Shaheen N Abdul Jabbar

Archive for the ‘Privacy’ Category

Nandan Nilekani’s…..Fully integrated ID card system for Indian citizens!!

Operator : “Thank you for calling Pizza Hut . May I have your…”

Customer: “Heloo, Heloo, can I order..”

Operator : “Can I have your multi purpose ID card number first, Sir?”

Customer: “It’s he…,hold……….on……889861356102049998-45-54610″

Operator : “OK… You’re… Mr Singh and you’re calling from 17 Jal Vayu. Your home number is 22678893, your office 25076666 and your mobile is 09869798888. Today morning you landed in India at IG International Airport. Welcome back, Sir. Which number are you calling from now Sir?”

Customer: “Home! How did you get all my phone numbers?

Operator : “We are connected to the system , Sir”

Customer: “May I order your Seafood Pizza…”

Operator : “That’s not a good idea ,Sir”

Customer: “How come?”

Operator : “According to your medical records, you have high blood pressure and even higher cholesterol level Sir”

Customer: “What?… What do you recommend then?”

Operator : “Try our Low Fat Pizza. You’ll like it”

Customer: “How do you know for sure?”

Operator : “You borrowed a book entitled “Popular Dishes” from the National Library last week Sir”

Customer: “OK I give up… Give me three family size ones then, how much will that cost?”

Operator : “That should be enough for your family of 05, Sir. The total is Rs 500.00″

Customer: “Can I pay by! Credit card?”

Operator : “I’m afraid you have to pay us cash, Sir. Your credit card is over the limit and you owe your bank Rs 23,000.75 since October last year. That’s not including the late payment charges on your housing loan, Sir..”

Customer: “I guess I have to run to the neighbourhood ATM and withdraw some cash before your guy arrives”

Operator : “You can’t Sir. Based on the records, you’ve reached your daily limit on machine withdrawal today”

Customer: “Never mind just send the pizzas, I’ll have the cash ready. How long is it gonna take anyway?”

Operator : “About 45 minutes Sir, but if you can’t wait you can always come and collect it on your Nano Car…”

Customer: ” What!”

Operator : “According to the details in system ,you own a Nano car,…registration number GZ-05-AB-1107..”

Customer: ” ????”

Operator : “Is there anything else , Sir?”

Customer: “Nothing… By the way… Aren’t you giving me that 3 free bottles of cola as advertised?”

Operator : “We normally would Sir, but based on your records you’re also diabetic……. ”

Customer: #$$^%&$@$% ^

Operator : “Better watch your language Sir..Remember on 15th July 2010 you were convicted of using abusive language on a policeman…?”

Customer: [Faints]

Here is an excellent use case for a badly implemented identity system. Thanks to my friend Lakshmi K (last name purposely not given) who forwarded this joke to me.  I couldn’t resist posting it to this boring security blog. I guess some humor adds some spice!

The Unique Identification Authority of India, or the UIDAI, is an agency of the Government of India responsible for implementing the envisioned Multipurpose National Identity Card or Unique Identification card (UID Card) project in India. It was established in February 2009, and will own and operate the Unique Identification Number database. The authority will aim at providing a unique number to all Indians, but not smart cards. The authority would provide a database of residents containing very simple data in biometrics. [Wikipedia]

My first encounter with social groups is on eGroups, which later became yahoogroups. I would say that was the first well-known social networking media. Then there are forums and websites like Orkut, LinkedIn and Facebook. I use these tools to connect with people and keep in touch. Once in a while I do update them with what I am up to or what is going on in my mind.

However, if I have to advertise everyone of my single moment, that’s like having someone follow me everywhere. I need to have my own privacy. Of course I am a social being, but there is a limit to which I can allow others to interfere with what I do. So far, the value I found in Twitter is to have someone follow me everywhere, which I don’t favor much. It may help an enterprise to advertise their new products or update their users with product updates. However, it may not suitable for an individual who values privacy.

So far, I am happy with other social networking tools. With recent DoS attack, I am just curious about Twitter’s maturity. Can it protect my identity on it?

This is my first blog in August, decompressed after the Burton Group Catalyst conference.

A recent survey by the Canadian Press Harris-Decima poll on the internet traffic management in Canada suggests one in five surveyed supports the idea as long as all users are treated fairly.

From the Internet Service Provider’s (ISP) point of view, they are doing the right thing by reducing clogs during peak-use-time due to peer-to-peer file sharing services. However, I believe that type of service comes with a cost to regular subscribers. In order to execute such monitoring service, ISP will need to know activities of each and every subscriber which breaching their privacy. The Privacy Commissioner of Canada should be involved in the discussions that Canadian Radio-television and Telecommunications Commission (CRTC) are currently having ensuring the privacy of Canadians.

With regards to the Canadian Press Harris-Decima survey, I am curious if the survey ever educated the respondents with the details especially about the ramifications to the regular ISP subscriber if the ISP is allowed to shape internet traffic. According to the report by the Canadian Press, 54 per cent of the respondents did not know whether the traffic management affects them personally.

Couple this with two recent bills – the Investigative Powers for the 21st Century Act and the Technical Assistance for Law Enforcement in the 21st Century Act – just introduced before the House of Commons that will allow police to collect information about Canadian Internet users without a warrant and to activate tracking devices in their mobile devices and cars; wouldn’t it be a free pass to the privacy of every Canadian internet user?