Articles about Privacy

Trust in politicians is at something of a low at the moment and at the same time we regularly see them calling for cyber measures, like backdoors to encryption, without seemingly understanding the implications.

The results of a new survey therefore shouldn't come as too much of a surprise.

Continue reading →

Google has today announced the launch of an open-source version of the differential privacy framework that powers many of the company’s data analysis systems.

Differentially-private data analysis is an approach that enables organizations to learn from the majority of their data while simultaneously ensuring that those results don't allow any individual's data to be distinguished or re-identified.

Continue reading →

Google stands accused of using hidden web pages to circumvent EU privacy regulations, secretly sending users' personal data to advertisers.

The accusation comes from the privacy-focused Brave web browser which says it has, "uncovered what appears to be a GDPR workaround that circumvents Google's own publicly stated GDPR data safeguards". Evidence has been handed to the Irish Data Protection Commission that allegedly shows Google using hidden web pages to share data on its Authorized Buyers exhange, formally known as DoubleClick.

Continue reading →

In its latest privacy lapse, Facebook has exposed the phone numbers of hundreds of millions of users on an unsecured server.

Databases on the server were not password-protected, and included details of 133 million US users, 50 million in Vietnam, and 18 million in the UK. In all 419 million records could be accessed by anyone looking in the right place.

Continue reading →

Facebook has announced changes to its facial recognition feature as it rolls out globally. The feature is used to automatically identify and tag people in photographs uploaded to the social network.

Acknowledging concerns about privacy, the company is making it easier to opt out of the "Tag Suggestions" feature which was introduced to a subset of users back in 2017. Now known as Face Recognition, new users will be given the chance to opt out from the word go, while anyone who has (or had) Tag Suggestions enabled will be informed of the change and asked whether it should be on or off.

Continue reading →

Zao -- a Chinese face-swapping app with the potential to be used to create deepfakes -- went viral over the weekend, shooting to the top of the App Store download charts. But concerns have been raised not only over the potential for the app to be abused, but also over its privacy policies.

Of particular concern are clauses which grant the developers "free, irrevocable, permanent, transferable, and relicense-able" rights over users' photos. Zao responded by tweaking its privacy policy, but complaints are still flooding in.

Continue reading →

Foxit Software has revealed that it "recently" suffered a security breach in which private user data was exposed to unnamed third parties. Those whose account have been affected are being contacted and "encouraged to change their passwords".

The company -- famed for PDF applications such as Foxit Reader and PhantomPDF -- does not say when the incident took place, nor how many users are affected, but it explains that "My Account" section of user accounts was exposed. This includes data such as email addresses, passwords, users' names, phone numbers, company names and IP addresses, but not payment information.

Continue reading →

In an effort to reassure privacy advocates, Tesla announced that its new automobile insurance product for owners of the company’s popular electric vehicles will not use onboard sensor data from said vehicles in determining policy premiums. The fear was that the company would use the voluminous data collected by every Tesla Model 3, S or X to pre-judge the risk associated with specific drivers and penalize those who've demonstrated a propensity for speeding or other aggressive behavior.

Most news outlets are reporting this as a win for consumers, another bit of pushback against our intrusive, surveillance-state of a world. But my question is: Why? Or, rather, why not?

Continue reading →

Following outcry over human "grading" of Siri recordings, Apple has issued an apology and promised that it will no longer retain recordings of interaction with the digital assistant unless given explicit permission.

The company says that "we haven't been fully living up to our high ideals, and for that we apologize". Having suspended the human grading of Siri requests, Apple is now making fundamental changes to its privacy policy saying that only Apple employees will be able to listen to recordings, as opposed to contractors, and users will have to opt in for this to happen.

Continue reading →

Worries about privacy in Windows 10 show no signs of abating, with Europe expressing ongoing concerns about Microsoft's data gathering and telemetry.

Having already asked Microsoft to make modifications to Windows, the Dutch data protection agency (DPA) has since looked into what changes the company has implemented. Having found "new, potentially unlawful, instances of personal data processing", the agency is calling for an investigation by the Irish Data Protection Commission (DPC), Microsoft's lead EU privacy regulator.

Continue reading →

Would you take information from your employer to help you get a job at a competitor? 24 percent would according to a new survey of almost 500 IT professionals carried out at Blackhat USA 2019.

The survey by behavior-based security specialist Gurucul finds that managed service providers (34 percent) and developers (30 percent) pose the leading sources of third party risk, and that if someone was to commit fraud it would most likely occur in the finance department (32 percent).

Continue reading →

Social media sites are a popular target for cybercriminals. It shouldn't come as too much of a surprise therefore to find that 53 percent of logins on social media sites are fraudulent and 25 percent of all new account applications are too.

These are among the findings of a study by anti-fraud platform Arkose Labs  which analyzed over 1.2 billion transactions spanning account registrations, logins and payments from financial services, e-commerce, travel, social media, gaming and entertainment industries, in real time.

Continue reading →

"In space, no one can hear you…stalk?" That's the phrase that comes to mind as I sift through the sensationalist coverage of astronaut and decorated combat veteran Anne McClain's brief sojourn into the world of cyber-stalking. And while the act of checking up on an estranged spouse's financial activity is relatively common in a world where roughly half of all marriages (at least in Western countries) end up in divorce, the fact that Ms McClain chose to do so while orbiting the Earth at over 17,000 mph adds a degree of novelty to an otherwise mundane story.

Indeed, the purported "scene of the crime" introduces several new wrinkles to the matter, including under which jurisdiction her apparently illegal actions should fall. According to official sources, inhabitants of the International Space Station (ISS) are subject to the laws and regulations of their home countries. So, a Japanese astronaut is subject to Japanese law, a Russian to Russian law, etc.

Continue reading →

Google is not a company synonymous with privacy, but the company increasingly recognizes the importance people place on it. With this in mind, it has launched a new initiative called Privacy Sandbox which aims to increase online privacy.

The bold goal is to "develop a set of open standards to fundamentally enhance privacy on the web", and one of the first proposals seeks to limit online track of users. It will limit fingerprinting, change the way targeted advertising works, and more.

Continue reading →

Microsoft, Google, Red Hat, IBM and Intel are among those to join the newly formed Confidential Computing Consortium (CCC). The new organization will be hosted at the Linux Foundation, having been established to help define and accelerate the adoption of confidential computing.

The company explains that, "confidential computing technologies offer the opportunity for organizations to collaborate on their data sets without giving access to that data, to gain shared insights and to innovate for the common good". Microsoft will be contributing the Open Enclave SDK that allows developers to build Trusted Execution Environment (TEE) applications using a single enclaving abstraction.

Continue reading →