A sweeping new tech bill from Silicon Valley Democrats promises privacy, interoperability, and protection from algorithmic discrimination and manipulation

Reps Anna Eshoo [D-CA] and Zoe Lofgren [D-CA] have introduced HR 4978, the "Online Privacy Act," which is a comprehensive set of federal rules for privacy, interoperability, and protection from algorithmic discrimination and manipulation. Read the rest

What does "incognito mode" really do?

Chrome's incognito mode is useful if you don't want your browsing history saved to your account, don't want websites to access your cookies, or if you want to troubleshoot your browser. But it doesn't do much to protect your privacy. Your ISP can see what websites you visit, and services like Twitter can figure out who you are even without cookies.

From Tech Talks:

The easiest way for web applications to track users is to use cookies. But it is not the only way they can track you. Other bits of information can point to your device. For instance, I’ve seen some users use the Incognito window to browse Twitter, thinking that it will preserve their privacy and hide their identity. The premise is, since Incognito doesn’t carry over their browser cookies, Twitter won’t be able to associate their activity to their account.

But Twitter also keeps track of IP address, device type, device ID and browser type and version. Technically, it will be able to use all those factors to link your activity to your account. Facebook goes further and even tracks your activity across other websites when you’re not logged in to your account.

Read the rest

Behind the One-Way Mirror: EFF's "deep dive into corporate surveillance"

EFF's Behind the One-Way Mirror: A Deep Dive Into the Technology of Corporate Surveillance is a long, comprehensive look at corporate tracking, particularly invisible, third-party tracking, as with ad-networks, license-plate readers and facial recognition. Read the rest

Judge says Facebook users entitled to better security but not $ damages

In a decision released late Tuesday night, a federal judge ruled that up to 29 million Facebook users whose personal info was stolen in a September 2018 data breach are not entitled to sue Facebook as a group for damages -- but the users may be entitled to demand better personal data security at Facebook. Read the rest

TikTok's Chinese owner ByteDance wants you to know everything is just fine, really

China-based technology company ByteDance is on a charm offensive, reports Reuters, ramping up efforts to distance its popular social app TikTok from the rest of its Chinese operations. Read the rest

Apple poses a false dichotomy between "privacy" and "competition"

Back in September, a Congressional committee investigating anticompetitive conduct by America's tech giants sent a letter to Apple (among other Big Tech firms) asking it for details of business practices that seem nakedly anticompetitive; Apple's response seeks to justify much of that conduct by saying that it is essential to protecting its users' privacy. Read the rest

Mozilla updates its "Privacy Not Included" gift guide for 2019

As with last year, the Mozilla Foundation's privacy researchers have produced a guide to electronic gifts called "Privacy Not Included," which rates gadgets on a "creepiness" scale, with devices like the Sonos One SL dumb "smart speaker" (Sonos ripped out all the junk that isn't about playing music) getting top marks, and Ring Security Cams, Nest Cams, Amazon Echos, and other cam/mic-equipped gadgets coming in as "Super Creepy!" (the exclamation point is part of the rating). Read the rest

Across America, DMVs make millions selling your license data to private eyes -- and randos

It's not just Florida: Motherboard sent public records requests to DMVs across America and found that they were routinely selling off access to drivers' license databases to some of the sweatiest, sketchiest companies and individuals, on the cheap, and doing so much of it that they're making millions (California's DMV makes $50m/year selling off driver's license data). Read the rest

A single, mysterious server exposed 1.2 billion user records

No one knows who owns the Google Cloud drive that exposed 1.2 billion user records, seemingly merged from data-brokers like People Data Labs and Oxydata, who may have simply sold the data to a customer that performed the merge operation and then stuck the resulting files on an unprotected server, which was discovered in October by researcher Vinny Troia using Binaryedge and Shodan. Read the rest

About Face: EFF's new campaign to end government use of face surveillance

Today, the Electronic Frontier Foundation launched About Face, a new national campaign to end governmental use of facial recognition technology for surveillance at all levels -- city, state and federal. Read the rest

T-Mobile says recent 'criminal hack' got personal data of some prepaid wireless customers

T-Mobile today admitted that a recent "criminal hack" accessed personal data of some prepaid wireless customers' accounts. Read the rest

Consumer Reports Labs is hiring 8 staffers: technologists, journalists and wonks

Consumer Reports' Digital Lab does groundbreaking privacy research: they're hiring for eight positions including technologists ("resident hacker," "digital standard manager," "information security researcher," "program manager, security and testing," and "privacy testing project leader"); journalists ("digital content manager"); policy and comms ("senior researcher, digital competition" and "associate director, strategic communications — technology and privacy"). Most of the positions are NYC or SF or DC based, several allow for remote workers. (Thanks, Ben)!) Read the rest

Public treated to obfuscation at Waterfront Toronto meeting on negotiations with Google sister company over surveillance district

[Rosemary Frei is an independent journalist who broke the story that Google's Sidewalk Labs had quietly sewn up the rights to turn most of Toronto's lakeshore into a surveilling "smart city" (Google/Sidewalk lied about this at first, were cornered, admitted it, and rolled back the plan). Now she's back with a report on last night's "Public Update on Quayside" meeting, where any hope anyone nursed that Google would be pursuing humane urbanism, rather than surveillance and extraction, were firmly dashed. -Cory]

At Waterfront Toronto’s first meeting for the public after its board of directors voted Oct. 31 to continue negotiating with Sidewalk Labs on the parameters of a 12-acre surveillance district, officials from the public agency made it clear they’re already wedded to the Google sister company.

The hundreds of attendees of last night’s ‘Public Update on Quayside’ were each given a package that included a copy of an Oct. 29 letter from Waterfront Toronto President and CEO George Zegarac to Sidewalk Labs’s Chief Development Officer Josh Sirefman. Zegarac lays out in the letter how the two bodies will work closely together -- with Waterfront Toronto taking the lead in on such things as negotiations with all three levels of government – to "develop an ‘Innovation Plan’ to advance and achieve Waterfront Toronto’s priority outcomes." Based on this newly arrived at ‘realignment of Master Innovation and Development Plan threshold issues,’ Waterfront Toronto’s final decision on whether to proceed with the plan will be taken by its board by March 31, 2020. Read the rest

Majority of Americans know they're under constant surveillance, don't trust the companies doing it, and feel helpless to stop it

A Pew Study found that 60% of Americans believe that they are being continuously tracked by companies and the government, 69% mistrust the companies doing the tracking, 80% believe that advertisers and social media sites are collecting worrisome data, 79% think the companies lie about breaches, and 80% believe that nothing they do will make a difference. Read the rest

A woman's stalker compromised her car's app, giving him the ability to track and immobilize it

An Australian woman's creepy, violent ex-boyfriend hacked her phone using stalkerware, then used that, along with her car's VIN number, to hack the remote control app for her car (possibly Landrover's Incontrol app), which allowed him to track her location, stop and start her car, and adjust the car's temperature. Read the rest

Brave 1.0 launches, privacy-focused web browser finally out of beta

The privacy-focused web browser Brave has finally launched a 1.0 version, bringing it officially out of beta. Read the rest

Popular UK health websites share sensitive user data with Google, Facebook, dozens more

A number of popular health-related websites in the UK are reported to be actively sharing sensitive user data with dozens of third parties, including Google and Facebook, but also various adtech firms and data brokers. Read the rest

More posts