Hunters, hackers and safety crackers: One dozen privacy innovations
By Julie Sartain
Editor’s Note: In this final installment of our People in Privacy series, we look at a few of “The Innovators” currently at work in the privacy sphere and some of the products and initiatives they are developing.
Sgrouples founder and CEO Mark Weinstein said, “I am greatly offended by the notion that privacy is dead,” while many Internet users are sick of watching their personal data slip through organizations' so-called "security firewalls" only to appear later on dozens of data-mining sites. There is hope for them on the horizon, including these recent innovations aimed at changing the perimeters of privacy control.
Secure, private messaging
Founded in 1986, Biscom provides secure file transfer solutions to share data attachments and private e-mails in multiple arenas, especially in the medical community where HIPAA, HITECH and government regulations strictly manage protected health information (PHI). Patient charts, radiographs, photos, diagnostic data and various other private records circulate through many hands--or inboxes--which must be completely secure to ensure patient privacy.
Now anyone can send self-destructing messages using a free app called Wickr.
"Privacy needs to be easy and cool to go mainstream. Wickr does that," says Nico Sell, Wickr cofounder. "Also note that Wickr has users in 103 countries around the world."
Wickr touts unsurpassed encryption, anonymity and usability features making it a game-changer that offers message privacy to the masses. Wickr's founders believe that private correspondence is a universal human right, and online communications should be untraceable by default.
According to Dr. Andrew A. Brooks, MD, surgeon, cofounder and chief medical officer of Tigertext, today’s progressively expanding mobile world ensures that greater technologies will always drive greater efficiency. And the medical community is eager to embrace and adopt these new tools. When properly managed, texting technology can and will continue to revolutionize health care and how it is delivered to patients.
HIPAA-compliant messages among nurses, physicians and other medical staff across multiple platforms such as smartphones and web-enabled Macs and PCs describes TigerText Pro, a secure mobile messaging platform designed for the medical industry to improve workflow and minimize risks.
Tinfoil Security was formed to bring great website security to companies that were previously unable to afford it or believed it was too difficult to implement. The founders grew tired of seeing so many companies fail to protect their most important assets online and decided to do something about it.
"Tinfoil Security is the easiest way to secure your website, providing recurring and actionable security reports with results you can actually use, since they're tailored to your particular software stack," says CEO Ainsley Braun. "While other tools provide too much data and not enough instruction, which is overwhelming, Tinfoil Security strives to make its customers' lives easier by providing detailed solutions to each and every security vulnerability it finds after crawling its customers' sites looking for any and all injection points."
There is a growing concern regarding malware attacks targeted at medical devices such as glucose monitors, insulin pumps, pacemakers, brain implants that control epilepsy, smart prosthetics that use electronic chips and other similar equipment. MedMon is a firewall that prevents hackers from hijacking these devices. Essentially, it identifies malicious signals then electronically jams those signals so wireless commands are blocked.
MedMon was designed and developed by Anand Raghunathan, a professor of electrical and computer engineering at Purdue; Niraj K. Jha, an electrical engineering professor from Princeton, and Princeton graduate student Chungxiao Li, who explained that users can wear MedMon as an additional device such as a necklace or bracelet or have it integrated into their cell phones.
Security professional Dan Clements calls CloudeyeZ "virtual bounty hunters" who hunt down hackers, then hand them over to the companies they robbed. Essentially, these individuals are international security professionals who work together to recover lost or stolen properties from the cloud. Clements and his colleagues contend, "cloud-based computing and storage on multiple servers that cross global jurisdictions is absolutely insecure."
Benefits to the bounty hunters include escrow arrangements, rewards and a percentage of the booty collected. Benefits to the clients include property retrieval, criminal prosecution for the hackers and data listings in the CloudeyeZ blind database, which stores partial information that can be matched with lost data.
Mark Weinstein's new social network Sgrouples boasts no spying, profiling, tracking, stalking or spamming; no facial recognition, no cookies, no selling your private information and no advertisements--if you choose this option from Weinstein's Privacy Bill of Rights, a list of 10 principles, which includes policies on various privacy issues such as sharing, control and owners' rights.
According to Weinstein, Sgrouples purpose is to connect and share with people you know in the real world. It's an all-in-one-place suite of services controlled from a dashboard where members can manage their social media accounts and store and share documents, photos or personal videos on the free 4GB of cloud space.
According to cofounder and CTO Vibhu Norby, Everyme is a free, cross-platform, mobile product envisioned and created for a world where people care about their privacy. Unlike other applications, it has no privacy settings. There are no ways to share content outside of the app, so everything is private by design.
"Since its launch six months ago, 150,000 people have signed up and shared over a million items to date. The Everyme team is also responsible for a new private product targeted at families called Origami.com," adds Norby.
Texas-based WotsDoin calls itself "an anti-bullying, family-friendly, safe social network" developed for members ages 10 and up. Members control and retain full ownership over all personal information, and its YouAd platform allows members to choose which ads to display, if any.
Private, secure Internet access
Onion Browser is an anonymizing web browser for the iPhone and iPad that encrypts and tunnels web traffic through the Tor onion router network and provides other tools to help browse the Internet while maintaining privacy.
"The application provides iOS users a way to privately communicate and browse the entire Internet despite censorship attempts and oppressive firewalls," says developer Mike Tigas, a journalist and online privacy advocate. "And, it's an open-source product that allows others to audit the app and learn from its architecture."
Tigas wants--and hopes--to benefit the larger online privacy community with this application. In addition, 10 percent of the proceeds are donated to the Tor Project and the Electronic Frontier Foundation.
Many services read e-mails, mine data so they can sell information. When you consent to those Terms of Agreements, you're giving them permission to use your data in multiple ways, but with Privly, you control your data.
Privly says that no one can protect your data forever, so it encrypts your content before you send it. Before the data reaches a public server, Privly codes it so the target server sees only a scrambled version of your information. This means you can store your data anywhere you choose and that data is protected.
Cocoon, developed by Virtual World Computing (VWC), provides consumers private, secure and virus-free access to the Internet. VWC is also a leading advocate for consumer online privacy.
“Data mining is a multibillion dollar business, and personal data is being collected and sold every day,” says President and CEO Vernon Irvin. “We are working to put consumers back in control of their privacy.”
In addition to the free Cocoon plugins and an iOS app, several products are scheduled to launch over the next few months--such as a child online privacy tool developed with the KlaasKids Foundation, a version for Google Chrome and a business application.
Julie Sartain, author of Data Networks 101 (Aegis, 2002), has been a freelance journalist for 13 years. She writes for several magazines including Network World, Computerworld, PC World, CIO, The Privacy Advisor and Inside 1 to 1: Privacy.
Read more by Julie Sartain:
Analyzing FTC vs. Wyndham
The Masses As Data Controllers: What They Don't Know Could Hurt You
SMB Tips To Consider