Articles about Privacy

There was a craze that started a few years back for tracing one's family tree. Rather than fizzling out, the interest in genealogy continued, and there are still many websites out there that will help you to research your family history and build up a picture of the past.

While genealogists of the past may have scoured public records and libraries for information about their family, these days people want things handed to them on a plate. One website is taking full advantage of this -- as well as the fact that the internet can act as a huge database of personal information -- and there's a high chance it has vast amounts of data about you that can be accessed by anyone. The site is FamilyTreeNow.com, and we'll show you what you need to do to protect your privacy and security.

Continue reading →

Earlier today we reported about a security problem in WhatsApp that means it is possible for messages to be intercepted and read by others. The so-called 'backdoor' takes advantage of the fact that WhatsApp's implementation of end-to-end encryption makes it possible to resend encrypted messages using different security keys, allowing for third parties to read them.

What is concerning many people is the fact that (by default, at least) WhatsApp does not alert users when a message is resent using a different key -- which would be a warning of something going on. Here's what you need to do to ensure you are told when the key changes.

Continue reading →

Facebook has long-claimed that its WhatsApp messaging service is completely secure and messages cannot be intercepted thanks to its use of end-to-end encryption. But researchers have unearthed what they call a serious security flaw that makes it possible to read encrypted messages.

Based on Open Whisper Systems' Signal Protocol, the unique security keys used to implement end-to-end encryption should keep messages secure. But WhatsApp can force offline users to generate new keys and this could allow Facebook -- and third parties -- to read messages.

Continue reading →

With Donald Trump about to take over the reins from Barack Obama, privacy groups have expressed concern about what the incoming president will do with surveillance laws. But before that happens, President Obama is still a cause for concern. In the final days of his leadership, his administration has granted permission for the NSA to share the data it intercepts with no fewer than 16 other intelligence agencies.

While this will alarm many, what is particularly troubling is the fact that privacy protections are not applied until after this data has been shared between agencies. The changes in rules amount to a major relaxation of restrictions on NSA activities, meaning that a far greater number of officials will have access to unfiltered, uncensored data about innocent people around the world.

Continue reading →

Privacy has been a big issue for users of Windows 10, and the tsunami of complaints about spying has been a major headache for Microsoft. Now the company has managed to avoid a potentially expensive and damaging court case in Switzerland by improving data processing transparency in Windows 10.

The Swiss Federal Data Protection and Information Commissioner (FDPIC) has just reached the end of an investigation into Windows that started back in 2015. They found that Windows 10's "get going fast" quick install option automatically enabled invasive data sharing with Microsoft (location details, browser and search history, keyboard entries and nearby WiFi networks, for example) without providing users with sufficient warning.

Continue reading →

The European Union is not happy with the explanation Yahoo has given for scanning user emails for US intelligence. There is concern about how such surveillance could impact upon not only privacy, but also business between the EU and US, and trust has to be built from scratch as Donald Trump becomes president.

Yahoo -- which is on the verge of being sold to Verizon -- is not signed up to the EU-U.S. Privacy Shield agreement that blocks the US from spying on European data. As such, the company has been acting on a previously-secret court order, gathering data for the NSA and FBI. Speaking with Reuters, the EU Justice Commissioner said she wants more information about what was gathered and why.

Continue reading →

Windows 10 has a reputation for spying on its users. So much so, that a number of privacy-based third-party programs (such as Ashampoo AntiSpy and Spybot Anti-Beacon) have sprung up to disable Windows 10’s numerous tracking features.

In September 2015, Microsoft's Terry Myerson defended how the company has handled privacy in Windows 10, saying in a blog post that "Trust is a core pillar of our More Personal Computing vision, and we know we have to earn it". Today, in a new blog post, he says much the same thing, but announces two new ways for users to take back control of their privacy. Does it go far enough?

Continue reading →

Facebook, Apple and Google face a drop in ad revenue if EU proposals to apply the same rules to online messaging services that currently apply to telecoms companies go through. In a nutshell, the proposals suggest that the likes of WhatsApp, Gmail and iMessage should ask for explicit user permission to allow tracking with a view to delivering targeted ads.

Google and Microsoft have already faced criticism for scanning emails and using the contents to tailor advertising to the recipient. The EU wants online message services to be subject to the ePrivacy Directive to help improve confidentiality and security.

Continue reading →

We're all looking for ways to save time and effort, so it's hardly surprising that some web browsers offer a feature that automatically fills in online forms with commonly requested personal information. While incredibly useful, the feature can also be exploited to extract data a user might not want to share with a particular website.

Chrome, Opera and Safari all offer to save and automatically fill in details such as name, address, phone number, and so on, and users are ordinarily only aware of the data which is obviously filled in on their behalf. But a web developer shows how it is possible -- and very, very easy -- to use hidden fields to secretly gather all of the information saved in an autofill profile.

Continue reading →

The Investigatory Powers Act 2016 -- better known to many as the snooper's charter -- faced massive public criticism in the run-up to becoming law at the end of 2016 for the privacy-invading powers it affords the UK government to gather data about internet usage.

Towards the end of the year, the European Court of Justice ruled that the "general and indiscriminate retention" of internet data and communication is illegal, potentially threatening the Investigatory Powers Act. Now the human rights group Liberty is launching its own legal attack on the Act, asking for a High Court judicial review of the bulk surveillance powers that have been voted into law.

Continue reading →

The system used by millions of travelers each day to share data between travel agencies, airlines, passengers and websites is incredibly insecure. Security researchers have presented details that highlight just how easy it is to hack flight bookings.

German security firm SR Labs says that using nothing more than a traveler's surname and a six-digit Passenger Name Record (PNR), it is possible to not only gather personal information about people, but also make changes to bookings.

Continue reading →

It's no secret that despite being billed as a great way to download large Linux distros and copyright free software, BitTorrent is primarily used to download the latest Star Wars movie, episodes of The Grand Tour, and illicit copies of Photoshop.

A new website -- unsophisticatedly named 'I Know What You Download' -- does exactly what you might expect: it exposes the torrents you have downloaded. More than this, it can be used to check what has been downloaded by any IP address, and there is even an option to trick people you know into letting you spy on what they are torrenting.

Continue reading →

The Congressional Encryption Working Group (EWG) was set up in the wake of the Apple vs FBI case in which the FBI wanted to gain access to the encrypted contents of a shooter's iPhone. The group has just published its end-of-year report summarizing months of meetings, analysis and debate.

The report makes four key observations, starting off with: "Any measure that weakens encryption works against the national interest". This is certainly not a new argument against encryption backdoors for the likes of the FBI, but it is an important one. EWG goes on to urge congress not to do anything to weaken encryption.

Continue reading →

In a move that has drawn criticisms from privacy groups, the US government this week started to ask some foreign travelers arriving in the country to hand over their social media account details.

Since Tuesday, visitors to the US arriving under the visa waiver program have been asked if they will provide "information associated with your online presence". Travellers are prompted to provide their usernames for the likes of Facebook, Google+, Instagram, LinkedIn and YouTube, and while the handing over of information is currently marked as "optional", it's not clear what the consequences of failing to provide it may be, or if there are plans to make it mandatory.

Continue reading →

Facebook has released its Global Government Requests Report for H1 2016, and it shows that there has been a significant increase in the number of government requests for account data.

Compared to the first half of 2015, Facebook received 27 percent more requests globally. Most of these 59,229 requests came from the US government, and more than half of them (56 percent) included a gagging order preventing Facebook from notifying the affected users.

Continue reading →