After Deadspin's Laura Wagner published an incredible, brave, detailed look at how her new private equity masters -- Jim Spanfeller/Great Hill Partners -- were running Gawker now that they'd acquired it from Univision, the company (now called "G/O Media") struck back.
Read the rest
Update: Justin Reese from Abstractions writes, "policy changes were implemented last night and additional changes were made this morning."
He adds, "The article was also inaccurate from the start by calling the wristbands surveillance devices in the title. They are only used to control access and don't track where users are or have been except in the case where the attendee has given explicit permission in their profiles to share with sponsors and completed a double opt-in by scanning their ID at the sponsor table (the read range is about 2"). Unless we receive a double opt-in, the ids on the wristband are never associated with a user. It is no more a surveillance device than any other conference badge. I'd appreciate a retraction of this inaccuracy and an update regarding our policies."
Reese is correct that the manufacturers design RFID chips to be read from inches; however, that doesn't mean that they can't be read from longer distances (for example, distant, directional antennas can read them at longer distances while they are being energized by a nearby reader). Likewise, the idea that users can't be identified from persistent, anonymous identifiers is incorrect.
It's a pretty good example of how a thin understanding of privacy issues in wireless technologies and statistical analysis can result in selecting authentication systems that expose users to privacy risks.
Sumana Harihareswara (previously) writes, "The Abstractions tech conference (Aug 21-23, in Pittsburgh) doesn't tell attendees this before they buy a ticket, but attendance requires you wear their wristband with an embedded tracking chip -- and that you don't take it off at night or in the shower till the conference ends. Read the rest
Bloomberg reports that Facebook retains recordings of users' voice chats and paid contractors to transcribe them. Now that this has been exposed, the social media giant says it has "paused" the work.
Facebook Inc. has been paying hundreds of outside contractors to transcribe clips of audio from users of its services, according to people with knowledge of the work.
The work has rattled the contract employees, who are not told where the audio was recorded or how it was obtained -- only to transcribe it, said the people, who requested anonymity for fear of losing their jobs. They’re hearing Facebook users’ conversations, sometimes with vulgar content, but do not know why Facebook needs them transcribed, the people said.
Facebook is a fast zombie, sprinting at the details of your life, and can't see beyond the next bite. It can pretend to be human for brief moments when it perceives a threat, remaining motionless while something in its hungry mind utters a few words that it has learned will mollify prey. But it lurches back into motion as soon as your attention drifts away. Attributing human motivations and concerns to it is pointless, and the only option that makes any sense at all is to destroy it. Read the rest
Last summer, we published a comprehensive look at the ways that Facebook could and should open up its data
so that users could control their experience on the service, and to make it easier for competing services to thrive. Read the rest
In my latest podcast (MP3), I read my essay "Interoperability and Privacy: Squaring the Circle, published today on EFF's Deeplinks; it's another in the series of "adversarial interoperability" explainers, this one focused on how privacy and adversarial interoperability relate to each other.
Read the rest
Facebook has lost a procedural appeal related to a 2015 Illinois class-action lawsuit over the company's use of facial recognition data, and now it could be on the hook for billions in damages.
Read the rest
Look, this is getting old. Just assume that everyone one is listening to you fart, copulate and sing in the shower, all the damn time. My former co-worker and professional tall person, David Murphy, took the time today to rap about Microsoft humping up on top of the digital surveillance dog-pile. He points out that, according to Vice, an unnamed Microsoft contractor has spilled the beans on the fact that Microsoft has been holding on to five to ten-second snippets of folks using Skype's translation functionality to yammer on with on another. Did I mention that he provided samples of the audio clips? There's totally samples of the audio clips. Apparently, Microsoft's having their contractors listen in on the clips to improve on Skype's translation chops.
When confronted about their snooping, Microsoft assured Vice's investigator that the snippets were fired over to the company's contractors via a secure web portal, with all identifying data removed from the recordings.
As David points out, there's no way to keep Microsoft from doing this. Worse than this, the company, oh-so greasily, completely neglects to mention that underpaid humans are listening on what you say during your Skype calls.
Read the rest
...Microsoft doesn’t indicate in its FAQ that your speech is being analyzed by real people. In fact, this description almost implies that it’s a fully mechanical process, which it is not—nor could it be, since a machine wouldn’t be able to pick the correct translation. The entire point is that a human being has to train the system to get better.
You're fretting about hackers, political shenigans and data breaches. Then your creepy uncle shares photos of your newborn baby, complete with its location, to his thousands of fake facebook "friends". The call is coming from inside the house.
“Older folks, certainly, there’s a learning curve because this is new,” said Amy Nofziger, who, as director of fraud victim support for AARP, helps older people parse the new rules of the internet. “People who are grandparents or great-grandparents today are the first people to have color TVs in their homes, and now they have this thing called the internet.”
“My mom has a public profile and posts several times a day on her page and has tons of interactions, often with people she doesn’t necessarily know,” said Danielle. “Because I want to be more private about photos of my son, I have had to ask her to please not post his picture — or, if she’s going to, that she please change the privacy settings for that specific post. For the most part she has done what I’ve asked, but I could tell she was really annoyed about it. One time she posted a photo that straight-up had our home address on it, and she couldn’t understand why I was so upset!”
The posting of it is the small part of the problem. The resentful-boomer "how dare you tell me not to" is the bigger part. Read the rest
Remember Perceptics, the Border Patrol contractor whose facial recognition database was hacked, along with hundreds of gigs' worth of internal files?
Read the rest
When airline seatback entertainment systems started to come bundled with little webcams, airlines were quick to disavow their usage, promising that the cameras were only installed for potential future videoconferncing or gaming apps, and not to allow the crew or airline to spy on passengers in their seats.
Read the rest
Murray Hunter writes, "I'm a digital rights activist in South Africa - I've written and illustrated a silly, subversive kid's book about the Big Data industry, and a squiggly, wiggly robot sent out to track and profile all the babies. It's not an 'eat your vegetables' kind of book: all I wanted to do was tell a story that could delight young kids (ages 3-5) while also inviting them to imagine for the first time a secret and hidden world of data collection. I don't think it's been done yet, and - well, why not? I've just launched a crowdfunding campaign to publish it in hardcover and thought it might pique the interest of a few happy mutants.
Read the rest
Android apps are tracking your every move. Amazon is watching and listening. Google's watching you watch porn. Facebook is up all of our shit, all of the time. Perhaps it shouldn't come as any surprise that Apple, a company that's been flogging user privacy as one of the greatest selling points of their mobile devices, is listening in on many of their customers as well.
From The Verge:
Apple is paying contractors to listen to recorded Siri conversations, according to a new report from The Guardian, with a former contractor revealing that workers have heard accidental recordings of users’ personal lives, including doctor’s appointments, addresses, and even possible drug deals.
According to that contractor, Siri interactions are sent to workers, who listen to the recording and are asked to grade it for a variety of factors, like whether the request was intentional or a false positive that accidentally triggered Siri, or if the response was helpful.
According to The Verge, Apple admitted to The Guardian (I'd love to quite this stuff directly, but European copyright laws yadda yadda) that a 'small number' of user interactions with Siri are analyzed to improve the virtual assistant and to buff up the dictation abilities of Apple's various operating systems. They also note that less than 1% of all user interactions are analyzed in this manner and claim that when they do their picking through of our private conversations, the audio they're focusing on has no user information attached to it. Read the rest
"Anonymized data" is one of those holy grails, like "healthy ice-cream" or "selectively breakable crypto" -- if "anonymized data" is a thing, then companies can monetize their surveillance dossiers on us by selling them to all comers, without putting us at risk or putting themselves in legal jeopardy (to say nothing of the benefits to science and research of being able to do large-scale data analyses and then publish them along with the underlying data for peer review without posing a risk to the people in the data-set, AKA "release and forget").
Read the rest
The $5 billion FTC fine isn't the only fine Facebook must pay.
Oops! Facebook says allowing Sony and Microsoft access was “our mistake.”
In The New York Times, Gina Kolata writes that a team of scientists has proven a method of identifying specific individuals from "anonymous" data sets.
Scientists at Imperial College London and Université Catholique de Louvain, in Belgium, reported in the journal Nature Communications that they had devised a computer algorithm that can identify 99.98 percent of Americans from almost any available data set with as few as 15 attributes, such as gender, ZIP code or marital status.
Even more surprising, the scientists posted their software code online for anyone to use. That decision was difficult, said Yves-Alexandre de Montjoye, a computer scientist at Imperial College London and lead author of the new paper.
They had to publish because to do the research is to realize that criminals and governments already did the research. Read the rest
In 2018, Steve Bannon teamed up with a group called Catholicvote to acquire mobile phone location-tracking data to identify people in Iowa who'd visited a Catholic church and target them with political ads.
Read the rest