Previous month:
October 2013
Next month:
December 2013

12 posts from November 2013

Happy Thanksgiving!

Thanks to all of my readers for your readership and support. I wish you and your family a happy and safe holiday.

I, too, will be at home with family to appreciate what I have. Part of what I am thankful for is that I am not forced to work on the holiday. Nor will I shop on Thanksgiving day (and Friday at 12:00 am). Robert B. Reich, Chancellor’s Professor of Public Policy at the University of California at Berkeley, and former Secretary of Labor, summarized the situation well:

"At least a dozen U.S. mega-retailers are opening for the first time this Thanksgiving Day. It’s the latest example of the race to the bottom led by Walmart, the nation’s largest employer, which for years has scheduled work on Thanksgiving. The expansion of hours will take more than a million employees away from their families during the holiday. The big retailers say it’s their employees’ choice, ... but it's hardly a choice: If they’re scheduled but don’t work, it’s counted as a missed day, and too many missed days mean they’re fired. If they’re working part-time (as an increasing number are) they can’t afford not to work when they’re scheduled to... Please support Walmart workers – and, by extension, low-wage workers across America – by boycotting Walmart this Friday. You might go a step further: Don’t shop in any big retailer Thanksgiving Day."

You might also read this commentary why people who shop on Thanksgiving are part of the problem. Instead, shop at national retailers that have pledged to remain closed on Thanksgiving Day. Some posts in this blog about Walmart:

10 Tips For Safe Holiday Shopping With Your Smart Phone

The New York State Attorney General and the San Francisco District Attorney, as part of the Secure Our Smartphones program, issued a set of safety tips and advice for consumers while shopping during the holiday season. While nobody wants to be a victim of identity theft and fraud, the fact is 113 smart phones are stolen every minute in the United States.

During 2012, more than 1.6 million Americans had their smart phones stolen. Smart phone robberies have increased so much that there is a term for it: "Apple picking." The ten worst cities for smart phone robberies are Philadelphia (PA), Seattle, Oakland (CA), Long Beach (CA), Newark (NJ), Detroit, Cleveland, Baltimore, New York, and Boston.

The Secure Our Smartphones program is an international coalition of prosecutors, police chiefs, state and city comptrollers, and public safety activists committed to presuring the industry to find more effective ways to fight smart phone robberies that often turn violent. Program co-chairs include New York State Attorney General Eric T. Schneiderman, San Francisco District Attorney George Gascón, and London Mayor Boris Johnson.

10 tips to protect yourself and the sensitive, personal information on your smart phone:

  1. Prevention: be aware of your surroundings. Don't walk and text. Keep your smart phone in your pocket, purse, or backpack.
  2. Prevention: don't lend your smart phone to strangers.
  3. Prevention: keep your smart phone out of sight when not in use. Don't leave your smart phone on a table in public.
  4. Use the security features on your smart phone: password-protect your smart phone or mobile device.
  5. Write down and store in a safe place at home the model number, serial number, and unique device ID number for your mobile device.
  6. Install security apps, so you can remotely track, lock, and delete the data on your phone if it is stolen. Apple users: upgrade to iOS7 and enable the "Find My iPhone" feature. Android users: activate the "Android Device Manager" feature. Consider third-party security apps.
  7. If your phone is stolen: respond quickly, just as if a credit card was stolen. Report the theft to your wireless communications provider.
  8. If your smart phone is stolen: file a police reort and include data from #5 in the report. You'll need a copy of the police report when filing insurance claims. And, this report will help local law enforcement monitor popular mobile device re-sale websites.
  9. If your phone is stolen: activate and use the security apps you installed. (See #6.)
  10. Cloud services: Applie iPhone users should sign into their Cloud account, go to "Find My iPhone," and set your phone to Lost Mode.

Smart phone usage for online banking is about 21 percent, and about 15 percent for mobile payment apps. Recently, Google launched a prepaid card with its mobile wallet app. If you are one of these mobile users, then not only are the above security tips critical, but it's wise to check the contract or agreement with the bank or payment service. If your smart phone is stolen, you may have additional notification responsibilities.

The Google Wallet Prepaid Card. Is It a Good Deal?

Recently, Google launched the Google Wallet Card, a new, physical prepaid card you can use in addition to using your smart phone to pay for purchases via the Google Wallet service. Readers of this blog know that I've discussed prepaid cards at length in this blog.

So, the appropriate question: is the Google Wallet Card a good deal?

To answer this, first I read the card announcement at the Google Commerce blog. The Google Wallet Card is structured like any other prepaid card. You add money to it, and then use the available balance on your card to make purchases in retail stores and/or to withdraw cash at ATM machines. You must have a Google Wallet account, first. The blog post announcement said that the Google Wallet Card can be used at "millions of MasterCard(R) locations." That seems partly true. Keep reading.

Google Wallet Card users also need the Google Wallet app running on their smart phone. The app provides notifications about purchases with the Card, and allows Card users to check their available card balances, add money to their Wallet/Card, and perform related tasks. Right now, Google Wallet users can order the Google Wallet Card for free.

Then, I visited the Google Wallet Card FAQ page, which is buried within the Google Wallet website. The page clearly stated that the Google Wallet Card can only be used within the United States. So, the announcement in the Google Commerce blog is a little misleading, and not quite accurate.

Also, there are transaction limits with the Google Wallet Card:

  • The maximum you can spend is your Google Wallet balance or $5,000.00 per 24 hours
  • The maximum you can withdraw from an ATM machine is $300.00 per 24 hours

There seem to be fewer fees with the Google Wallet Card. Google does not charge the following fees to Google Wallet Card users:

  • Retail store purchases with the Google Wallet Card
  • An annual or a monthly fee
  • A card activation fee
  • Cash withdrawals at ATM machines
  • Checking balances at ATM machines

There are fees if you add money from a debit/credit card, but no no fees if you add money from a checking account. So, how you use the Card matters. I found it extremely helpful to read the page listing fees for both the Google Wallet and the Google Wallet Card. The fee-listing page is a site page Card users will probably want to refer to frequently, since fees can change.

More importantly, this page provides the warnings that the bank or ATM network (e.g., NYCE, Cirrus, Plus, etc.) may charge fees for cash withdrawals and checking balances at ATM mchines. The fee-listing page doesn't list the specific fees banks or ATM networks might charge. It just gives the general warning.

I found this general warning a disappointment. It would be more helpful if the fee-listing page included these additional fees, so Google Wallet Card users would know in advance what fees they will likely encounter at ATM machines.

At the Google Wallet Card FAQ page, I looked for links to the fee schedule or Card agreement. I've learned that these documents specify all relevant details. I did not see links prominently in the Google Wallet Card FAQ page. This was a disappointment. Users should not have to hunt for these links, as I did.

The page footer at the Google Wallet site contains a link to the Google Wallet Terms of Service agreement. This agreement contains important information about the Google Wallet Card:

"6.5 Google Wallet Card - (a) Issuance of the Google Wallet Card. GPC may arrange for Bancorp to provide you with access to a MasterCard branded physical debit payment card, the Google Wallet Card. By using the Google Wallet Card, you also agree to the Google Wallet Card Terms of Use, which may be updated from time to time. For avoidance of doubt, the Google Wallet Card Terms of Use are between you and Bancorp, not Google or GPC..."

So, the Terms of Servce identifies the bank Google Wallet Card users do business with. And, it confirms that the site does contain an agreement (or contract) specifically for Google Wallet Card users. You just have to hunt a little to find it. That agreement/contract is between the Card user and Bancorp. The Google Wallet Card Terms of Use contains some important terms, including but not limited to:

"If you use your [Google Wallet Card] at an automated fuel dispenser (“pay at the pump”), the merchant may preauthorize the transaction amount up to $100.00 or more. If your Card is declined, even though you have sufficient funds available, pay for your purchase inside with the cashier. If you use your Card at a restaurant, a hotel, for a car rental purchase, or for similar purchases, the merchant may preauthorize the transaction amount for the purchase amount plus up to 20% or more to ensure there are sufficient funds available to cover tips or incidental expenses incurred. Any preauthorization amount will place a “hold” on your available funds until the merchant sends us the final payment amount of your purchase. Once the final payment amount is received, the preauthorization amount on hold will be removed. It may take up to seven (7) days for the hold to be removed. During the hold period, you will not have access to the preauthorized amount."

For security reasons, I almost never use a debit/credit/prepaid card at gas station pumps becasue it is extremely easy for identity theives to tamper with gas station pumps. When gas stations are closed, the pumps are usually unattended and left out in the open where anyone can access them.

So, is the Google Wallet Card a good deal? Only you can decide for yourself as you know your financial situation best. The above transaction limits may or may not fit with your lifestyle and financial needs. Your current debit- or prepaid card may offer fewer or no fees for ATM machine usage. Hopefully, I have highlighted the issues and terms to consider to make an informed decision.

The Google Wallet Card is not for me because I avoid using any prepaid cards due to many fees and fewer consumer protections. My current mix of credit cards and a debit card with my bank fulfill my banking needs.

If you already use Google Wallet, then the Google Wallet card may be a useful option at retail stores that don't accept the smart phone payment method. CNN Money said this about why Google introduced a prepaid card:

"[Google Wallet] hasn't really taken off, however -- iPhones haven't adopted the technology necessary to use the in-store payment feature, and many retailers don't have the appropriate point-of-sale equipment to process the transactions."

What's your opinion of the Google Wallet prepaid card?

Questionable Placement Of A Website Banner Ad

Below is a screen image of a right-column online advertisement ("Dallas: Big Things Happen Here") with extremely poor placement at the Texas Monthly website. I can't tell for sure, but the online ad seemed to have run in this position all day Friday, November 22, 2013 -- the anniversary of the President's assassination. Select the image to view a larger version.

Banner ad on Nov. 22, 2013 at the Texas Monthly website

Remembering November 22, 1963 and a Life Cut Short

November 22, 1963 was a day I will never forget. I was in school: third grade in Harlem in New York city. The teachers seemed to know first about the shooting, and then told the students.

While walking home after school (about 3 pm), we listened to car radios for updates. Everyone knew this was huge news. Huge. People were huddled around whatever transistor radio was nearby. back then, there were no boom boxes, no Internet, no home computers, no smart phones. A lot of people in Harlem did not have landline telephones, either.

Most people had transistor radios. Many people in Harlem did not yet have televisions. While my family had a small black-and-white television, we would not get a color television for another 5 years. Radio and print newspapers were our primary news sources.

That evening after my mom came home from work, my mother, father, and I discussed the day's events. I had a lot of questions.

How could somebody shoot the President? Why would somebody want to shoot the President? Why would somebody kill a President? That was my first impresson of Dallas, Texas.

I didn't have any questions about why some people hate others, becuase we regularly watched the evening news on television as a family. I'd already seen news reports about the Civil Rights movement, marches, police turning fire hoses on protesters, interstate bus bombings, and lynchings.

On that day in 1963, nobody realized that in another five years we all would experience several more shootings of major figures.

EFF Shares Results Of Its Survey About Data Encryption By Vendors

The Electronic Frontier Foundation (EFF) released the results of its survey about which companies encrypt transmissions of users' information. Encryption is important to protect consumers against extensive surveillance by the NSA and other agencies:

"By adopting these practices, described below, these service providers have taken a critical step towards protecting their users from warrantless seizure of their information off of fiber-optic cables. By enabling encryption across their networks, service providers can make backdoor surveillance more challenging, requiring the government to go to courts and use legal process."

This is important because of the warrant-less surveillance by the NSA:

"The National Security Agency’s MUSCULAR program, which tapped into the fiber-optic lines connecting the data centers of Internet giants like Google and Yahoo, exposed the tremendous vulnerabilities companies can face when up against as powerful an agency as the NSA. Bypassing the companies’ legal departments, the program grabbed extralegal access to your communications, without even the courtesy of an order from the secret rubber-stamp FISA court..."

The infographic below contains the results of the EFF survey:

EFF Encryption Survey results. November 2013

Coin: A New Service Combines Several Payment Cards On A Single Card. Is It a Good Deal?

Coin, a new credit-card like payment device, has received a fair amount of press coverage recently. If you haven't heard about Coin, which will debut in 2014, it is a new service that allows you to store payment information for up to eight credit-, debit-, and prepaid cards on a single card-like device. You can use the Coin service to lighten your wallet or purse by leaving at home all of your physical plastic cards. And, Coin has some nifty features that work with your smart phone. If you pre-order Coin now, it'll cost you either $50 or $100.

So, the next appropriate question: is Coin a good deal?

Many technophiles I know will pre-order Coin now and start using it when it becomes available next summer. They like to use the next new, shiny, mobile device or service. Nothing wrong with that. I prefer to look a little deeper first.

We've all experienced products, services, and social networking websites that promote convenience while the cost, or price we pay, has usually been our privacy and personal information. So, when a new financial payment device promotes convenience, I'm inclined to investigate first.

To answer this question, I first read the Coin Master Terms of Service (CMTOS) dated October 1, 2013; which you should, too. It helps you understand more about the service, what you get, and what your responsibilities are. After reading this document, I quickly learned that the Coin card includes software embedded on it:

"1. USE OF THE SERVICE. You are solely responsible for the use of the Service. By using the service you acknowledge that your use of the Service is solely at your own risk... Subject to the Terms, Coin grants you a limited, non-exclusive, non-transferable, revocable license to use any software that is provided by Coin that is pre-installed on, embedded in or incorporated into the Coin Card (“Embedded Software”)..."

Okay. That is good to know as a starting point. Section 9 of the CMTOS says that users aren't allowed to:

"... Access or use the Site for any comparative or competitive research purposes;"

Huh? Part of deciding whether or not to use any financial product or service is to research it and compare it against alternatives. This term struck me as most odd and curious. Maybe the lawyers at Coin rule.

With any new service or new product, i want to know exactly what I am getting for my money. That includes what happens when things go wrong. Nothing in life is is perfect. Good customer service includes help when things go wrong. Section 4 of the CMTOS:

"... If you have any reason to believe that your account information has been compromised or that your account has been accessed by a third party, you agree to immediately notify Coin by e-mail [email protected]. You are solely responsible for your own losses or losses incurred by Coin and others due to any unauthorized use of your account."

That seems pretty clear. And if your Coin card is lost or stolen:

"... you should immediately contact the customer service department of your credit card company and/or bank to suspend access to the financial accounts associated with your Coin Card. Additionally, you should use the App to disable your Coin Card until the Coin Card is recovered or replaced. If your Coin Card is lost, damaged or stolen you may purchase a replacement card..."

That seems pretty clear, too. I was hoping that the folks at Coin might help with notifying banks and card issuers of lost/stolen credit/debit/prepaid cards since they would already have all of my information for each debit/credit/prepaid card loaded on my Coin card. I guess not. If your account or Coin card are hacked and your money is stolen, then you are on your own to notify each card issuer, and to absorb any financial losses. Maybe your bank or financial institution will help and reimburse your for any stolen funds... or maybe they won't.

Perhaps most importantly, CNN Money reported that Coin doesn't have the approval of the credit card issuers and networks. That approval seems critical to me before ordering (or pre-ordering) Coin. It seems wise for consumers to check the terms of service or contract for any credit card to make sure a device like Coin isn't prohibited.

Sections 13 and 14 both seem to reinforce the you're-on-your-own theme:


If the Coin site, mobile app, or Coin card are hacked or contain malware, you still are on your own. In my opinion, any site that compiles financial payment information for users is a high-value target by hackers. Hackers go where the money and salable user information are.

So, not only are you on your own but you give up certain rights. See section 16 of the CMTOS:

"... In the interest of resolving disputes between you and Coin in the most expedient and cost effective manner, you and Coin agree that any and all disputes arising in connection with this Agreement shall be resolved by binding arbitration... Arbitration uses a neutral arbitrator instead of a judge or jury, may allow for more limited discovery than in court, and can be subject to very limited review by courts... You understand and agree that, by entering into these Terms, you and Coin are each waiving the right to a trial by jury or to participate in a class action... No Class Actions. YOU AND COIN AGREE THAT EACH MAY BRING CLAIMS AGAINST THE OTHER ONLY IN YOUR OR ITS INDIVIDUAL CAPACITY, AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE PROCEEDING. Further, unless both you and Coin agree otherwise, the arbitrator may not consolidate more than one person’s claims..."

Maybe these rights (e.g., to sue, to join with other consumers) aren't important to you, or maybe they are important. I mention this so you know what rights you may give up. And, Coin uses are liable for certain fees should you pursue arbitration. In my opinion, companies have introduced this into their policies to limit their financial exposure. To me, it is the loss of important rights for consumers. Since technology moves forward far faster than federal, state, and local laws, differences of opinion are likely... and hence, disputes.

Keep reading. There's more.

Next, I read the Coin Privacy Policy (also dated Oct. 1, 2013), because privacy policies often indicate what specific personal information is collected and shared. That sensitive, personal information the policy refers to as "Personally Identifiable Information" (PII). The policy doesn't list all data elements, but provides some examples:

"Examples of personal information include name, email address, mailing address, mobile phone number, and credit card or other billing information. Personal information also includes other information, such as date of birth, geographic area, or preferences, when any such information is linked to information that identifies a specific individual..."

Anytime I see the words "examples" and " such as" in this context, I assume that much more personal information will be collected. The Coin service collects personal information (PII) you directly provide and information you indirectly provide through your usage:

"... we may automatically record certain information from your device by using various types of technology, including “clear gifs” or “web beacons.” This "automatically collected" information may include your IP address or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or just after you use the Service, the pages or other content you view or otherwise interact with on the Service, and the dates and times that you visit, access, or use the Service. We also may use these technologies to collect information regarding your interaction with email messages, such as whether you opened, clicked on, or forwarded a message."

So, like most other social networking sites, you are the product and Coin will collect an extensive amount about both you and your activities through the Coin card, mobile app, and website.

When I read both policies I looked for language that stated whether or not Coin collects my purchase or transaction information (e.g., amount, store, location, items). That is where the value is. Banks know this and already collect consumers' purchase information. To me, it is reasonable to assume that Coin will collect this purchase information also.

The policy mentions third-party vendors, but doesn't state what information is shared with these vendors. So, information may be shared or not. It's hard to tell from the policy language. Just because the policy is silent about whther certain data is collected and/or shared, doesn't mean it won't. So, I assume some information is collected and shared to make it attractive for third-party vendors to participate. Perhaps, a future privacy policy version will be more precise.

Next, the privacy policy addressed data security:

"We cannot, however, ensure or warrant the security of any information you transmit to us or store on the Service, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards."

Next, Coin has a security feature that CNN Money reported could also be problematic: it relies upon your smart phone being on and nearby. The security feature deactivates the Coin device if it is far from your smart phone (with the Coin app loaded). So, if your smart phone battery has died or your phone is broken, then your Coin card won't work. Nightmare scenario #1: you are at the phone store to buy a replacement battery for your dead smart phone, but you can't because the credit/debit credentials on your Coin card are locked. Only you know how often you fail to charge your smart phone and/or been stranded somewhere with a dead smart phone. Nightmare scenario #2: while you wait for your smart phone insurer to send a replacement smart phone for the one you lost/damaged/dropped, you can't use your Coin card.

last, Coin's convenience is limited. You can load an unlimited number of cards into your Coin account, but only up to eight (8) cards onto your coin device. So, a certain amount of shuffling is required for those who are heavy shoppers with lots of plastic in your wallet/purse.

So, is Coin a good deal? Only you can decide for yourself. Hopefully, I've highlighted some of the issues to consider. As a wise person once said: the devil is in the details.

Coin is not for me. I do not want to include yet another vendor in my purchases, as there are already many vendors involved in consumers' payment transactions -- all who want my purchase information for their own "big data" or data-mining purposes. Thanks to NSA surveillance, we've learned that metadata is extremely valuable, too. To me, convenience alone is not enough for a vendor to gain access to my purchase transactions.

Plus, the executives at Coin seem to have done, what appears to me to be, a masterful job at crafting online policies that effectively limit their liabilities, limit rights, and place a burden on Coin users that I find unacceptable.

If you have and use eight credit cards, one could argue you have bigger issues to address with credit. Me? My wallet is already light enough -- intentionally. I use only one credit card when shopping, avoid using prepaid cards (due to many fees and fewer consumer protections), and use my debit card only at my bank's ATM machines once weekly. Some membership cards have optional prepaid features, which I don't use for purchases because of the many fees on prepaid cards. Plus, the supermarket chain I shop at discontinued its loyalty-card program. So that card has already been destroyed. Plus, more retailers will replace their loyalty-card programs with newer, more comprehensive tracking technologies (e.g., smart shopping carts, video-camera-enabled mannequins, wristbands, WiFi hotspots, smart trash bins, etc.) in physical stores.

What's your view of the Coin service?

Federal Health Care Portal Experienced Ongoing Cyber Attacks By Hackers

On Thursday, the Examiner Free Republic reported that during Congressional testimony before the House Homeland Security committee:

"... Roberta Stempfley, acting assistant secretary of the Department of Homeland Security’s Office of Cyber-security and Communications, who confirmed at least 16 attacks on the Affordable Care Act’s portal website in 2013..."

Watch video of Stempfley's testimony. There were several types of attacks including one attempted:

"... Distributed Denial of Service (DDoS) attack. A DDoS attack is designed to make a network unavailable to intended users, generally through a concerted effort to disrupt service..."

The hackers or groups sharing the DDoS software tools:

"...Right wingers have been distributing the link to the necessary tools to perform the attacks on the website through social networking, as pointed out by Information Week, and other websites. The name of the attack tool is called, "Destroy Obama Care!"

The Information Week article reported:

"What of the "Destroy Obama Care!" tool's premise that it allows users to exercise their right to civil disobedience? On this front, the tool's author has read his or her U.S. legal code incorrectly. Indeed, U.S. law enforcement agencies have vigorously prosecuted people who launch DDoS attacks against any website."

It'll be interesting to see who is prosecuted and jailed for this. Whether or not you agree with the Affordable Care Act, it is law. It is hypocritical to criticism something for its availability failure while silently and simultaneously hacking it at the same time. Shameful.

[Correction: An earlier version of this article linked to a news story at the Examiner(dot)com site. Since that site and article have been removed online, they were replaced with a link to the Free Republic, which replicated the news story. The Aegis Cyber Security site also reported the hacking attempt.]

How To Lock Down Your Facebook Privacy Now That Old Posts Are Searchable

Facebook logo If you have used Facebook for several years, then you have a lot of posts in your timeline. A lot. With the new Facebook Search feature, those old posts are searchable. And many of those old posts probably have weak privacy settings: the "Public" or anyone can search and view them. You probably don't want those old posts and photos of you high or drinking (to excess) to be searchable. It could cost you a job, result in a rejected college application, or affect your credit-worthiness.

What to do? You could spend the next week 24/7 non-stop deleting all of your old posts and/or changing the privacy setting on each old post to "Friends Only." A faster method to protect your privacy is to use Facebook's "Limit Past Posts" privacy setting. I'll bt you didn't know that this security setting exists, since Facebook makes its interface difficult to find and use for security settings.

Here is how to find and use the "Limit Past Posts" security setting:

  1. Sign into Facebook and click on the Security Shortcut icon in the upper right corner. That's the thingy with the lock icon.
  2. A drop-down menu will appear. Select "See More Settings"
  3. On the next page, select the "Limit Past Posts" link
  4. The page will expand to reveal two links. Select the "Learn about changing old posts" if you want to learn more about this security feature. Otherwise, select the the "Limit Old Posts" button.
  5. Facebook will try to dissuade you from making this security change by, a) asking if you are sure you want to proceed, and b) telling you that this change cannot be undone. Yes, you are sure. Proceed and select the "Confirm" button.
  6. On the next screen, select the "Close" button and you are done.

If these instructions aren't clear, see the Gizmodo article with screen images.

How To Opt Out Of Tracking Programs And Keep As Much Privacy As Possible

Your online activity is tracked by a wide variety of technologies, not just web sites. For example, all of the major search engines (e.g., Google, Bing, Yahoo) track your search history. If you use one of the major search engines, then you will need to opt-out of the search engine history tracking at each search engine. This Mashable article contains instructions plus links to the opt-out mechanisms for each search engine.

Me? I use the DuckDuckGo search engine instead. There is nothing to opt-out of because DuckDuckGo doesn't collect anything.

Simiilarly, the social networking websites you use track your online activity and will use your name and photo in their online advertisements if you let them. To avoid this, you'll need to opt-out of the advertisement features at each social networking website you use. For example: sign in to Twitter and navigate to Settings, and then Security and Privacy. On that page, uncheck the boxes next to Promoted Content and Tweet Location. For Facebook, navigate to General Account Settings, and then to Ads. Clcik Edit and select "No one" for Third Party Sites. Click Edit and select "No one" for "Ads and Friends."

This Masahable article contains instructions for how to opt out of advertisements on Google services.

The web browser you use also tracks your online activity. So, the steps you must take to deactivate HTTP cookie tracking depends upon which web browser you use. According to Masahable, to opt out of cookie tracking Mozilla Firefox users must:

"In Firefox's Privacy panel, click on the area next to Firefox will: and select Use custom settings for history. Once selected, remove the checkmark in the Accept Cookies box."

See the Masahable article for instructons for Google Chrome users. I also use the Better Privacy add-on for Firefox to regularly delete HTTP and other Locally Shared Objects (LSO) cookies.

Also, there may be settings on your mobile device to turn off any sharing with your mobile device manaufacturer, mobile operating system manufacturer, and/or telecommunications provider. None of the above methods will stop sharing of your purchases with your bank, credit-card, debit-card, and/or prepaid card provider.

Remember, all of these services and technologies, including your mobile device (e.g., tablet, smart phone), that collect data also collect metadata. All of this online data collection can make the Internet a pretty frustrating tool at times. In response to the perceived (and real) lack of online privacy, more and more users in Australia provide fake information while online to blunt companies' data collection and tracking. And, if infected with the appropriate computer virus, your smart phone may continue to track you even when turned off.

Johnson & Johnson to Pay $2.2 Billion to 46 States To Settle Alleged Unfair Marketing

On Monday, the California Attorney General announced a settlement with Johnson & Johnson regarding alleged unfair marketing practices by its Janssen Pharmaceuticals subsidiary. About 45 other states participated in the $2.2 billion settlement. California's share of the settlement is $89 million.

The settlement resolved allegations of:

"... unlawful marketing practices, including off-label promotion and kickbacks, to promote the sales of [Janssen's] atypical antipsychotic drugs, Risperdal and Invega... As part of this global resolution, the companies have agreed to resolve civil liabilities for their alleged unlawful conduct, which caused false and/or fraudulent claims to be submitted to Medi-Cal and improper Medi-Cal purchases..."

Terms of the settlement require the companies to o compensate the Medicaid programs. The companies will pay $1.114 billion as the combined federal and states’ share of the civil settlement for both drugs. The California Department of Health Care Services will be reimbursed for $44.5 million in losses from the fraud. the remainder will pay for Medi-Cal fraud and enforcement efforts. Also:

"Janssen Pharmaceuticals, Inc. plead guilty to a criminal misdemeanor charge of misbranding Risperdal in violation of the Food, Drug, and Cosmetic Act. As part of the criminal plea, Janssen has agreed to pay an additional $400 million in criminal fines and forfeitures."

California Attorney General Kamala Harris said about the settlement:

"Motivated by profit, these companies made false claims that jeopardized the health of California’s most vulnerable patients, including children and senior citizens—and left California taxpayers with the bill... Today’s record settlement reinforces the California Department of Justice’s commitment to rooting out this kind of greed...”

Some of the other state attorney generals that announced this settlement include Florida, Maryland, Massachusetts, and New York.

On the same day, Johnson & Johnson and two of its subsidiaries (e.g., Janssen Pharmaceuticals, and Scios, Inc.) announced that the settlement agreement included 45 states plus the U.S. Justice Department. This resolved allegations about the marketing of Invega and Naturecor by Scios Inc., plus allegations about Janssen's interactions with Omnicare, Inc., pharmacy services.

U.S. Department Labor Division Recovered $1.2 Billion During 2012 For Employer Benefit Programs

Within the U.S. Department of Labor (DOL) federal agency, its Employee Benefits Security Division (EBSA) oversees employee benefits programs, including about 707,000 retirement plans, 2.3 million health plans, and related employer-sponsored benefits plans (e.g., stock plans, IRA plans). All of these plans cover about 141 million individuals (e.g., employees and their dependents), with assets of about $7.1 billion.

The oversight function by the EBSA includes enforcement when employers violate labor laws. During 2012, the EBSA:

"... closed 3,566 civil investigations, with 2,570 (72.1%) resulting in monetary results for plans or other corrective action. EBSA often pursues voluntary compliance as a means to correct violations and restore losses to employee benefit plans. However, in cases where voluntary compliance efforts have failed, or which involve issues for which voluntary compliance is not appropriate, EBSA forwards a recommendation to the Solicitor of Labor that litigation be initiated. In FY 2012, 218 cases were referred for litigation..."

Also during 2012, the EBSA closed 318 criminal investigations and indicted 117 persons about crimes related to benefits plans. All of that agency activity, including both voluntary and involuntary compliance, resulted in the EBSA achieving about $1.27 billion in monetary results. That's a huge amount of money that employees would have lost otherwise.

Some examples of employer violations and EBSA resolution activity during 2012:

Another way to look at this enforcement activity: it's a lot of companies -- a lot of senior executives -- violating wage laws. It's not just low-wage or immigrant employees affected, but white-collar, middle-income employees (and their families) affected.

The EBSA also operates an Informal Complaint process, where employees can submit complaints about alleged violations and abuses. During 2012, the EBSA:

"... EBSA's Benefits Advisors closed nearly 240,000 inquiries and recovered $260.7 million in benefits on behalf of workers and their families through informal resolution of individual complaints..."

This is government working effectively, folks. Employees can submit complaints by contacting the EBSA via its toll-free phone number (1-866-444-3272), or visit

To read the full report, download the 2012 EBSA Fact Sheet (Adobe PDF, 52.9K). The latest EBSA Fact Sheet is also available online.

I look forward to reading about the EBSA's performance during 2013, despite the 16-day federal government shutdown which cost the country an estimated $24 billion, and which probably hampered EBSA performance.