data global

Facebook data transfers under threat after Safe Harbour ruled invalid

Facebook’s right to transfer personal data from the EU to the US has been dealt a blow after the pact it was being done through was declared invalid by the European Court of Justice.

The Safe Harbour agreement (Safe Harbor stateside) was a voluntary pact set up 15 years ago to get around the fact that US data protection laws are significantly less rigorous than their EU counterparts.

Under the scheme, US companies self-certified that they were talking adequate data security precautions in order to be able to access and use European data.

More than 5,000 US companies take advantage of it, as well as global tech giants such as Facebook, which registers users outside of the US and Canada under its Ireland subsidiary Facebook Ireland Ltd. It is estimated to be reponsible for 83.1% of all worldwide Facebook users, but moves data from Dublin to the US to be processed.

But after whistleblower Edward Snowden revealed the mass surveillance activities of America’s National Security Agency, which were alleged to include European data, in 2013, Austrian privacy campaigner Max Schrems asked the Irish Data Protection Commission to do an audit of what material Facebook was passing on.

They declined, citing Safe Harbour, so he appealed to the European Court of Justice, which has today ruled in his favour.

Following the judgement, Mr Schrems said: “I very much welcome the judgement of the Court, which will hopefully be a milestone when it comes to online privacy.

“This judgement draws a clear line. It clarifies that mass surveillance violates our fundamental rights. Reasonable legal redress must be possible. The decision also highlights that governments and businesses cannot simply ignore our fundamental right to privacy, but must abide by the law and enforce it.

“This decision is a major blow for US global surveillance that heavily relies on private partners. The judgement makes it clear that US businesses cannot simply aid US espionage efforts in violation of European fundamental rights. At the same time this case law will be a milestone for constitutional challenges against similar surveillance conducted by EU member states.
“There are still a number of alternative options to transfer data from the EU to the US. The judgement makes it clear, that now national data protection authorities can review data transfers to the US in  each individual case –
while ‘safe harbor’ allowed for a blanket allowance.
“Despite some alarmist comments I don’t think that we will see major disruptions in practice.”

Facebook had yet to comment at the time of publication, but it may well be forced to stop EU-US data transfers at least in the short term, at least until new certified contracts are in place.

Two things are immediately obvious – this will have a wider impact not just for data processing operations like Facebook, but any company that transfers any data overseas for any reason.

And secondly that you can only have true control of your data when you hold it under your own resources, although of course you may need to trade it for access to services from external companies.

If data security and privacy concerns you – and it should – is committed to giving you back control of your data, for you to use as you wish. Download a free trial here.


10 top tips for social media confidence

Want to do more on social media but unsure where to start? Fear not – you’re not alone and we can help.

The sheer volume of information flowing past your eyes when you look at any platform can be intimidating, but start small and know what you want to achieve, and there is very little you can do wrong.

So, without further ado, here are our top tips for getting on top of social media quickly. They’re only guidelines, so feel free to adapt them – but the most important thing is just to get posting!

1) Don’t overcommit. This shouldn’t be a stress, so don’t go crazy and vow to update everything every 20 minutes of every working day. Rather, aim for at least three times a week on each platform you use.

2) Quality beats quantity. Better to share less and it be interesting, than put up things you haven’t read properly or that don’t fully reflect your/the product values in the rush to update your status with something (this goes back to no 1). As part of this, know overall (and ideally with each post) who your audience is and what you want them to do (be more aware of you, buy something etc)

3) Make it personal. While you may well be operating a business account, people like to do business with people, and so personalising what you say, and adding in bits of your life where you’re happy and it’s relevant, is often a very good way of making your followers know and trust you.

4) Analyse post engagements to see if you can see any kind of pattern – do you get most interactions in the morning, evening, or is there quite a uniform spread? Target it if so, aim for a spread of times if not. You can pre-schedule both tweets and FB posts using either Buffer or Hootsuite.

5) Aim for a spread of news/informative posts and pure sales pitches – I’ve seen 70/30 per cent seen as a good balance.

6) Find a quick and easy way to aggregate the types of articles you might want to look for, so that you can always find source material with ease. I recommend Feedly, which allows you to search and group articles by area type.

7) Follow other industry figures and look at what they do, how they do it and what they link to. Not to copy, exactly, but to get inspiration for what you want on your own feed.

8) Follow people in the same/related fields as you, so you can get an increased following of relevant users, get involved in industry conversations, be aware of news, and get inspiration for other posts.

9) Consider doing something like product of the week, where you look at a particular product in detail in a review style and/or competitions to win products or services.

10) Add value to everything you post and give people a reason to follow you and buy from you!

Of course, once you’ve started posting and interacting on your social media accounts, you’re going to want to download so that you can retain everything and reuse it as needed!

Lunar Mission One logo cropped LDS BL-01-1 and Lunar Mission One to send memories to the Moon has signed a deal with Lunar Mission One which will give our supporters the incredible opportunity to leave digital memories on the Moon.

Our app will give anyone who wants to the ability to create digital memory boxes that will reserve your place in space for future generations of space travellers to discover and enjoy.

To join us today and make your own history, all you have to do is use our app (download here if needed) to help you gather your most memorable moments from across your social media accounts.

You will be able to use images and text uploaded to Facebook, Instagram, Twitter and other social media accounts, as well as your memories stored locally on your computer, to create your Digital Time Capsule, which will travel with Lunar Mission One to the Moon in 2024.

Julian Ranger, founder and Chairman of, said: “ already allows you to take back control of personal information spread all over the web and hold it in one place where you can make it work for you. Now you can create your very own digital time capsule and select the best memories of you to send to the Moon.

“Both myself and are avid supporters of space exploration and we are delighted to be joining Lunar Mission One in making history in this way.”

Lunar Mission One has also just launched the Footsteps on the Moon campaign, which is proud to support. Everyone across the world, whether they use our app or not, is invited to upload an image of their own footprints, feet or shoes to make a mark on the Moon for free.  These images will then be digitised by so that they can be sent to the Moon on the Astrobotic Lander in 2017. Find out more about the Footsteps on the Moon campaign here.

Angela Lamont, Director of Communications for Lunar Mission One, said: “This is very exciting for us and our supporters. Millions of people will be sending their very own private digital archives to the Moon with us in 2024 and the app now gives them the ability to start curating their own collections using data from their own computer, or anything they’ve ever posted to social media.”

Lunar Mission One is the first global and inclusive lunar mission, which was initially crowd-funded by a highly successful Kickstarter campaign in 2014.

With its preparatory stage now complete, it now has teams in place to set up the mission, which will land at the as-yet-unexplored lunar south pole in 2024. It will carry equipment for scientific experiments, including a rig capable of drilling up to 100m into the Moon’s surface to analyse lunar geology on a scale never before attempted.

This borehole will then be used to deposit two archives; one compendium of life on Earth and one containing millions of private memory boxes created using, to give an epic picture of life on Earth in the 21st Century for discovery in a future far, far away.

data loss

Why human error is the biggest threat to data

If you think shady criminal cartels, blackmail attempts or straight-up hacking geniuses are the biggest danger to any data held about you online, then we have news for you – plain old human error accounts for far and away the most data breaches.

New research has revealed that human error continues to be the leading cause of data loss for organisations in the UK.

The Databarracks report, which was based on a survey of 400 senior IT workers, revealed that 24 per cent of organisations admitted to a data loss caused by employee accidents in the last 12 months, ahead of hardware failure (21 per cent) and data corruption (19 per cent).

This report comes hot on the heels of data released by the Information Commissioner’s Office earlier this year, which showed that 93 per cent of the 459 data breaches reported to the office in Q4 of 2014/15 could be put down to human error in some way.

It also follows a serious data breach by a London health clinic earlier this month which saw  the email addresses of hundreds of patients, many of whom are living with HIV, accidentally sent out publically to all recipients of a clinic newsletter.

Oscar Arean, technical operations manager at Databarracks, said: “Human error has consistently been the biggest area of concern for organisations when it comes to data loss. People will always be your weakest link, but having said that, there is a lot that businesses could be doing to prevent it, so we’d expect this figure to be lower.”

Interestingly, the Databarracks results weren’t fully consistent across all business sizes, with a breakdown revealing that in large companies, hardware failure led to most data loss, with 31 per cent of all cases up from 29 per cent in 2014.

Arean said: “This isn’t surprising as most large organisations will have more stringent user policies in place to limit the amount of damage individuals can cause.”

Arean goes on to suggest that SMEs should adopt more of a big business ethos when it comes to managing human error:

“The figures we’re seeing this year for data loss due to human error are too high (16 per cent of small businesses and 31 per cent of medium businesses), especially considering how avoidable it is with proper management. I think a lot of SMEs fall into the trap of thinking their teams aren’t big enough to warrant proper data security and management policies, but I would disagree with that.

“In large organisations, managers can lock down user permissions to limit the access they have to certain data or the actions they’re able to take – this limits the amount of damage they’re able to cause. In smaller organisations, there isn’t always the available resource to do this and often users are accountable for far more within their roles. That is absolutely fine, but there needs to be processes in place to manage the risks that come with that responsibility.

“Of course small organisations don’t need an extensive policy on the same scale that a large enterprise would, but their employees need to be properly educated on best practice for handling data and the consequences of their actions on the business as a whole. There should be clear guidelines for them to follow.”

So what does this mean for us and our data? While in an ideal world the individual would be at the centre of their own connected life in full control of their own data, it is unrealistic in our current world to hold all our data close to our chests when so many end users have or demand access to it.

So is it safe out there in the big, bad world? Yes, largely speaking, and the benefits to us in areas such as health of having our details instantly available to all medical services, for example, certainly outweigh the chances of being subject to a damaging data breach.

But it is certainly a sobering thought that, no matter how thorough the legislation governing data handling and the individual company policies in place, just one simple, human mistake can be enough to bring all that crashing down.


British spies want shorter and less secure passwords

If you thought the purpose of passwords was to be as strong as possible to give your information and accounts the best chance of being secure, Britain’s spies at GCHQ have news for you.

In a new document, Password Guidance – simplifying your approach (PDF), the organisation’s cyber director said that advice has moved on from previous guidance to make passwords stronger as a greater deterrant to hacking.

Now, the spy agency is suggesting IT managers help install systems that make passwords easier to remember. Yes, you did read that right.

The report claims that the average UK user has 22 different online systems that are password protected – clearly more than most people can remember – with the same supposedly safe password used to access around four of these.

It says the need to remember multiple passwords for different sites leads to unsafe behaviour, such as writing them down, duplication, or using simple or predictable passwords creation strategies.

But it also stresses that, crucially, the bottom line is that even following best practice guidelines (ie not doing any of the above) cannot guarantee keeping online services secure. Key loggers, phishing and interception are all cited as credible risks, with information about how to carry them out and the tools to do so easily discoverable on the internet.

In a foreword to the report, Ciaran Martin, Director General for Cyber Security at GCHQ (cool job title!) said: “Complex passwords do not usually frustrate attackers, yet they make daily life much harder for users. They create cost, cause delays, and may force users to adopt workarounds or non-secure alternatives that increase risk.”

It suggests that simplifying an organisation’s approach to passwords can reduce the workload on users, lessen the IT burden, and – crucially – “combat the false sense of security that unnecessarily complex passwords can encourage.”

It lists seven key steps that organisations (and individuals) can take to optimise system security, which are:

  1. Change all default passwords (well, durr)
  2. Only implement passwords when needed to minimise user overload
  3. Understand the limitations of user-generated passwords (tl:dr they encourage insecure behaviour)
  4. Except machine-generated ones have their own problems (tl:dr they’re difficult to remember)
  5. Prioritise admin, mobile and remote user accounts as these are more important/vulnerable
  6. Use account lockout and protective monitoring
  7. And, of course, don’t store passwords as plain text

Will seeming to be good, impartial advice, it’s worth remembering that this does come from the people who broke antivirus software so they could spy on people, so feel free to take it with a piece of salt if you are of a cynical disposition.

ad-blockers, apple, ios9, data, advertising

Why ad-blockers really aren’t the data privacy win you might think

Ad-blockers shot straight to the top of the paid-for apps list in the App Store when Apple’s iOS9 update that allowed users to block mobile advertising was released.

So far, so not unusual – ads are pesky little things, right? Popping-up unexpectedly when you least expect them and generally bloating pages, crucifying page load times and eating up data allowances. Not to mention their tracking qualities as well as the past searches and purchases that stalk you round the web, site after site, day after day. Nope, no redeeming features at all – let’s block them all.

Then something unexpected happened – Marco Arment, creator of the no1 paid ad-blocker Peace, pulled it from the store after just two days, saying that “success didn’t feel good”.

What exactly the problem is remains unclear, altrhough comments on the Instapaper’s founder’s blog where he talked of needing to find a “more nuanced, complex approach” offer some clues.

He added: “Ad blockers come with an important asterisk: while they do benefit a ton of people in major ways, they also hurt some, including many who don’t deserve the hit.”

What Arment seems to be alluding to is what Seth Godin termed the shared understanding that websites offer free content in return for attention. For most sites, advertising is what quite literally pays the content creation bills.

Of course, pages have become increasingly riddled with evermore intrusive ads over the past few years, and it’s hard not to see that the reader has been assailed from all sides. So the appearance of ad-blockers was only going to end one way. Or, as Godin put it: “In the face of a relentless race to the bottom, users are taking control, using a sledgehammer to block them all.”

But still the fact remains that readers and sites have been in a mutually-beneficial relationship where advertising has played a key role in funding content for which there is demand but no serious suggestion that users would pay the full creation cost. And that remains the case even as ad-blocking apps proliferate.

So if ad blocking is not the answer, what is? There is clearly change needed on both sides – advertisers needs to show self-restraint and not machine gun content over every page we open, while users need to understand that on the internet, as with so many things, we can’t simply have the good for free without giving something back.

But there also needs to be a fundamental shift in how we think about data. We don’t like these ads that follow us around, or trackers, because they feel like an assault on our privacy. Yet it is the information gained through this that allows businesses to begin to better target our wants and interests.

I say begin, as the data available to date is so thin and incomplete that it is estimated to be up to 30-50 per cent wrong, to the obvious detriment of both the business and user.

Imagine how much more beneficial for both sides a rich data set would be – useful data 100 per cent certified and licensed at source, used to target appealing ads back to that same user.

A vision for the future to be sure, but a vision that comes ever closer as the Internet of Me follows close on the heels of the Internet of Things, with companies like at the forefront of this digital revolution.

internet of things

What is the Internet of Things?

As the latest estimates claim the number of devices connected to the Internet of Things (IoT) will jump from 15 billion now to 50 billion in 2020, we look at what a connected world actually means.

What is the IoT? Well, at its most basic level, it is a network of devices fitted with data-capturing sensors that can connect to the internet, talking wirelessly to each other, applications – and indeed us. And these devices? They’re things in your home, things you wear, wearables such as Fitbit and the car you drive.

The phrase IoT has been in circulation for nearly a decade in technology circles, but only now with smart, connected devices such as thermostats and refrigerators, as well as driverless cars, becoming a reality is it something that is becoming relevant to the majority of the population.

What would a truly connected world look like? More straightforward is one answer, as all these intelligent little machines that between them know so much about us and our lives start to co-ordinate.

In classic examples, your alarm clock wakes you up and then tells your coffee machine to start boiling ready for a morning cuppa, while on the drive to work your car knows the quickest route for where and when you need to be, and can even text whoever you’re meeting if you’re running late.

Lots of smart devices, collecting and streaming huge amounts of user data and providing real-time information on, well, just about anything. Performing nominated tasks on demand and combining to make life as frictionless as possible. After all, how much easier would life be if your house’s heating could tell it was about to break and was able to summon an engineer itself before it actually did so?

And these devices could bring real benefits, not least cost as well as convenience, to all our lives. The heating that knows to turn itself off or down on a sunny day will save individual users money, as potentially could smart cars that send data about how they are being driven to insurance companies to feed into premiums.

The decreasing cost of computer power means there is no cost barrier to entry for putting sensors that can generate data in the most mundane items, and there is clearly no shortage of opportunities for smart machines that can do something in addition to their primary, practical purpose.

With so much data zipping around, questions about privacy and security are at the forefront of concerns and there are clearly many debates to be had around the IoT, its limitations and indeed its strengths.

But one thing is not in doubt – a huge amount of data is going to be generated, and how that is analysed and interpreted is going to be key to how successful the IoT is, for individuals and businesses alike.

Of course, at, we believe in returning the power of data to the owner, for them to use and permission as they wish, in both their personal and public lives.

The Internet of Things, and its natural successor the Internet of Me, where the individual is at the centre of their connected life, is a natural fit for us, as control returns to the user. Businesses need accurate rich data, which an individual is best placed to provide – but only if they want to and only if it is worth their while.

Leveraging the IoT is the dream for many companies, but here at we’re already got a headstart – and you can  try it out for yourself with a free download of our amazing app.

trust (2)

Could the great personal data sell-off affect you?

The biggest danger to your personal data could be hiding in plain sight – and the law is not on your side.

We’re constantly warned to take care with our data. Be careful who we give it to, know what they want it for. Control it, be cautious with it, take care that those who guard it are taking appropriate security measures.

Yet a simple loophole that could see your data being sold on, even if you had instructed the company not to do this when handing it over, has come to light. And it’s perfectly legal, and happening frequently.

When a company who has your data goes into administration and appoints liquidators, they are charged with making as much money as possible from any remaining assets to reduce the debt to creditors. And guess what has a lot of commercial value? Yes, correct – your data.

This data, this personal information about you shared in good faith with one company, is now an asset for sale, available to the highest bidder who can in turn do what they want with it.

While the Information Commissioner’s Office states that anyone handing over their data has a “reasonable expectation” of how that data will be used,  selling it on, often to a company in the same industry, does not seem to breach this – in practice if not in spirit.

This astounding state of affairs was highlighted this week by a consumer programme on BBC Radio Four, where a woman from London was, in her words, “innundated” with emails and calls from other providers after the ferry company she had used went bust.

Adamant that she had “ticked boxes” stating her details should not be passed to third parties, she was powerless when liquidators Ernst and Young were appointed and the customer list was, quite legally, sold on. As she started being “bombarded” by unsolicited contact, she asked one where they had got her details from, and was told it was from the receivers. The same receivers who never contacted her to ask permission to sell on her data.

She told the programme: “The government are always saying you need to look after your data and you shouldn’t share it with people you don’t know, and then then they take it upon themselves to nominate someone who can sell it on and I think it makes a mockery of keeping your business private.”

An insolvency expert told the programme that, while not familar with that exact case, the underlying action was widely recognised as acceptable. Companies, those holding data and those acting as receivers or liqiuidators, are required to follow data protection laws, but crucially that doesn’t restrict data from being sold on as a commodity. Which is a pretty shocking state of affairs.

Stories like this highlight how powerless consumers are in many ways once they hand over their data, losing control of where it goes and what it does without ever having done anything wrong.

While never sharing any data is unrealistic if you want goods and services in this modern age, sharing the bare minimum is obviously good practice.

Companies such as are working on solutions to these trust issues, building a data-driven future where you are at the centre of your connected life, crucially in complete control of who has access to your data and what you get in return, but the full realisation of this is some way off.

But you can start claiming back some control by downloading a free version of our app now, collecting information about you distributed across various social media sites and reclaiming it for your own use and purpose.

Facebook (2)

How to check your Facebook privacy settings

Facebook is a social giant that holds huge amounts of personal information about each of us.

Facebook is also renowned for changing its privacy policies frequently and not necessarily advertising this fact, so it pays to check at regular intervals that you’re only sharing what you post (as well as what you have posted and will post in the future) with the audience you expect.

So, how can you check what your current settings are? Partly in response to criticisms that it wasn’t open enough about what info was being shared, Facebook has a new tool called Privacy Check-up.

Accessed from the padlock dropdown at the top right of the page, the privacy shortcuts panel that opens up gives you options for a quick check of who can see your stuff, who can contact you and what you can do is someone is bothering you.

While these options are helpful, the top option is to open the Privacy Check-up, which then takes you through your privacy basics in three quick and easy sections.

The first looks at your Posts,  explaining that this setting controls who can see what you post from the top of your news feed or profile, as well as showing what your current setting is, and giving an obvious drop-down if you want to make changes for future posts.

The next step is Apps, with a list of what you’ve logged in to with Facebook. It explains that you can edit who sees each app you use and any future posts the app creates for you, or delete the apps you no longer use. It also gives you a link to the App Settings with a reminder that you can edit them at any time.

The third page covers your profile and personal information – so who can see the likes of your mobile number, email and date of birth if you have shared them with Facebook. It also reminds you that you may have shared more information about yourself and recommends you check your About page to see that is up to date as well.

Then you’re finished, safe in the knowledge that you’re only sharing what you post on Facebook with the people that you want to see it.

And, of course, once you’re done, don’t forget to download for free to back-up your posts and pictures forever, giving you ongoing access to them even if you decide to delete your account in the future.


Online privacy – is there a simple route to the ‘Internet of Me’?

Privacy concerns continue to grow over personal data use and leaks, and this week those concerns were highlighted in the New Scientist in their editorial (29th August –  From reflecting the opinion of many that “Privacy is dead”: to asking how we got here, “Data has become currency”; to thinking about solutions, “Such systems are complex”; to worrying that if the effort to restore privacy doesn’t start soon then “vested interests may become too deeply entrenched to overturn”.

If we think the solution is complex as suggested by the New Scientist, then it is less likely we’ll find the right answer; however, I would like to suggest that there is in fact a very simple solution.

To see what that simple solution is we need to think why our data is so valuable and therefore why businesses are trying to track us. The answer is because the businesses believe they can provide better services , better convenience or sell more to us if they know who we are in many different dimensions.  If this were not true then there would be no value in our data and no value in tracking us.

But how good is the data they get? – not very is the actual answer. This is why of course ever more complex and invasive methods of tracking and associating data are being deployed – at great cost.  Even then the best anyone gets is a thin slice of you which can be 30-50% wrong.

Even this poor performance is threatened by the new ad blocking, do not track and other privacy ‘solutions’ now being deployed.  No one is winning here: not the individual nor the businesses.

Is there a better way? – to use the marketers phrase a “win-win” for both consumers and businesses? The answer is yes there is and what is more it is straightforward.

If I own, hold and control all my own data then businesses can come direct to me and ask for that data.  They get access to Rich data: data which covers a much wider set than they can get by tracking; which is deeper in time; which is 100% accurate, with no association errors (it is about me because it comes from me); which is fully permissioned; which is simple to get – just one person to come and ask.  If a business can get Rich data easily and very cheaply then why would they pay more for worse data obtained through tracking? Not only would they pay more for less they would also not get our trust.

By coming direct to us they get Rich data, cheaper, easier and with our trust.  When more and more businesses start to do this the market for tracked data will diminish and then disappear – a better solution for everyone.

How do we get there? We need software in place which gathers and holds our data for us on our own devices and cloud infrastructure, and which enable businesses to come to us for data which we can authorise (or not).  Luckily this process has started already, for example our company – see, and there will be others joining the party too.

Privacy is not an insoluble problem, nor a difficult win. You just have to look at the motives of everyone involved and fashion a simple win-win solution.

Oliver Wendell Holmes, the famous 19th century American physician and writer said: “I wouldn’t give a fig for the simplicity this side of complexity but I’d give my life for simplicity on the far side of complexity”.

With regards to privacy that simple solution the other side of complexity exists – it is that we own and control our own data on our own devices.  An “Internet of Me”, where I am truly the centre of my data world.