, the data of each and every one of us has a monetary value to businesses. It tells businesses snippets of information about us, about what we are like and crucially what products or services we could be interested in or tempted by. But the key word there is snippets – this is snapshots of bits of personal information we have revealed about ourselves. Not whole, not wholly accurate, and therefore far from useful. But businesses use it because it’s still better than nothing.

How much better would accurate, rich data about each and every one of us be? Traded by the individual only with businesses they want to deal with, in exchange for service, convenience or reward.  That may be a health app to help you stay healthy or to allow you to share information with a doctor when you travel. It may be a new service to allow you to get more out of a product you use, it could be to tailor a service for you, it could be to allow you to directly engage with your bank on your credit history, and so on – innovation will flourish once you control your own data.  And that innovation will be much more than just selling your data to get tailored advertising!

Permissioned Access, coming to digi.me next year, does just this, turning this outdated and imperfect process on its head, with immediate and tangible benefits for both parties. Businesses can provide better services with more likelihood of deep consumer engagement if they know who they’re working with – and you can give them 100 per cent accurate and deep data going back months or years, with no errors thrown in.

If we’re getting personalised services based on actual data about ourselves, rather than some imagined self, we’re more likely to bite. There’s mutual trust, everyone’s happy, and the data for value exchange model becomes the new normal.

Here at digi.me we have always been crystal clear that the user regains control of their own data partly by having it under their control, which means stored in a local library on their computer or, with our coming release, encrypted in a cloud storage of their choice.

Crucially, we never see your data – you download our app and then populate it yourself, direct from your social networks, and then over the next year, your other data such as finance, health, from wearables and more. Under Permissioned Access, businesses will first have to demonstrate that they understand and will respect the importance and privacy of user data before they are certified and allowed to use our service. So we take your security and privacy, and that of your data, extremely seriously.

With the massive social media platforms of our age, the Facebooks, the Instagrams and the Twitters, has come the resigned understanding that, because we are allowed to use them for free, the inevitable trade is being tracked and our anonymised data sold on.

Companies like digi.me are working hard to show this does not have to be the model, that you can use us without us seeing or using your data, because we’re offering something new and different, which will change how you value your data forever.

Data exchange for value, whether service, convenience or reward, is where the personal data economy is undoubtedly heading – so remember you heard it here first.

*Want to also be the first to see new releases and get our new app when it is released? Download our desktop version for free.


digi.me’s founder Julian Ranger asks PM to stop cuts to skilled migration

Plans to cut the number of skilled workers with job offers coming to the UK as part of a general immigration crackdown  are likely to have a major impact on digital startups.

Fears over the move have seen more than 230 founders working in the tech industry, including our chairman Julian Ranger, sign an open letter to the Prime Minister, published in today’s Daily Telegraph,  asking him to look again at plans to redesign the Tier 2 system, which gives visas to skilled nationals from outside the EEA who have an offer of employment.

Julian said: “Small businesses are the high growth engines of the UK and skills are needed to maintain pace of growth.

“Whilst internal training, and supporting STEM initiatives in the UK are all required, there are times when there is no one of the requisite skills available in the UK and to maintain growth skilled people from outside the UK are required.

“If we want to maintain the UK as a centre of excellence in STEM areas then we need to be able to bring in the best to support our businesses – and cross-pollinate their knowledge and experience here too.”

As The Coalition for a Digital Economy (Coadec), the tech non-profit behind the letter, explains in a blog: “The bar is already pretty high – would-be migrants need to have a degree level qualification and a definite job offer, and the company that wants to hire them need to become accredited as sponsors, advertise (non-shortage) roles for 28 days in the UK first, and meet salary thresholds for the role.”

The full text of the letter, which has also been signed by Martha Lane Fox as well as the founders of TransferWise, Zopa, Unruly, Crowdcube, Nutmeg and Shazam, reads:

Dear Prime Minister,

We represent a cross-section of the UK’s digital startup and scale-up ecosystem, including the founders of Citymapper, DeepMind and SwiftKey. The UK has the largest and fastest growing digital economy in the G20, worth over 10% of GDP.

During the election campaign you argued that the UK should be ‘the startup nation in Europe, and one of the great startup nations in the world.’ We share this ambition and applaud your government’s long-standing support for the UK’s tech community. From SEIS to support for FinTech and the sharing economy, you have championed entrepreneurs and innovators in the interest of securing our country’s long-term economic growth.

However, finding talent with the right skills and experience we need to grow our businesses remains one of the biggest barriers to achieving that ambition. The UK has become a global tech hub thanks in large part to startup founders, investors and employees from across the globe, including many of us who were not born in Britain but choose to invest our time and talents here. We are very concerned that changes to immigration policy will make it more difficult to attract and recruit the talent high-growth companies need to compete and succeed in a global marketplace.

The government’s Migration Advisory Committee is currently examining proposals aiming to further restrict the Tier 2 system of skilled work visas and to reform the Entrepreneur Visa. Further restrictions on skilled migration could restrict the growth of our businesses and hurt the UK’s digital economy.

We call on you to ensure that any future changes to the immigration system make it easier, not harder, for qualified digital entrepreneurs to come to the UK to start their business, and for growing startups to hire top international talent.

It is of course also vital that we continue to support the growth of digital skills within the UK, and we stand ready to do our part.

trust (2)

TalkTalk hack: is stolen data really unencrypted?

The news that up to four million TalkTalk customers have had personal details stolen in a massive hack is serious enough – but suggestions that this crucial personal data may not have been encrypted seriously ups the ante.

The telecoms firm has revealed that information such as customers’ names, addresses, phone numbers, dates of birth, and partial bank details could now be in the hands of hackers. And we now know it may not have benefited from an extra layer of security known as encryption.

So what does this mean? Basically, unencrypted data is plain text – it can be read easily by anyone, without the need for special keys or passwords. But encrypted data is just that – encrypted. While hackers are able to steal it, they’re not necessarily able to read it or sell it on in any way – unless they have the key or code needed to unlock it, it is largely useless to them.

Encrypting data obviously has many uses, ranging from the obvious security benefits to companies holding personal data through to reassuring customers that hacks will not automatically see their personal information disseminated on the web.

It’s not a legal requirement, as TalkTalk’s CEO has been at pains to point out – but there’s a huge argument that it just makes sense to use it.

Hacking and cyber crime in general is on the increase, so no company is able to completely guarantee they will never be a victim, despite their best efforts. With this in mind, taking the best possible care with customer data, particularly sensitive information of exactly the type that can be used to scam people or clone online identities, just seems to make sense.

But that doesn’t seem to have been the case at TalkTalk, with CEO Dido Harding unable to guarantee all the data stolen was encrypted, although the company claimed that it had been kept securely (which is a very different thing).

But what does this all this talk of how secure the data was mean to us, the average user? Well, for starters, it’s a good lesson in finding out as much as we can about what each company who holds our personal data does with it, and how securely they treat it.

It’s also a good lesson, particularly if you may be one of those unfortunate TalkTalk victims, to keep an eye on your credit report, so you can see if anyone attempts to open new accounts in your name. If you do see any that you don’t recognise, contact your bank or financial services provider immediately, and also report any fraudulent activity to Action Fraud on 0300 123 2040 or http://www.actionfraud.police.uk.

Looking to the future, moving to a place where we each have control of our data so that we keep our most important details safe and secure ourselves and share them only with people or companies we want to or trust is an obvious next step in the personal data revolution.

While companies such as digi.me are working on making just this happen, across multiple industries, for now you can keep your social media content safe and backed up with our free app – click here to get your copy now.


Apple removes hundreds of apps that collected personal data

Apple has removed hundreds of apps from its online store that were using Chinese advertising software that collects personal data in violation of its privacy policies.

The iPhone maker made the announcement a day after researchers discovered 256 apps using the software, which extracts “personally identifiable user information.” and which have had more than a million downloads.

In a statement, the tech giant said: “We’ve identified a group of apps that are using a third-party advertising SDK (software development kit), developed by Youmi, a mobile advertising provider, that… gathers private information, such as user email addresses and device identifiers, and route data to its company server.

“This is a violation of our security and privacy guidelines. The apps using Youmi’s SDK will be removed from the App Store and any new apps submitted to the App Store using this SDK will be rejected.

“We are working closely with developers to help them get updated versions of their apps that are safe for customers and in compliance with our guidelines back in the App Store quickly.”

Apple does not allow third-party applications to share data about a user without obtaining users’ permission, and it rejects apps that require users to share personal information, such as email addresses or birth dates.

Researchers at the mobile analytics firm SourceDNA said on Sunday that they had discovered hundreds of apps that extract personal information, saying it was “the first time we’ve seen iOS apps successfully bypass the app review process.”

The researchers said they found 256 apps with an estimated one million downloads that have a version of Youmi that violates user privacy.

“Most of the developers are located in China,” the researchers said in a blog post. “We believe the developers of these apps aren’t aware of this since the SDK is delivered in binary form, obfuscated, and user info is uploaded to Youmi’s server.”


Data privacy breach complaints leap by a third

New figures show that the Information Commissioner’s Office has received a record number of complaints from individuals concerned that their personal data is not being kept sufficiently secure by organisations holding it.

Reports to the ICO relating to personal information security jumped 30 per cent from 886 in 2013 to 1150 in 2014 – or more than two complaints a day on average.

Taken over a five year period, complaints to the ICO about the same issue have increased by 64 per cent.

International law firm Pinsent Masons, which obtained the information through a Freedom of Information request, says that the increase in consumer complaints highlights increasing levels of public unease over how big business and other organisations store personal information.

High profile attacks on trusted corporations like Sony and Target, and the recent damaging attack on infidelity site Ashley Madison, have raised public awareness about how personal data is treated, the firm says.

Luke Scanlon, technology lawyer at Pinsent Masons, said: “Information security isn’t a new issue; businesses have always had a responsibility to protect customer data. But as consumers are increasingly finding themselves left exposed as a result of cyber attacks, concern is clearly growing. The chances are that they wouldn’t be making these complaints without having been directly impacted in some way.”

Under the Data Protection Act, businesses can be fined up to £500,000 by the ICO if the regulator finds that the company has failed to take appropriate measures to protect customer information, and the financial penalties can be far higher if the individuals compromised opt to take legal action against the business.

He added: “There is increasing recognition that how an organisation responds to the compromise of customer data can impact its long term prospects as deeply as the incident itself.

“Many of the businesses and other organisations we are working with are working hard not just to implement good procedures and controls, but also to develop cross-disciplinary teams who understand the legal and reputational issues in the event of a crisis. Chief Executives, CIOs, General Counsel and Communications Directors are getting around the table to say: how do we respond if this happens to us?”

Around 90 per cent of large organisations and 74 per cent of small businesses experienced information security breaches in the past year, according to a UK Government-commissioned survey published in June 2015, however it is not currently mandatory to report data breaches.


Digital dependence is ‘eroding our memories’

Excessive reliance on the internet and search engines for fact finding is damaging our long-term memories as well as compromising IT security, a new study has found.

Fuelled by an increasingly connected world that is always online, we no longer hold in our minds information we can store and retrieve from a digital device or the Internet, causing what the report has termed Digital Amnesia.

Crucially, it found that one of the far-reaching consequences of a failure to make use of our existing stored memories – for example by preferring to search online – can ultimately result in their dilution or disappearance.

The study, which involved 6,000 consumers aged 16 and up from across Europe, found that when faced with a question, over a third will head straight to the internet for an answer, rising to 40 per cent of those aged 45 and over.

Amost a quarter (24 per cent) of respondents admit they would forget the online answer as soon as they had used it, rising to 27 per cent of those aged 45 and over, with 12 per cent assuming the information will always be out there somewhere.

Dr Maria Wimber, a pyschology lecturer at the University of Birmingham, said that the trend of looking up information  “prevents the build-up of long-term memories”.

She added: “Our brain appears to strengthen a memory each time we recall it, and at the same time forget irrelevant memories that are distracting us.

“Past research has repeatedly demonstrated that actively recalling information is a very efficient way to create a permanent memory.”

The report’s finding that many people rely on computers instead of memorising information was highlighted by the fact that many of those questioned could still recall their own phone numbers from childhood, but did not know the current numbers of family members or their place of work.

The report also found that IT security can be an early casualty of our impatience to access information online. Kaspersky Lab, the cybersecurity firm which carried out this study, has found that just under a fifth (18 per cent) of consumers – 22 per cent of those aged up to 24 – will opt for speed over protection when downloading files.

This leaves the door wide open for malicious software intent on stealing personal data and compromising the device and any other devices connected to it.

If consumers haven’t protected their data, their online accounts and devices with strong passwords and data back-ups, the memories and information these hold could be lost or damaged forever.

Of course, digi.me users can protect their data (if not their actual memories!) as regular back-ups will ensure that all their social media history remains in their digi.me app on their desktop, safe, secure and always available.

Lunar Mission One logo cropped LDS BL-01-1

digi.me and Lunar Mission One to send memories to the Moon

Digi.me has signed a deal with Lunar Mission One which will give our supporters the incredible opportunity to leave digital memories on the Moon.

Our app will give anyone who wants to the ability to create digital memory boxes that will reserve your place in space for future generations of space travellers to discover and enjoy.

To join us today and make your own history, all you have to do is use our app (download here if needed) to help you gather your most memorable moments from across your social media accounts.

You will be able to use images and text uploaded to Facebook, Instagram, Twitter and other social media accounts, as well as your memories stored locally on your computer, to create your Digital Time Capsule, which will travel with Lunar Mission One to the Moon in 2024.

Julian Ranger, founder and Chairman of digi.me, said: “digi.me already allows you to take back control of personal information spread all over the web and hold it in one place where you can make it work for you. Now you can create your very own digital time capsule and select the best memories of you to send to the Moon.

“Both myself and digi.me are avid supporters of space exploration and we are delighted to be joining Lunar Mission One in making history in this way.”

Lunar Mission One has also just launched the Footsteps on the Moon campaign, which digi.me is proud to support. Everyone across the world, whether they use our app or not, is invited to upload an image of their own footprints, feet or shoes to make a mark on the Moon for free.  These images will then be digitised by digi.me so that they can be sent to the Moon on the Astrobotic Lander in 2017. Find out more about the Footsteps on the Moon campaign here.

Angela Lamont, Director of Communications for Lunar Mission One, said: “This is very exciting for us and our supporters. Millions of people will be sending their very own private digital archives to the Moon with us in 2024 and the digi.me app now gives them the ability to start curating their own collections using data from their own computer, or anything they’ve ever posted to social media.”

Lunar Mission One is the first global and inclusive lunar mission, which was initially crowd-funded by a highly successful Kickstarter campaign in 2014.

With its preparatory stage now complete, it now has teams in place to set up the mission, which will land at the as-yet-unexplored lunar south pole in 2024. It will carry equipment for scientific experiments, including a rig capable of drilling up to 100m into the Moon’s surface to analyse lunar geology on a scale never before attempted.

This borehole will then be used to deposit two archives; one compendium of life on Earth and one containing millions of private memory boxes created using digi.me, to give an epic picture of life on Earth in the 21st Century for discovery in a future far, far away.


British spies want shorter and less secure passwords

If you thought the purpose of passwords was to be as strong as possible to give your information and accounts the best chance of being secure, Britain’s spies at GCHQ have news for you.

In a new document, Password Guidance – simplifying your approach (PDF), the organisation’s cyber director said that advice has moved on from previous guidance to make passwords stronger as a greater deterrant to hacking.

Now, the spy agency is suggesting IT managers help install systems that make passwords easier to remember. Yes, you did read that right.

The report claims that the average UK user has 22 different online systems that are password protected – clearly more than most people can remember – with the same supposedly safe password used to access around four of these.

It says the need to remember multiple passwords for different sites leads to unsafe behaviour, such as writing them down, duplication, or using simple or predictable passwords creation strategies.

But it also stresses that, crucially, the bottom line is that even following best practice guidelines (ie not doing any of the above) cannot guarantee keeping online services secure. Key loggers, phishing and interception are all cited as credible risks, with information about how to carry them out and the tools to do so easily discoverable on the internet.

In a foreword to the report, Ciaran Martin, Director General for Cyber Security at GCHQ (cool job title!) said: “Complex passwords do not usually frustrate attackers, yet they make daily life much harder for users. They create cost, cause delays, and may force users to adopt workarounds or non-secure alternatives that increase risk.”

It suggests that simplifying an organisation’s approach to passwords can reduce the workload on users, lessen the IT burden, and – crucially – “combat the false sense of security that unnecessarily complex passwords can encourage.”

It lists seven key steps that organisations (and individuals) can take to optimise system security, which are:

  1. Change all default passwords (well, durr)
  2. Only implement passwords when needed to minimise user overload
  3. Understand the limitations of user-generated passwords (tl:dr they encourage insecure behaviour)
  4. Except machine-generated ones have their own problems (tl:dr they’re difficult to remember)
  5. Prioritise admin, mobile and remote user accounts as these are more important/vulnerable
  6. Use account lockout and protective monitoring
  7. And, of course, don’t store passwords as plain text

Will seeming to be good, impartial advice, it’s worth remembering that this does come from the people who broke antivirus software so they could spy on people, so feel free to take it with a piece of salt if you are of a cynical disposition.

ad-blockers, apple, ios9, data, advertising

Why ad-blockers really aren’t the data privacy win you might think

Ad-blockers shot straight to the top of the paid-for apps list in the App Store when Apple’s iOS9 update that allowed users to block mobile advertising was released.

So far, so not unusual – ads are pesky little things, right? Popping-up unexpectedly when you least expect them and generally bloating pages, crucifying page load times and eating up data allowances. Not to mention their tracking qualities as well as the past searches and purchases that stalk you round the web, site after site, day after day. Nope, no redeeming features at all – let’s block them all.

Then something unexpected happened – Marco Arment, creator of the no1 paid ad-blocker Peace, pulled it from the store after just two days, saying that “success didn’t feel good”.

What exactly the problem is remains unclear, altrhough comments on the Instapaper’s founder’s blog where he talked of needing to find a “more nuanced, complex approach” offer some clues.

He added: “Ad blockers come with an important asterisk: while they do benefit a ton of people in major ways, they also hurt some, including many who don’t deserve the hit.”

What Arment seems to be alluding to is what Seth Godin termed the shared understanding that websites offer free content in return for attention. For most sites, advertising is what quite literally pays the content creation bills.

Of course, pages have become increasingly riddled with evermore intrusive ads over the past few years, and it’s hard not to see that the reader has been assailed from all sides. So the appearance of ad-blockers was only going to end one way. Or, as Godin put it: “In the face of a relentless race to the bottom, users are taking control, using a sledgehammer to block them all.”

But still the fact remains that readers and sites have been in a mutually-beneficial relationship where advertising has played a key role in funding content for which there is demand but no serious suggestion that users would pay the full creation cost. And that remains the case even as ad-blocking apps proliferate.

So if ad blocking is not the answer, what is? There is clearly change needed on both sides – advertisers needs to show self-restraint and not machine gun content over every page we open, while users need to understand that on the internet, as with so many things, we can’t simply have the good for free without giving something back.

But there also needs to be a fundamental shift in how we think about data. We don’t like these ads that follow us around, or trackers, because they feel like an assault on our privacy. Yet it is the information gained through this that allows businesses to begin to better target our wants and interests.

I say begin, as the data available to date is so thin and incomplete that it is estimated to be up to 30-50 per cent wrong, to the obvious detriment of both the business and user.

Imagine how much more beneficial for both sides a rich data set would be – useful data 100 per cent certified and licensed at source, used to target appealing ads back to that same user.

A vision for the future to be sure, but a vision that comes ever closer as the Internet of Me follows close on the heels of the Internet of Things, with companies like digi.me at the forefront of this digital revolution.