Cybersecurity

5 reasons FaceApp should give you worry lines

By now you’ve probably seen plenty of old versions of your friends’ faces pop up on social media. FaceApp is so popular that in just a few days the app has managed to collect the faces of more than 150 million people from around the world!  

Why are people so eager to snap and upload that selfie? Well, it’s fun and interesting to see these scarily accurate “future” faces. And Canadians still presume that laws and technological checks and balances are in place to protect their data.  

Really, though, it’s the Wild West on the internet, and once you surrender your information, you can't get it back.  

Here are our top 5 reasons to skip FaceApp: 

1) Your face is a biometric 

What are biometrics? It’s physical data that’s unique to you and used to identify you, such as your fingerprints, retina or iris scans, gait recognition (the way you walk), or voice recognition.  

Increasingly, we use our face to unlock our phones, to access services, we’re tracked by our faces through airport and other surveillance systems – and the potential for the loss or abuse of your biometric data is huge.  

2) The app is based in Russia 

The data is stored on Russian servers and is subject to Russian laws. This means Russian state intelligence agencies could gather this info. Remember when they tried to access Tinder users’ data? With FaceApp, users have already agreed to that data collection simply by creating an account and uploading a photo. 

3) They’re capturing your web browsing history 

Everything you search for, every website you visit, is viewable to FaceApp, until you uninstall the app. Yikes! 

4) Not to mention your location 

That location data can be used to pinpoint your whereabouts and target you with hyper-specific ads...and to gain insight into demographic trends for who knows what purpose. 

5) Your data could be stored indefinitely and used for reasons you can’t predict 

For example, this amazingly diverse data set could be used to train mass surveillance systems. It sounds far-fetched, but photos uploaded to Flickr and social media sites have already been scarfed up and used to teach A.I.s without people’s consent.  

Why should FaceApp be any different? 

If you’ve already downloaded the app, you should uninstall it ASAP, and make sure that you always read the terms of service before hopping on board with the newest trend. Remember that when you don’t pay for an app or service, you’re not the customer – you're the product

The onus is on the individual to protect sensitive information.  

To learn more about protecting your identity at home or at work, contact the Beauceron Security Team @ info@beauceronsecurity.com or 1-877-516-9245. 

5 terms you need to know heading into election season

What do you get when you cross the internet and social media, with the decline of traditional media? You get a democracy vulnerable to election interference! 

On the internet, any group or person can present themselves as anyone else, and all information is accorded equal value. On social media, info — accurate or otherwise — is shared rapidly, and there is little regard for long-established media entities that are accountable to their audiences.  

This environment is ripe for manipulation of data and of minds. 

In October, Canada heads into a federal election. The best defense against election interference is an educated citizenry. To help you separate fact from fiction, we’re setting straight a few of the terms around data manipulation that are often used interchangeably or incorrectly.  

Hacking elections is rarely about messing with the vote count. It’s about messing with voters’ thoughts before they go to the ballot box. 

ELECTION INTERFERENCE OR MEDDLING

Meddling in elections takes many forms. For example, well before the American election of 2016, Russians created fake Christian websites and Facebook groups, built huge audiences over time, gained their trust, and as the election approached, the content pushed out from these sources became more and more political and began to sway the beliefs held by followers about parties and candidates. It’s social engineering — psychological manipulation of people into performing actions or divulging information — and it works!

DISINFORMATION

Disinformation is deceptively placed information. It has to do with intent to deceive. It’s a lie. 

Let’s say the Russians decided to meddle in Canada’s affairs, as with the U.S. They could pick on the Conservative Party, for instance, and create a series of fake emails, that when discovered would generate a massive media controversy.  

The problem is that once a lie or propaganda is out there, it’s tough to get back — bad ideas and controversy spread quicker and with greater impact than the truth. 

MISINFORMATION

It sounds similar, but it’s quite different: misinformation is mistakenly placed information.  

Recall how often you’ve seen friends share a questionable article on social media believing it to be valid: it may be false, but if they have a wide enough social media “reach,” that wrong data snowballs, to be viewed by thousands of people.  

It’s dangerous because anyone can fall victim to it; even if they don’t mean to, innocent people can inadvertently harm the democratic process.  

SATIRE/PARODY

The prevalence of satirical news or parody sites has exploded in recent years, and because the stories tend to mimic “real” news — though in a humourous fashion — they dupe plenty of people who don’t read beyond headlines. These kinds of stories spread like wildfire as more and more people share them online, many believing them to be true.  

The intent of the story may be to mock authority, to skewer politicians, but if audiences aren’t careful, they can end up believing a narrative that’s way off base.  

FAKE NEWS

Finally, we have fake news, a term that’s been bandied about especially by U.S. President Donald Trump, who uses it to label and denounce practically any article or information he doesn’t like. 

It’s not the same as satire, because, again, of the intent — it’s news or data purposely doctored to appear other than it is. Think of “deepfake” videos intended to trick as many people as possible — or of news articles from unreliable sources made to seem legitimate.  

This boils down to checking your sources; when in doubt, find out where the information came from. If it’s political material, find out straight from candidates what their policies are and put more trust in established Canadian media. Above all, be careful about what you like, click and share online, because your social reputation has a huge impact on what your friends think about politics. 

To get the right information at the right time, contact the Beauceron Security Team @ info@beauceronsecurity.com or 1-877-516-9245. 

Don't click that strange Google Calendar invite — it may be a phish!

Even the most cyber-savvy among us may be persuaded to click a link in a phishing email if it looks like it’s from Google. Why? Because we trust Google. We use Google for email, for road trip directions, we use it to store files, to catch up on the news, to find a cool photo. It has become so much more than a search engine.  

Owing to that familiarity, the latest scam involving Google is insidious indeed. Malicious links are dropped into your Google Calendar — you don't even need to click anything in an email to fall victim. 

How the scam works

Kaspersky Lab, the multi-national cybersecurity firm, uncovered the con and have researched how it plays out. 

Basically, scammers consult a prepared email list to send meeting or event invites to multiple Google Calendar users. They use weaknesses in calendar settings — the default being to automatically add any event and a notification about it — to plunk their own events into your schedule.  

The event could be called something like “There’s a money transfer in your name”; even if you delete it initially, it’ll still remind you about it several times, upping the chances you’ll eventually click on it and be convinced to fill out a harmful form with your personal information.  

It’s profitable because of the sheer number of emails criminals can send out with fraudulent invites and events. The scam’s success rate is high — the notifications and calendar entries both appear to come from Google, which helps ease users’ suspicions.  

How to avoid it without scrapping your Google Calendar

Once you’re aware it exists, it’s easy to get on top of this scam. 

A couple of simple steps to take: 

  • Protect yourself through the app itself by going to Google Calendar’s settings on a desktop, and going to “Event Settings > Automatically Add Invitations.” From there, select “No, only show invitations to which I’ve responded.” 

  • Under “View Options,” uncheck “Show declined events.” That way phishy events won’t continue to pop up after you’ve already declined them. 

Cybercriminals are always on the lookout for new victims and innovative ways to scam them out of their money or data. But staying informed and alert can go a long way in mitigating risk.  

To figure out how your team/organization can reduce cyber risk, reach out to the Beauceron Security Team @ info@beauceronsecurity.com or 1-877-516-9245. 

Insider threat: When a company data breach comes from within

There’s one kind of cybersecurity breach that's almost impossible to defend against, and that’s when the weak link is operating within the organization.  

Most breaches we hear about in the news pertain to external threats. International criminals hack into servers, hold data hostage, or release sensitive information to the public. These outside forces use tactics such as phishing to penetrate the organization with intent to do harm. 

But just as damaging: someone who — for whatever reason — decides to bring down a company from the inside. 

Data danger at Desjardins

On Thursday Desjardins Group in Quebec announced that a former employee publicly shared the personal info of 2.9 million members, including names, phone numbers, dates of birth, email addresses, social insurance numbers, banking habits — in short, everything and more that a criminal would need to commit identity theft. 

This breach is huge, affecting 40 per cent of Desjardins’ members. Desjardins is offering to pay for credit monitoring as well as a year’s worth of identity theft insurance for those affected, but it’s hard to know whether this will be enough to ensure no fraudsters take advantage of the situation. 

Manipulation based on trust

This kind of action is a bit like going undercover, except instead of doing so to investigate illegal activity as the police do, the goal is to commit crimes by building relationships and earning the trust of peers. The accused ex-employee, whose name has not been released, was a valued Desjardins employee who had access to the kinds of information needed to do major damage. According to Desjardins, the employee also convinced other employees to gain access to records he didn’t have the right to access using a technique known as social engineering. 

To “social engineer” is to manipulate people psychologically into performing actions or divulging private information. The former employee used social engineering for malevolent ends, ultimately betraying their employer in the worst way possible. This is so hard to prevent because human nature is to suspect strangers rather than friends or colleagues of wrongdoing.  

To avoid falling victim, companies should reinforce the importance of data privacy and ramp up cybersecurity training including talking about all the various ways that people use social engineering, by phone, by email, by text or in this case, in person. That way, it’s less likely they’ll be manipulated in the first place. 

How can individuals protect their privacy?

If you’re a Desjardins member whose data was compromised, and even if you’re not, here's how to protect yourself against identity fraud: 

  • Take advantage of credit monitoring offered by Desjardins and other credit monitoring services. This basically alerts you to changes in your credit report and indicates possible signs of identity fraud such as a new account being opened in your name. 

  • Lock down your digital identity and your accounts: this means you need to stop using the same passwords (create a new long one for every site, and store them in a password manager); make sure to enable two-factor authentication wherever possible; and be vigilant about emails you receive, particularly if they’re about the Desjardins breach itself, because phishers will be looking to exploit the fear surrounding this juicy news item 

  • Pay close attention to transactions not only on your Desjardins accounts, but any financial transactions, because SINs, birth dates, and banking habits were potentially exposed, and these are the keys to the kingdom when it comes to identity theft. 

To learn more about protecting your identity at home or at work, contact the Beauceron Security Team @info@beauceronsecurity.com or 1-877-516-9245. 

Cities: sitting ducks for cyberterrorists

What is ransomware, and why should I care?

Ransomware is a kind of malicious software (malware) that criminals use to deny access to data or computer systems until a ransom is paid.  

You should care because cities are a major target for ransomware attacks, and cities also happen to be the level of government people interact with most, and that impact our day-to-day lives. If cities suffer, so do individuals.  

Why are hackers targeting cities?

Municipalities are enticing for a few reasons: their IT departments are small to non-existent; their employees usually aren’t trained in avoiding phishing emails and other common avenues for attacks; they don’t have the resources that higher levels of government do to prevent and combat attacks; and because many of their systems are so specialized — such as parking and payroll — patching and keeping software up-to-date is seen as more hassle than it’s worth.

Is online extortion rare?

Short answer: No! Stratford, ON is just the latest in a string of small Canadian cities forced to pay hefty ransoms (we’re talking hundreds of thousands of dollars) to criminals who hold important public data hostage. On April 14, part of Stratford’s server system was hijacked, locking out some municipal employees. The police chief confirmed it was a ransomware attack, and the hackers wanted to be paid in bitcoin.  

Stratford Mayor Dan Mathieson said it’s a common occurrence, and that if mayors across the country don’t band together to deal with the ransomware problem, more communities could be hit.  

What will it take for cities to ramp up their security?

Cities who fall victim tend to point the finger at other levels of government or talk about their lack of resourcing without taking any real action. It makes sense that cities are overwhelmed — these attackers are international and organized, and police or RCMP often don’t have the time or resources to help.  

Unless there’s a disruption in essential services like sewage, water and power, it’s going to be tough for these towns to take the problem seriously.  

What can cities do about it?

Municipalities can be proactive about their cybersecurity by: 

1) Using standard security controls such as antivirus, firewalls and good digital identity controls such as two-factor authentication — but being aware that these can’t catch all sophisticated attacks. 
 
2) Teaching people what a cyberattack looks like and how to report it. Beauceron works with municipalities around the world, and security education has a dramatic impact. With proper training, we’ve seen the rate of clicking on links in phishing emails drop from as high as 34% to as low as 5%.  
 
3) Building resiliency — many organizations under-invest in IT and neglect cyberattack “fire drills,” leaving themselves wide open to hacking. Cities should be strengthening their IT teams and prepping for worst-case scenarios by practising cyber incident response plans.  

It’s open season on municipalities, but together we can protect ourselves against ransomware attacks! 

To figure out how your team/organization can reduce cyber risk, reach out to the Beauceron Security Team @ info@beauceronsecurity.com or 1-877-516-9245.

3 quick and easy ways to declutter your digital life

Unless you're living under a rock, you’re probably aware of dozens of recent data breaches involving huge — and therefore implicitly trusted — companies (*cough* Facebook) where your sensitive information was mishandled and put at risk. 

Privacy is a major issue these days, and the best way to prevent your data from being exposed in a breach is to start small, at home. 

1) Let’s get physical

Clean the digital clutter from your space. We hope you don’t leave sensitive data lying around in your home or workplace, but data that could be compromised in a physical breach could include anything on your computer or phone — think old PDFs containing medical information saved to your desktop, photos on your phone of your driver’s licence or passport — that you'd be better off trashing or saving to a more secure cloud service.   
 
Put yourself in a criminal’s mindset: if you were looking to commit fraud and you stole someone’s laptop or smartphone, what would you look for first? That’s the kind of info you should be deleting or securing.  

2) Delete old, out-of-use email accounts

Why are you hanging onto that embarrassing email address from high school? Unless you believe cutieblond91@hotmail.com could serve you in adult life, it’s best to give it the boot, because email accounts — even dated ones — are a hacker’s goldmine. Through an email, someone could gain access to almost any other piece of info about you — everything from logins to other accounts, to passwords, financial data, the information of all your contacts, your mother’s maiden name and the make of your first car.  
 
Before deleting an email account, go through it and download any data you may want, and double-check to make sure there are no other services you use currently that are still connected with the old email, like Spotify, PC points, you credit card, Netflix, et cetera. Search out any subject lines associated with account creation, go into the security settings and check for any third-party apps with account access. 
 
If you don’t want to get rid of the email altogether, you should at the very least change its password to be long and strong.  

3) Get rid of app accounts you don’t need anymore

Remember when you downloaded Runkeeper last January and used it to track your one New Year’s resolution workout? Well, it really doesn’t need to be on your phone if it’s not in regular use. Apps like this track far more than calories burned — they also track your location (among many other prized informational nuggets), even when turned off.  
 
Companies store data they’re given long after you delete their apps, so going forward, don’t download apps or create accounts online for no reason. The more of your data that’s out there, the tougher it is to manage. 

Decluttering digitally is about being proactive with your privacy — it's about paring down the amount of your personal data available to only what you need and use, so it doesn’t fall into the wrong hands. 

To get the right information at the right time, contact the Beauceron Security Team @ info@beauceronsecurity.com or 1-877-516-9245. 

 

On Tinder? Russia may swipe right on your personal data

Russian intelligence agencies are asking Tinder, one of the most popular dating and hookup apps worldwide, to hand over user data so they can monitor citizens, purportedly in the interest of national security.  

This is unquestionably scary for Russian citizens — this is a country with a long history of prosecuting gay people, for one thing, so for individuals to have their sexual preferences and habits on display at a national level is disturbing to say the least.  

If the aim of Russian spy agencies is to find ways to compromise individuals for state interests, then dating data could be some of the most damning info about people out there. 

What data does a dating app collect on you?

Tons! You may not “super like” it, but Tinder acquires info including (but not limited to): your Facebook likes; links to your Instagram photos; your education; your age; the age range of people you’re interested in; how many Facebook friends you have; your locations; when and where every conversation happened with every single user you’ve ever messaged on the app — and those conversations in their entirety. It’s tough to access your own data, and even tougher to delete it.  

Not limited to Russia

The reverberations of this can be felt internationally: it’s not just Russian citizens’ data the app could be compelled to surrender.  

Tinder is one of 145 apps and sites from which Russia’s internet and censorship authorities can demand data. By Russian law, Tinder could be pressured to relinquish the private information of any of the 50 million users across the planet. 

Swiping left on privacy

It remains to be seen whether Tinder will comply, but if Russia is a big enough part of Tinder’s business, there’s no reason to assume the app will uphold user privacy agreements.  

This is a concern for anyone who’s ever used Tinder, not just Russian citizens or people who may want to visit the country, but anyone involved in politics or corporations; if the Russian government can find something on you, they could conceivably use it against you.  

Our own government has similar power

Western democracies aren’t innocent of this kind of behaviour — and Canadian or U.S. authorities could use existing laws to the same ends. Our governments at home could request private info from social media sites and there would be very little that an individual could do about it.  

In theory, though, accountability and due process are embedded into our laws, whereas in Russia, human rights are beside the point.  

As if you needed another reason to ditch the dating apps…

As always, be careful about what you do and say online, because there’s no way to guarantee that private message to your match is truly private. 

Here are a few steps to make dating online safer: 

  • Only share what you need to, even in supposedly private messages 

  • Move off the platform as soon as you’re comfortable; consider talking to your crush using a more secure method 

  • Check the terms of service of apps you’re using, and choose apps that limit data retention. If you can delete your own data, do that too! 

  • If you stop using an app, contact the company to have your profile removed 

  • Lobby for better privacy protections from your government — if you don’t make it an issue, they won’t either! 

To get the right information at the right time, contact the Beauceron Security Team @ info@beauceronsecurity.com or 1-877-516-9245. 

Toronto cops using facial recognition to nab lawbreakers

Facial recognition may have been banned for agencies this month in San Francisco, but in the bustling Canadian city of Toronto, police are using the technology to generate leads in investigations as more and more crimes are caught on video.  

Officers have conducted more than 2,500 facial recognition searches since the half-million-dollar system was purchased in March of last year.  

How does it work?

Toronto police use artificial intelligence to compare any photo or video evidence they gather against a mugshot database. That evidence can include anything from government surveillance, to public or private enterprises’ footage captured on security cameras.  

This is a controlled use of facial recognition that has obvious benefits for the public. In fact, in the case of the Toronto police, they had 80% accurate matches against their mugshot database; 60% of the time they were able to rely on these matches to further investigations. Though it’s far from perfect, it’s much more accurate than other jurisdictions using this method of identification.  

Extreme uses of facial recognition A.I.

Not all police forces are using facial recognition in appropriate ways. The U.K. police are notorious for their Minority Report-esque way of fighting crime before it happens — using software that has a shocking 98% error rate, and that wrongly targets women and people of ethnic minorities.  

Beyond the Western world, China has some of the most extreme uses of facial recognition on the planet. An entire city — particularly the Muslim minority population living there — is monitored 24/7 for facial recognition as well as gait recognition (the unique way people walk).

This city had a database breach where all this biometric data leaked out, which illustrates one of the worst aspects of these types of A.I.-driven recognition tools: the fact that once it’s out there, anyone could copy that pattern and abuse it. You can’t change inherent aspects about yourself the way you can easily change a password. 

Part of the investigative tool set

Toronto police are describing the way they use facial recognition as “part of the investigative tool set” but not as conclusive evidence on its own — and this is a good approach. It’s not foolproof and involves more error than DNA testing, for example, but because it’s regulated and part of a holistic way of identifying culprits, the risk is limited. 

Public consent needed

Canadian politicians are finally waking up to the importance of controlling any technology that has the potential to infringe on citizens’ privacy rights. Democrat MP Charlie Angus is sounding the alarm on Capitol Hill about the perils of tech that tracks people, saying that as a country we need to discuss guidelines for the legitimate uses of surveillance.  

Ask the right questions

Privacy is all about control and consent. We need to ask the important questions about facial recognition: what level of civilian oversight is provided, how long will the photos and videos be stored, and when investigations are closed, when does the data go away? Being informed and asking the right questions can prevent dangerous uses and abuses of emerging technologies.  

To learn more about protecting your identity at home or at work, contact the Beauceron Security Team @ info@beauceronsecurity.com or 1-877-516-9245. 

Canada's new digital charter: a step in the right direction

Last week, the Government of Canada announced its new “digital charter,” aimed at emphasizing Canadians’ control over their personal data and penalizing big internet companies that break the law, as well as combating online extremism, hate speech and fake news. 

According to a copy of the charter obtained by the Toronto Star, though, the federal government will not immediately impose regulations on huge transnational companies such as Google, Facebook and Amazon — which practically control life as we know it online.

What is the charter?

The charter is being described as a set of principles against which existing or future Canadian laws will be judged, but at present, with no real action being taken, there’s nothing stopping these companies from going about their business as usual. And letting these companies self-regulate is like letting a five-year-old do your grocery shopping — you'll end up with junk that’s not good for anyone.  

These companies have been allowed to run free and create technologies with no regard for consequences — it's always been about the bottom line. Take Amazon, for example: they will deliver any item almost anywhere in the world. No one has stopped to ask whether this is beneficial to society — it’s just assumed that if the business is profitable, it must be a good thing. Amazon’s Alexa feature has been involved in egregious privacy breaches where voice recordings were compromised and sent to the wrong users, but that fact hasn’t dissuaded many people from having an Echo in their homes. 

Facebook may be the worst offender, with multiple privacy violations; as punishment, they’ve been slapped with fines so minimal the company has had no reason to change their data-collecting and privacy-violating behaviours.   

Anti-trust and digital privacy

Anti-trust laws are a broad category of laws that are meant to keep businesses operating honestly and fairly. In the past, these laws in North America have been around protecting profit rather than data. 

Germany has been using anti-trust laws to limit that data gathering, but North America is at least a decade behind Europe’s GDPR (General Data Protection Regulation), which puts privacy at the forefront and imposes strict fines on companies that collect too much data, that use data in undisclosed ways or without users’ full consent.  

What can we do?

It is a good sign that Canada is starting to take digital privacy issues more seriously. We can certainly maintain hope that the government elected this fall will continue to uphold privacy and regulate the online world in a way that protects our data. As citizens, we need to read the party platforms and consider voting in politicians who understand the importance of digital privacy and who demonstrate a commitment to protecting our sensitive data by reining in these big companies. 

To get the right information at the right time, contact the Beauceron Security Team at info@beauceronsecurity.com or 1-877-516-9245.

Protecting your digital identity in the era of mass surveillance – before it’s too late

San Francisco has just become the first U.S. city to ban facial recognition technology, to prevent discrimination and the inevitable curtailing of civil liberties that attends this type of artificial intelligence used by municipal agencies. Other cities are following suit, but despite this progress, the tech’s use is growing.   

If you frequent airports, sports stadiums, malls or grocery stores, facial recognition technology may soon be a big part of your life — whether you like it or not.   

Rather than check individual tickets, some airports are now using A.I. to scan faces as people pass the gates; if you’re paid up and your identity checks out, you’re allowed to board your flight.  Convenient, right?  

However, when the private sector uses our biometric data to discriminate their marketing tactics, we enter dangerous territory when it comes to the protection of your digital identity.  

Malls have been caught using facial recognition cameras to guess your age, gender and even mood to advertise accordingly, luring you to certain stores or kiosks where you’re likely to spend money.   

Even grocery stores can identify you in the aisles by your age and gender, displaying products on screens based on your marketing demographic. 

What is biometric data?

Biometric data — fingerprints, retinal scans, gait recognition (the way you walk), voice recognition, DNA, facial scans — are unique to the person, and aim to quickly confirm your identity.   

For individuals, the main benefits of using biometric data such as facial recognition are speed and convenience. You can avoid rummaging in your pockets for your concert or game tickets at a stadium. You can skip the lines, and just walk past scanning tech that can do the work instantly.   

For corporations, the benefits are more to do with the ability to sway purchasing behaviour. And for governments, they get to monitor and control populations by combining biometric and other surveillance data with artificial intelligence. 

Privacy concerns amid surveillance

The convenience of these technologies comes at a steep cost, especially regarding privacy. The most extreme example is China, where the government is known for abusing biometric data collection: they publicly shame people who jaywalk; they can capture facial scans and recognize citizens’ gaits to prevent those with a low social score from flying or from purchasing real estate; they can track anyone’s location at any time, often unfairly targeting ethnic or religious minorities.   

Closer to home, Toronto has been piloting the Sidewalk Labs project, a data-driven smart city initiative that facilitates things like snow removal and traffic planning, and can curb crime by way of sophisticated security cameras. But because Sidewalk Labs have refused to de-identify people, privacy expert Dr. Ann Cavoukian and others have denounced it as little more than a data mine that could cause harm if that data is leaked or abused.  

Glaring flaws in biometrics

Beyond surveillance, biometric identification has a major flaw: you can replace a compromised credit card, but if there’s a breach of your biometric data, you can’t change your face. Not easily, anyway!   

There’s a big possibility of false positives, too. In London last year, the Metropolitan Police misidentified and fingerprinted a 14-year-old black boy, and figures reveal this kind of mistake is no anomaly; in fact, facial recognition software wrongly identified members of the public as criminals 96% of the time.  

In its current iteration, facial scanning can also be racist and sexist; these technologies are prone to error when it comes to recognizing women and people of colour.  

Yet another issue: It can be used to advertise to you without your permission in malls and grocery stores, even in taxis. And with all facial recognition in the public sphere, the individual can never be sure when or how their sensitive data is being used, or whether or where it’s being stored.

The cost of convenience

While there are obvious pros to facial recognition — such as increasing border security and facilitating police efforts to track down dangerous criminals — as a society we need to ask how much of our personal data we’re willing to sacrifice in the name of safety and convenience. If it’s becoming too much, we need to call on legislators to stand up for citizens’ privacy before we become even more accepting of surveillance tech and all the risks that go along with it.   

Awareness training is the first step towards protecting your digital identity. Reach out to the Beauceron team to get informed on how our learning content can support your organization, info@beauceronsecurity.com