Privacy and Facebook – The New Reality Revealed

Thumbs Down for Facebook
Thumbs Down on Facebook!

Privacy AND Facebook, do they work together or against each other. Now that Facebook has revealed the depth of its depravity, in the search for more advertising dollars, and the EU has taken issue with Facebook’s and Google’s very lax standards and created tough new privacy regulations. We have a new world reality.

What you thought was private simply never was, we just didn’t know that. This lack of transparency  was all used to make money off of your information and to create deep data mining preference to sell ads targeting you. But it did not stop there, this data was then shared around with others on the Web, without your knowledge or approval.

Enter in our new world. Facebook has encouraged a level of sharing that we have all embraced. We wanted to see news, videos, and recommendations. We wanted to connect with others that were friends, family, those we had past history with, as well as past  colleagues. Facebook took that information and used it for its own gain. But, if that was not bad enough, Facebook allowed others we did not know about to take our data, demographics, and preferences and share them with third, fourth, and even fifth parties. Even using our own profiles to access anyone else’s profile connected to ours and take their data too. The end result was the reality of “privacy” we thought we had in our own individual accounts was false.

As draconian as the EU privacy guidelines are for websites to adhere to by May 25, 2018, I applaud them and embrace them. We should all know what is done with our information. We should know that we can now ask to have it removed – easier for those in the EU to demand than US residents. We should know who our data is being shared with for data mining and ad serving.

As for myself, I have removed all but one or two things from my Facebook profile. Facebook does not need to know my political or religious views. Nor should it know my age and for that matter at this point even location.

I personally am actually looking for alternatives to Facebook as this recent privacy issue has revealed the heart and soul of Facebook as a platform, and I do not like what I see. We were all lulled into thinking that Facebook was fun a place to connect, but now I perceive it as a place to steal my privacy and personal data from me all for the single-minded use of making money off of me.

Google, my eyes are being turned onto you next!

The New World of Privacy as Dictated by the European Union

Solutions for your business that make sense.
Solutions for your business that make sense.

On May 25th the European Union’s (EU) new security policy goes into force. Even if you are not located in the EU, you should do a careful review as you may still be able to be sighted with a penalty as website visitors may be located in the EU.

Below are my recommendations on what to do with the pending 5/25/18 EU required changes.
First, it is important to know that I am not a security policy consultant, but I am making recommendations to you that may be helpful as you review your own policies and procedures.
Even though you may not advertise or target the EU, website owners  are still required to protect and adhere to the guidelines that the EU has laid out and is forcing Google and other tech firms to embrace legally.
My Recommendations
Move to https from http to allow for a greater level of website security and encryption of form submissions from an https page.
Enewsletters – stop doing auto subscribe for any newsletters (if you still do this). EU Users, now based on the new requirements, must state that they are desiring to  opt in to your list.

No online forms should request sensitive information like health information, insurability, etc. If you need this for your business, you need to find a more secure way to ask than using a website form. In the USA we have HIPAA rules and you should already be compliant.
Update your privacy policy to be transparent on what you track and how you use that information, how you secure it, and who you share it with.
The most important part is to make sure to have in the links in your privacy policy content to allow people to opt out of Google Tracking and Doubleclick the third party vendor Google uses.
Review in Google Analytics the new data retention sections and other settings that Google has recently rolled out and that are live now. These are available now under the admin section. You will need to work through each option to choose the one that is right for you and then list your selections for transparency on the policies page in the Analytics section. I have personally selected data retention for my own site of 14 months, right now the default is 26 months.
There are a number of other new settings in the admin section in Google Analytics on server sessions and visitor identification. You will want to look at that for sure to make sure you do not need a new configuration update.
I would recommend you move to the newest version of Google Analytics code if you can at this time so that you can affect change to some of these settings that are only available to sites using the new code snippet.
Review your own website visitor geo information. If you have a number of visitors from the EU, you may also need to create a cookie approval doorway option for your site. One where the user has to click their approval for a cookie set to enter into your website. This becomes crucial to get this approval if you are using Google Remarketing, Google AdWords, and any website tracking tool or conversion codes. If you are using Facebook Remarketing you need to get cookie approvals too.
Become aware of the EU data retention rules, operations to remove personal data when requested, but most of all be transparent of what you do with information you collect.
If you are heavily involved in selling to or have strong visitor numbers from the EU, get up to speed now on what is required as it may be time consuming to make changes and institute new security policies.

What Does It Mean When WordPress Removes a Plugin?

Expect the unexpected.
Expect the Unexpected.

Just today WordFence notified me that the Feedburner WordPress plugin had been removed from WordPress.org. What does that exactly mean for you?

When a plugin is removed from WordPress.org it means either the plugin has been compromised, it does not work with current WordPress versions,  or that it has been abandoned.  Plugins cannot work with current  versions of WordPress if the plugin author is not doing regular updates.

WordPress.org polices their plugin archive and if a plugin may cause problems with new versions of WordPress they tag it. WordFence, which we use for security management of WordPress applications, scans the WordPress.org archive and advises us if plugins in use in a client WordPress installation are up to date.

There have been several instances lately where plugins dropped from WordPress.org had been used by bad actors on the web to send out malware and to spamvertise a website.

My rule is that if the plugin has been removed from WordPress.org, we remove it from our client sites. Find out more about this topic today.