Latest news with #DataPrivacy
Forbes
22-07-2025
- Business
- Forbes
Hidden Cost Of 'Free' Apps: How Your Data And Decisions Are Monetized
BATH, UNITED KINGDOM - AUGUST 01: In this photo illustration the logo of US online social media and ... More social networking site 'X' (formerly known as Twitter) is displayed centrally on a smartphone screen alongside that of Threads (L) and Instagram (R) on August 01, 2023 in Bath, England. On the top row the logo of online video sharing and social media platform YouTube is seen alongside that of Whatsapp and TikTok. Along the bottom row Facebook, Quora amd Messenger are displayed. Elon Musk recently revealed the new logo for Twitter, which constitutes the letter 'X' as part of a rebrand of the company. (Photo by) Let's be honest: 'Free' apps such as Robinhood and TikTok are everywhere, shouting out that you can get wealthy or be entertained without spending a nickel. These slick devices and mood-altering effects have fixed tens of millions of people in their shadow. But here's the truth about free stuff: nothing is free. They also profit from your data, push you towards riskier bets and costing people thousands of dollars in losses and nothing to show for it. Whether you chalk it up to gamified trading and influencer hype, or the endless email promotions, the price of these platforms is finally sinking into the consumer psyche. Robinhood had burst on the scene in 2013, with a sales pitch about commission-free trading and a mission to 'democratize' wealth. The infinite scroll of short, addictive videos on TikTok made it a global phenomenon. Both apps are free to download and use and do not require a subscription. But if you are not paying, then you are the product. Robinhood made $331 million in 2021 from 'payment for order flow,' a way that market makers pay to process your trades, in order to nudge you to trade more, whether or not it's a bad call. ByteDance, the Chinese company that owns TikTok, has been accused of sharing user data with advertisers that could be used to employ supremely targeted ads. A 2023 report by the Center for Digital Democracy put TikTok's data driven ad revenue above $15 billion a year. These apps don't just accumulate information; they drown you in it. Robinhood's app is designed to feel like a game, complete with bursts of confetti when you make a trade and push notifications that encourage you to keep up with the Joneses. It's no wonder many of its users were participating in dangerous options trading as of 2022, according to FINRA, and the vast majority having zero investing experience or knowledge. TikTok's algorithm also ensures you keep scrolling by serving up more of what hooks you, be that videos that tout 'meme stocks' such as GameStop or AMC. Social influencers are pushing these stocks which results in a buying frenzy. That was also true in 2021, when investor hype on Reddit and TikTok sent the share price of GameStop soaring before the price tumbled and retail investors got 'left holding the bag.' The problem: real people are the ones paying the price. According to a 2021 CNBC article, Dogecoin's 26,000% surge in six months was driven partly by teens and young adults on TikTok and Reddit, many of whom used apps like Robinhood to trade. The article highlighted that inexperienced investors, often in their late teens to early twenties, were drawn to the 'get rich quick' scheme, with some losing significant sums when the market corrected. It's important for investors to understand that the algorithms on these platforms privilege what benefits them, not what's best for you. The S.E.C. fined Robinhood $70 million in 2023 for confusingly documenting risks to users. TikTok's been sued over privacy problems, but both just keep getting bigger. Key Takeaway: "Free" apps come with a catch. They profit from your data, attention, and sometimes your finances. Be cautious and always conduct thorough, independent research before investing, and don't let app nudges or influencer hype drive your decisions.
The Standard
11-07-2025
- Business
- The Standard
HK Electric wins top privacy award for data protection excellence
HK Electric Operations Director Mr. Raymond Choi (centre) receives the Outstanding Gold Award at the Privacy-Friendly Awards 2025 from Mr. Clement Woo Kin-man (right), Under Secretary for Constitutional and Mainland Affairs, and Ms. Ada Chung Lai-ling (left), Privacy Commissioner for Personal Data.
Fast Company
10-07-2025
- Fast Company
Data privacy is failing. Here's what encryption and MFA can (and can't) do
Cybersecurity and data privacy are constantly in the news. Governments are passing new cybersecurity laws. Companies are investing in cybersecurity controls such as firewalls, encryption, and awareness training at record levels. And yet, people are losing ground on data privacy. In 2024, the Identity Theft Resource Center reported that companies sent out 1.3 billion notifications to the victims of data breaches. That's more than triple the notices sent out the year before. It's clear that despite growing efforts, personal data breaches are not only continuing, but accelerating. What can you do about this situation? Many people think of the cybersecurity issue as a technical problem. They're right: Technical controls are an important part of protecting personal information, but they are not enough. As a professor of information technology, analytics, and operations at the University of Notre Dame, I study ways to protect personal privacy. Solid personal privacy protection is made up of three pillars: accessible technical controls, public awareness of the need for privacy, and public policies that prioritize personal privacy. Each plays a crucial role in protecting personal privacy. A weakness in any one puts the entire system at risk. The first line of defense Technology is the first line of defense, guarding access to computers that store data and encrypting information as it travels between computers to keep intruders from gaining access. But even the best security tools can fail when misused, misconfigured, or ignored. Two technical controls are especially important: encryption and multifactor authentication (MFA). These are the backbone of digital privacy—and they work best when widely adopted and properly implemented. Encryption uses complex math to put sensitive data in an unreadable format that can only be unlocked with the right key. For example, your web browser uses HTTPS encryption to protect your information when you visit a secure webpage. This prevents anyone on your network—or any network between you and the website—from eavesdropping on your communications. Today, nearly all web traffic is encrypted in this way. But if we're so good at encrypting data on networks, why are we still suffering all of these data breaches? The reality is that encrypting data in transit is only part of the challenge. Securing stored data We also need to protect data wherever it's stored—on phones, laptops, and the servers that make up cloud storage. Unfortunately, this is where security often falls short. Encrypting stored data, or data at rest, isn't as widespread as encrypting data that is moving from one place to another. While modern smartphones typically encrypt files by default, the same can't be said for cloud storage or company databases. Only 10% of organizations report that at least 80% of the information they have stored in the cloud is encrypted, according to a 2024 industry survey. This leaves a huge amount of unencrypted personal information potentially exposed if attackers manage to break in. Without encryption, breaking into a database is like opening an unlocked filing cabinet—everything inside is accessible to the attacker. Multifactor authentication is a security measure that requires you to provide more than one form of verification before accessing sensitive information. This type of authentication is more difficult to crack than a password alone because it requires a combination of different types of information. It often combines something you know, such as a password, with something you have, such as a smartphone app that can generate a verification code or with something that's part of what you are, like a fingerprint. Proper use of multifactor authentication reduces the risk of compromise by 99.22%. While 83% of organizations require that their employees use multifactor authentication, according to another industry survey, this still leaves millions of accounts protected by nothing more than a password. As attackers grow more sophisticated and credential theft remains rampant, closing that 17% gap isn't just a best practice—it's a necessity. Multifactor authentication is one of the simplest, most effective steps organizations can take to prevent data breaches, but it remains underused. Expanding its adoption could dramatically reduce the number of successful attacks each year. Awareness gives people the knowledge they need Even the best technology falls short when people make mistakes. Human error played a role in 68% of 2024 data breaches, according to a Verizon report. Organizations can mitigate this risk through employee training, data minimization—meaning collecting only the information necessary for a task, then deleting it when it's no longer needed—and strict access controls. Policies, audits, and incident response plans can help organizations prepare for a possible data breach so they can stem the damage, see who is responsible and learn from the experience. It's also important to guard against insider threats and physical intrusion using physical safeguards such as locking down server rooms. Public policy holds organizations accountable Legal protections help hold organizations accountable in keeping data protected and giving people control over their data. The European Union's General Data Protection Regulation is one of the most comprehensive privacy laws in the world. It mandates strong data protection practices and gives people the right to access, correct, and delete their personal data. And the General Data Protection Regulation has teeth: In 2023, Meta was fined €1.2 billion (US$1.4 billion) when Facebook was found in violation. Despite years of discussion, the U.S. still has no comprehensive federal privacy law. Several proposals have been introduced in Congress, but none have made it across the finish line. In its place, a mix of state regulations and industry-specific rules—such as the Health Insurance Portability and Accountability Act for health data and the Gramm-Leach-Bliley Act for financial institutions —fill the gaps. Some states have passed their own privacy laws, but this patchwork leaves Americans with uneven protections and creates compliance headaches for businesses operating across jurisdictions. The tools, policies, and knowledge to protect personal data exist—but people's and institutions' use of them still falls short. Stronger encryption, more widespread use of multifactor authentication, better training, and clearer legal standards could prevent many breaches. It's clear that these tools work. What's needed now is the collective will—and a unified federal mandate—to put those protections in place.
National Post
09-07-2025
- Business
- National Post
Ketch Named Grid Leader in G2 Summer 2025 Reports, Signaling Surge in Market Momentum and Customer Trust
Article content Article content SAN FRANCISCO — Ketch, the Data Permissioning Platform for privacy operations and data activation, today announced it has been named a Grid Leader by G2, the world's largest and most trusted software marketplace, in its Summer 2025 Reports. Article content Ketch earned 12 badges across key categories including Consent Management Platforms (CMP), Data Privacy Management, Data Subject Access Request (DSAR) automation, and Sensitive Data Discovery, reflecting surging customer demand and strong market momentum. Article content The company reports that more than 30% of Ketch customers are former OneTrust users, signaling a broader market shift toward more modern, AI-ready privacy solutions. From a Mid-Market Customer G2 Review: 'My team and I were recently tasked with migrating away from a legacy vendor. It was truly a joy working with the Ketch team. We migrated so that we could have a more modern, streamlined, data-driven platform – and Ketch has exactly what we need.' Article content 'We believe clean, permissioned data is the foundation for AI governance and durable business growth,' said Tom Chavez, Co-founder and CEO of Ketch. 'These G2 awards validate what we see every day: privacy teams are moving beyond legacy, cookie-based tools in favor of modern infrastructure capable of integrating with complex, multi-channel data environments.' Article content Ketch's standout performance includes three Grid Leader designations across core privacy categories: Article content Additional awards include: Article content These distinctions are based entirely on authentic customer reviews and market presence data gathered by G2. Article content 'Only about 10% of all vendors on G2 appear in our quarterly Market Reports,' said Sydney Sloan, CMO of G2. 'Congratulations to Ketch for earning a coveted spot in our reports this season, a recognition powered by the authentic reviews of their customers.' Article content To see why customers are choosing Ketch, read their reviews on G2: Article content About Ketch Article content Ketch is redefining responsible data use for the AI era. The Ketch Data Permissioning Platform empowers organizations to collect, control, and activate permissioned, privacy-safe data across every system, app, and user touchpoint. Brands around the world use Ketch to simplify privacy compliance, fuel data-driven growth, and build trust across customers and partners. Learn more at Article content Article content Article content Article content Contacts Article content Media Contact Article content Article content
Forbes
25-06-2025
- Business
- Forbes
How Business Leaders Can Leverage Blockchain And AI To Unlock New Opportunities
Daniel A. Keller, CEO and President of InFlux Technologies Limited and Flux. Blockchain and AI are increasingly becoming more integrated—the duo can work symbiotically to bolster one another. At its core, blockchain provides a decentralized, consensus-based infrastructure that enables AI solutions to operate without third parties controlling the data and algorithms. There's the privacy element as well. Blockchain can help companies address data privacy issues inherent in AI solutions that run on centralized Web2 platforms. Both of these technologies are continuously evolving. However, business leaders should embrace them sooner rather than later to avoid falling behind. The Key Business Benefits Of Using Blockchain And AI In Tandem Why should leaders embrace blockchain and AI sooner rather than later? Consider the benefits that both technologies can offer companies when used in tandem. Blockchain gives businesses more control and ownership over their data. Third-party platforms—cloud providers, social networks, etc.—can be fickle. Overnight, a third-party platform could change the rules of engagement, such as by raising costs or adding new content restrictions, that make it difficult, if not impossible, for companies to control their costs, maintain their operations and share their narratives. Blockchain breaks that grip of control from third parties. With blockchain, leaders can create cost-effective infrastructure that runs on their terms. As for AI, it can help companies streamline their operations, pinpoint issues in real time and personalize customer service, to name a few of the many use cases. However, AI comes with various risks, namely, data privacy issues and concerns about centralized data control and training when using publicly available platforms. In certain industries, such as healthcare and finance, the consequences that can stem from those risks are magnified. By using the decentralized, open-source infrastructure and consensus mechanisms that blockchain provides, leaders can more effectively safeguard their data—both at the input and output stages. Best Practices For Implementing Blockchain And AI Together Business leaders should adopt blockchain and AI before these technologies mature. The more they delay adoption, the further behind they risk falling. To effectively leverage both technologies, leaders should start by identifying how blockchain and AI can serve their business needs. They should focus on their strategic vision for the next six months to a year and then evaluate where blockchain and AI can fit in. Short iterations are vital, given how quickly both technologies are evolving; long planning cycles could render them obsolete before implementation. Once leaders have identified their strategic vision for the next six months to a year, they can research vendors and find one that aligns with their business needs. From there, they proceed to the implementation stage. There's room for flexibility here. Leaders shouldn't go all-in on adopting both technologies at once. In most cases, an incremental, scalable approach to implementing blockchain and AI will be more manageable. For instance, the executives of a local consulting firm might opt to stay in Web2 and keep 50% of their company's infrastructure there. It could move the other half of its infrastructure to Web3 and then gradually start migrating customers there. On that decentralized infrastructure, it could begin running AI tools that refine certain processes, such as client scheduling and communication. Over time, the consulting firm can move more of its infrastructure to Web3, increase the number of AI tools it runs and shift more customers. Following implementation, leaders should remain proactive in keeping their systems current. Blockchain and AI are rapidly changing, and by staying informed about those changes, leaders can pinpoint how they factor into their business needs. Risks—And How Business Leaders Can Navigate Them Business leaders should be aware that adopting blockchain and AI comes with risks. For instance, aside from technical complexity, another prominent risk is that both operate in an uncertain regulatory environment. Consider recent regulatory activity in the United States. According to TheStreet, on May 29, 2025, lawmakers 'introduced the Digital Asset Market Clarity (CLARITY) Act—a bill designed to finally bring clear regulations to the crypto and digital asset industry.' A June 3, 2025, StateScoop article noted that 'A bipartisan coalition of more than 260 state legislators from all 50 states on Tuesday sent a letter to Congress opposing a provision in the federal budget reconciliation bill that would impose a 10-year ban on state and local regulation of artificial intelligence.' The outcomes of these regulatory activities can have serious ramifications for businesses implementing blockchain and AI, making it paramount for leaders to stay informed about developments on the policy side. A new law could render a company's adoption of blockchain and AI noncompliant, requiring a costly overhaul to get back on track. Another significant risk is workforce disruptions. When a company switches to Web3 and starts implementing AI, its existing workforce will likely be restructured or cut. Leaders must carefully consider the potential workforce disruptions that may arise from leveraging blockchain and AI. However, now is the time for leaders to explore blockchain and AI. Acting proactively, rather than reactively, gives leaders the best chance at mitigating risks, leveraging blockchain and AI symbiotically to drive business results and staying ahead of their competitors. Ultimately, it's by embracing open-source, decentralized platforms and AI solutions that leaders can safeguard their costs, operations and narratives. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
