privacy rights

19 petitions

Started 3 months ago

Petition to Tim Cook

Improve email privacy on Apple devices

Privacy is a human right. We exchange thousands of emails over the years. All these text and attachments provide insight about our private lives and private businesses. Currently all this information can be stolen by hacking into your email account. But there is a way to protect it. It is a technology which is already built into Apple’s Mail App on iPhone, iPad and Mac. It is not just Apple software it is also built into Microsoft Outlook on Windows computers. The problem is, it is nearly impossible for a regular user to understand and configure it. Because of that the usage is minimal and user complaints about the bugs and other problems are not high enough to get on Apple engineers’ radar to fix the problems. It is time to champion email privacy. To support this I released a free app called Secutor on Apple’s App Store. But it is not enough. The bugs and inconsistencies with the user interface that one needs to deal with nearly makes the use of this technology impossible.    I’m asking a top to bottom encouragement at Apple to fix email privacy of their customers.    Please help me to get this issue all the way up to Apple’s CEO Tim Cook to solve it. Mr. Cook last year showed exemplary leadership about the privacy of the data of their customers, I call on his leadership to fix email privacy on Apple’s devices and show Apple’s leadership in respecting their customers’ privacy.     After all, article 12 of declaration of Human Rights by United Nations, establishes that Privacy is a Basic Human Right.   

Tony Yustein
50 supporters
Started 4 months ago

Petition to Rob Bishop

Protections for US Citizen's Identity (PII) - #equifax

Shouldn't we, as citizens, have better ownership and rights to our Personal Identity Information (PII)? At the very least can we establish an expectation of easy access, control, and accountability with those who collect and use this information.  If mishandled, it can destroy lives and have decades of impact, yet increasingly it seems the precedent is being set that a breach like Equifax's can be resolved with credit monitoring for a year.The Equifax problem highlights a gaping hole we have in the USA around PII protection.  The free market will not fix this situation because the people they collect the data on are unwilling customers (even more so for the credit reporting agencies).  We have no choice to opt out let alone easily manage our data, and those who buy the credit scores (lenders) treat the simple presence of identity information as authorization and authentication, and they don't care because they are not affected when there is a data breach, and if there was identity fraud, the burden of proof is backwards.  The victim has to prove they didn't commit the crime! Regulation can be dangerous, but it seems this is a situation where it is called for: when a citizen's liberty is being trampled; and the Equifax breach will trample on people's liberty for decades to come – yet they are offering a pittance of one year's credit monitoring as if this will help for a lifetime of damage.  Perhaps the EU's GDPR takes things a bit too far for the USA, but it can be used as a reference point, and we need something in our citizen's rights to their own identity in this modern world. Some identity information is already protected at the state and some federal levels, but we need to take it further; including acceptable recourse when there is a breach of key identity information. Options to consider: Fixing the Missing link - Authentication. Companies using our PII data should be culpable for mishandling this data, including strong penalties along the lines of GDPR.  If negligence is found, they should be able to pierce the corporate umbrella and target individuals as well at the executive level with criminal charges.  Corporations need to take this seriously. Classification of our PII data (Name, Phone, Address, SSN, DL#, and other bank/credit account information) that comes with requirements for people collecting and handling it, giving us rights to our own identity. It has to be easy for identity owners (each of us) to correct misinformation – as easy as it was for the entity to collect it in the first place.  Used for cleaning up identity fraud. It should be free and easy for us to lock our credit information and restrict it from being used without our consent.  Currently, this can be done, but it is a charged fee.  Why are we charged to control our own information? Companies using PII data should have to easily make available a report to the individuals for whose data they have, without fee, for what they are reporting, and who they reported it to (this can be done online). Change finance identification law so that the victim is presumed innocent until proven guilty (such as in the case of identity theft.) The lender who fails to perform acceptable due diligence loses (the presence of PII is not sufficient as is being done now). This would be a powerful motivation for the finance industry to adopt new techniques that minimize their risk, and it would help reduce the impact of data loss in a PII breach.  Right now lenders accept the presence of identity as authentication, and this is wrong.

Brandon Gillespie
68 supporters