Testing products for data privacy and security
It’s an exciting and treacherous time to be a consumer. The benefits of new digital products and services are well documented, but the new risks they introduce are not. Basic security precautions are ignored to hasten time to market. Biased algorithms govern access to fair pricing. And four of the five most valuable companies in the world earn their revenue through products that mine vast quantities of consumer data, creating an unprecedented concentration of corporate power. A recent survey at Consumer Reports showed that 65% of Americans lack confidence their data is private or secure, with most consumers feeling powerless to do anything about it.
We’re trying to do something about that.
Consumer Reports has been testing products and services for 80 years, equipping consumers with the information they need to make smarter choices, enact new policies and regulations, and reshape the marketplace for the better. Our nonprofit mission has led to standardized safety features in vehicles, removed toxins from our food supply, and blocked the creation of corporate monopolies. Today, we’re announcing a new initiative to bring that mission to the world of connected products and services.
A team consisting of Disconnect, Ranking Digital Rights, the Cyber Independent Testing Lab, and Consumer Reports has come together to build a new testing standard for digital products. Available at TheDigitalStandard.org, it looks at consumer expectations of behavior across four key assertions: electronics and software-based products should be secure, consumer information should be kept private, ownership rights of consumers should be maintained, and products should be designed to combat harassment and protect free expression.
The standard is new and so is the approach. We’ve launched the first, work-in-progress version as an open project. The material is published under a Creative Commons license and posted to GitHub. Anyone who is interested in tackling the complexities of testing products and services for privacy, security, and data practices is invited to contribute.
With the launch of the standard we’re entering the next phase of the work. Over the next two years, we intend to publish regular investigations into different product and service verticals. The research will be used to empower consumers and anchor new policy initiatives, but also to refine and flesh out the standard. Digital products introduce a host of new challenges to product testing: Can you rate a product without looking at the service layer behind it? Do you pull a rating once a product receives an over-the-air update? Do you have to audit corporate data centers or is it valid to test based only on publicly-available information? Once we have a better grasp of how to apply the standard, we’ll explore how to build it into our regular product ratings.
Our future power as consumers depends on our ability to assert our rights to data privacy and security. That ability, in turn, depends on the quality and volume of independent, trustworthy information available to us. We want companies to compete to offer the most secure products and services, consumers to wield full control of their data in the marketplace, and our collective voice to drive responsible corporate behavior. Shining a light on privacy and data practices is the first step to converting the values we share into actionable influence over the markets that touch our lives.
I’m tempted by the finally-upgraded Mac Mini (pictured above with the new 13″ iPad Pro configured as its display), long the black sheep of the Mac lineup but loved for the promise of compact power it (again) justifies. Rather than make the new model smaller, as some expected, they kept the same box and filled […]
An Australian developer named Mark Watkins painstakingly reverse-engineered the proprietary data generated by Continuous Positive Airway Pressure (CPAP) machines and created Sleepyhead, a free/open piece of software that has become the go-to tool for thousands of sleep apnea sufferers around the world who want to tune their machines to stay healthy.
Researchers at NYU and U Michigan have published a paper explaining how they used a pair of machine-learning systems to develop a "universal fingerprint" that can fool the lowest-security fingerprint sensors 76% of the time (it is less effective against higher-security sensors).
Got a gadget-minded geek on your holiday list this year? Don’t wait for Black Friday. The prices are already dropping on some quality tech toys, and we’ve got a roundup of some of our favorites. Force Flyers DIY Building Block Drone MSRP: $49.99 | Normally: $42.99 | Price Drop: $39.99 (20% Off) Compatible with everybody’s […]
Ever wondered what it takes to make the transition from amateur photography to a full career? If you answered “a better camera,” you’re half right. Before you get the equipment, get the know-how to use it with the Hollywood Art Institute Photography Course & Certification. Taught by experienced pros, this course is geared towards shutterbugs […]
Anyone can learn piano, but don’t tell that to the bored kids who had to endure hours of “Chopsticks” and similar drills in their music lessons. Today, there’s a better way. Pianoforall lets you jump right in to discover what makes music fun, leaving you eager to learn more. In a simple but innovative approach, […]