Discussion – Collecting Personal Data

Question: Consider a company such as Stitch Fix that collects data. What other companies collect our personal data? How might this consumer-driven data be used, sold, or even compromised to the detriment of us as individuals? Or is this a new reality/paradigm of privacy, and therefore we simply need to get over it? 

Response: I can understand how this can be viewed as a privacy breach but at the same time, I disagree. I honestly don’t see a problem with companies having access to these things. I feel like some of that information, depending on how deep it is, should be protected. If this is information is being voluntarily given then I don’t see it s a breach of privacy. Using the example of that small company, Stitch Fix was able to amass its customer base by its “user friendly” experience. Customers are able to input their body measurements to find clothes that would fit them easier. I think of it as a filter to find the best match for you. customers are giving out this information simply for convenience and if they thought that it was too personal then it wouldn’t have been shared. I feel like having an issue on this scale about body measurements being a privacy breach is like when tiktok asks you what your personal interests are so that it can cater prefer certain videos to you. I would say that there is no price to pay in this sense and there are plenty of websites and companies that you our data for gain. Simply surfing the internet will get you catered information based on your searches and I don’t see that as problematic, just convenient. So yes, you made a deal with the company or website of your choosing. You chose to enter your information and companies will use it for better searches for you and more money for them.

TLDR: You chose this, this is the reality of things so get over it

Discussion – Cyber Law Topics in the News

Question: Find an interesting recent (within the past year) news story or article related to a Cyber Law topic. Summarize the content of the story and share a personal comment or insight relating to the story.

Response: https://thehackernews.com/2022/04/chinese-hackers-target-vmware-horizon.html

To summarize this article, there is a Chinese hacker group called Deep Panda and they targeted VMware’s Horizon servers to leave backdoors and rootkits in the ones with log4shell for the purpose of gathering data from academic, financial, cosmetic, and travel industries. Deep Panda is a notorious group dating all the back to 2010 and was “crowned” the most advanced Chinese intrusion group by the Crowdstrike firm. I found this article kind of surprising because ODU has been using VMware horizon as their virtualization tool for cyber students to learn on. In fact, i just checked my desktop and i still have it downloaded and i remember using it very frequently. After digging a little deeper, it turns out that VMware and been under attack since early January which shocks me because it seems like this attack was deep if they are still struggling to recover from it. Also, I’m gonna assume we haven’t been affected since there hasn’t been any notification from the cyber department and ODU so here’s to hoping we stay that way.