Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

15 worst Internet privacy scandals of all time

Carolyn Duffy Marsan | Jan. 27, 2012
In honor of National Data Privacy Day this Saturday, Jan. 28, we've put together a list of the 15 worst Internet privacy scandals of all time.

7. Facebook Apps

The popular social media site has been plagued by privacy issues over the years. Its highest-profile problem was in October 2010, when Facebook admitted that its top 10 most popular applications including FarmVille and Texas Hold`em shared user data, including names and friends' names, with advertisers. A Wall Street Journal investigation uncovered the Facebook privacy breach and said it affected tens of millions of users, including some that had used Facebook's most stringent privacy settings. Facebook had previously been in trouble for transmitting user ID numbers to advertising companies when users clicked on ads. In November 2011, Facebook settled a case with the U.S. Federal Trade Commission about several incidents and agreed to 20 years of third-party privacy audits 

8. Patient Data Exposed

In March 2011, California-based insurer HealthNet announced a privacy breach for nearly 2 million of its customers, exposing their names, addresses, Social Security numbers, health and financial data. The data were unencrypted and stored on hard drives that have gone missing from contractor IBM's data center. A nationwide class action suit was filed against HealthNet and IBM as a result of this incident. It was HealthNet's second big data breach in two years, having lost the Social Security numbers of 1.5 million policyholders stored on a hard drive in 2009. HealthNet isn't the only healthcare provider to lose private medical data or inadvertently post it online. The U.S. Department of Health and Human Services says personal medical data for more than 11 million people have been exposed online in the last two years.

9. Behavior Targeting is Targeted

A new area of concern for privacy advocates is behavioral targeting by online advertising services. These services create behavioral profiles based on anonymous data of how computer users surf the web and then serve up targeted ads based on these profiles. The FTC ruled in 2009 that these services must provide consumers with notice about the collecting of behavioral data and provide them with the ability to opt out. In March 2011, the FTC reached its first behavioral profiling settlement with advertising network Chitika for deceptive opt-out practices. Chitika said it mistakenly programmed the opt-out setting for 10 days, instead of the intended 10 years.

10. iPhone Tracking

Apple received so much criticism about how its iPhones and iPads were collecting and storing user location data that then-CEO Steve Jobs made a rare apology in April 2011. Jobs conceded Apple's mistakes in dealing with the location data after security researchers discovered an unencrypted file inside the devices contained a cache of locations visited over the last 12 months. Jobs emphasized that Apple was not tracking its customers: "Never have. Never will," he said, in response to the criticism from Congress and others. Apple provided a free software update to users to fix the glitch. But that wasn't the last time that location data gathered by mobile devices from Wi-Fi hotspots has come under fire. Google and Microsoft later admitted that they store the same kind of user location data on their mobile operating systems, too. (Read "Rating apologies.")

 

Previous Page  1  2  3  4  5  Next Page 

Sign up for CIO Asia eNewsletters.