Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
1/15/2016
01:00 PM
James Kane
James Kane
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail

The Internet of Private Things: 7 Privacy Missteps

A cautionary tale about the rules of 'Privacy by Design' and seven IoT companies that broke them in recent years.
2 of 8

Uber CEO Travis Kalanick 

Be Proactive Not Reactive; Preventative not Remedial


This means establishing a corporate culture that anticipates and prevents privacy issues before they happen. It requires a clear commitment by a company's executive to set and enforce high standards of privacy. As Peter Sims wrote, 'a great, long-lived brand begins and ends with trust.' 

Unfortunately this was after his whereabouts had been revealed on a big screen at an Uber launch party, where company executives were showing off their 'God view,'  allowing party guests to see the whereabouts and movements of Uber users in New York in real time. Uber has since cleaned up its act, but this total disregard for users' privacy was not a good look for this year's poster child of startup success.

(Image Source: Travis Kalanick LeWeb' by Heisenberg Media - Flickr: Travis Kalanick LeWeb Day 1 - Dan Taylor/Heisenberg Media. Licensed under CC BY 2.0 via Commons.)

Uber CEO Travis Kalanick

Be Proactive Not Reactive; Preventative not Remedial

This means establishing a corporate culture that anticipates and prevents privacy issues before they happen. It requires a clear commitment by a companys executive to set and enforce high standards of privacy. As Peter Sims wrote, "a great, long-lived brand begins and ends with trust."

Unfortunately this was after his whereabouts had been revealed on a big screen at an Uber launch party, where company executives were showing off their God view, allowing party guests to see the whereabouts and movements of Uber users in New York in real time. Uber has since cleaned up its act, but this total disregard for users privacy was not a good look for this years poster child of startup success.

(Image Source: Travis Kalanick LeWeb" by Heisenberg Media - Flickr: Travis Kalanick LeWeb Day 1 - Dan Taylor/Heisenberg Media. Licensed under CC BY 2.0 via Commons.)

2 of 8
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
geriatric
67%
33%
geriatric,
User Rank: Moderator
1/19/2016 | 8:57:30 AM
Same Problem You Have
Companies who ignore privacy concerns have the same mentality as those who create and publish ugly pornographic images under the guise of business and industry-relevant articles. Who did your proof-reading - Hugh Hefner, Larry Flynt or Lena Dunham?
MoviePass Leaves Credit Card Numbers, Personal Data Exposed Online
Kelly Sheridan, Staff Editor, Dark Reading,  8/21/2019
New FISMA Report Shows Progress, Gaps in Federal Cybersecurity
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/21/2019
Aviation Faces Increasing Cybersecurity Scrutiny
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/22/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15516
PUBLISHED: 2019-08-23
Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring.
CVE-2019-15517
PUBLISHED: 2019-08-23
jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal.
CVE-2019-15518
PUBLISHED: 2019-08-23
Swoole before 4.2.13 allows directory traversal in swPort_http_static_handler.
CVE-2019-15519
PUBLISHED: 2019-08-23
Power-Response before 2019-02-02 allows directory traversal (up to the application's main directory) via a plugin.
CVE-2019-15520
PUBLISHED: 2019-08-23
comelz Quark before 2019-03-26 allows directory traversal to locations outside of the project directory.