Posts Tagged ‘Privacy’

Read more aw_privacy.htm at MelonFarmers.co.uk

FBI logo A US federal judge has thrown out a lawsuit that Google’s non-consensual use of facial recognition technology violated users’ privacy rights, allowing the tech giant to continue to scan and store their biometric data.The lawsuit, filed in 2016, alleged that Google violated Illinois state law by collecting biometric data without their consent. The data was harvested from their pictures stored on Google Photos.

The plaintiffs wanted more than $5 million in damages for hundreds of thousands of users affected, arguing that the unauthorized scanning of their faces was a violation of the Illinois Biometric Information Privacy Act, which completely outlaws the gathering of biometric information without consent.

Google countered claiming that the plaintiffs were not entitled to any compensation, as they had not been harmed by the data collection. On Saturday, US District Judge Edmond E. Chang sided with the tech giant, ruling that the plaintiffs had not suffered any concrete harm, and dismissing the suit.

As well as allowing Google to continue the practice, the ruling could have implications for other cases pending against Facebook and Snapchat. Both companies are currently being sued for violating the Illinois act.

Advertisements
Read more inme.htm at MelonFarmers.co.uk

knesset logo A bill that would force ISPs in Israel to censor pornographic sites by default has been amended after heavy criticism from lawmakers over privacy concerns.AN earlier version of the bill that was unanimously approved by the Ministerial Committee for Legislation in late Octoberr but now a new version of the legislation has been passed which was sponsored by Likud MK Miki Zohar and Jewish Home MK Shuli Moalem-Refaeli. The differences seem subtle and are whether customers opt in or opt out of network level website blocking.

Customers will have to confirm their preferences for website blocking  every 3 months but may change their settings at  any time.

The bill will incentivize internet companies to actively market existing website blocking software to families. ISPs will receive NIS 0.50 ($0.13 cents) for every subscriber who opts to block adult sites.

In a refreshing divergence from UK internet censorship, ISPs will be legally required to delete all data related to their users’ surfing habits, to prevent creating de facto — and easily leaked — black lists of pornography consumers.

In comparison, internet companies are allowed to use or sell UK customer data for any purpose they so desire as long as customers tick a consent box with some woolly text about improving the customer’s experience.

Read more aw_privacy.htm at MelonFarmers.co.uk

Facebook logo Add a phone number I never gave Facebook for targeted advertising to the list of deceptive and invasive ways Facebook makes money off your personal information. Contrary to user expectations and Facebook representatives’ own previous statements, the company has been using contact information that users explicitly provided for security purposes–or that users never provided at all –for targeted advertising.

A group of academic researchers from Northeastern University and Princeton University , along with Gizmodo reporters , have used real-world tests to demonstrate how Facebook’s latest deceptive practice works. They found that Facebook harvests user phone numbers for targeted advertising in two disturbing ways: two-factor authentication (2FA) phone numbers, and shadow contact information. Two-Factor Authentication Is Not The Problem

First, when a user gives Facebook their number for security purposes–to set up 2FA , or to receive alerts about new logins to their account–that phone number can become fair game for advertisers within weeks. (This is not the first time Facebook has misused 2FA phone numbers .)

But the important message for users is: this is not a reason to turn off or avoid 2FA. The problem is not with two-factor authentication. It’s not even a problem with the inherent weaknesses of SMS-based 2FA in particular . Instead, this is a problem with how Facebook has handled users’ information and violated their reasonable security and privacy expectations.

There are many types of 2FA . SMS-based 2FA requires a phone number, so you can receive a text with a second factor code when you log in. Other types of 2FA–like authenticator apps and hardware tokens–do not require a phone number to work. However, until just four months ago , Facebook required users to enter a phone number to turn on any type of 2FA, even though it offers its authenticator as a more secure alternative. Other companies– Google notable among them –also still follow that outdated practice.

Even with the welcome move to no longer require phone numbers for 2FA, Facebook still has work to do here. This finding has not only validated users who are suspicious of Facebook’s repeated claims that we have complete control over our own information, but has also seriously damaged users’ trust in a foundational security practice.

Until Facebook and other companies do better, users who need privacy and security most–especially those for whom using an authenticator app or hardware key is not feasible–will be forced into a corner. Shadow Contact Information

Second, Facebook is also grabbing your contact information from your friends. Kash Hill of Gizmodo provides an example :

…if User A, whom we’ll call Anna, shares her contacts with Facebook, including a previously unknown phone number for User B, whom we’ll call Ben, advertisers will be able to target Ben with an ad using that phone number, which I call shadow contact information, about a month later.

This means that, even if you never directly handed a particular phone number over to Facebook, advertisers may nevertheless be able to associate it with your account based on your friends’ phone books.

Even worse, none of this is accessible or transparent to users. You can’t find such shadow contact information in the contact and basic info section of your profile; users in Europe can’t even get their hands on it despite explicit requirements under the GDPR that a company give users a right to know what information it has on them.

As Facebook attempts to salvage its reputation among users in the wake of the Cambridge Analytica scandal , it needs to put its money where its mouth is . Wiping 2FA numbers and shadow contact data from non-essential use would be a good start.

Read more inus.htm at MelonFarmers.co.uk

us government logoThe US Federal Government is quietly meeting with top tech company representatives to develop a proposal to protect web users’ privacy amid the ongoing fallout globally of scandals that have rocked Facebook and other companies.Over the past month, the Commerce Department has met with representatives from Facebook and Google, along with Internet providers like AT&T and Comcast, and consumer advocates, sources told the Washington Post.

The goal of these meetings is to come up with a data privacy proposal at the federal level that could serve as a blueprint for Congress to pass sweeping legislation in the mode of the European Union GDPR. There are currently no laws that govern how tech companies harness and monetize US users’ data.

A total of 22 meetings with more than 80 companies have been held on this topic over the last month.

One official at the White House told the Post this week that recent developments have been seismic in the privacy policy world, prompting the government to discuss what a modern U.S. approach to privacy protection might look like.

Read more uk_internet_censors.htm at MelonFarmers.co.uk

putin keenHere’s what worries cybersecurity experts: All age verification options would create a permanent record indicating that a user had visited a porn site. They could possibly even record the porn that the visitor had watched.

Matt Tait, a cybersecurity expert formerly of the GCHQ (the United Kingdom’s equivalent of the National Security Agency) who now teaches at the University of Texas, notes that any registration system could be a monumental national security risk. He adds, It’s beyond insane they’re even considering it.

Tait envisions a time coming soon, when a British government official will have to give the following message to the Prime Minister:

Sorry Prime Minister, Russia now knows what porn every MP, civil servant and clearance holder watches and when, and we don’t know how much of it they’ve given to Wikileaks.

If porn consumers in the United Kingdom are the losers, Tait suggests there is a potential winner: Vladimir Putin.

…Read the full article from motherjones.com

Read more Privacy at MelonFarmers.co.uk

whatsapp logo The UK’s data protection agency has announced it is looking into Facebook’s plans to use WhatsApp phone numbers and customer data to generate leads and for personalised advertisng on Facebook.Privacy fears were raised earlier this week when a change in WhatsApp privacy policy revealed it users’ phone numbers would be passed to the parent company to inform ads and for providing friend suggestions.

Mirroring the concerns of many Brits, the Information Commissioner’s Office (ICO) has said it will monitor how WhatsApp data is shared with the Facebook. Information Commissioner Elizabeth Denham said in a statement :

We’ve been informed of the changes. Organisations do not need to get prior approval from the ICO to change their approaches, but they do need to stay within data protection laws. We are looking into this.

Denham said ICO planned to pull back the curtain and ensure both Facebook and WhatsApp were providing users with the requisite transparency.

Plenty of users have objected to the plans, with many choosing to opt out and not to share the details with Facebook.

Read more Privacy at MelonFarmers.co.uk

Facebook logo Facebook has been fined 100,000 euros in Germany after failing to follow orders regarding clearer privacy terms and conditions for users.The regional court of Berlin ruled that the company did not sufficiently alter the working of an intellectual property clause in its terms and conditions, despite being told to do so following a complaint filing by the Federation of German Consumer Organizations. The entity’s head, Klaus Mueller, said that Facebook keeps attempting to evade customer laws in Germany as well as in the entire continent.

In March 2012, a German court originally ruled that the company’s terms and conditions were vague on the extent to which it could go with users’ data and intellectual property, implying Facebook could license its users’ photos and videos to third parties for business reasons. However, the authorities’ primary issue was Facebook’s compliance with the US government to provide data for its mass surveillance programs. After Edward Snowden’s revelations on the US government’s spying programs and how the tech industry complies, the issue has gained more gravity.

While Facebook complied with the ruling four years ago, the Berlin court now concludes that it merely changed the wording of the clause in question without changing the message that it conveyed. Meanwhile, the company defended itself saying that it had complied with the original ruling and was issued the fine because it couldn’t implement the changes quickly enough.