Blog

Home / Blog
Are you ready for GDPR?

Are you ready for GDPR?

Policy, Privacy
Starting May 25th, if your company is a data processor or controller of anyone in the European Union, you're obligated to comply with the EU's strict new General Data Protection Regulation, or GDPR [Annotated version]. Considered one of the strictest privacy laws in the world, failure to comply comes with punishments up to "Up to €20 million, or 4% of the worldwide annual revenue of the prior financial year, whichever is higher"! With a month to go, is your organization in compliance? If you're not sure, reach out to us at sales@privasectech.com and let us help you get there.  
Read More

“Not able to disclose for privacy reasons” is usually not true

Media Attention, Policy, Transparancy
Fellow Canadians, especially journalists, when a person or organization can't respond to a request citing "privacy reasons", let that be a huge red flag to your ears. Demand to know which privacy law they are referring, and to which specific section of that privacy law. Quote it in the article, to show you've done your due diligence. In my experience, most organizations making that claim are either misinformed, or outright lying, and we should stop accepting this behaviour immediately.
Read More

Protecting your privacy on Facebook by disabling Platform

Tech Tip
One of the features you've likely enabled, is Facebook's platform. To give you an idea of how powerful this is, this is the warning it gives you when you attempt to disable it:   What happens if you disable Facebook's Platform   So you can consider the inverse of each of these options, when you've chosen to enable it. In order to disable it, you need to click on the ? help icon on the top right of your Facebook profile. From there choose Privacy Shortcuts and the bottom, "see more settings. From there click on the Apps option near the bottom on the left. Under the list of apps you've authorized, you should see a square that says "Apps, Websites and Plug-ins" at the top. It is there you…
Read More
Requesting whom Facebook has shared your information with — for Canadians

Requesting whom Facebook has shared your information with — for Canadians

Tech Tip
In Canada, we have a federal law called the Privacy Act, as well as one called PIPEDA, which amongst other things, allows you to access the information private sector organizations (companies) have on you. In order for you to make this request, every organisation must provide Canadians the contact information for their company's privacy officer, no matter how small or large the company is. For Facebook, they have a page they call Data Policy Questions, which includes a link for requesting your personal data. They describe on that page how to download your Facebook data, which might be enough for your needs, but as I'm writing this partially in response to the issue around Facebook's relationship with Cambridge Analytica, that information is not included in the default personal information archive.…
Read More

UN Security Council mandates worldwide air traveller profiling (erdi.org)

Privacy
"In the name of “preventing, detecting and investigating terrorist offenses and related travel”, all United Nations (UN) Member States should develop systems for processing and analysing Passenger Name Record (PNR), Advance Passenger Information (API) and “fingerprints, photographs, facial recognition, and other relevant identifying biometric data”, according to a UN Security Council resolution (no. 2396) on threats to international peace and security caused by terrorist acts agreed on 21 December 2017." https://edri.org/un-security-council-mandates-worldwide-air-traveller-profiling/
Read More

How to protect against Meltdown and Spectre

Security, Tech Tip
The short, but intense solution for Meltdown and Spectre from CERT is to upgrade your CPU. (update: As you can see by this URL, they have a more detailed solution now) Your operating system provider will be sending out a patch shortly. Install it as soon as you can. Download the latest firefox as they've started patching version 57. or if you're using a Chrome based browser like Iridium or Chromium:type this in your URL: chrome://flags/#enable-site-per-process and click "enable" on "Strict site isolation." Also, in your browser, make sure you're using Adblock Plus or Ublock Origin, and EFF's Privacy Badger. The important thing to remember with these plugins, is you should not allow JavaScript on any untrusted website. Say for example Facebook and Google/Gmail (I don't endorse either, and both…
Read More
Time to leave Gmail? Here are some privacy centric alternatives.

Time to leave Gmail? Here are some privacy centric alternatives.

Tech Tip
If you're ready to stop providing an advertising company with full access to all of  your email communication, there are other alternatives out there. This is especially important for any non-American, as the American intelligence apparatus is specifically built to spy on your communications, and providers there have a history of giving up access to user's private emails. If you don't worry about your emails being used against you today, or some day in the future, this post is not for you. If you're not happy with your emails being sold, researched, or given away, and are looking for alternatives, there are many. The two big privacy centric email providers are Protonmail and Tutanota. You can create a free account on either of these websites right now, and then forward…
Read More

Privacy Centric Browsers

Tech Tip
I'm often asked which browser I use. Both Chrome and Firefox have a more privacy centric alternative now, Iridium Browser and Firefox Focus respectively. Of course if you want real privacy and are OK with the slowness that comes from really good privacy, Torbrowser is preferred. For fun, I've created a micro-survey, which browser do you use the most regularly?
Read More

Wifi as we know it can be compromised

Media Attention, Security, Tech Tip
[NOTE: Senior Advisor Kris Constable submitted this to HuffingtonPost, but due to the time zone differences and the severity of the issue, we have decided to post the article here in the interim] When you connect to a wireless access point (AP), your device (the client) most likely negotiates that connection using the industry standard, WPA2. A couple of hours ago, 2am PT, the website Krack Attacks was born and it will keep the best of industry and security administrators busy for some time. This means, after reading this, we can assume it will be short under until there is an exploit in the wild that can be used against all of us using WiFi, or more specifically, WPA2. Someone who uses this exploit will be able to do what…
Read More

Secure websites

Tech Tip
I'm often asked about secure websites. For example, should you trust the connection with your computer and your bank's website? The article is going to get a little technical, but hopefully will give you the tools to know which websites are secure, and which aren't, from now on. There has been a secure encryption using protocol around for a long time called secure sockets layer (SSL), which has been modified and labelled Transport Layer Security (TLS) which can be used in most client/server relationships. By adding the HTTP protocol over TLS, this makes the web based session encrypted. The S in HTTPS stands for secure. This is the difference between HTTP and HTTPS, which should be easy to see in the URL bar at the top of most browsers. Does…
Read More