Facebook wants to "deepen user engagement" with Messenger, and to that end, it's been pitching America's giant banks on joint enterprises where Facebook will get to see all your financial info (especially info on where you're shopping and what you're buying) to help it suck you into using Messenger for longer. Read the rest
Consumer Reports is arguably America's most trusted source of product reviews -- published by Consumers Union, a venerable nonprofit with a deserved reputation for scrupulous care and neutrality -- and for years it has been wrestling with how to address privacy and cybersecurity in modern products (disclosure: I have advised them some on this). Read the rest
Ankle monitors are billed as a humane alternative to incarceration, allowing people who might otherwise be locked up to be reintegrated into the community. Read the rest
SpiderOak is a cloud backup service with a warrant canary: a formal statement that assured users that the company and its operators had never been made to secretly cooperate with the government, law enforcement or other surveilling authority. The canary reportedly disappeared this weekend, then reappeared, along with a statement saying it was being replaced by a "transparency report."
We just released our most recent transparency report, available at https://t.co/c09TN6WC6I. This will replace our #warrantcanary. The final version of the canary is available at https://t.co/VPzkLXDkWh. The transparency report will be updated every six months.
— SpiderOak (@SpiderOak) August 3, 2018
Don't be mad at the company! The canary worked exactly as it was supposed to. Read the rest
Last week, it was revealed by a sharp-eyed Redditor that the information kiosks at a mall in Calgary, Canada, were full of software designed to track the age and sex of anyone that stopped to use it. Pretty damn greasy. Greasier still, the management company that operates the mall, Cadillac Fairview admitted that the software was in use at a number of its other properties. The greasiest bit out of all of it? They shrugged off privacy concerns raised by a number of news outlets as there’s nothing in Alberta’s laws that keeps them from doing it without permission, or warning mall patrons that it’s being done.
Well, that was last week.
From The CBC:
The privacy commissioners of Alberta and Canada are launching investigations into the use of facial recognition technology, without the public's consent, in at least two malls in Calgary.
A notice posted Friday to the Alberta privacy commissioner website says the investigation will look to determine, "what types of personal information are being collected, whether consent for collection or notice of collection is required or would be recommended, for what purposes personal information is collected, whether the data is being shared with other businesses, law enforcement or third parties, and what safeguards or security measures are in place to protect personal information."
It’s said that Alberta’s privacy commissioner opened the investigation, based on the level of public interest surrounding the issue of whether or not it’s cool for property owners to collect biometric information without a visitor’s knowledge or consent. Read the rest
Calgary's Chinook Centre and Market Mall -- operated by Cadillac Fairview -- have been caught running background software that analysed the footage from the CCTVs in the malls' electronic directories to guess at the age and gender of visitors, without consent or notification. Read the rest
The game Civilization VI contained Red Shell, a spyware application that tracks what ads players are looking at, among other things. It's now gone after a new patch -- and other game publishers have been scrambling to do likewise after being caught with their spyglasses up and their pants down.
Read the restDevelopers and publishers behind games including Conan Exiles, The Elder Scrolls Online, Hunt: Showdown, and Total War have vowed to remove Red Shell – or already removed it.
“Whilst Red Shell is only used to measure the effectiveness of our advertising, we can see that players are clearly concerned about it and it will be difficult for us to entirely reassure every player,” said Total War devs Creative Assembly, for example. “So, from the next update we will remove the implementation of Red Shell from those Total War games that use it.”
Other statements were broadly the same: a defence along the lines of “it’s not spyware as bad as you might think but yeah we get you’re skeezed out and we will remove it.”
British Airways was outed by security researcher Mustafa Al-Bassam for telling passengers they couldn't help with delays and other problems unless they posted their personal information publicly to Twitter, in order "to comply with the GDPR." Read the rest
Because Venmo defaults to making all payments public, privacy researcher Hang Do Thi Duc was able to download and analyze 208,000,000 transactions, whose notes and other metadata revealed a wealth of personal, compromising information, including drug deals and breakups. Read the rest
Microsoft on Friday joined a growing number of tech industry voices who want the government to limit the use of facial recognition technology. Read the rest
A private Facebook group for women who are carriers of the BRCA breast cancer gene discovered that marketers were able to harvest their names and personal information because of a Facebook privacy loophole. Read the rest
Surveillance capitalism sucks: it improves the scattershot, low-performance success-rate of untargeted advertising (well below 1 percent) and doubles or triples it (to well below 1 percent!). Read the rest
When you send someone else an email, your mail server connects to their mail server to transmit the message, and spy agencies have made a surveillance banquet out of these transactions, harvesting emails by the billions. Read the rest
The Supreme Court has ruled in the closely watched Carpenter v. United States case, which questioned the constitutionality of warrantless location surveillance, a widespread practice among US law enforcement and surveillance agencies. Read the rest
The Washington Post rounds up 15 privacy defaults that no one in their right mind would want to leave as-is, and provides direct links to change 'em (hilariously and predictably, Verizon/Oath/Yahoo's privacy settings dashboard times out when you try to load it) -- once you're done with that, go back and follow his links to unfuck the privacy defaults for Google, Apple, Amazon, Microsoft and #DeleteFacebook. (via Reddit) Read the rest
Facebook opened up access to friends' data through its API in a bid to attract developers to its platform, but in 2015, it incurred those developers' wrath when it pulled the rug out from under them, killing the API calls that allowed apps to mine their users' friends' data. Read the rest
A former executive from the data-mining dark operator Cambridge Analytica 'visited Julian Assange in February last year and told friends it was to discuss what happened during the US election,' the Guardian reported today.
Brittany Kaiser worked as a director there until not long ago, and is reported “to have channelled cryptocurrency payments and donations to WikiLeaks.”
Assange issued a statement saying that he had turned down the Cambridge Analytica offer. Alexander Nix, the company’s chief executive, told Westminster MPs the same in February, during an appearance at the Commons digital, culture, media and sport (DCMS) select committee. Nix said he found a contact for WikiLeaks’ speaking agency on the internet and sent Assange an email.
But visitor logs from the Ecuador embassy obtained by the Guardian and Focus Ecuador appear to show that Brittany Kaiser, a senior executive at Cambridge Analytica until earlier this year, visited Assange on 17 February 2017. Information passed to the DCMS committee in the UK and the Senate judiciary committee in the US states that the meeting was “a retrospective to discuss the US election”.
Kaiser is also alleged to have said that she had funnelled money to WikiLeaks in the form of cryptocurrency. She called the organisation her “favourite charity”. The reports passed to investigators say that money was given to her by third parties in the form of “gifts and payments”.
After the afore-quoted story was published, there was all-new news in London today.
Alexander Nix appeared as scheduled before the DCMS committee for the second time at 3pm on Wednesday (today), where he was questioned by lawmakers on Cambridge Analytica’s relationship with WikiLeaks and the disinformation campaign by Russia to elect Donald Trump. Read the rest
