Social Media for Insurance Investigations

May 26, 2013 0 Comments Bloggies by Graham Penrose

It is imperative that a company has a social media policy to reference when conducting investigations, stresses Constable Richard Gadreau, social media officer with the Niagara Regional Police Service. More than one-third of insurance companies who use social media in any capacity don't have a social media strategy, he said, speaking Friday at the 2013 Ontario Insurance Adjusters Association’s Provincial Conference, held by the group's Niagara Falls chapter. The reason for not having a policy in place is two-fold, Gadreau said: top management doesn’t support its usage, and there is a lack of skill or know-how.

“They don’t have boundaries, they don’t have policies and procedures and how-tos for their company,” Gadreau said. “That’s a bit of a red flag for me, because if you don’t have something that sets out ‘this is how we are going to operate,’ you are setting yourself up for more criticism.” Social media can play a large role during an investigation, but if the information is not credible, and the case ends up in court, it could be worth nothing.

Social Media as a Tool for Corporate Investigators

May 24, 2013 0 Comments Bloggies by Graham Penrose

Increasingly, corporations are hiring investigators to trawl social-media sites for intelligence about competitors and to watch for insider leaks, product complaints and evidence of employee misconduct. Investigators still use the old-fashioned ways -- snapping photos, global positioning devices, tunneling through criminal files. But today's corporate sleuths spend more time mining the mass of information people put online about themselves. Private-equity firms and hedge funds regularly hire externals as part of the process of due diligence before they plow hundreds of thousands or millions of dollars into a company. They want to make sure the management team is clean and who they say they are. More than 82 percent of companies use social media to find out information about their competitors, according to a Forrester Research survey in 2011 of more than 150 companies.

Corporate investigators use social media to look for illegal activity, undisclosed business interests and resume puffing. For one client who needed help collecting money from a businessman who pleaded poverty, social media showed the businessman was hiding assets. The businessman's son posted comments on about hanging out at his dad's place in the Bahamas, with photos of the property. Based on these comments the asset search was extended to the Caribbean. The hazards of an accidental online disclosure also tripped up Hewlett-Packard Co. when a vice president mentioned the computer maker's new web-storage initiative on his LinkedIn profile. Business rivals got a look at previously secret details of the company's cloud-computing services.

Challenges justifying covert surveillance of employees

May 20, 2013 0 Comments Bloggies by Graham Penrose

Recently a decision was made in a European country concerning the justifications required by employers before sanctioning the covert surveillance of employees by external parties. The Data Protection authority in question received a complaint from an individual concerning the processing, without his knowledge or consent, of both his and his children's personal data by his employer. The complaint involved the obtaining and processing of his personal data and that of his children by way of a private investigator producing footage of his movements and his children's movements on a DVD for the company without his knowledge or consent.

The Data Protection authority in question commenced an investigation into the matter by writing to the company. They informed the company of its obligations under the Data Protection Acts and asked for its comments on the complaint. The company informed The Data Protection authority in question of the circumstances which led to it hiring a private investigator to check on the employee's activities. According to company, the complainant was employed as a sales representative and, as such, spent virtually all of his time away from the company's premises. It stated it became concerned that the employee was not carrying out his duties as required by his contract of employment and it decided it was necessary to check on his activities in his sales territory. A private investigator was engaged to check on the employee's activities in order to establish whether or not he was performing his duties. The private investigator recorded the movements of the employee for a period of approximately one week and produced a DVD of those movements which he provided to the company. Some of the recordings produced on the DVD also contained images of the employee's children.

The IT environment at TMG Corporate Services

May 14, 2013 0 Comments Bloggies by Graham Penrose

TMG Corporate Services / The Mediator Group operates a fully redundant and secure IT environment as follows:

  • Dedicated servers hosted in our IT partner data centres in the UK (UKFast), the USA, Singapore and South Africa running CentOS5 & Plesk 9 and co-located for redundancy.
  • Managed Redundant Cisco ASA Firewalls.
  • RAID array disk drives with mirroring implemented.
  • 24/7 Emergency Hardware Support.
  • PROprotection Package.
  • Daily Backups locally and remotely to the cloud using Amazon S3 encrypted backup.
  • 99.99999% uptime Service Level Agreement.
  • Access to the TMG Corporate Services / The Mediator Group website ( is over SSL with a CA certificate using 2048 bit SSL encryption.
  • Access to all Quaesta databases is over SSL with a CA certificate using 2048 bit SSL encryption.
  • Amazon S3 cloud servers are based in:
    • Dublin, Ireland for European customer data;
    • Dallas, Texas for customers in the Americas;
    • Singapore, Singapore for Asia-Pac customers;
    • Durban, South Africa for African customers.
  • The Quaesta platform is based on:
    • Apache Tomcat;
    • Developed using MySQL with InnoDB Support, GD, SimpleXML and PHP5.
  • The servers are fully redundant but all Quaesta databases are also backed up at 10 minute intervals to a remote location.

For further information please email .

Covert Government Surveillance Databases in the UK

May 05, 2013 0 Comments Bloggies by Graham Penrose

Recently a landmark lawsuit against the police was won by an 88 year old man with no criminal record. The police had labelled him a "domestic extremist" and logged his political activities on a secret database. The ruling by three senior judges puts pressure on the police, already heavily criticised for running undercover operatives in political groups, to curtail surveillance of law-abiding protesters. The judges decided police chiefs acted unlawfully by secretly keeping a detailed record of John Catt's presence at more than 55 protests over a four-year period.

Catt, who has no criminal record, is among thousands of political campaigners recorded on the database by the same covert unit that has been embedding spies in political movements for more than a decade. The judges noted that the police could not explain why it was necessary to record Catt's political activities in minute detail. Lawyers for the police had argued that the anti-war activist regularly attended demonstrations against a Brighton arms factory near his home, which had at times descended into disorder.

UK RIPA does not breach human rights

May 01, 2013 0 Comments Bloggies by Graham Penrose

The European Court of Human Rights rejected a claim in 2010 that the UK's Regulation of Investigatory Powers Act (RIPA) violates the human right to a private life. The UK's rules and safeguards on covert surveillance are proportionate, said the court. The case concerned Malcolm Kennedy, a London businessman who was arrested for drunkenness in December 1990. He spent that night in jail and in the morning, another man in his cell was found dead. Kennedy was convicted of that man's murder but the verdict was overturned on appeal. A retrial collapsed when a key prosecution witness failed to appear. A second retrial resulted in Kennedy being convicted of manslaughter and sentenced to nine years in prison.

Kennedy's conviction was highly controversial in the UK, due to missing and conflicting police evidence. It became the subject of a TV documentary. Kennedy has always maintained that police officers were responsible for the death and that he had been framed for a crime he did not commit. After being released from prison in 1996, Kennedy became an active campaigner against miscarriages of justice. He subsequently started a removals business, but that business suffered. Kennedy said that was because his mail, telephone and email communications were being intercepted.

Should the US adopt EU style privacy regulation?

April 23, 2013 0 Comments Bloggies by Graham Penrose

Companies are watching you. They want to know where you go on the Web, what you buy and what causes you support—with the hope of sending you targeted offers based on your preferences and lifestyle choices. But who is watching over these businesses? Who is making sure they aren't misusing personal data or breaking privacy promises they make to customers?

In Europe, there are strict rules about what companies can and can't do in terms of collecting, using, disclosing and storing personal information, and governments are pushing to make the regulations even stronger. That has prompted renewed debate about whether it is time for the U.S. to toughen its relatively lax privacy regulations.