Welcome to this week’s Tip of the Hat!
At LDH we have been known to have a sweet tooth – there are always four to five different types of sweets within reach of the office desk. Therefore, it shouldn’t come to a surprise to our newsletter readers that when presented with the option to get a free cup of Heart Eyes (red velvet cookie dough, white chocolate chips, and heart sprinkles) from a local edible cookie dough vendor, LDH took full advantage of the opportunity to indulge.
The free cup of dough came with a catch, though. The free dough was part of a grand opening celebration for a co-working space. To receive the free dough, you had to give your email address to the co-working space company. Here we have a dilemma – what are the privacy tradeoffs that I’m willing to make for cookie dough?
Multiple times a day we find ourselves asking similar questions – what are the privacy tradeoffs that we’re willing to make for discounts at our favorite store, or a particular brand, or other business? What are the privacy tradeoffs you’re willing to make for everyday items or essential services? A recent opinion piece in The New York Times illustrates this tradeoff with a fictionalized company that finds its inspirations from many different sources, from grocery store loyalty cards to checking in at a store location or posting a brand marketing hashtag on social media. The story also touches on how surveillance and tracking disproportionally affect vulnerable populations, such as those who can’t afford basic services without giving up their data to receive a discount. A real-life example of this happened to LDH. We received an offer from our health insurance company to sign up for a discounted Amazon Prime account that was only available to those receiving insurance through the state health insurance marketplace (we declined the offer).
You can choose to not trade your data for discounted goods and services, though it is getting harder to avoid this data transaction when paying for goods and services, or if you interacted with a business through their website or social media. Even going to a physical store location can involve a data transaction if the business is using beacons to seek out your mobile phone WiFi or Bluetooth signal or using facial recognition technology at their store. If the only way that you can afford health or car insurance is to install a tracking device in your car or to provide data from your health app, then your data is paying for that cash discount.
Currently, you have limited options to protect your privacy when dealing with health and car insurance companies. For other businesses, though, there are some ways you can limit how much data you give to them:
- While you are at the store, turn off WiFi and Bluetooth on your devices if not in use
- Use a secondary email account, or a temporary email or phone number, for promotions and discount offers
- Share one account or loyalty discount card between a close group of friends (also a viable strategy for confusing social media algorithms!)
- Stay away from installing mobile apps tied to business loyalty programs
- Only give the minimal amount of personal information required by the business to receive the discount or service
Using one or more of these strategies can limit the amount of personal data collected on you by the business while still receiving the financial incentives provided by the company.
Going back to our “free” cookie dough situation, the co-working space company did get an email address (used for promotions) from us, but nothing more, even though the email form included fields for name, address, and phone number. We got our cookie dough, the company got an email address that will promptly toss their promotional emails into a filtered folder, followed by an unsubscribe request. The things that we will do for free cookie dough…
NISO Cybersecurity webinar, February 12th
Come join LDH and others on Wednesday, February 12th, for a webinar discussion on cybersecurity!
NFAIS Forethought: Cybersecurity: Protecting Your Internal Systems
Every organization, as a standard course of action, should be implementing protection policies and updating protective measures surrounding their confidential data and internal systems. Phishing and malware are a constant threat. As a response, reliable cybersecurity requires an integrated approach in ensuring the safety of networks, devices, and data. How should enterprises and institutions be thinking about their cybersecurity needs? What basic requirements should be in place? What guidelines or best practices exist? What are the best resources? This roundtable discussion will bring together experts active in the field to address these and other questions.
Confirmed participants in this roundtable discussion include: Daniel Ayala, Founder, CISO/Chief Privacy Officer, Secratic; Blake Carver, Senior Systems Administrator, LYRASIS, Becky Yoose, Principal, LDH Consulting Services; Hong Ma, Head, Library Systems, Loyola University of Chicago; Wayne Strickland, Acting Associate Director at Department of Commerce, National Technical Information Service; Christian Kohl, Principal, Kohl Consulting.
NISO members can attend the webinar for free; non-members can also register for the webinar at https://www.niso.org/events/2020/02/nfais-forethought-cybersecurity-protecting-your-internal-systems. We hope to see you there!