Have you ever wondered if you’ve got an identical twin out there somewhere? Perhaps, a long-lost brother or sister your parents neglected to tell you about? Are you worried that some bizarro version of you is ruining your good name in some far-off land? If you answered yes to either of those questions, don’t be ashamed, you’re one of many people who’ve wondered the same things. Of course, pondering your possible pairing is a lot harder than actually finding them. Thanks to the Coca-Cola company, however, it’s just become a lot easier.

As part of its marketing efforts for its Coke Zero brand, Coca-Cola recently released the Coke Zero Facial Profiler application. If you’re unfamiliar with the Coke Zero shtick, the basic premise is that two Coca-Cola executives (played by actors) are upset with Coke Zero for tasting as good as Coke, but with zero calories. A previous campaign featured the two actors on hidden camera asking real lawyers if they had a case against Coke Zero for “taste infringement.” Going along with this theme, the Coke Zero Facial Profiler app allows users to find others on Facebook who look just like them using facial recognition technology typically associated with government agencies.

Thus far, the application has acquired over 200,000 active users. Despite its popularity, however, not everyone is satisfied with their results. As detailed in an article for the Toronto Star, many users have been turned off by the app once they see who they supposedly look like.

From the article:

One reviewer named Whitney said her doppelganger was “way hotter” than she was, which “sucked” but was also “flattering.” Another reviewer named Adrianne kept getting men in her matches. One man named Michael said his match had a “blocky” and much bigger face.

Besides the fact that it’s leaving some users upset about their own appearances, perhaps an even bigger issue with the application is what it means for identity thieves. Quoting Andrew Clement, a privacy researcher at the University of Toronto, the article says:

“I’m not sure that it’s harmless. Once you’ve allowed [access], it looks like it’s too late. There’s no indication of your privacy rights, whether you can pull out if you don’t like it.”

Before the application finds a match, the user has to agree to let Coke Zero pull profile information, photos, friends’ information and “other content” to work.

Clement says the database would be useful for someone skilful in identity theft because they’d be able to find a good match.

While the facial profiler is a clever idea from a marketing standpoint, I believe that there are some tactical issues related to privacy that stop it from being a home run for Coca-Cola. However, that doesn’t mean it’s Coke’s fault if someone loses their identity online. It is up to users to determine whether they want to share their Facebook photos with the world through a public application. In this case, no matter how badly you want to find your digital duplicate, I would err on the side of caution and not download the app.

What would you say if I told you that a number of state governments (and soon the federal government) are willingly sharing vast amounts of your public information with a private corporation to help save money on data hosting? You’d be concerned, right? After all, private companies don’t answer to the will of the people the same way that politicians do; they answer to their investors and shareholders. What if I then told you the company in control of your information was Google?

In a recent blog post at philosecurity, wellknown cybersecurity consultant, Sherri Davidoff, talks about Google’s firm grip on our government’s data and why it’s a dangerous proposition for privacy activists.

From the blog post:

Recently I saw an ad which read:

“Over 60% of the U.S. state governments have gone Google.”

Does this mean that we’ve now handed the majority of our state governments’ operational data to a single privately-controlled company which has well-publicized partnerships with other governments such as China?

To find out more, I contacted Google’s press department. A representative promptly got back to me with more information:

“The reference to Going Google refers to US state governments using one or more of Google’s enterprise products…With regard to data hosting, Google Apps is a cloud computing solution meaning Google hosts the data in our data centers, relieving the customer or gov agency of the burden of managing their own servers in house.”

In other words, according to Google, United States state governments have literally handed over our public data to be held and managed by a private company which has well-publicized partnerships with other governments such as China. The data is physically stored in Google’s buildings, on Google’s servers, managed by Google’s employees. This means Google now controls our government’s access to it’s own data.

[...]

To me, this is an unacceptable level of control for a single private company to have over federal, state or local government. When you reach a point where the government cannot operate without a private company, then the private company has effectively gained control of the government.

While Davidoff acknowledges the impracticality of the government developing its own Google-level technology in-house, she says the long-term risks of ceding so much authority to a private company far outweighs the short-term benefits of improved communications.

Last week here at the Reputation.com Blog, Reputation.com CEO Michael Fertik discussed Google’s rumored acquisition of Yelp. In the blog post, Michael declared that Google’s interest in Yelp showed the company was “no longer a disinterested observer,” further elaborating that “its ownership of blogging technology, its interest in reviews, and its increasing appetite for a broadened footprint in what we can call the Opinions Industry confirm that Google owns content like a regular Old Media media company.” In light of Sherri Davidoff’s recent post, Michael’s words seem even more apt.

I’m not a conspiracy theorist. I don’t believe Google is evil or that it’s run by maniacal geniuses bent on taking over the world. However, I am practical. Allowing one institution so much power over government operations is a risky proposition and one which should not be taken lightly. It’s your data, which is why you should have control over it. Unfortunately, as Davidoff says in the last paragraph of her blog post:

Google is outside our system of checks and balances. They are quickly becoming absolutely necessary for our government to function, but their operations are not transparent and are outside the control of the American people.

From all of us here at Reputation.com…

-

Merry Christmas!

-

We hope you stay safe and secure during this holiday season.

Do you ever wonder how companies keep your private data safe when they use it for marketing purposes?  Have you ever thought about what happen if that data became public? You might consider thinking about it now.

In 2006, the popular movie rental company, Netflix, opened a contest to improve their movie suggestions tool. The plan was to release sets of “anonymized” user data to researchers who signed up for the contest with a cash prize for making the biggest improvement. The trouble is, the data didn’t stay anonymous.

University of Texas researchers soon showed how easily Netflix users could be reidentified using a formula that matched the data to a more public movie-rating site, the Internet Movie Database. While people may have known they were sharing information on their public IMDB profile, they believed their Netflix ratings were theirs and theirs alone – a simple tool to discover new movies. In some cases, the anonymized user data could be assigned a name, history, and even photo.

But the not-so-anonymous users are now fighting back. According to Wired, a lesbian mother – whose sexual preferences are not known to some friends and family – has recently filed a suit against the online rental giant, claiming an invasion of her privacy. The class action case, Doe v. Netflix, was filed last Thursday in a San Jose court, seeks over $5 million in damages for the breach.

Unfortunately, Netflix is not the first company to show the limits of anonymous information. Also in 2006, AOL released three months of search data to the public, replacing personal usernames with a randomized ID number. However, it was not difficult for the New York Times to reidentify and track down a user based solely on the content of their searches.

And in the 90’s, the Massachusetts Group Insurance Commission released similarly scrubbed data on the state’s employees. But it didn’t take graduate student Latanya Sweeney long to realize the error: she sent a copy of the Governor’s hospital records and prescriptions to his office.

Sweeney, who has since received her PhD and researches at Carnegie Mellon University, has published numerous papers on the dangers of making data partially – but not totally – anonymous.  Sweeney has found that “87% of the US population can be uniquely identified by gender, ZIP code and full date of birth.”

Ironically, Netflix is proposing a second contest where they will purportedly release ZIP code, gender and age data along with the randomized ID numbers. This could spell disaster both for Netflix and their users because the vast majority of users could be identified without the aid of an external site like IMDB.

What is really at stake here is not simply finding the skeletons in your friends’ film reels. The Netflix recommendation engine has become less of an internal service to its customers and more of an advertising technique to manipulate customers’ preferences via behavioral targeting. By releasing data without the proper privacy protections, Netflix is violating the trust of millions of its users.

When it comes down to it, your data is your own. No matter how companies “anonymize” or scrub your information, with the right data points and a little bit of research it can still be traced back to you.

If you’re worried that you might fall into the 87% of Americans who can be identified using ZIP code, gender, and age (or if you’re just disturbed that the world may soon know just how much you loved Titanic)  check out MyPrivacy from Reputation.com. With MyPrivacy you can begin removing your name, address, phone number, and age from people-search databases across the web today.

At the beginning of the month, we shared Google’s 2009 Zeitgeist, the Internet giant’s collection of 2009′s most popular search terms. Now, Facebook and Twitter have chimed in with their own lists of what was hot this past year. Predictably, there is some overlap on the list. For instance, the death of Michael Jackson spurred an outpouring of Tweets and status updates about the King of Pop. Similarly, worries over Swine Flu were a popular topic as reports of the H1N1 virus spread throughout the social media world.

One of the more interesting trends on the Facebook side was the number of people talking about their family online. As the Facebook userbase has grown past 350 million, there has been a substantial increase in the number of older users on the site which has led to a corresponding increase in the number of mentions of the words son, daughter, mom, and dad.

Check below for graphic displays showing the top trends for Twitter and Facebook.