Elizabeth Weise

If Facebook has to pay a  Federal Trade Commission penalty for the Cambridge Analytica data scandal, it will join a very short list of companies to have done so. Of 91 cases involving online privacy issues the Federal Trade Commission has brought since the first in 1998, just two companies have paid civil penalties specifically for violating adult users' privacy. They are Google, which paid $22.5 million in 2012 and Upromise, which paid $500,000 in 2017. The numbers aren't surprising to experts because of the constraints on the FTC when it comes to policing consumers' privacy rights.

Nearly 200,000 people have already commented on network neutrality to the Federal Communications Commission — many likely spurred on by HBO's John Oliver. The comedian and host of the premium pay-TV channel's Last Week Tonight With John Oliver urged viewers to go to the FCC's web site to voice their support for current net neutrality regulations passed in 2015. The FCC had prepared for a new round of public comment after FCC Chairman Ajit Pai began the process of reconsidering the net neutrality rules, which require Internet service providers to treat all legal content equally. When the rules were being debated three years ago, Oliver's encouragement to file comments to the FCC during a June 2014 episode crashed the agency's site. On his latest episode, which debuted Sunday night, Oliver urged viewers with a Shakespearean, "once more into the breach." They apparently responded, with net neutrality comments rising from about 30,000 Monday morning to more than 184,650 by midday May 9.

Facebook has been sued for discrimination in housing and employment based on the ability of advertisers to target ads at specific “ethnic affinities.” The suit, filed Nov 3 in U.S. District Court for the Northern District of California, accuses the Menlo Park (CA)-based company with violating federal anti-discrimination laws for housing and employment. The practice came to light late in Oct when the non-profit news organization Pro Publica published an analysis showing that the social network lets advertisers target who sees their ads by “ethnic affinity.” The wording on Facebook's ad-buy page under “Narrow audience” says “EXCLUDE people who match at least ONE of the following," and includes African American, Asian Americans and four categories of Hispanics. Ad purchasers can also add demographic interest or behaviors they want to exclude. The suit notes that there is no option in the Facebook platform to exclude the demographic of "White or Caucasian Americans from the target audience."

Facebook policies prohibit the use of its ad targeting to discrimination. The company explained to ProPublica that the targeting was meant to allow advertisers to test various marketing strategies and focuses on affinities, not genetic makeup. "The lawsuit is utterly without merit and we will defend ourselves vigorously. Multicultural marketing is a common practice in the ad industry and helps brands reach audiences with more relevant advertising. Our policies prohibit using our targeting options to discriminate, and they require compliance with the law,” Facebook spokeswoman Genevieve Grdina said.

African-American travelers wait as much as 30% longer for UberX rides, and people with African-American sounding names had their UberX trips canceled at twice the rate of those with white-sounding names, a study released Oct 31 found. Though the actual difference in wait times was small, on average 90 seconds, it is another reminder the online economy still mirrors a flawed world.

“Technology was supposed to be a tool that mitigated discrimination because it’s based on algorithms rather than subjective expectations. But we see that doesn’t always happen,” said Darrick Hamilton, a professor of economics and urban policy at The New School in New York City. Researchers at the University of Washington, Stanford University and MIT used black and white university students to study the behavior of drivers for UberX and Lyft. All told, they took nearly 1,500 rides on controlled routes. The tests were conducted in Seattle and Boston. In Seattle, African-American riders using UberX waited approximately 30% longer to be picked up than white riders. Black riders waited on average 5:15 minutes while white riders waited 4 minutes. The researchers suggested drivers may have taken longer to identify black riders at pickup, adding to the wait time. Uber drivers do not see riders' photos, only their names.

Both US presidential candidates have vowed to take on the world when it comes to cyber warfare. But full-scale cyber retaliation might be hard to spot and even harder to count as a win. "Unlike a traditional war, there is no end where there are clear winners and losers, no physical flag to capture," said Peter Tran, senior director at RSA Security in the company's worldwide advanced cyber defense practice. If the US were to ramp up its counterattacks on countries it thinks are sponsoring hackers that breach American accounts, don't expect a sci-fi digital armageddon. The target's electric grid might still work, and so may the ATMs. Think of it more as a creeping worry that simple things we rely on can't be trusted — the machines that count our votes, the total on our bank balance, our personal digital files. In a hot cyber war, the first line of attack would not be like on Star Trek, with spectacular bursts of sparks flying out of computers. Instead it would be a stealth attack on the enemy’s military command and control infrastructure, to keep it from being able to strike, said Matt Devost, managing director of Accenture Security and a special government advisor to the US Department of Defense. A higher level of escalation involves damaging critical infrastructure.

More than 250 Europeans a day have been applying to a French website to have past incidents "forgotten" by Google since the service was launched. Called forget.me, the site allows European Union residents to apply to have material removed from Google's European Union search results.

The French firm, ReputationVIP, appears to be the first to take advantage of a groundbreaking Europe's high court ruling on May 13. Under European privacy laws, the court ruled, individuals have the right to request search engines remove links to information about them that is "inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed."

As of June 30, 2014, 13,000 people had registered on the company's website. They submitted 1,105 right to be forgotten applications requesting the remove of a total of 5,418 links, according to Bertrand Girin, the Lyon, France-based reputation management firm's chief executive officer.

News of Internet security breaches at eBay, Target and other large companies appears to be having an effect on online habits.

A USA TODAY survey finds that almost a quarter of Americans have at least temporarily stopped buying online because of security concerns. A full 24% of those surveyed said they had stopped buying anything online in recent weeks because they were concerned about the safety of information they might put online. Most surprisingly, 56% said they had cut back on the number of Internet site they used and were only going to large, well-known companies they were confident were safe.

"It's pretty amazing to me that people were willing to pull the plug on their habits," said Cameron Camp, a security expert with ESET, a San Diego-based security and antivirus company.

Users are also keeping a closer eye on their accounts, with 55% saying they had started checking banking, investment and credit card sites more often for signs that someone had hacked into their accounts. Camp counseled that any survey asking about things people feel they should be doing has to be taken with a grain of salt.

"Some of the answers people give are aspirational rather than factual," he said.

The poll found that people with less education and lower-incomes were more likely to stop buying anything online. Those with more education and higher incomes were more likely to have changed passwords and cut back on the sites they use. Sixty-four percent of those surveyed said they had changed a password in response to security breaches.

In an increasingly dicey web environment, consumers need take a more active role in protecting themselves. Maintaining good password hygiene is a good example.

Too many consumers have easy-to-crack passwords and far too many use the same passwords over and over again on different sites. If you know you're not going to do this, get a password management program to do it for you.

Most importantly, users need to realize that the web isn't the leafy green suburb it once was. Gangs have moved in and there are a lot more dangerous streets. It's not a war zone, but you've got to keep your wits about you and take responsibility for your own safety.

"Hackers today are not just two guys in a dorm room who are trying to goof on you. They're well-funded, well-organized criminal organizations whose intent is financial gain," said Michael Malloy, vice president for products and strategy at Webroot, an antivirus and security company in Broomfield (CO). And avoid dubious websites like porn and gaming. Out on the web, "there are good neighborhoods and there are bad neighborhoods," said Malloy.