Follow Mark on LinkedIn Follow @marknca on Twitter Follow marknca on YouTube
marknca

Mornings With Mark
no. // 0 0 0 0

Ethics In Technology & Security

Subscribe to the podcast.

Watch the episode here

Join the discussion on LinkedIn

Tweet about this episode

Full machine generated transcript follows

Everybody let's give me a quick one. I am down in beautiful as ever you go. Now. You see me. I'm down in beautiful. Sunny Miami Florida here for an internal Trend Micro event. Then the keynote is about to start in a few minutes. I do not have that long for mornings with Mark even though this is episode 50.

So thank you for coming along on this journey. I'm going to keep going I think it's been really productive. I find a lot of value in it. I hope you do as well as start some really cool conversations and last week. We were talking a lot about getting started in cyber security.

What do you need to know? How do you break in and there's a ton of great stuff there where they keep talking about that later on in this week. But what I say, I wanted to let you know what I was sore on my mind today. I'm because I had a bit of an adventure getting down here from all the way yesterday and we got detoured and rerouted.

So I had a ton of time on the plane ticket to enter to reading a book and it was really interesting novel. I buy Rob Reed. It's called Always on let me just double-check after on. That's it. Show me to company that goes way too far and they are in a selling access the feeds all this kind of crazy stuff, but it's under its roots is a I answer the impact on society.

That's a lot to take in on the novel. And I know that's not what I really want to talk about those great book. You should absolutely read what I want to talk about what sort of Ethics around security and around technology because I think that's an important subject. It's often ignored unfortunately.

So I know I took a lot of I took a couple extras affix courses part of my graduate degree, but it's not really normally offered is undergrad or not a question raised often as we've seen some examples of you. Should we be doing this? And the thing I was most relevant in the news lately is the location smart Securus a location tracking for cell phone users in North America have so these are companies that have a grievance with the cell providers because the cell providers are legally restricted from providing that information to third parties and these companies are doing as middlemen essentially and then he been going off to Other companies like 3cinteractive to sell it where you law enforcement can get access without an a warrant but also other companies and data Brokers can get this access and that's really where things get interesting is the user agreement that you signed in this ties back to the novel and getting user agreement signed is basically carte blanche for companies.

They are able to our city carpet long. Should I parboil been a long day so User agreement essentially gives companies car belongs to do whatever they want. And because every user agreement I've ever seen and read unread a lot of them Unfortunately. They have this sort of closet Beyond this is all weekend update this anytime we want and yes legally, they're probably covered but should they be doing that? That's a question.

We have Security Professionals need to ask ourselves quite often, especially around and intrusive technologies that we're deploying so years ago, I have this challenge come up when I was working as an organization. We were deploying on web filtering web proxy technology. So we had the ability to look into the web traffic going out and see was the surfing what these kinds of things and we had a strong discussion came out with a you're really strong a position and policy that the team here to I communicated of clearly saying here's how this technology works here is how our process works to use it.

We are not looking at traffic unless there's a significant event that triggers us into an investigation that involves HR this that the other thing so the fact that we had that discussion I think is what Relevant here because obviously ewee is consumers are not having that discussion with the community.

I am or we thought we did and set the law in place to prevent isps and mobile providers for providing that information yet. They're going around it and is perfectly legal way but is it the right way and I know morals and ethics change depending on where you are in the community of the Norms, but I think as we go more Global and be digital citizens, we really need to adjust and have these conversations more regularly.

We need more granular privacy controls. We don't need these blanket eula's that say. Oh, I agree to use your service. Therefore. I agree to anything you want into throat time in perpetuity just because we can doesn't mean that we should it's an interesting question. You can spend years debating it diving into it for a Surfers and ethicist have for a long time.

But I think my take away for you for today is that you should read this book after on phenomenal book. Very interesting. It's a novel. It's a cool adventure story. But more importantly the takeaway here is that we need to actively have these types of Ethics discussions because we have an insane amount of power at our fingertips at especially being security and privacy professionals just because we can should we that's what we need to start asking more often.

I think, you know, that's a constant discussions not a one-time discussions and ongoing constant conversation. We need to enable technologies that allow us to have more fine grain control over what's going on and allow users have fine-grained control over their information and their position online lost the think about big weighty subject despite the beautiful surroundings again, I got a jet to get into this event.

I'll be tweeting some stuff out today. I'm sure but I'll be back tomorrow with another mornings with Mark. Thanks for coming along with the ride. I looking forward to next 50 episodes take care of you and have a great Tuesday cuz it's Tuesday, and I knew that without even thinking take care.

Everybody let's give me a quick one. I am down in beautiful as ever you go. Now. You see me. I'm down in beautiful. Sunny Miami Florida here for an internal Trend Micro event. Then the keynote is about to start in a few minutes. I do not have that long for mornings with Mark even though this is episode 50.

So thank you for coming along on this journey. I'm going to keep going I think it's been really productive. I find a lot of value in it. I hope you do as well as start some really cool conversations and last week. We were talking a lot about getting started in cyber security.

What do you need to know? How do you break in and there's a ton of great stuff there where they keep talking about that later on in this week. But what I say, I wanted to let you know what I was sore on my mind today. I'm because I had a bit of an adventure getting down here from all the way yesterday and we got detoured and rerouted.

So I had a ton of time on the plane ticket to enter to reading a book and it was really interesting novel. I buy Rob Reed. It's called Always on let me just double-check after on. That's it. Show me to company that goes way too far and they are in a selling access the feeds all this kind of crazy stuff, but it's under its roots is a I answer the impact on society.

That's a lot to take in on the novel. And I know that's not what I really want to talk about those great book. You should absolutely read what I want to talk about what sort of Ethics around security and around technology because I think that's an important subject. It's often ignored unfortunately.

So I know I took a lot of I took a couple extras affix courses part of my graduate degree, but it's not really normally offered is undergrad or not a question raised often as we've seen some examples of you. Should we be doing this? And the thing I was most relevant in the news lately is the location smart Securus a location tracking for cell phone users in North America have so these are companies that have a grievance with the cell providers because the cell providers are legally restricted from providing that information to third parties and these companies are doing as middlemen essentially and then he been going off to Other companies like 3cinteractive to sell it where you law enforcement can get access without an a warrant but also other companies and data Brokers can get this access and that's really where things get interesting is the user agreement that you signed in this ties back to the novel and getting user agreement signed is basically carte blanche for companies.

They are able to our city carpet long. Should I parboil been a long day so User agreement essentially gives companies car belongs to do whatever they want. And because every user agreement I've ever seen and read unread a lot of them Unfortunately. They have this sort of closet Beyond this is all weekend update this anytime we want and yes legally, they're probably covered but should they be doing that? That's a question.

We have Security Professionals need to ask ourselves quite often, especially around and intrusive technologies that we're deploying so years ago, I have this challenge come up when I was working as an organization. We were deploying on web filtering web proxy technology. So we had the ability to look into the web traffic going out and see was the surfing what these kinds of things and we had a strong discussion came out with a you're really strong a position and policy that the team here to I communicated of clearly saying here's how this technology works here is how our process works to use it.

We are not looking at traffic unless there's a significant event that triggers us into an investigation that involves HR this that the other thing so the fact that we had that discussion I think is what Relevant here because obviously ewee is consumers are not having that discussion with the community.

I am or we thought we did and set the law in place to prevent isps and mobile providers for providing that information yet. They're going around it and is perfectly legal way but is it the right way and I know morals and ethics change depending on where you are in the community of the Norms, but I think as we go more Global and be digital citizens, we really need to adjust and have these conversations more regularly.

We need more granular privacy controls. We don't need these blanket eula's that say. Oh, I agree to use your service. Therefore. I agree to anything you want into throat time in perpetuity just because we can doesn't mean that we should it's an interesting question. You can spend years debating it diving into it for a Surfers and ethicist have for a long time.

But I think my take away for you for today is that you should read this book after on phenomenal book. Very interesting. It's a novel. It's a cool adventure story. But more importantly the takeaway here is that we need to actively have these types of Ethics discussions because we have an insane amount of power at our fingertips at especially being security and privacy professionals just because we can should we that's what we need to start asking more often.

I think, you know, that's a constant discussions not a one-time discussions and ongoing constant conversation. We need to enable technologies that allow us to have more fine grain control over what's going on and allow users have fine-grained control over their information and their position online lost the think about big weighty subject despite the beautiful surroundings again, I got a jet to get into this event.

I'll be tweeting some stuff out today. I'm sure but I'll be back tomorrow with another mornings with Mark. Thanks for coming along with the ride. I looking forward to next 50 episodes take care of you and have a great Tuesday cuz it's Tuesday, and I knew that without even thinking take care.