Articles about Privacy

There's nothing like a good sex scandal to get people talking, and that's certainly what's happened in the case of a celebrity threesome that's currently subject to a superinjunction banning the involved parties from being named. While the identities of the couple cannot be revealed by British newspapers, their names are well-known in other parts of the world, and all over the web.

The British press has played ball, agreeing not to name YMA, his husband PJS and the two others, AB and CD with whom a threesome is supposed to have taken place but it is impossible for law enforcement agencies to control what appears online. Google has been the first port of call for many curious-minded people eager to learn the names of those involved, and the search giant has said that -- despite many requests to do so -- it will not censor search results that could lead people to the names.

Continue reading →

Google is looking to take steps that will enable Chrome users to make more informed decisions about the extensions they install. Specifically, developers will have to provide more information about data collections in the interests of transparency.

In addition, developers will have to produce a privacy policy for their extensions, and must ask for permission before collecting data about users. Google's new User Data Policy introduces these extra requirements in the wake of increased demands from users for more information about what is going on in the background.

Continue reading →

After a whole lot of discussion and debate, new general data protection regulations have been approved by the European Parliament.

In what has been described as a watershed moment for enterprise IT, the unification of Europe’s multiple data protection regulations into one common law signals a new beginning for businesses and consumers alike.

Continue reading →

Generating a shortened URL to share content may seem like a good idea, but it may also expose you to unnecessary security risks, a new research paper shows. Titled Gone in Six Characters: Short URLs Considered Harmful for Cloud Services, it explains how short URLs can be used by malicious players to plant malware, copy personal files, and retrieve all sorts of personal information, like your home address, among other things.

URL shorteners, as their name suggest, are meant to bring long links, that can contain dozens of characters, usually down to just a few letters and numbers. That has some clear benefits: shortened URLs suit SMS messages and tweets better, look nicer in conversations, and allow services to track the number of clicks for a specific link, among other things. But the fact that they only contain a handful of characters makes them susceptible to brute-force search.

Continue reading →

British workers are mostly unaware about their privacy rights at work, a new survey suggests. Security firm Comparitech.com has polled 1,000 employees living in the UK, and according to the poll, 53 percent don’t believe bosses should be allowed to read their private communications during working hours.

What’s more, 36 percent said bosses aren’t allowed, legally, to read such emails and texts, while 13 percent said they’d quit their job if they found out their bosses were reading their private communications.

Continue reading →

In light of Edward Snowden's surveillance revelations, regular transparency reports from technology companies about the requests they have received from governments about data requests have become very common. But despite the name, transparency reports are not very transparent -- there are great restrictions on what companies like Microsoft are able to report. The company believes this is unconstitutional.

The restrictions are so strict that it is not even possible to precisely report the number of requests for user data that have been received. Instead, this data must be conveyed in bands such as 0-499, 500-999, and so on. Now Microsoft has had enough. There are privacy concerns, of course, but most disturbing is that in half of cases of requests for customer data, Microsoft has been gagged from letting those affected know about the governmental interest. As a result, Microsoft has decided to sue the Department of Justice in a bid to be more transparent.

Continue reading →

According to a new survey 78 percent of organizations say that security outweighs cost savings and user experience when choosing identity management solutions.

The survey by access control specialist SecureAuth used responses from over 230 IT security professionals in the US and UK.

Continue reading →

Laws surrounding online surveillance will always prove controversial, and this is certainly true of the UK's proposed Investigatory Powers Bill -- aka the Snooper's Charter. Currently in draft form, the final content and scope of the bill could be set today as the European Court of Justice rules on a challenge brought against the existing Data Retention and Investigatory Powers Act 2014 (Dripa).

The case has the support of many European states, and the outcome of the case will determine the powers of data collection the UK government is able to exercise. It is expected that the case could be one of the deciding factors in the in-out referendum in June when the UK votes on whether to remain part of Europe or to go it alone.

Continue reading →

The transfer of data between the US and Europe has been something of a privacy and security nightmare. In an attempt to improve privacy protection, the European Commission established the EU-US Privacy Shield "to restore trust in transatlantic data flows" post-Edward Snowden's NSA surveillance revelations, replacing the controversial Safe Harbor arrangement.

Today Microsoft has announced its support for the principles the framework says that companies will have to abide by. More than this, Vice President for EU Government Affairs at Microsoft, John Frank, says the company will comply with Data Protection Authorities advice in disputes, and cooperate with them on data transfer processes.

Continue reading →

The idea of an injunction to prevent newspapers from publishing certain stories are nothing new, far from it. But in recent years, a new breed of superinjunction has been born. These not only prevent the publishing of stories, but can also block the publishing of the names of those involved. Some superinjunctions are such that even reporting the existence of the superinjunction is prohibited.

In recent weeks, a celebrity couple took out a superinjunction to prevent the press from publishing details of an alleged affair (well, a threesome if we cut to the chase). The gagging order prevented news outlets in the UK referring to the couple as anything other than the initials PJS and YMA (not their actual initials, by the way) and the other participants in the alleged ménage à trois as AB and CD. But today a Scottish newspaper took the decision to reveal the names of the couple -- but it could only do so in its print edition, because of the way laws written for the printed press have been awkwardly applied to the web.

Continue reading →

The British government secretly rolled out powers that permitted the immigration officials to hack the mobile phones of asylum seekers and refugees, the Observer reveals. The Home Office has confirmed the hacking powers which have sparked outrage from privacy and human rights groups.

Since 2013, immigration officials have not only been permitted to hack into migrants' phones and computers, but also to install surveillance equipment in homes and detention centers. With concern about governmental plans for the snooper's charter and the privacy invasion this entails, claims that the powers are needed to "deal effectively with all immigration crime" are likely to fall on deaf ears.

Continue reading →

Apple's battle with the FBI has focused the attention of the technology community on encryption. But while just about all of the big players in the tech world backed Apple's refusal to create a backdoor for the FBI into iOS, Congress has a very different idea about how encryption and governmental access to data should be handled. This is perfectly demonstrated by a new bill.

The draft version of the Compliance with Court Orders Act of 2016 -- penned by Senators Diane Feinstein and Richard Burr -- would essentially force all US companies to decrypt data they may have encrypted, or to provide backdoors when asked. It's a bill described variously as 'dangerous', 'encryption-weakening', and 'anti-security', and it starts off aggressivley in stating that "no person or entity is above the law". In effect, it renders the encryption put in place by the likes of WhatsApp completely pointless as, if the bill is passed, companies would have to decrypt data on demand.

Continue reading →

Just a few days ago, WhatsApp trumpeted the roll out of end-to-end encryption for its messaging service. The world rejoiced. With events such as the battle between Apple and the FBI turning attention to encryption, the announcement was well-timed to ride the crest of the wave. But it seems that for all of the bluster and bravado, the news about extra protection may not be quite as good as it seems.

Analysis of WhatsApp's privacy documentation reveals that the Facebook-owned company retains a huge amount of data about messages that are sent. If this all sounds familiar, it's because the retention of metadata is precisely what the NSA was (is?) up to, trawling web communications and upsetting Edward Snowden and privacy advocates around the world. WhatsApp's encryption and policies mean that those who are concerned about their privacy should not rest on their laurels.

Continue reading →

The recent furore between Apple and the FBI over access to the San Bernadino shooter’s iPhone brought privacy debates firmly into the public eye. Despite tech giants, politicians and privacy campaigners explaining the potential ramifications of the case, many people remained on the fence.

A recent survey by the Pew Research Centre found that the majority of Americans sided with the FBI and believe that Apple should have complied with its demands. I find this deeply concerning because it shows how easily our collective privacy could be eroded in the name of national security, and also how little most people seem to understand the encryption technologies which protect us all.

Continue reading →

More than 27 million Android devices running medical apps are likely to have high risk malware installed according to a new report.

The Mobile Threat Intelligence report from threat defense company Skycure is focused on healthcare and finds that doctors who use mobile devices to assist their day-to-day practice are exposed to network threats, and that these significantly increase over time.

Continue reading →