'Map Your Orgasm' - A New Smart Device For Women

Recently, Mashable reported about a new smart device for women:

"The Lioness looks like a pretty standard vibrator on the outside, but inside it has four sensors that measure temperature, the force of muscle contractions, and track the movement of the device. When you’re done with your session, you can sync the Lioness with its app (available for iOS and Android). It then provides you with easy-to-read visualization of what was happening to your body while you were busy getting off. So, yes, essentially it gives you a map of your orgasm. You can also tag each session with different terms so you can track how your health, sleep, alcohol consumption, mood, etc. affect your experiences."

Gives you a map of your orgasm? That's a surprising description. Perhaps, I shouldn't have been surprised. First, there were online tools such as "map my ride" and map my run." Good stuff to help consumers stay healthy. I guess a tool resembling 'map your orgasm' was bound to happen.

Lioness sounds like a much better product name. To learn more, I visited the Lioness site. The home page featured this statement: "Don't worry, we will never share your email or spam you." That's a good start.

Privacy is important; especially with smart devices which collect intimate data about consumers. Earlier this year, news reports described a plan by a smart-device maker to resell the interior home maps its robovacs created. And, another smart vibrator maker paid hefty fines to settle allegations that it tracked users without their knowledge nor consent.

A wise person once said, "the devil is in the details." The privacy policy in a company's website is a good place to hunt for details. While blogging about privacy and identity theft during the last 10 years, I've read plenty of privacy policies. Plenty. I read the Lioness Privacy Policy (dated May 1) and found some notable sections:

"This Privacy Policy applies to our vibrators and other devices (“Devices”), our websites, including but not limited to lioness.io (individually a “Site” and collectively “Sites”), the Lioness software (“Software”) and Lioness mobile applications (the “Apps”). The Devices, Sites, Software and Apps are collectively referred to in this Policy as the “Lioness Service,” and by proceeding to use the Lioness Service you consent that we may handle the data that we collect from you in accordance with this Privacy Policy."

Pretty standard stuff so far. Warning: I'm not an attorney. If you want legal advice, hire an attorney. Like you, I'm just a regular consumer trying to understand smart devices while maintaining as much privacy as possible. Additional sections in the policy I found interesting:

"Sync Your Device
When you sync your Device through an App or the Software, data recorded on your Device is transferred from your Device to our servers. This data is stored and used to provide the Lioness Service and is associated with your account. Each time a sync occurs, we log data about the transmission. Some examples of the log data are the sync time and date, device battery level, and the IP address used when syncing."

Let's unpack that. The vibrator and its mobile app, record the date, time, and battery usage. Combine this with data collected from the four sensors and Lioness will know plenty about your usage: when (date and time), location, duration, preferred movement patterns, and more. It indeed could create a map. More sections in the policy:

"WHY WE COLLECT DATA
Lioness uses your data to provide you with the best experience possible, to help you learn about your body, and to improve and protect the Lioness Service. Here are some examples: i) Contact information is used to send you notifications and to inform you about new features or products... ii) Data and logs are used in research to understand and improve the Lioness Device and Lioness Service; to troubleshoot the Lioness Service; to detect and protect against error, fraud or other criminal activity; and to enforce the Lioness Terms of Service; iii) Aggregate data that does not identify you may be used to inform the health community about trends; for marketing and promotional use..."

Data That Could Identify You
Personally Identifiable Information (PII) is data that includes a personal identifier like your name, email or address, or data that could reasonably be linked back to you."

Hmmm. The policy does not list all data elements that personally identify you. For me, that's important to know. And, anything recorded on a smartphone can easily be linked to a person using her 10-digit phone number or the mobile device's serial number.

Informed shoppers probably want to know before purchase which other companies (e.g., business partners, affiliates, advertisers, etc.) Lioness shares data with. Its May 1, 2017 privacy policy also states:

"... companies that are contractually engaged in providing Lioness with services, such as order fulfillment, email management and credit card processing. These companies are obligated by contract to safeguard any PII they receive from us..."

"THIRD PARTIES
Lioness will not be responsible for the practices of third parties that Lioness does not own or control or individuals that Lioness does not employ or manage. The information provided by you to other third parties may be subject to their own privacy policies, which may differ from Lioness’s privacy policy. The Lioness Service may contain links to other sites, and we make every effort to only link to sites that share our high standards and respect for privacy. However, we are not responsible for the privacy practices employed by other sites..."

"DATA RETENTION
Lioness reserves the right to retain your PII for as long as your account remains active..."

So, the policy doesn't mention other companies by name. Not good. That makes it tough for consumers to make informed decisions.

Fitness tracking with the MapMyRide app On Facebook, many of my friends regularly share visual maps of their workouts. (See example on right.) That's their freedom of choice. So, some consumers are probably wondering if Lioness offers a similar share function. Again from the privacy policy:

"Community Posts
The Lioness Service may offer discussion forums, message boards, social networking opportunities, chat pages and other public forums or features in which you may provide personal information, materials and related content. If you submit personal information when using these public features, please note that such personal information may be publicly posted and otherwise disclosed and used without limitation or restriction."

So, the policy doesn't mention literal maps, per se. They might or might not provide the feature to users. The key takeaway: the responsibility rests upon the user. Don't share it if you don't want it made public.

It's probably helpful to also know that the product uses Bluetooth technology to perform data syncing. From the Lioness FAQ page:

"Wait...will there be bluetooth in my vagina?
Nope. We know that there are a lot of people who don’t like the idea of bluetooth being on while in use, so we made it so bluetooth automatically turns off when you use it."

Also, the FAQ page mentioned:

"Is my data stored securely and kept confidential?
Absolutely. We thought about privacy and security from the beginning for this product. You are the only one who can access your individual data. Everything is encrypted and we fully anonymize the data..."

That's good, but the privacy policy didn't mention data encryption. I expected it would. Not sure what to make of that.

Is the Lioness a good deal? Only you can decide for yourself -- and you should after reading both the privacy and terms-of-service policies.

Me? In my opinion, there seems to be too much wiggle-room for data sharing. The policy contains a lot of words and nothing special compared to other policies I've read. What are your opinions?


Russian Malware Targets Hotels In Europe And Middle East

FireEye, a security firm, has issued a warning about malware targeting the hotel industry within both Europe and the Middle East. The warning:

"... a campaign targeting the hospitality sector is attributed to Russian actor APT28. We believe this activity, which dates back to at least July 2017, was intended to target travelers to hotels throughout Europe and the Middle East. The actor has used several notable techniques in these incidents such as sniffing passwords from Wi-Fi traffic... Once inside the network of a hospitality company, APT28 sought out machines that controlled both guest and internal Wi-Fi networks... in a separate incident that occurred in Fall 2016, APT28 gained initial access to a victim’s network via credentials likely stolen from a hotel Wi-Fi network..."

The key takeaway: criminals use malware to infiltrate the WiFi networks at hotels in order to steal the login credentials (IDs, passwords) of traveling business and government executives. The criminals know that executives conduct business while traveling -- log into their employers' computer networks. Stealing those login credentials provides criminals with access to the computer networks operated by corporations and governments. Once inside those networks, the criminals can steal whatever of value they can access: proprietary information, trade secrets, customer lists, executives' and organization payment information, money, or more.

A variety of organizations in both the public and private sectors use software by FireEye to detect intrusions into their computer networks by unauthorized persons. FireEye software detected the breach at Target (which Target employees later ignored). Security researchers at FireEye discovered vulnerabilities in HTC smartphones which failed to adequately protect users' fingerprint data for unlocking phones.

Security warnings earlier this year mentioned malware by the APT28 group targeting Apple Mac users. The latest warning by FireEye also described the 2016 hack in more detail:

"... the victim was compromised after connecting to a hotel Wi-Fi network. Twelve hours after the victim initially connected to the publicly available Wi-Fi network, APT28 logged into the machine with stolen credentials. These 12 hours could have been used to crack a hashed password offline. After successfully accessing the machine, the attacker deployed tools on the machine, spread laterally through the victim's network, and accessed the victim's OWA account. The login originated from a computer on the same subnet, indicating that the attacker machine was physically close to the victim and on the same Wi-Fi network..."

So, travelers aren't safe even when they use strong passwords. How should travelers protect themselves and their sensitive information? FireEye warned:

"Travelers must be aware of the threats posed when traveling – especially to foreign countries – and take extra precautions to secure their systems and data. Publicly accessible Wi-Fi networks present a significant threat and should be avoided whenever possible."


Bungled Software Update Renders Customers' Smart Door Locks Inoperable

Image of Lockstate RemoteLock 6i device. Click to view larger version A bungled software update by Lockstate, maker of WiFi-enabled door locks, rendered many customers' locks inoperable -- or "bricked." Lockstate notified affected customers in this letter:

"Dear Lockstate Customer,
We notified you earlier today of a potential issue with your LS6i lock. We are sorry to inform you about some unfortunate news. Your lock is among a small subset of locks that had a fatal error rendering it inoperable. After a software update was sent to your lock, it failed to reconnect to our web service making a remote fix impossible...

Many AirBnb operators use smart locks by Lockstate to secure their properties. In its website, Lockstate promotes the LS6i lock as:

"... perfect for your rental property, home or office use. This robust WiFi enabled door lock allows users to lock or unlock doors remotely, know when people unlock your door, and even receive text alerts when codes are used. Issue new codes or delete codes from your computer or phone. Even give temporary codes to guests or office personnel."

Reportedly, about 200 Airbnb customers were affected. The company said 500 locks were affected. ArsTechnica explained how the bungled software update happened:

"The failure occurred last Monday when LockState mistakenly sent some 6i lock models a firmware update developed for 7i locks. The update left earlier 6i models unable to be locked and no longer able to receive over-the-air updates."

Some affected customers shared their frustrations on the company's Twitter page. Lockstate said the affected locks can still be operated with physical keys. While that is helpful, it isn't a solution since customers rely upon the remote features. Affected customers have two repair options: 1) return the back portion of the lock (repair time about 5 to 7 days), or 2) request a replace (response time about 14 to 18 days).

The whole situation seems to be another reminder of the limitations when companies design smart devices with security updates delivered via firmware. And, a better disclosure letter by Lockstate would have explained corrections to internal systems and managerial processes, so this doesn't happen again during another software update.

What are your opinions?


$5.5 Million Settlement Agreement Between Nationwide Insurance And 32 States

Nationwide Mutual Insurance Company logo Last week, 32 states inked a settlement agreement with Nationwide Mutual Insurance for the insurance company's data breach in 2012. The Attorney General's Office for the Commonwealth of Massachusetts participated in the agreement, and explained in an announcement: that the data breach reach in 2012 was:

"... allegedly caused by Nationwide’s failure to apply a critical software security patch. The breach resulted in the loss of personal information belonging to 1.27 million consumers, with nearly 950 in Massachusetts, including their social security numbers, driver’s license numbers, credit scoring information, and other personal data. The lost personal information was collected by Nationwide in order to provide insurance quotes to consumers applying for insurance. AG Healey’s Office is not aware of any fraud or identity theft involving Massachusetts residents related to this data breach."

Other states participating in the settlement agreement include the Attorneys General of Alaska, Arizona, Arkansas, Connecticut, Florida, Hawaii, Illinois, Indiana, Iowa, Kentucky, Louisiana, Maine, Maryland, Mississippi, Missouri, Montana, Nebraska, Nevada, New Jersey, New Mexico, New York, North Carolina, North Dakota, Oregon, Pennsylvania, Rhode Island, South Dakota, Tennessee, Texas, Vermont, Washington, and the District of Columbia. Terms of the settlement agreement require Nationwide to:

"... both generally update its security practices and to ensure that it keeps software up-to-date, including timely applying patches and other updates to its software. Nationwide must also hire a technology officer responsible for monitoring and managing software and application security updates, including supervising employees responsible for evaluating and coordinating the maintenance, management, and application of all security patches and software and application security updates.

Many of the consumers whose data was lost as a result of the data breach were consumers who never became Nationwide’s insureds, but whose information was retained by the company in order to provide the consumers re-quotes at a later date. The settlement requires Nationwide to be more transparent about its data collection practices by requiring it to disclose to consumers that it retains their personal information even if they do not become its customers."

950 Massachusetts residents were affected. Massachusetts' share of the payment is $100,000. Massachusetts Attorney General (AG) Maura Healey said in a statement:

"People shopping for financial products should be assured that companies collecting their personal information will protect it no matter what... Nationwide knew their software was vulnerable to hacking but did not promptly address it, leaving sensitive data vulnerable to identity thieves. This settlement holds the company accountable for subjecting our residents to this avoidable risk."

2,810 New York residents were affected. New York State's share of the payment is $107,736. New York State AG Eric T. Schneiderman said:

"Nationwide demonstrated true carelessness while collecting and retaining information from prospective customers, needlessly exposing their personal data in the process... This settlement should serve as a reminder that companies have a responsibility to protect consumers’ personal information regardless of whether or not those consumers become customers..."

774 Connecticut residents were affected. Connecticut's share of the payment is $256,559. Connecticut AG George Jepsen said:

"Connecticut law requires that anyone in possession of another person's personal information safeguard that data... It is critically important that companies take seriously the maintenance of their computer software systems and their data security protocols..."


Homeowners Receive $6.3 Million In Refunds Due To Improper Charges By Insurance Company

Assurant logo Last week, the Attorney General's office for the Commonwealth of Massachusetts announced the results of a post-settlement agreement audit with American Security Insurance Company, a subsidiary of Assurant, Inc., where homeowners in the state will receive $6.3 million in refunds for improper "forced-place insurance" charges. The announcement explained:

"Force-placed insurance is a type of property insurance that mortgage servicers can purchase on behalf of borrowers if they fail to maintain adequate homeowners insurance coverage on mortgaged properties. Mortgage servicers often hire insurance companies like Assurant to monitor whether borrowers are maintaining adequate homeowners insurance coverage and to issue force-placed insurance policies when appropriate homeowners coverage is not in place.

Premiums for force-placed policies are high—often two or three times as expensive as regular homeowners insurance—and the coverage provided is quite limited. Some mortgage servicers accept commission payments from force-placed insurers, which contribute to the high cost of force-placed insurance and create conflicts of interest for mortgage servicers."

The settlement agreement was first announced in November, 2015. The latest announcement described the results of the audit:

"Although force-placed insurance is only intended for circumstances in which the borrower has failed to adequately insure the mortgaged property, the Attorney General’s audit of Assurant found thousands of cases of duplicative insurance coverage for Massachusetts homeowners. Borrowers eligible for settlement money were previously required by their mortgage servicer to purchase force-placed insurance from Assurant, or were overcharged for force-placed insurance because they were mistakenly sold commercial policies rather than less expensive residential policies..."

4,500 homeowners were improperly charged. The average refund per homeowner is about $1,400. Refund checks were mailed last week to affected homeowners.


'If You Hemorrhage, Don't Clean Up': Advice From Mothers Who Almost Died

[Editor's note: today's guest post is part of the ongoing "Lost Mothers" investigation by ProPublica because, "The U.S. has the highest rate of deaths related to pregnancy and childbirth in the developed world. Half of the deaths are preventable, victimizing women from a variety of races, backgrounds, educations and income levels." It is reprinted with permission.]

by Adriana Gallardo and Nina Martin, ProPublica, and Renee Montagne, NPR

Four days after Marie McCausland delivered her first child in May, she knew something was very wrong. She had intense pain in her upper chest, her blood pressure was rising, and she was so swollen that she barely recognized herself in the mirror. As she curled up in bed that evening, a scary thought flickered through her exhausted brain: "If I go to sleep right now, I don't know if I'm gonna be waking up."

What she didn't have was good information about what might be wrong. The discharge materials the hospital sent her home with were vague and confusing -- "really quite useless," she said. Then she remembered a ProPublica/NPR story she'd recently read about a New Jersey nurse who died soon after childbirth. Lauren Bloomstein had developed severe preeclampsia, a dangerous type of hypertension that often happens during the second half of her pregnancy. But it can also emerge after the baby is delivered, when it is often overlooked -- accounting for dozens of maternal deaths a year. McCausland realized that she might have preeclampsia, too.

The 27-year-old molecular virologist and her husband bundled up their newborn son and raced to the nearest emergency room in Cleveland. But the ER doctor told her that she was feeling normal postpartum symptoms, she said. Even as her blood pressure hovered at perilous heights, he wanted to send her home. Several hours passed before he consulted with an OB-GYN at another hospital and McCausland's severe preeclampsia was treated with magnesium sulfate to prevent seizures. Without Bloomstein's story as a warning, McCausland doubts she would have recognized her symptoms or persisted in the face of the ER doctor's dismissiveness. "I had just come home with the baby and really didn't want to go back to the hospital. I think I probably would have just wrote it off." In that case, she added, "I don't know if I'd be here. I really don't."

McCausland's experience is far from unique. In the months since ProPublica and NPR launched our project about maternal deaths and near-deaths in the U.S., we've heard from 3,100 women who endured life-threatening pregnancy and childbirth complications, often suffering long-lasting physical and emotional effects. (Tell us your story.)

The same themes that run though McCausland's story echo through many of these survivors' recollections. They frequently told us they knew little to nothing beforehand about the complications that nearly killed them. Even when the women were convinced something was terribly amiss, doctors and nurses were sometimes slow to believe them. Mothers especially lacked information about risks in the postpartum period, when medical care is often disjointed or difficult to access and the baby is the focus of attention. "Every single nurse, pediatrician, and lactation consultant dismissed my concerns as hormones and anxiety," wrote Emily McLaughlin, who suffered a stroke and other complications after giving birth in Connecticut in 2015.

These survivors make up an important, and largely untapped, source of knowledge about the dangers that expectant and new mothers may face -- and how to avoid disaster. Every day in the U.S., two to three women die from pregnancy- or childbirth-related causes, including preeclampsia, hemorrhage, infection, blood clots and cardiac problems -- the highest rate of maternal mortality among wealthy nations. As many as 60 percent of these deaths are preventable, a new report suggests; more than half occur after delivery. (See our story on the lost mothers of 2016.) Each day, another 175 women suffer complications severe enough to require major medical intervention such as massive transfusions, emergency surgery or admission to an intensive care unit -- equivalent to about 65,000 close calls annually, according to the Centers for Disease Control and Prevention.

Hospitals, medical organizations and maternal safety groups are introducing a host of initiatives aimed at educating expectant and new mothers and improving how providers respond to emergencies. But as McCausland's experience illustrates, self-advocacy is also critically important.

We asked survivors: What can people do to ensure that what happened to Lauren Bloomstein doesn't happen to them or their loved ones? How can they help prevent situations like Marie McCausland's from spiraling out of control? What do they wish they had known ahead of their severe complications? What made a difference in their recovery? How did they get medical professionals to listen? Here is a selection of their insights, in their own words.

Choosing a Provider

"A lot of data on specific doctors and hospitals can be found publicly. Knowing how your physician and hospital rates as compared to others (cesarean rates, infection rates, readmission rates) can give you valuable insight into how they perform. 'Liking' your doctor as a person is nice, but not nearly as important as their and their facility's culture and track record."

-- Kristen Terlizzi, 35, survivor of placenta accreta (a disorder in which the placenta grows into or through the uterine wall) in 2014 and cofounder of the National Accreta Foundation

"Key pieces of information every woman should know before choosing a hospital are: What are their safety protocols for adverse maternal events? No one likes to think about this while pregnant, and providers will probably tell you that it's unlikely to happen. But it does happen and it's good to know that the hospital and providers have practiced for such scenarios and have proper protocols in place."

-- Marianne Drexler, 39, survived a hemorrhage and emergency hysterectomy in 2014

"Ask your doctors if they have ever experienced a case of an amniotic fluid embolism [an abnormal response to amniotic fluid entering the mother's bloodstream] or other severe event themselves. If a birthing center is your choice, discuss what happens in an emergency -- how far away is the closest hospital with an ICU? Because a lot of hospitals don't have them. Another thing many women don't realize is that not every hospital has an obstetrician there 24/7. Ask your doctors: If they're not able to be there the whole time you're in labor, will there be another ob/gyn on site 24 hours a day if something goes wrong?"

-- Miranda Klassen, 41, survivor of amniotic fluid embolism in 2008 and founder/executive director of the Amniotic Fluid Embolism Foundation

"While my doctor was amazing, we live in a smaller town and they don't carry enough blood/platelets on hand for very emergent situations. They have patients shipped to larger hospitals when they need more care. Had I been aware of that we would have decided to deliver at a larger hospital so in case something happened to me or our daughter we wouldn't be separated, which we were when I was life-flighted out."

-- Kristina Landrus, 26, survived a hemorrhage in 2013

"My best advice for getting a medical professional to listen is to keep searching for one that is willing to listen. Because of my insurance and personal circumstances at the time I felt I had no option but to take whoever my providers [assigned] me, despite several red flags even before my delivery. I was not aware of my right to change providers until it was too late."

-- Joy Huff, 39, survived a blood infection in 2013

Preparing for an Emergency

"A conversation about possible things that could go wrong is prudent to have with your doctor or in one of these childbirth classes. I don't think that it needs to be done in a way to terrify the new parents, but as a way to provide knowledge. The pregnant woman should be taught warning signs, and know when to speak up so that she can be treated as quickly and accurately as possible."

-- Susan Lewis, 33, survived multiple blood clots and severe hemorrhage in 2016

"Always have somebody with you in a medical setting to ask the questions you might not think of and to advocate on your behalf if your ability to communicate is compromised by being in poor health. ... And get emotional support to steel you against the naysayers. It may feel really unnatural or difficult to push back [against doctors and nurses]. Online forums and Facebook groups can be helpful to ensure you're not losing your mind."

-- Eleni Tsigas, survivor of preeclampsia in 1998 and 1999 and executive director of the Preeclampsia Foundation

"Know your rights. Know what kind of decisions you might have to make and what you want to do before you go. Doctors and nurses are there to make quick decisions, they're not worried about how you will feel about it afterward. They are worried about a lawsuit, whether they can get you stable quickly so they can move on. I'm not saying they are heartless, far from it. My mother is a nurse, I know what sort of heart goes into that profession. But they have a lot to do and a lot to worry about, your feelings are not at the top of that list. At least not as far as they are concerned in the moment."

-- Carrie Anthony, 36, survived two pregnancies with placenta accreta and hemorrhage in 2008 and 2015

"It isn't just important to know how you feel about blood transfusions and life-saving measures 2014 you have to communicate these things to your spouse or family member. I was given six blood transfusions, but I was barely conscious when asked if I wanted them. Of course, I wanted any life-saving measures, but my husband should have been consulted, given that I was not of a clear mind."

-- Rachel Stuhler, 36, survived a hemorrhage in 2017

"In case you ever are unable to respond, someone needs to step in and be your voice! Know as much thorough medical history as possible, and let your spouse or support person know [in depth] your history as well."

-- Kristina Landrus

"Also be sure your spouse and your other family members, like your parents or siblings, are on the same page about your care. And if you aren't married, who will be making the decisions on your behalf? You should put things in order, designate the person who will be the decision maker, and give that person power of attorney. Other important things to have are a medical directive or a living will 2014 be sure to bring a copy with you to the hospital. I also recommend packing a journal to record everything that happens."

-- Miranda Klassen

"Make a list of your questions and make sure you get the full answer. I went to every appointment the second time around with a notebook. I would apologize for being 'that patient,' but I had been through this before and I wasn't going to be confused again. I wanted to know everything. Honestly, it was as harmful as it was helpful. I knew what I was getting into, which made it much scarier. The first time, my ignorance was bliss. I didn't realize I almost died until two weeks after I had left the hospital. I didn't even start researching what had happen to me until months later. The second time I was an advocate for myself. Medical journals and support groups were a part of every single visit. And thankfully, I was in good hands."

-- Carrie Anthony

"Write down what each specialty says to you. When I was hospitalized for six weeks prior to giving birth, I was visited 2-3 times a week by someone from each department that would be involved in my life-saving surgery. This means that I saw someone from the neonatal intensive care unit as well as reps from gynecologic oncology, maternal fetal medicine, interventional radiology and anesthesiology. They paraded in on a schedule, checked up on me, asked if I had any questions. I always did, but I regret not writing down what each said each time (along with names!). I got so many different answers regarding how I would be anesthetized, and on the day it all had to happen in an emergency, there were disagreements above me in the OR. between the specialists. It was like children arguing on a playground and my life was in danger. Had I kept a more vigilant record of what each specialty reported to me, perhaps prior to the day I could have confronted each with the details that weren't matching up."

-- Megan Moody, 36, survived placenta percreta (when the placenta penetrates through the uterine wall) in 2016

"People should know that they have a right to ask for more time with the doctor or more follow up if they feel something is not right. The ob-gyns (at least in Pennsylvania) are so busy and sometimes appointments are quite quick and rushed. Make the doctors slow down and take the time with you."

-- Dani Leiman, 37, survived HELLP syndrome (a particularly dangerous variant of preeclampsia) in 2011

"You have a legal right to your medical records throughout pregnancy and anytime afterwards. Get a copy of your lab results each time blood is drawn, and a copy of your prenatal and hospital reports. Ask about concerning or unclear results."

-- Eleni Tsigas

Getting Your Provider to Listen

"Understand the system. Ask a nurse or a trusted loved one in the 'industry' how it all works. I've found that medical professionals are more likely to listen to you if you demonstrate an understanding of their roles and the kind of questions they can/cannot answer. Know your 'silos.' Don't ask an anesthesiologist how they plan on stitching up your cervix. Specialists are often incredibly impatient. You need to get the details out of them regarding their very specific roles."

-- Megan Moody

"Let doctors know you care about your health and safety as much as they do. Tell them you want to be a partner in your health care. Do not act as an adversary to your doctor."

-- Tricia Fitzgerald, 40, survived a hemorrhage caused by severe preeclampsia in 2014

"First you have to be armed with concrete knowledge with examples about your illness and have a firm attitude. This is why it is important to know your body. Do your research before your appointment, but make it personal. Do not present your case as if you just went on WebMD for the information. Create a log of your health activities. This log should contain all illnesses you are concerned about, when they occurred and how did you feel. Have your questions and concerns written down. You should always carry a list of your medications, dosage, and milligrams. Include any side effects. Ask concrete questions and have the doctors present their findings to you in a language you can understand. If you do not agree [with what one doctor tells you], ask another doctor. Remember, knowledge is power and you must have that power."

-- Anner Porter, 55, survivor of peripartum cardiomyopathy in 1992 and founder of the advocacy organization Fight PPCM

"If your provider tells you, 'You are pregnant. What you're experiencing is normal,' remember -- that may be true. [But it's also true] that preeclampsia can mimic many normal symptoms of pregnancy. Ask, 'What else could this be?' Expect a thoughtful answer that includes consideration of 2018differential diagnoses' -- in other words, other conditions that could be causing the same symptoms."

-- Eleni Tsigas

"They only listen if the pain is a 10 or higher. Most of us don't understand what a 10 is. I'd always imagined a 10 would feel like having a limb blown off in combat. When asked to evaluate your pain on a scale of 1 to 10, when you are in your most vulnerable moment, it is very hard to assess this logically, for you and for your partner witnessing your pain. I later saw a pain chart with pictures. A 10 was demonstrated with an illustration of a crying face. You may not actually be shedding tears, but you are most likely crying on the inside in pain, so I suggest to always say a 10. My pain from the brain hemorrhage was probably a 100, but I'm not sure if I even said 10 at the time."

-- Emily McLaughlin, 34, survived a postpartum stroke in 2015

"Crying! I'm only slightly kidding. I truly think the only way to get them to listen is to be adamant and don't back down. I had a situation where I felt no one was paying attention to me, and I cried out of frustration over the phone. Then they listened to me and snapped into action."

-- Dani Leiman

"So many women do speak up about the strange pain they have, and a nurse may brush it off as normal without consulting a doctor and running any tests. Be annoying if you must, this is your life. ... Thankfully, I never had to be so assertive. I owe my life to the team of doctors and nurses who acted swiftly and accurately, and I am eternally grateful."

-- Susan Lewis

"If you have a hemorrhage, don't clean up after yourself! Make sure the doctor is fully aware of how much blood you are losing. I had a very nice nurse who was helping to keep me clean and helping to change my (rapidly filling) pads. If the doctor had seen the pools of blood himself, rather than just being told about them, he might not have been so quick to dismiss me."

-- Valerie Bradford, 30, survived hemorrhage in 2016

Paying Attention to Your Symptoms

"I had heard of preeclampsia but I was naïve. [I believed] that it was something women developed who didn't watch what they ate and didn't focus on good health prior and/or during pregnancy. I was in great health and shape prior to getting pregnant, during my pregnancy I continued to make good food choices and worked out up until 36 hours before the baby had to be taken. I gained healthy weight and kept my BMI at an optimum number. I thought due to my good health, I was not susceptible to anything and my labor would be easy. So although I had felt bad for 1 1/2 weeks, I chalked it up to the fact that I was almost 8 months into this pregnancy, so you're not supposed to feel great. 2026 I walked into my doctor's office that Friday and not one hour later I was in an emergency C-section delivering a baby. I had to fully be put under due to the severity of the HELLP, so I didn't wake up until the next day."

-- Kelli Davis, 31, survived HELLP syndrome in 2016

"Understand that severe, sustained pain is not normal. So many people told me that the final trimester of pregnancy is sooo uncomfortable. It was my first pregnancy, I have a generally high threshold for pain, and my son was breech so I thought his head was causing bad pain under my ribs [when it was really epigastric pain from the HELLP syndrome]. I kept thinking it was normal to be in pain and I let it go until it was almost too late."

-- Dani Leiman

"I wish I would have known what high blood pressure numbers were. I had a pharmacist take my blood pressure at a pharmacy and let me walk out the door with a blood pressure of 210/102. She acted like it was no big deal ('it's a little high'), and so I believed her. Even after telling my husband, we really thought nothing of it."

-- Melissa McFadden, 36, survived preeclampsia in 2013

"Know the way your blood pressure should be taken. And ask for the results. Politely challenge the technician or nurse if it's not being done correctly or if they suggest 'changing positions to get a lower reading.' Very high blood pressure (anything over 160/110) is a 'hypertensive crisis' and requires immediate intervention."

-- Eleni Tsigas

"Please ask for a heart monitor for yourself while in labor, not just for the baby. I think if I had one on, seconds or minutes could have been erased from reaction time by the nurses. They were alerted to an issue because the baby's heart stopped during labor, and while the nurse was checking that machine, my husband noticed I was also non-responsive. That's when everything happened (cardiac arrest due to AFE)."

-- Kristy Kummer-Pred, 44, survived amniotic fluid embolism and cardiac arrest in 2012

After the Delivery

"My swelling in my hands and feet never went away. My uterus hadn't shrunk. I wasn't bleeding that bad, but there was a strange odor to it. My breasts were swollen and my milk wasn't coming in. I was misdiagnosed with mastitis [a painful inflammation of the breast tissue that sometimes occurs when milk ducts become plugged and engorged]. The real problem was that I still had pieces of placenta inside my uterus. Know that your placenta should not come out in multiple pieces. It should come out in one piece. If it is broken apart, demand an ultrasound to ensure the doctors got it all. If you have flu-like symptoms, demand to be seen by a doctor. If you don't like your doctor, demand another one."

-- Brandi Miller, 32, survived placenta accreta and hemorrhage in 2015

"There is a period in the days and weeks after delivery where your blood pressure can escalate and you can have a seizure, stroke, or heart attack, even well after a healthy birth. You should take your own blood pressure at home if your doctor doesn't tell you to. ... Unfortunately, I went home from [all my postpartum] appointments with my blood pressure so high that I started having a brain hemorrhage. Not one single person ever thought of taking my blood pressure when I was complaining about my discomfort and showing telltale warning signs of [preeclampsia]."

-- Emily McLaughlin

"The ER doctor that I had was not treating me as a postpartum case. He was just thinking of me as a 27-year-old with high blood pressure. I think, if you have the opportunity, the ideal thing would be to go back to the same hospital where you had your baby, because they have a labor and delivery unit and they have your records. But if the closest emergency room isn't at the hospital where you delivered, then you have to be more vigilant. Make sure they know you just gave birth. If you know something is wrong with you, don't take no for an answer. Just keep saying, 'I think this is something serious' and don't let them discharge you, especially if it's someone who isn't familiar with pregnant women."

-- Marie McCausland

"The postpartum period is when a lot of pregnancy-related heart problems like cardiomyopathy emerge. If there is still difficulty breathing, fluid buildup in ankles, shortness of breath and you are unable to lie flat on your back, go see a cardiologist ASAP. If you have to go to an emergency room, request to have the following tests performed: echocardiogram (echo) test, ejection fraction test, B-type natriuretic peptides (BNP), EKG test and chest x-ray test. These tests will determine if your heart is failing and will save your life."

-- Anner Porter

"Rest as much as possible -- for as long as possible. Being in too big a rush to get 'back to normal' can exacerbate postpartum health risks. Things that are not normal: heavy bleeding longer than 6 weeks, or bleeding that stops and starts again, not producing milk, fevers, severe pain (especially around incision sites), excessive fatigue, and anxiety/depression. If you don't feel like yourself, get help."

-- Amy Barron Smolinski, 37, a survivor of preeclampsia, postpartum hemorrhage and other complications in three pregnancies in 2006, 2011 and 2012 and executive director of Mom2Mom Global, a breastfeeding support group

"Know that your preexisting health conditions may be impacted by having a baby (hormone changes, sleep deprivation, stress). Record your health and your baby's in a journal or app to track any changes. Reach out to the nurse or doctor when there are noticeable changes that you have tracked."

-- Noelle Garcia, 33, survived placental abruption (placenta separating from the uterine wall during pregnancy) in 2007

"If your hospital discharges you on tons of Motrin or pain killers, be aware that this can mask the warning signs of headache, which is sometimes the only warning sign of preeclampsia coming on postpartum."

-- Emily McLaughlin

Grappling With the Emotional Fallout

"I wish I had known that postpartum PTSD was possible. Most people associate PTSD with the effects of war, but I was diagnosed with PTSD after my traumatic birth and near-death experience. Almost 6 years later, I still experience symptoms sporadically."

-- Meagan Raymer, 31, survived severe preeclampsia and HELLP syndrome in 2011

"I recommend therapy with a female therapist specializing in trauma. Honestly, I avoided it for 8 months. I was then in therapy for 12 months. I still have ongoing anxiety... but I would be in a very bad place (potentially depression and self-harm due to self-blame) were it not for therapy. It was so hard to admit [what was happening]. I started to get a suspicion when I heard an NPR story about a veteran with PTSD. I thought... that sounds like me. And I started Googling."

-- Jessica Rae Hoffman, 28, survived severe sepsis and other complications in 2015

"The emotional constructs our society puts around pregnancy and childbirth make the ideas of severe injury and death taboo. Childbirth is a messy, traumatic experience. ... Many women don't seek care even when they instinctively believe something is wrong because they're supposed to 'be happy.' Awareness and transparency are so important."

-- Leah Soule, 33, survived a hemorrhage in 2015

"Having an incredible support network made the greatest impact with my near-death experience, but my family and friends needed their own support as they coped. My mom didn't leave my side, but she also had a team of friends supporting her so that she could let her guard down and cry when she needed to do so. My husband was at my bedside or with the baby constantly that first week, but he was also suffering from the trauma of everything and was having a really hard time coping and needed to leave the hospital environment. My best friend is an ICU nurse and quickly became the person everyone asked clarifying questions, but she didn't want to be a nurse in that moment but rather someone who was scared for her friend."

-- Susan Lewis

"I wish I had understood how significant the impact was on my husband. Emotionally, the experience was much more difficult and long-lasting for him than for me, and it continued to affect his relationship with both me and our baby for quite a while, at a time when I didn't think it was a thing at all."

-- Elizabeth Venstra, 44, survived HELLP syndrome in 2014

"I would suggest establishing yourself ahead of time with a doula or midwife that can make postpartum visits to your home, which can promote health even if everything goes smoothly. Many communities have those services available if you can't afford them. [A doula] wasn't covered through our insurance, but the social worker at the hospital arranged for someone paid for by [San Diego County] to come and do several checks on me and my son, which was very reassuring to both my husband and me."

-- Miranda Klassen

"If you're given a diagnosis of a life-threatening pregnancy complication, line up a therapist immediately so can start getting the support you need as soon as you give birth. Don't wait until your six-week [postpartum] appointment when they do a depression screen and you realize you're not coping well. You'll have to wait at least another week for the appointment to be made. Why not have that in place? I wish I did."

-- Megan Moody

"Don't assume everyone gets it. Don't assume everyone wants to hear it. My story is scary. Some soon-to-be moms have looked horrified by my story. Some already moms have been scared away by it. Most people are happy to listen, like to be informed. But some do not. Some people are happier thinking it's all going to be ok, not me, I'll be fine. They should at least know, but that's their choice. You can't force people to open their eyes. Be there. Offer help. But don't force it."

-- Carrie Anthony

Other Resources

  • The Leapfrog Group provides performance data on more than 1,800 hospitals and publishes an annual Maternity Care Report. Consumer Reports offers C-section data from more than 1,300 hospitals by ZIP code.
  • The California Maternal Quality Care Collaborative's "toolkits" of protocols to treat life-threatening obstetric complications include infographics, checklists and lengthy backup materials but require (free) registration for access. The Alliance for Innovation on Maternal Health's "bundles" offer similar information in a condensed, easily downloadable form.
  • The Association of Women's Health, Obstetric and Neonatal Nurses (AWHONN)'s Health4Mom site has a "Save Your Life" campaign, including a one-page checklist, to help new mothers recognize post-birth warning signs.
  • Childbirth Connections provides evidence-based information on maternity care. The Preeclampsia Foundation's "Wonder Woman" posts (here and here) put the U.S. maternal mortality numbers in context and offer more strategies for self-advocacy.
  • Postpartum Support International offers many resources for women suffering from pregnancy-related depression, anxiety and mood disorders.
  • Facebook is a gathering place for thousands of women who've experienced life-threatening complications, but many groups are condition-specific and/or closed to non-survivors. One open group worth checking out: The Unexpected Project.
  • Social justice groups are also becoming active around the issue of maternal deaths and near-deaths, with a focus on why African-American women are disproportionately affected. They include the Black Mamas Matter Alliance and Moms Rising.

Correction, August 4, 2017: In an earlier version of this story, a quote was incorrectly attributed to Kristy Kummer-Pred. It has been deleted.

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


The Bogus Claims By Broadband Providers And Their Allies About Net Neutrality

The Techdirt blog has called out -- in plain language -- the bogus claims and distortions by broadband providers about net neutrality rules. Techdirt reported:

"... one of AT&T, Comcast and Verizon's favorite bogus claims about net neutrality rules is that such consumer protections will somehow prevent the sick or disabled from getting the essential internet connectivity they need. For example, Verizon once tried to claim that the deaf and disabled would be harmed if large ISPs weren't allowed to create fast or slow lanes.. this claim that net neutrality rules somehow prevent ISPs from prioritizing essential medical technologies or other priority traffic has always been bullshit. The FCC's 2015 open internet rules (pdf) are embedded with numerous, significant caveats when it comes to creating fast and slow lanes... In fact, the existing rules go to great lengths to differentiate "Broadband Internet Access Service (BIAS),” (your e-mail, Netflix streams and other more ordinary traffic) from “Non-BIAS data services,” which can include everything from priority VoIP traffic to your heart monitor and other Telemedicine systems."

The U.S. Federal Communications Commission (FCC), led by Ajit Pai a former lawyer at Verizon, moved closer to eliminating net neutrality with a preliminary vote in May. For those who don't know or have forgotten, net neutrality is when consumers are in control -- consumers choose where to go online with the broadband they've purchased, and ISPs must treat all content equally. That means no blocking, no throttling, and no paid prioritization. Net neutrality means consumers stay in control of where they go online.

Without net neutrality, consumers lose the freedom of choice. ISPs will decide where consumers can go online, which sites you can visit, and which sites you can visit only if you pay more. ISPs will likely group web sites into tiers (e.g., slow vs. fast "lanes"), similar to premium cable-TV channels. Do you want your monthly internet bill as confusing, complicated, and expensive as your cable-TV bill? I don't, and I doubt you do either.

TechDirt highlighted other bogus claims:

... how net neutrality kills network investment) doesn't stop it from being circulated repeatedly by the army of politicians, think tankers, consultants, fauxcademics, and lobbyists paid to pee in the net neutrality discourse pool.

One of the core perpetrators of this myth is AT&T, which just scored a massive, lucrative $6.5 billion contract to build the nation's first, unified emergency first responder network: aka FirstNet... AT&T isn't worried about net neutrality rules harming medical services, since they've long-been exempted. AT&T's worried about one thing: any rules stopping it from abusing a lack of broadband competition to drive up prices and engage in anti-competitive behavior."

Back in May, the U.S. Federal Communications Commission (FCC) tmoved closer to eliminating net neutrality with a preliminary vote in May.

What can you do? Plenty. Now is the time for more concerned citizens to rise, speak up, and fight back. Write to your elected officials. Tell your friends, classmates, coworkers, and family members. Use this action form to contact your elected officials. Participate in local marches and protests. Join the Fight For The Future. Support the EFF.


Google And Massachusetts Transportation Department Provide GPS Signals In Tunnels

Smartphone users love their phones. That includes Global Positioning System (GPS) navigation services for driving directions. However, those driving directions don't work in tunnels where phones can't get GPS signals. That is changing.

Google and the Massachusetts Department of Transportation (MassDOT) have entered a partnership to provide GPS navigation services for drivers inside tunnels. If you've familiar with Boston, then you know that portions of both Interstate 93 and the Massachusetts Turnpike include tunnels. The ABC affiliate in Boston, WCVB reported last month that the partnership, part of the Connected Citizens Program, will:

"... install beacons inside Boston's tunnels to help GPS connection stay strong underground. Around 850 beacons are being installed, free of charge, as a part of an ongoing partnership between the state and the traffic app... Installation is scheduled to be complete by the end of July... The beacons are not limited to improving their own app's signal. As long as you are using Bluetooth, they are able to help improve any traffic app's connection."

For those unfamiliar with the technology, beacons are low-powered transmitters which, in this particular application, are installed in the tunnels' walls and provide geographic location information usable by drivers' (or passengers') smartphones passing by (assuming the phones' Bluetooth features are enabled).

Bluetooth beacons are used in a variety of applications and locations. The Privacy SOS blog explained:

"... They’re useful in places where precise location information is necessary but difficult to acquire via satellite. For that reason, they’ve been field tested in museums such as New York’s Metropolitan Museum of Art and airports like London Gatwick. At Gatwick, beacons deliver turn-by-turn directions to users’ phones to help them navigate the airport terminals..."

Within large airports such as Gatwick, the technology can present more precise geolocation data of nearby dining and shopping venues to travelers. According to Bluetooth SIG, Inc., the community of 30,000 companies that use the technology:

"The proliferation and near universal availability of Bluetooth® technology is opening up new markets at all ends of the spectrum. Beacons or iBeacons—small objects transmitting location information to smartphones and powered by Bluetooth with low energy—make the promise of a mobile wallet, mobile couponing, and location-based services possible... The retail space is the first to envision a future for beacons using for everything from in-store analytics to proximity marketing, indoor navigation and contactless payments. Think about a customer who is looking at a new TV and he/she gets a text with a 25 percent off coupon for that same TV and then pays automatically using an online account..."

iBeacons are the version for Apple branded mobile devices. All 12 major automobile makers offer hands-free phone calling systems using the technology. And, social network giant Facebook has developed its own proprietary Bluetooth module for an undisclosed upcoming consumer electronics device.

So, the technology provides new marketing and revenue opportunities to advertisers. TechCrunch explained:

"The Beacons program isn’t looking to get help from individual-driver Wazers in this case, but is looking for cities and tunnel owners who might be fans of the service to step up and apply to its program. The program is powered by Eddystone, a Bluetooth Low Energy beacon profile created by Google that works with cheap, battery-powered BLE Waze Beacon hardware to be installed in participating tunnels. These beacons would be configured to transmit signals to Bluetooth-enabled smartphones... There is a cost to participate — each beacon is $28.50, Waze notes, and a typical installation requires around 42 beacons per mile of tunnel. But for municipalities and tunnel operators, this would actually be a service they can provide drivers, which might actually eliminate frustration and traffic..."

There are several key takeaways here:

  1. GPS navigation services can perform better in previously unavailable areas,
  2. Companies can collect (and share) more precise geolocation data about consumers and our movements,
  3. Consumers' GPS data can now be collected in previously unattainable locations,
  4. What matters aren't the transmissions by beacons, but rather the GPS and related data collected by your phone and the apps you use, which are transmitted back to the apps' developers, and then shared by developers with their business partners (e.g., mobile service providers, smartphone operating system developers, advertisers, and affiliates
  5. You don't have to be a Google user for Google to collect GPS data about you, and
  6. Consumers can expect a coming proliferation of Bluetooth modules in a variety of locations, retail stores, and devices.

So, now you know more about how Google and other companies collect GPS data about you. After analyzing the geolocation data collected, they know not only when and where you go, but also your patterns in the physical world: where you go on certain days and times, how long you stay, where and what you've done before (and after), who you associate with, and more.

Don't like the more precise tracking? Then, don't use the Waze app or Google Maps, delete the blabbermouth apps, or turn off the Bluetooth feature on your phone.

A noted economist once said, "There is no free lunch." And that applies to GPS navigation in tunnels. The price for "free," convenient navigation services means mobile users allow companies to collect and analyze mountains of data about their movements in the physical world.

What are your opinions of GPS navigation services in tunnels? If the city or town where you live has tunnels, have beacons been installed?


Wells Fargo Forced Customers To Buy Unwanted And Unnecessary Auto Insurance

Wells Fargo logo Just when it seems that executives at Wells Fargo Bank have seen the light and turned the ethics corner, along comes a news report about another fraudulent program at the bank. The New York Times reported:

"More than 800,000 people who took out car loans from Wells Fargo were charged for auto insurance they did not need, and some of them are still paying for it, according to an internal report prepared for the bank’s executives.

The expense of the unneeded insurance, which covered collision damage, pushed roughly 274,000 Wells Fargo customers into delinquency and resulted in almost 25,000 wrongful vehicle repossessions, according to the 60-page report, which was obtained by The New York Times. Among the Wells Fargo customers hurt by the practice were military service members on active duty."

The internal report, by the consulting firm Oliver Wyman, investigated auto insurance policies sold from January 2012 through July 2016. While this was happening, the bank has been recovering from a scandal where employees opened millions of phony accounts in order to game an incentive system.

Wells Fargo released a statement about how it will help affected with unwanted and unnecessary insurance, and fix its Collateral Protection Insurance (CPI) policies:

"Wells Fargo reviewed policies placed between 2012 and 2017 and identified approximately 570,000 customers who may have been impacted and will receive refunds and other payments as compensation. In total, approximately $64 million of cash remediation will be sent to customers in the coming months, along with $16 million of account adjustments, for a total of approximately $80 million in remediation... in July 2016 Wells Fargo initiated a review of the CPI program and related third-party vendor practices. Based on the initial findings, the company discontinued its CPI program in September 2016... Wells Fargo’s review determined that certain external vendor processes and internal controls were inadequate. As a result, customers may have been charged premiums for CPI even if they were paying for their own vehicle insurance, as required, and in some cases the CPI premiums may have contributed to a default that led to their vehicle’s repossession... Wells Fargo already has been providing CPI-related refunds to some customers and, beginning in August, will send letters and refund checks to customers who are due additional payments. The process is expected to be complete by the end of the year and is as follows:

i) Approximately 490,000 customers had CPI placed for some or all of the time they had adequate vehicle insurance coverage of their own... These customers will receive additional refunds of certain fees and some additional interest. Refunds for this group total approximately $25 million;

ii) In five states that have specific notification and disclosure requirements, approximately 60,000 customers did not receive complete disclosures from our vendor as required prior to CPI placement. In these cases, even if CPI was required, customers will receive a refund including premiums, fees and interest. Refunds for this group total approximately $39 million:

iii) For approximately 20,000 customers, the additional costs of the CPI could have contributed to a default that resulted in the repossession of their vehicle. Those customers will receive additional payments as compensation for the loss of their vehicle. The payment amount will depend on each customer’s situation..."

Do the math. 490,000 customers were overcharged about $25 million, or about $51 per person. 60,000 customers were overcharged $39 million or about $1,950 per person. 34 percent of borrowers (274,000 divided by 800,000) were reportedly pushed into delinquency. Substantial amounts.

Besides reimbursements, the bank said it will work with credit reporting agencies to correct affected borrowers’ credit records. That seems to be the minimum solution. Not only did the bank overcharge some customers, but it also had inadequate controls for both internal processes and external vendors. Which managers were reprimanded, or fired, for those lapses? The bank's statement didn't say. Where were the bank's auditors throughout this mess?

National General Insurance (NGI) underwrote the auto insurance policies for Wells Fargo. A lawsuit by customers named both Wells Fargo and NGI as defendants. And, at least one other law firm is investigating a possible class-action suit.

How does unwanted and unnecessary insurance help customers? Not in any way I can see. Well, it probably helped the bank's profitability for a while.

Reportedly, military service members and their families were among the affected borrowers. And, this latest program isn't the first abuse by the bank of military members and their families. Last fall, the U.S. Justice Department (DOJ) sanctioned the bank for improperly repossessing cars owned by members of the military. The DOJ alleged 413 violations of the Servicemembers Civil Relief Act, and the bank agreed to pay more than $4 million to compensate borrowers affected by seven years of unlawful repossessions.

In June, one U.S. Senator called for the firing of all 12 board members for failing to protect account holders. It seems that unethical executive behavior at the bank will stop only when guilty executives serve jail time; not fines the bank can easily afford.

The whole sordid affair makes one wonder what other programs at the bank remain hidden. What are your opinions? If you received a refund letter and check, please share what you safely can about it below.


Hacked Amazon Echo Converted Into Always-On Surveillance Device

Image of amazon Echo Wired reported how a white-hat hacker provided proof-of-concept that a popular voice-activated, smart home speaker could easily be hacked:

"... British security researcher Mark Barnes detailed a technique anyone can use to install malware on an Amazon Echo, along with his proof-of-concept code that would silently stream audio from the hacked device to his own faraway server. The technique requires gaining physical access to the target Echo, and it works only on devices sold before 2017. But there's no software fix for older units, Barnes warns, and the attack can be performed without leaving any sign of hardware intrusion."

Amazon sells both new and refurbished speakers. Newer models also include cameras. All are probably high-value targets of hackers and spy agencies.

Reportedly, Amazon has fixed the security vulnerability in newer (2017) models. The company advises customers to keep the software on their speakers current, and purchase speakers from trusted retailers. However (bold emphasis added):

"... Barnes agrees that his work should serve as a warning that Echo devices bought from someone other than Amazon—like a secondhand seller—could be compromised. But he also points out that, contrary to the implication of the company's statement, no software update will protect earlier versions of the Echo, since the problem is in the physical connection its hardware exposes.

Instead, he says that people should think twice about the security risks of using an Echo in public or semipublic places, like plans for the Wynn Hotel in Las Vegas to put an Echo in every room."

Voice-activated smart speakers in hotel lobbies and rooms. Nothing could go wrong with that. All it takes is a prior guest, or criminal posing as a hotel staff or cleaning person, to hack and compromise one or more older devices. Will hotels install the newer devices? Will they inform guests?

For guaranteed privacy, it seems hotel guests may soon have to simply turn off (or mute) smart speakers, smart televisions, and personal assistants. Convenience definitely has its price (e.g., security and privacy). What do you think?


Survey: 90 Percent Of Consumers Want Smart Devices With Security Built In

A recent survey of consumers in six countries found that 90 percent believe it is important for smart devices to have security built into the products. Also, 78 percent said they are aware that any smart device connected to their home WiFi network is vulnerable to attacks by hackers wanting to steal personal data stored on the device.

Security importance by country. Irdeto Global Consumer IoT Security Survey. Select to view larger version The Irdeto Global Consumer IoT Security Survey, conducted online from June 22, 2017 to July 10, 2017 by YouGov Plc for Irdeto, included 7,882 adults (aged 18 or older) in six countries: Brazil, China, Germany, India, United Kingdom, and United States. Irdeto provides security solutions to protect platforms and applications for media, entertainment, automotive and Internet-of-things (IoT) connected industries.

Additional key findings:

"... 72% of millennials (ages 18-24 years) indicated that they are aware that any smart device connected to the Wi-Fi in their home has the potential to be targeted by a hacker, compared to 82% of consumers 55+. This indicates that older generations may be more savvy about IoT security or more cautious... More than half of consumers around the globe (56%) think that it is the responsibility of both the end-user and the manufacturer of the product to prevent hacking of smart devices. Alternatively, only 15% of consumers globally think they are responsible, while 20% feel the manufacturer of the device is responsible for cybersecurity. In China, more consumers than any other country surveyed (31%) stated that it is the responsibility of manufacturers. Brazilians led all countries surveyed (23%) in the belief that it is the responsibility of the end-user to prevent hacking of connected devices... Germans expressed the least concern with nearly half (42%) stating that they are not concerned about smart devices being hacked. On the opposite end of the spectrum, Brazilian smart device owners expressed the most concern with 88% of those surveyed saying they were concerned...

And, smart device usage varies by country:

"Regarding the number of smart devices consumers own, 89% of those surveyed have at least one connected device in their home. In addition, 81% of consumers across the globe admitted to having more than one connected device in the home. India led all countries with a staggering 97% of consumers stating that they have at least one smart device in the home, compared to only 80% of US consumers..."

Read the announcement by Irdeto. View the full infographic.

Device security responsibility. Irdeto Global Consumer IoT Security Survey. Select to view larger version


Celebrating 10 Years Online!

Better late than never.

The actual tenth anniversary date, July 1st, quietly slipped by. I've been busy and preoccupied with life (e.g., family, vacation prep, new freelance assignment). So, hopefully today's post will remedy that oversight.

10 years and one month ago, I started I've Been Mugged. Since then, plenty has happened with identity theft, privacy, data breaches, technology, and surveillance. This blog has been a good tool to organize news, resources, new threats, trends, and observations.

First, I'd like to thank all I've Been Mugged readers. I am grateful for your readership and for the comments you have submitted. We have explored together many interesting topics.

Second, I'd like to thank the bloggers and the consumer advocates I've met online. Without their suggestions and encouragement, The quality of I've Been Mugged posts wouldn't be as high. Some bloggers I'd like to thank by name: Pogo Was Right, Garrett Cobarr, Privacy Divas, the Privacy Crusader, Michael Krigsman, Drew McLelland, and Ronni Bennett (who leads by example far more than she realizes).

Third, it is a time for me to thank  my guest authors, including R. Michelle Green. The reporters at ProPublica continue to provide content which is informative, insightful, and often not available anywhere else. Personally, it is hard at times that Bill Seebeck is no longer with us. For decades, Bill's deep experience in banking and public relations was a valuable resource.

And, I especially want to thank my wife, Alison. Without her support and flexibility, I couldn't write I've Been Mugged.

What's next? The rapid, constant pace of technological change provides plenty to blog about: privacy news, the Internet of Things (ioT), threats from hackers and government surveillance. Broadband services continue to evolve, so news about the FCC, net neutrality, and community broadband will continue to be hot topics, too. If it's a controversial issue that has privacy concerns, we'll cover it.

If you are a new visitor, there are several easy ways to explore my blog:

  • The right column includes a tag cloud with subjects
  • The right column also includes featured blog posts
  • If you don't see a topic you want, try the search box on the right
  • To find older blog posts, select Archives in the top horizontal navigation bar
  • The right column includes a list of recent blog posts with comments by readers. Join a discussion today!
  • You can easily follow Ive Been Mugged on Facebook, Twitter, or via e-mail. Tell your friends!