New Technology
Page 49
Focus Summer 2018
Fake online reviews are being openly traded on the Internet,
a BBC investigation has found.
BBC 5 live Investigators were able to buy a false, five-star
recommendation placed on one of the world's leading review
websites, Trustpilot. It also uncovered online forums where
Amazon shoppers are offered full refunds in exchange for
product reviews.
'Trying to game the system'
The popularity of online review sites mean they are increasingly
relied on by both businesses and their customers, with the
government's Competition and Markets Authority estimating
such reviews potentially influence £23 billion of UK customer
spending every year.
While three quarters of UK adults use online review websites,
almost half of those believe they have seen fake reviews,
according to a survey of 1500 UK residents conducted by the
Chartered Institute of Marketing and shared with BBC 5 live
Investigates.
Some US analysts estimate as many as half of the reviews for
certain products posted on international websites such as
Amazon are potentially unreliable.
"Sellers are trying to game the system and there's a lot of
money on the table," said Tommy Noonan, who runs
ReviewMeta, a website that analyses online reviews.
BBC 5 live Investigators identified several of these groups and,
within minutes of joining, was approached with offers of full
refunds on products bought on Amazon in exchange for
positive reviews.
Responding to adverts posted on eBay, the BBC was also able
to purchase a false 5-star review on Trustpilot, an online review
website that describes itself as "committed to being the most
trusted online review community on the market".
Trustpilot, whose platform allows anyone to post a review, said
they have "a zero-tolerance policy towards any misuse".
"We have specialist software that screens reviews against 100's
of data points around the clock to automatically identify and
remove fakes," the company said.
In a statement, eBay said the sale of such reviews is banned
from its platform "and any listings will be removed".
New laws are being introduced that will make the
consequences of failing to protect personal data for banks and
others far more serious.
The General Data Protection Regulation (GDPR), which came
into force on 25 May, will be the biggest shake-up to data
privacy in 20 years. A slew of recent high-profile breaches has
brought the issue of data security to public attention.
Claims surfaced in March that the political consultancy
Cambridge Analytica used data harvested from millions of
Facebook users without their consent.
It has been a wake-up call for data security. People are
increasingly realising that their personal data is not just valuable
to them, but hugely valuable to others. The growth of
technology and electronic communication means that every
day, almost every hour, we share our personal data with a huge
number of organisations including shops, hospitals, banks and
charities. But that data often ends up in the hands of marketing
companies, analysts and fraudsters. Now the law on data
protection is about to catch up with technological changes.
"GDPR is designed and intended to embody a data protection
regime fit for the modern digital age," explained Anya Proops
QC, a specialist in data protection law. "It seeks to put power
back in the hands of individuals by forcing those who process
our data to be both more transparent about their processing
activities and responsive to demands for privacy-invasive
processing to be curtailed."
Among the many changes are measures that make it:
�
quicker and cheaper to find out what data an
organisation holds on you
�
mandatory to report data security breaches to the
information commissioner, rather than just "good
practice"
�
more expensive if fined for breaches - up from a
maximum £500,000 to about £17.5m or 4% of global
turnover, whichever is the greater
"This is legislation which can literally sink those organisations
who fail to respect our data privacy rights," said Ms Proops.
personal data "off site" on mobile devices and memory sticks
poses particular risks. A failure to ensure that such devices are
encrypted can immediately expose organisations to a fine.