

The privacy risk of behavioral profiling - rdl
https://godpraksis.no/2015/07/the-privacy-risk-of-behavioral-profiling/

======
rm_-rf_slash
Pick a person, any person. Put together all of the data and metadata that can
be legally acquired. Strip out the context and put it in front of a judge. Get
a search warrant. Hoover up everything else.

With enough information, anybody can be demonized. Can the presumption of
innocence even exist in the age of information?

~~~
hga
Not a new concept, e.g. this common but disputed quote of Cardinal Richelieu:

 _Qu 'on me donne six lignes écrites de la main du plus honnête homme, j'y
trouverai de quoi le faire pendre._

If you give me six lines written by the hand of the most honest of men, I will
find something in them which will hang him.

------
steventhedev
A few things: keystrokes is only part of the data collection. I wouldn't be
surprised if they're also looking at mouse movement, or the actual keystroke
pattern (backspaces and such).

But it does raise an interesting idea: build a fuzzer that you can use to
change "profiles". Rather than making yourself mechanical, put on a different
face.

Also, I'd like to see a concept website that used keystroke data to
authenticate a user instead of a password. Basically, give them a "passphrase"
or somesuch that is presented in cleartext with the instructions: "type this
phrase".

------
rdl
The Register has an article:
[http://www.theregister.co.uk/2015/07/28/behavioural_profilin...](http://www.theregister.co.uk/2015/07/28/behavioural_profiling_defeating_typing_biometrics/)

------
thorsheim
Some use mouse movements, others do not. The behaviosec used it, but didn't
influence anything in the end.

