Recherche avancée

Sur d’autres sites (6337)

• 4 Ways to Embed User Privacy & Data Security in Your Business

  15 juillet 2022, par Erin — Privacy

  Customer analytics undeniably plays a vital role for businesses. Product improvements, interface personalisation, content improvements, and creative advertising thrive on data. 

  Yet, there’s a fine line between being a customer-centred company and a privacy-violating one. 

  Due to ubiquitous online tracking, 62% of Americans now believe that it’s impossible to go about their daily lives without companies collecting data about them. Still, despite the importance of privacy in business for consumers, companies are reluctant to act. Privacy initiatives often stay on the back burner due to perceived complexity. That’s true to some extent.

  Privacy in business does assume complex technical changes to your data management. But to be a privacy-centred organisation, you also need to re-think your processes, practices, and culture. 

  Here are four ways to start your journey to better user privacy and data security. 

  1. Revise Your Data Collection Process to Gain Consumer Trust 

  The public is wary of sharing data with businesses because they are suspicious of its subsequent usage. 

  However, not all data collection is bad or wrong. In many cases, you need specific data for service delivery, compliance, or good-natured personalisation. 

  That’s exactly what consumers expect. Almost half of US consumers say they’d trust a company that limits the amount of personal information requested and only asks for data relevant to its products/services. 

  By limiting data collection and offering transparent data usage terms, you can : 

  • Reassure reluctant users to try your product or service — hence, boost conversions and sales. 
  • Retain existing audiences by gaining their trust, which leads to loyalty and higher customer lifetime value (CLV). 

  To gain consumers’ trust, implement proper consent and opt-out mechanisms. Then create educational materials about how you are collecting and using their data.

  2. Perform Data Mapping to Determine Where Sensitive Data Rests 

  Businesses are already pressed with an expanded cyber-security radar, courtesy of remote work, digital payment processing, IoT device adoption, etc. Yet, 41% of the executives don’t think their security initiatives have kept up with the digital transformations.

  Loopholes in security eventually result in a data breach. The average cost of a data breach looms at $4.24 million globally. The sum includes regulatory fines and containment costs, plus indirect losses in the form of reduced brand equity and market share. 

  Lax data protection in business also undermines consumer trust : 87% of consumers wouldn’t transact with a company if they had qualms with its security practices. 

  To improve your security posture, analyse where you are storing sensitive consumer data, who has access to it (internally and externally), and how you are protecting it. Then work with cybersecurity specialists on implementing stronger consumer security mechanisms (e.g. auto-log offs, secure password policy, etc) and extra internal security policies (if needed). 

  At the same time, start practising data minimisation. Ensure that all collected data is : 

  • Adequate – sufficient to meet your stated objectives 
  • Relevant – is rationally linked to the objectives 
  • Limited – no unnecessary data is collected or stored
  • Timely – data is periodically reviewed and removed when unnecessary 

  

  These principles prevent data hoarding. Also, they help improve your security posture and regulatory compliance by reducing the volume of information you need to safeguard.

  3. Do an Inventory of Your Business Tools

  Data leaks and consumer privacy breaches often occur through third parties. Because Google Analytics was deemed in breach of European GDPR in France, Austria and Italy, businesses using it are vulnerable to lawsuits (which are already happening). 

  Investigate your corporate toolkit to determine “weak links” – tools with controversial privacy policies, murky data collection practices, and poor security. 

  Treat it as a journey and pick your battles. By relying on Big Tech products for years, you might have overlooked better alternatives. 

  For example :

  • Matomo is a privacy-centred Google Analytics alternative. Our web analytics is compliant with GDPR, CCPA, and other global privacy laws. Unlike Google Analytics, we don’t exploit any data you collect and provide full transparency into how and where it’s stored. Or if you want a simple analytics solution, Fathom is another great privacy-friendly option.

  

  • For online data storage, you can choose Proton Drive or Nextcloud (open-source). Or host your corporate data with a local cloud hosting provider to avoid cross-border data transfers.

  

  Aim to progressively replace Google products with more privacy-centred alternatives. 

  4. Cultivate a Privacy-Centred Corporate Culture 

  To make privacy a competitive advantage, you need every team member (at every level) to respect its importance. 

  This is a continuous process of inspiring and educating your people. Find “privacy ambassadors” who are willing to lead the conversations, educate others, and provide resources for leading the change. 

  On an operational level, incorporate privacy principles around data minimisation, bounded collection, and usage into your Code of Conduct, standard operating procedures (SOPs), and other policies. 

  Creating a privacy-centric culture takes effort, but it pays off well. Cisco estimates that for each dollar spent on privacy, an average organisation gets $2.70 in associated benefits. Almost half (47%) of organisations gain 2X returns on their privacy initiatives.

  Moving Forward with a Data Privacy Programme 

  Privacy has become a strong differentiator for brands. Consumers crave transparency and ethical data usage. Regulators mandate limited data collection and proper security mechanisms.

  But sweeping changes are hard to implement. So start small and go one step at a time. Understand which first-party data your company collects and how it is stored.

  Then look into the tools and technologies you are using for data collection. Do these provide sufficient privacy controls ? How are they using data collected on your behalf ? Finally, move to wider transformations, pertaining to data management, cybersecurity, and cultural practices. 

  Be consistent with your effort — and eventually, all the pieces will fall into place. 

• The Ultimate List of Alternatives to Google Products

  2 août 2022, par Erin — Privacy

  For many businesses, Google products can play an integral part in the productivity, function and even success of the company. This is because Google has designed their digital ecosystem to infiltrate every aspect of your work and personal life at low-to-no cost.

  On the surface, this seems like a no-brainer. Why not have a cost-effective and seamlessly connected tech stack ? It’s the complete package. 

  From Gmail to Google Analytics, it becomes hard to untangle yourself from this intricate web Google has managed to spin. But like a web, you know there’s also a catch.

  This leads us to the big question… Why stop ?

  In this blog, we’ll cover :

  Why de-Google ?

  Google products are convenient and seemingly free. However, in recent years, Google’s name has become synonymous with privacy breaches, data leaks and illegal under the General Data Protection Regulation (GDPR).

  As their track record shows a glaring disregard for data protection, a growing list of EU member countries like Austria, France, Denmark and Italy have banned Google products, such as Google Analytics, Google Workspace and Google Chromebook.

  Google offers free products and services, but not out of altruism. There’s a trade-off. By using Google’s “free” products, your customers’ and your own online activity becomes a commodity that can be sold to advertisers.

  When the risks of using Google products are considered, it becomes clear the need to plot a pathway to de-Google your business. If you’re wondering how in the world to uncoil from this web, fortunately, there are plenty of privacy-friendly, secure alternatives to Google products that you can choose.

  Disclaimer : Below, we’ve tried our best to provide a comprehensive list of alternatives to Google products for businesses, but because you know your business best, we’d also encourage you to do your own research to ensure the tool will suit your unique needs.

  Best Google alternative tools for business

  Overall business tools

  Google Workspace alternatives

  Google Workspace isn’t GDPR compliant by default, so businesses are at risk of fines and reputational damage. More EU countries are reaching the same conclusion that Google products are violating EU law. Data Protection Authorities from Norway and Denmark have deemed Google Workspace illegal in accordance with the GDPR. 

  Nextcloud

  Nextcloud is an open-source and self-hosted productivity platform that offers a suite of services to replace the major features found in Google Workspace, such as Google Drive, Calendar, Docs, Forms and Tasks. 

  You can share files and collaborate without worrying about data being shared with unauthorised individuals or companies. As a self-hosted suite, you’re in full control of where your data is, who has access to it and can comply with the strictest of data protection legislations.

  

  Zoho

  Zoho is a Google Workspace alternative built on the same principles as Google’s productivity suite. It offers a suite of online office tools, including email, calendar and task management, but with an emphasis on privacy protection. Zoho doesn’t rely on advertising revenue to support their business which means your personal data will never be sold or used for targeted ads. 

  With over 75 million users globally, Zoho offers data encryption at rest and at transit, multi-factor authentication and complies with strict security standards set by HIPAA, the Cloud Security Alliance and the GDPR.

  

  Gmail alternatives

  Google only encrypts emails via STARTTLS. In other words, your data isn’t end-to-end encrypted and can be decrypted by them at any time. Gmail also has a history of allowing third-party app developers that work with Gmail to access private and personal Gmail messages for their own market research purposes.

  ProtonMail

  ProtonMail is a secure, open-source email service that provides end-to-end encryption, so only the sender and receiver can access the messages. Proton deliberately doesn’t possess the key needed to decrypt any part of the message, so you know your sensitive business information is always private. 

  To protect users from digital surveillance, they also provide enhanced tracking protections and don’t rely on ads, so your data isn’t mined for advertising purposes. Not only that, you can also sync ProtonMail with a host of other Google alternative products, such as Proton Calendar and Proton Drive.

  

  Mailfence

  Mailfence is a highly secure communications and planning platform that offers a complete email suite, as well as, Documents, a Calendar and Groups. It provides end-to-end encryption and comes with a built-in data loss prevention system that prevents unauthorised access to your sensitive information. 

  Mailfence is completely ad-free and promises to never commercialise its databases or share data with third parties for targeted ads.

  

  Tutanota

  Tutanota is an open-source email service known as one of the first to offer end-to-end encryption. It boasts a user-friendly interface and offers a fast, simple and secure email service that works on web and mobile platforms. Stringent security, in addition to TOTP and U2F for two-factor authentication means you control who has access to your email and messages. 

  It requires no phone number or personal information to register for a free account. In addition, Tutanota doesn’t earn money through ads, its servers are based in Europe and it is fully GDPR compliant.

  

  Google Calendar alternatives

  Calendars can contain a lot of personal information (who you are meeting, location, contact info, etc.), which is well worth keeping private. 

  Proton Calendar

  With Proton Calendar all event details – participants, locations, event names, descriptions and notes are end-to-end encrypted. It has a clean and easy-to-use interface, and you get a full set of advanced features to replace Google Calendar, such as the ability to create events and reminders, add multiple calendars and set up repeating events. You can easily sync all your calendars between mobile and desktop apps.

  

  Mailfence Calendar

  Mailfence Calendar lets you manage, schedule and track your events and meetings. Similar to Google Calendar, you can invite people to events using their Mailfence email IDs, but it doesn’t track your location or email address.

  

  Tutanota Calendar

  Tutanota Calendar offers built-in encryption, so no one else can decrypt and read your information.

  You can keep track of your appointments and meetings in a secure environment that only you have access to. You get features, such as day/week/month view, all-day events, recurring events, upcoming events view and shared calendars. You can also sync it with other apps such as Outlook.

  

  Nextcloud Calendar app

  Nextcloud also offers a Calendar app which easily syncs events from different devices with your Nextcloud account. You can integrate it with other Nextcloud apps like Contacts, Talk and Tasks.

  

  Google Drive alternatives

  The GDPR emphasises end-to-end encryption as a safeguard against data leaks, but Google Drive isn’t end-to-end encrypted, so Google has access to the data on its servers. 

  In their privacy policy, they also state that this data can be analysed for advertising purposes, so although you’re using “free” Cloud storage, users need to be aware that they’re paying for this by giving Google access to any and all data stored in Google Drive.

  Proton Drive

  Proton Drive is a secure and private Cloud storage service that provides you with an easy-to-use, customisable and secure file management system.

  It uses end-to-end encryption to secure your data and keep it safe from prying eyes. As you have full control over your data, you can decide how long it’s stored and who has access to it. You can also choose how much of your information is shared with other users.

  

  Nextcloud

  Nextcloud works on your own server, so you can access and share your data wherever you are. It’s a file hosting service that lets you store files, sync them across your devices and collaborate with others on projects. 

  It also provides encryption for all the files that you store on its servers, so you can rest assured that no one can see your information without your permission.

  

  Syncthing

  Syncthing is a free, open-source file synchronisation program that allows you to store and access your files wherever you are. It’s designed to be fast, secure and easy to use, making it a great alternative to Google Drive. 

  With Syncthing, you can sync files across multiple computers and mobile devices at once. So if you create, delete or modify files on one machine, they will automatically be replicated on other devices. Data is saved directly to a location you choose, so you can securely backup your data without needing a third-party cloud service.

  Google Docs alternatives

  Google states they can “collect information” from Google-hosted content such as Docs by means of automated scanning. 

  Not only does this stoke spying fears, it also raises concerns over who holds power over your content. If they look through your docs and decide that you’ve violated their terms of service, you can get locked out of your Google Docs – as was the case when a National Geographic crime reporter had her story “frozen” by Google.

  LibreOffice

  LibreOffice is a free, open-source office suite with all the features you need to create and edit documents, presentations and spreadsheets. It’s compatible with many different languages and all Microsoft Office file formats. 

  Unlike Google Docs, LibreOffice doesn’t store your documents on the Cloud. As it runs on your own computer, you maintain complete control and the data is kept as private and as secure as you wish. LibreOffice also has an online version that works with most web browsers and can be used on Windows, Mac and Linux operating systems. 

  The open-source nature ensures security as the code is constantly improved and scouted for vulnerabilities.

  

  Nextcloud Office

  Like Google Docs, Nextcloud Office lets you create new documents and spreadsheets and collaborate with teammates or colleagues. But unlike Google Docs, Nextcloud doesn’t collect any data on who is using its platform, or what they’re doing on it. You can even encrypt the files you store in Nextcloud, so no one else can see them unless you give them access to your account.

  

  Google Keep alternative

  Standard Notes

  Standard Notes is an open-source online notebook app that offers a variety of useful features, such as tasks, to-dos and spreadsheets. 

  Unlike Google Keep, which has access to your notes, Standard Notes is end-to-end encrypted, which protects all your information and keeps it securely synced across all your devices. Standard Notes supports text, images and audio notes. As open-source software, they value transparency and trust and don’t rely on tracking or intrusive ads.

  

  Google Chrome alternatives

  Google Chrome is notorious for stalking users and collecting information for their own gains. Their browser fuels their data gathering infrastructure by being able to collect info about your search history, location, personal data and product interaction data for “personalisation” purposes – essentially to build a profile of you to sell to advertisers.

  Firefox

  Firefox is one of the most secure browsers for privacy and is trusted by 220 million users. It easily compares with Chrome in terms of ease of use and performance. 

  On top of that it offers enhanced privacy protections, so you get a browser that doesn’t stalk you and isn’t riddled with ads.

  

• Python : Extracting device and lens information from video metadata

  14 mai 2023, par cat_got_my_tongue

  I am interested in extracting device and lens information from videos. Specifically, make and model of the device and the focal length. I was able to do this successfully for still images using the exifread module and extract a whole bunch of very useful information :

  


  image type      : MPO
Image ImageDescription: Shot with DxO ONE
Image Make: DxO
Image Model: DxO ONE
Image Orientation: Horizontal (normal)
Image XResolution: 300
Image YResolution: 300
Image ResolutionUnit: Pixels/Inch
Image Software: V3.0.0 (2b448a1aee) APP:1.0
Image DateTime: 2022:04:05 14:53:45
Image YCbCrCoefficients: [299/1000, 587/1000, 57/500]
Image YCbCrPositioning: Centered
Image ExifOffset: 158
Thumbnail Compression: JPEG (old-style)
Thumbnail XResolution: 300
Thumbnail YResolution: 300
Thumbnail ResolutionUnit: Pixels/Inch
Thumbnail JPEGInterchangeFormat: 7156
Thumbnail JPEGInterchangeFormatLength: 24886
EXIF ExposureTime: 1/3
EXIF FNumber: 8
EXIF ExposureProgram: Aperture Priority
EXIF ISOSpeedRatings: 100
EXIF SensitivityType: ISO Speed
EXIF ISOSpeed: 100
EXIF ExifVersion: 0221
EXIF DateTimeOriginal: 2022:04:05 14:53:45
EXIF DateTimeDigitized: 2022:04:05 14:53:45
EXIF ComponentsConfiguration: CrCbY
EXIF CompressedBitsPerPixel: 3249571/608175
EXIF ExposureBiasValue: 0
EXIF MaxApertureValue: 212/125
EXIF SubjectDistance: 39/125
EXIF MeteringMode: MultiSpot
EXIF LightSource: Unknown
EXIF Flash: Flash did not fire
EXIF FocalLength: 1187/100
EXIF SubjectArea: [2703, 1802, 675, 450]
EXIF MakerNote: [68, 88, 79, 32, 79, 78, 69, 0, 12, 0, 0, 0, 21, 0, 3, 0, 5, 0, 2, 0, ... ]
EXIF SubSecTime: 046
EXIF SubSecTimeOriginal: 046
EXIF SubSecTimeDigitized: 046
EXIF FlashPixVersion: 0100
EXIF ColorSpace: sRGB
EXIF ExifImageWidth: 5406
EXIF ExifImageLength: 3604
Interoperability InteroperabilityIndex: R98
Interoperability InteroperabilityVersion: [48, 49, 48, 48]
EXIF InteroperabilityOffset: 596
EXIF FileSource: Digital Camera
EXIF ExposureMode: Auto Exposure
EXIF WhiteBalance: Auto
EXIF DigitalZoomRatio: 1
EXIF FocalLengthIn35mmFilm: 32
EXIF SceneCaptureType: Standard
EXIF ImageUniqueID: C01A1709306530020220405185345046
EXIF BodySerialNumber: C01A1709306530


  


  Unfortunately, I have been unable to extract this kind of info from videos so far.

  


  This is what I have tried so far, with the ffmpeg module :

  


  import ffmpeg
from pprint import pprint

test_video = "my_video.mp4"
pprint(ffmpeg.probe(test_video)["streams"])


  


  And the output I get contains a lot of info but nothing related to the device or lens, which is what I am looking for :

  


  [{'avg_frame_rate': '30/1',
  'bit_rate': '1736871',
  'bits_per_raw_sample': '8',
  'chroma_location': 'left',
  'codec_long_name': 'H.264 / AVC / MPEG-4 AVC / MPEG-4 part 10',
  'codec_name': 'h264',
  'codec_tag': '0x31637661',
  'codec_tag_string': 'avc1',
  'codec_time_base': '1/60',
  'codec_type': 'video',
  'coded_height': 1088,
  'coded_width': 1920,
  'display_aspect_ratio': '16:9',
  'disposition': {'attached_pic': 0,
                  'clean_effects': 0,
                  'comment': 0,
                  'default': 1,
                  'dub': 0,
                  'forced': 0,
                  'hearing_impaired': 0,
                  'karaoke': 0,
                  'lyrics': 0,
                  'original': 0,
                  'timed_thumbnails': 0,
                  'visual_impaired': 0},
  'duration': '20.800000',
  'duration_ts': 624000,
  'has_b_frames': 0,
  'height': 1080,
  'index': 0,
  'is_avc': 'true',
  'level': 40,
  'nal_length_size': '4',
  'nb_frames': '624',
  'pix_fmt': 'yuv420p',
  'profile': 'Constrained Baseline',
  'r_frame_rate': '30/1',
  'refs': 1,
  'sample_aspect_ratio': '1:1',
  'start_pts': 0,
  'start_time': '0.000000',
  'tags': {'creation_time': '2021-05-08T13:23:20.000000Z',
           'encoder': 'AVC Coding',
           'handler_name': 'VideoHandler',
           'language': 'und'},
  'time_base': '1/30000',
  'width': 1920},
 {'avg_frame_rate': '0/0',
  'bit_rate': '79858',
  'bits_per_sample': 0,
  'channel_layout': 'stereo',
  'channels': 2,
  'codec_long_name': 'AAC (Advanced Audio Coding)',
  'codec_name': 'aac',
  'codec_tag': '0x6134706d',
  'codec_tag_string': 'mp4a',
  'codec_time_base': '1/48000',
  'codec_type': 'audio',
  'disposition': {'attached_pic': 0,
                  'clean_effects': 0,
                  'comment': 0,
                  'default': 1,
                  'dub': 0,
                  'forced': 0,
                  'hearing_impaired': 0,
                  'karaoke': 0,
                  'lyrics': 0,
                  'original': 0,
                  'timed_thumbnails': 0,
                  'visual_impaired': 0},
  'duration': '20.864000',
  'duration_ts': 1001472,
  'index': 1,
  'max_bit_rate': '128000',
  'nb_frames': '978',
  'profile': 'LC',
  'r_frame_rate': '0/0',
  'sample_fmt': 'fltp',
  'sample_rate': '48000',
  'start_pts': 0,
  'start_time': '0.000000',
  'tags': {'creation_time': '2021-05-08T13:23:20.000000Z',
           'handler_name': 'SoundHandler',
           'language': 'und'},
  'time_base': '1/48000'}]


  


  Are these pieces of info available for videos ? Should I be using a different package ?

  


  Thanks.

  


  Edit :

  


  pprint(ffmpeg.probe(test_video)["format"]) gives

  


  {'bit_rate': '1815244',
 'duration': '20.864000',
 'filename': 'my_video.mp4',
 'format_long_name': 'QuickTime / MOV',
 'format_name': 'mov,mp4,m4a,3gp,3g2,mj2',
 'nb_programs': 0,
 'nb_streams': 2,
 'probe_score': 100,
 'size': '4734158',
 'start_time': '0.000000',
 'tags': {'artist': 'Microsoft Game DVR',
          'compatible_brands': 'mp41isom',
          'creation_time': '2021-05-08T12:12:33.000000Z',
          'major_brand': 'mp42',
          'minor_version': '0',
          'title': 'Snipping Tool'}}