Point of Privacy

I came face to face with an obvious Ai driven face recognition terminal at the payment desk of a high street retailer.

So not only do they have my payment history and patterns, but my full bio iD (obtained without my permission). Should I submit a subject access request or just let it fly. Maybe I just shop somewhere else now or cover my face on every purchase.

I guess it’s the same approach that cash machines take when your image is taken on every withdrawal.

The most unnerving element was watching the small screen at the payment point with my face being tracked. There are no hiding spots in public spaces so just get used to it.

I did catch a glimpse of a social media campaign encouraging people to go totally offline for the day seemingly in protest of how connectivity dominates our personal lives. The real challenge is we don’t really have the mental toughness to turn it all off.

September 20, 2025October 19, 2025

Double Boss level completed

I’ve been tinkering for a while now, tweaking my expertise but not really using it to full effect. Having defeat two major bosses, I am now moving onto a new chapter fully geared up with new independant mobility stepping into a unknown path.

Rambling ramble but basically I’m a happy boy with over.

With DUAA now in force, it’s time to tweak my approach to data permissions and change tactics.

March 31, 2025March 31, 2025

Tweaking your victim profile

The Netflix movie – The Accused was so intensely accurate in terms of what has happened and could indeed happen again to someone being wrongfully accused via our glorious social media ecosystem.

I had to stop watching it halfway through just to analyse the touch points (spoiler alert) –

Reading classification – personal threat, injury detail, discrimination, suicide

The victim profile

Threat / event	Possible risk counter measures
High number of followers 200+	Do you know all these people?
Open profile – public access to personal data, followers, posts etc	Limited how unknowns can tag you
Connected family and friend’s profiles are open and contain meta data such as location details, home address etc	Limited how unknowns can map your relationships
Phone location services open	Turn off when no Apps not in use
Images taken by 3^rd party in public revealing location	Tough one to tackle as people are always snapping
CCTV data mapped with social media	Almost impossible to hide
Monitoring a hashtag in real time	No real reason to do this unless you are actually going to react
Online rumour pushed as fact	Response to accusations in real time by key social media channels, put out a pubic statement, engage a legal advisor.
Online threat to life reported by phone	Report online and get a crime number
Open-source intelligence (OSINT) data used to compile and share personal data on public forums anonymously.	Check yourself to see what you are sharing publicly

Sometimes you just need to help yourself

March 1, 2025March 1, 2025

Newly Identified Defendants

The arena of International Law, Digital crime and Money creates an absolute boiling pot of complex, interconnected issues that can sometimes be difficult to understand. The case of Microsoft Corporation, Plaintiff verses Defendants in a Civil Action No. 1-24-cv-2323 in Virginia USA where the plaintiff disabled the abuse of their system and then took legal action is bedtime story reading.

The defendants were truly global and included end-users of a hacked system. Defendants were named and shamed but apparently the legal counsel of the plaintiff had personal information leaked publicly (Doxing).

So much for privacy.

No one in the case is off-limits and brings a point that privacy is a gargantuan task nowadays where even high-level operatives are vulnerable to attack and exploitation.

Every run Data classification for our personal stuff?

November 29, 2024November 29, 2024

It’s not business it’s personal

Ever tried watching a small business owner struggle to send private data securely? Inadvertently, they fallback to sending passport or credit card details over WhatsAPP. Not so bad as it’s end-to-end encryption right?

“WhatsApp does collect certain metadata, such as information about your contacts and communication times. This metadata is not protected by end-to-end encryption and can be shared with parent company Meta (formerly Facebook) and, under certain circumstances, with law enforcement agencies.”

So this is not so bad and you have nothing to hide right?

Not many small business owners have the time or money to spend on drilling down to the right controls that should be in place for their business and naturally use what they use in the personal lives which often means the bare minimum.

Additonally, unless directly linked to finanical issues Data protection comes in last. So what can be done prior to a data breach incident for small business?

Firstly, take the personal pulse out of the mix and work with someone who is tech savvy and thinks like a business person with risk in mind.

Happy, Cyber Truck hunting.

M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28