Sunday, May 11, 2014

Dad, who is this lady!

Couple of weeks ago a friend of mine had some problem with his Note Pad. After removing his personal data, he took it to the local certified service center. He was given a date of delivery and when the time came to collect it he was told that the problem was complex and was given another date of delivery. After few more rescheduled delivery dates and lots of shouting, he finally got back his Note Pad.

When my friend's son powered-on the Note Pad, he gave out a startled scream, "Dad, who is this lady!". To my friend's horror, he saw a young Filipino girl's smiling face on the desktop. After examining files on the drive, he found hundreds of photographs of the Filipino girl and others, may be her friends. Some of the photographs appeared to be very personal and intimate, taken at home or at parties.  As he browsed through the directories, he found files containing details of credit cards and debit cards with PINs and files with contact addresses and telephone numbers. Worst of all, he found that the Note Pad was not even protected with login-password.

After careful examination, my friend was quite certain that the Note Pad was his but the data was not. He could not find any of the applications that were previously installed on his Note Pad. Instead, he found all sorts of crazy games, chat sites and other applications.

He called the service center and inquired how someone else’s data got into his Note Pad and what happened to his applications ! The service center technician answered nonchalantly "it is not possible for such a thing to happen sir...we are running this center for so many years, such a thing has never happened..". When my friend, who was by then quite perturbed, threatened that he would call the Filipino girl and tell her that all her personal data has been given to him by the service center. With that the technician started apologizing for the mistake and promised to correct the mistake. He even offered to return the money paid for the service.

After taking back the Note Pad to the service center and getting the applications restored, my friend found out what really happened. Whenever the customers brought the devices with problems, the service center first took full backup of the data before starting the service. On completion of the service, they restored back the data from the backup. In this case, they copied someone else's data on to my friend's Note Pad.

Information privacy is a very serious matter in the world of information technology. Many laws are passed and guidelines framed for the protection of personal and sensitive data. Most organizations spend thousands of dollars to ensure that the personal data of its employees and its customers are well protected. When they put in controls and security measures, they even get certified to provide assurance to their customers on how well their systems and data are protected. 

In some countries exposure of personal data is liable to legal proceedings. You visit any web site and you will find statement of "Privacy Policy". It is required by law that any website that offers services and stores customers data should state their data privacy policy. 

It is very likely that people do not read these privacy statements because it is hidden right at the bottom of the web page in small letters with hyperlink highlighted. Perhaps these websites state the privacy policy just because it is legally required. They may not even want people to actually read them. It is very much like the advertisements of mutual funds and insurance products on the television. The message that their product is subject to market risks is hidden in surreptitiously fast paced audio and unreadable text.

Fraudsters and Scamsters go to extreme measures by using technology or by exploiting human weaknesses to get access to personal data. Even some social web sites who offer services try to extract whatever piece of personal data they can collect. They not only use it themselves to help their businesses, but they also share the data with their partners.

Some people give scant regard for protecting their own private and personal data. Sometimes such carelessness may lead to exposure of not just their own data but even the personal information of their friends and relatives, sometimes even leading to serious consequences!

By misfortune if we have to take our smart device to the service center, we are handing over our entire personal data to these guys! Can we be sure what they could be doing with our data!

It is a safe practice to backup the data and delete it from the devices periodically! Chat messages especially should be deleted after saving into files, if it is really required for record. It  does not take much time to do it.

It is better to be safe than sorry!

There are many web sites that offer tips on safe usage of smart devices. I came across one such web site which gives quite useful tips: 


No comments:

Post a Comment