Journalist's Resource published this great comic by Josh Neufeld, explaining the basic concepts behind differential privacy, the data collection method used to prevent bad actors from de-anonymizing the information gleaned from the 2020 Census.
The original source includes some other great resources on differential privacy, but since the comic itself is made available under a Creative Commons Attribution-NoDerivatives 4.0 International License, we've re-posted it here in full.
A brief introduction to differential privacy: A data protection plan for the 2020 census [Josh Neufeld / Journalist's Resource] Read the rest
Researchers at Carnegie Mellon have come up with this new IoT Assistant app (available for both iOS and Android) that will supposedly inform you about what Internet-connected smart devices are around you at any point in time, and what kind of information they might be collecting.
“Because of new laws like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), people need to be informed about what data is collected about them and they need to be given some choices over these processes,” says Professor Norman Sadeh, a CyLab faculty member in Carnegie Mellon’s Institute for Software Research and the principal investigator on the project. “We have built an infrastructure that enables owners of IoT technologies to comply with these laws, and an app that takes advantage of this infrastructure to empower people to find out about and control data collected by these technologies.”
I've downloaded the app myself, and I plan on adding my own smart home devices to their database, just to see what I can find. I don't know how well it will actually work, but I'm certainly intrigued by the idea.
New infrastructure will enhance privacy in today’s Internet of Things [Daniel Tkacik / CyLab, the Carnegie Mellon University Security and Privacy Institute] Read the rest
UPDATE JAN 29 2020
From Sephora's PR agency:
I caught your recent story on BoingBoing regarding Avast. Wanting to see if it is possible for you to make a correction to the piece? Sephora is not a past, present or potential client. You can find a quote from Sephora below.
“Sephora is not a client and has not worked with Avast/Jumpshot.”
The brand name has been redacted from this blog post, which in turn quoted a VICE NEWS article which named the brand as having been associated in some way with Avast.
-- Xeni Jardin, Jan 29 2020
Documents show that the antivirus company Avast has been selling its users' internet browsing data, through a subsidiary named Jumpshot, to clients that include Pepsi, Google, and Microsoft, reports Motherboard. The report is the result of a joint investigation between the VICE News site and PC Mag. Read the rest
A number of popular health-related websites in the UK are reported to be actively sharing sensitive user data with dozens of third parties, including Google and Facebook, but also various adtech firms and data brokers. Read the rest
There have been some tweets going around about a "wearable face projector" being employed at the ongoing protests in Hong Kong.
It's essentially the same as the scramble suits from Philip K. Dick's A Scanner Darkly—instead of disguising yourself as someone else, it disguises you as everyone else, projecting a constantly shifting visage that drives the facial recognition AI crazy. It certainly makes sense that someone would try to use something like this in Hong Kong, where the mere act of protecting one's identity in public is now punishable by a USD3,200 fine.
Except… it's not from the Hong Kong protests. It's actually an art project by Jing-Cai Liu, an industrial design student at Eindhoven University of Technology in the Netherlands. Liu had come up with the concept of a wearable face projector as an undergrad at the University of the Arts in Utrecht. "In the future, the advertisement could call your name when you walk along the streets," she writes on her website:
Read the rest
Mega databanks and high-resolution cameras in the streets stock hundreds of exabytes a year. But who has access to this data? It is possible that it could have commercial use, hence not only retail companies but also the advertisement industry could be very interested in this data in the coming future. They would hope to gain these personal data and information as much as they can.
The companies would know your personal interests and may set different retail strategies for you.
Today's FTC ruling impacts how the TikTok app works for users under the age of 13.
A man in Germany asked Amazon to send him the audio recordings of his Alexa activities, and Amazon complied with the request, giving him a bonus: a link to 1,700 recordings from a stranger. When he told Amazon about it, Amazon didn't reply, but deleted the files from the link. Too late - the man had already downloaded the audio files. He then shared the files with a German magazine. They listened to the audio recordings of the man and his female companion and were able to figure out who he was and they told him what had happened. After the magazine ran the story, Amazon suddenly became chatty:
“This was an unfortunate case of human error and an isolated incident. We have resolved the issue with the two customers involved and have taken steps to further improve our processes. We were also in touch on a precautionary basis with the relevant regulatory authorities.”
[via Washington Post]
Image: Photocollege using Shutterstock/pianodiaphragm and Cryteria - Own work, CC BY 3.0, Link Read the rest
MEPs in European Parliament want Facebook to submit to a full audit by European Union bodies to determine whether the U.S. based social media company adequately protects users’ personal data. The demand made in the form of an EU resolution adopted Thursday, October 25, 2018, follows the company's recent breach scandal, in which data belonging to 87 million Facebook users around the world were improperly obtained and misused. Read the rest
Executives from Google, Twitter, AT&T, Amazon, Apple, and other big tech companies told a U.S. Senate panel today they support updating federal law to protect data privacy, but they want Congress to block California's tough new privacy rules. Read the rest