Articles about Privacy

British workers are mostly unaware about their privacy rights at work, a new survey suggests. Security firm Comparitech.com has polled 1,000 employees living in the UK, and according to the poll, 53 percent don’t believe bosses should be allowed to read their private communications during working hours.

What’s more, 36 percent said bosses aren’t allowed, legally, to read such emails and texts, while 13 percent said they’d quit their job if they found out their bosses were reading their private communications.

Continue reading →

In light of Edward Snowden's surveillance revelations, regular transparency reports from technology companies about the requests they have received from governments about data requests have become very common. But despite the name, transparency reports are not very transparent -- there are great restrictions on what companies like Microsoft are able to report. The company believes this is unconstitutional.

The restrictions are so strict that it is not even possible to precisely report the number of requests for user data that have been received. Instead, this data must be conveyed in bands such as 0-499, 500-999, and so on. Now Microsoft has had enough. There are privacy concerns, of course, but most disturbing is that in half of cases of requests for customer data, Microsoft has been gagged from letting those affected know about the governmental interest. As a result, Microsoft has decided to sue the Department of Justice in a bid to be more transparent.

Continue reading →

According to a new survey 78 percent of organizations say that security outweighs cost savings and user experience when choosing identity management solutions.

The survey by access control specialist SecureAuth used responses from over 230 IT security professionals in the US and UK.

Continue reading →

Laws surrounding online surveillance will always prove controversial, and this is certainly true of the UK's proposed Investigatory Powers Bill -- aka the Snooper's Charter. Currently in draft form, the final content and scope of the bill could be set today as the European Court of Justice rules on a challenge brought against the existing Data Retention and Investigatory Powers Act 2014 (Dripa).

The case has the support of many European states, and the outcome of the case will determine the powers of data collection the UK government is able to exercise. It is expected that the case could be one of the deciding factors in the in-out referendum in June when the UK votes on whether to remain part of Europe or to go it alone.

Continue reading →

The transfer of data between the US and Europe has been something of a privacy and security nightmare. In an attempt to improve privacy protection, the European Commission established the EU-US Privacy Shield "to restore trust in transatlantic data flows" post-Edward Snowden's NSA surveillance revelations, replacing the controversial Safe Harbor arrangement.

Today Microsoft has announced its support for the principles the framework says that companies will have to abide by. More than this, Vice President for EU Government Affairs at Microsoft, John Frank, says the company will comply with Data Protection Authorities advice in disputes, and cooperate with them on data transfer processes.

Continue reading →

The idea of an injunction to prevent newspapers from publishing certain stories are nothing new, far from it. But in recent years, a new breed of superinjunction has been born. These not only prevent the publishing of stories, but can also block the publishing of the names of those involved. Some superinjunctions are such that even reporting the existence of the superinjunction is prohibited.

In recent weeks, a celebrity couple took out a superinjunction to prevent the press from publishing details of an alleged affair (well, a threesome if we cut to the chase). The gagging order prevented news outlets in the UK referring to the couple as anything other than the initials PJS and YMA (not their actual initials, by the way) and the other participants in the alleged ménage à trois as AB and CD. But today a Scottish newspaper took the decision to reveal the names of the couple -- but it could only do so in its print edition, because of the way laws written for the printed press have been awkwardly applied to the web.

Continue reading →

The British government secretly rolled out powers that permitted the immigration officials to hack the mobile phones of asylum seekers and refugees, the Observer reveals. The Home Office has confirmed the hacking powers which have sparked outrage from privacy and human rights groups.

Since 2013, immigration officials have not only been permitted to hack into migrants' phones and computers, but also to install surveillance equipment in homes and detention centers. With concern about governmental plans for the snooper's charter and the privacy invasion this entails, claims that the powers are needed to "deal effectively with all immigration crime" are likely to fall on deaf ears.

Continue reading →

Apple's battle with the FBI has focused the attention of the technology community on encryption. But while just about all of the big players in the tech world backed Apple's refusal to create a backdoor for the FBI into iOS, Congress has a very different idea about how encryption and governmental access to data should be handled. This is perfectly demonstrated by a new bill.

The draft version of the Compliance with Court Orders Act of 2016 -- penned by Senators Diane Feinstein and Richard Burr -- would essentially force all US companies to decrypt data they may have encrypted, or to provide backdoors when asked. It's a bill described variously as 'dangerous', 'encryption-weakening', and 'anti-security', and it starts off aggressivley in stating that "no person or entity is above the law". In effect, it renders the encryption put in place by the likes of WhatsApp completely pointless as, if the bill is passed, companies would have to decrypt data on demand.

Continue reading →

Just a few days ago, WhatsApp trumpeted the roll out of end-to-end encryption for its messaging service. The world rejoiced. With events such as the battle between Apple and the FBI turning attention to encryption, the announcement was well-timed to ride the crest of the wave. But it seems that for all of the bluster and bravado, the news about extra protection may not be quite as good as it seems.

Analysis of WhatsApp's privacy documentation reveals that the Facebook-owned company retains a huge amount of data about messages that are sent. If this all sounds familiar, it's because the retention of metadata is precisely what the NSA was (is?) up to, trawling web communications and upsetting Edward Snowden and privacy advocates around the world. WhatsApp's encryption and policies mean that those who are concerned about their privacy should not rest on their laurels.

Continue reading →

The recent furore between Apple and the FBI over access to the San Bernadino shooter’s iPhone brought privacy debates firmly into the public eye. Despite tech giants, politicians and privacy campaigners explaining the potential ramifications of the case, many people remained on the fence.

A recent survey by the Pew Research Centre found that the majority of Americans sided with the FBI and believe that Apple should have complied with its demands. I find this deeply concerning because it shows how easily our collective privacy could be eroded in the name of national security, and also how little most people seem to understand the encryption technologies which protect us all.

Continue reading →

More than 27 million Android devices running medical apps are likely to have high risk malware installed according to a new report.

The Mobile Threat Intelligence report from threat defense company Skycure is focused on healthcare and finds that doctors who use mobile devices to assist their day-to-day practice are exposed to network threats, and that these significantly increase over time.

Continue reading →

Its developer -- who wishes to remain anonymous -- says that his website exists to educate people about the importance of privacy. But Swipebuster sells itself as a way for suspicious partners to check upon their other halves if they think they might be making use of Tinder to seek out some 'extracurricular activity'.

Swipebuster taps into the Tinder API to access publicly available data to see if a particular individual appears in the membership database. It’s perfect not only for confirming or denying worst fears, but also a valuable tool for a would-be blackmailer. For just $5, you can conduct three searches to see if people you know are using Tinder.

Continue reading →

Encryption has been a hot topic for some time, but the battle between Apple and the FBI really brought it to the fore in recent weeks. In response to the FBI trying -- ultimately successfully -- to crack into the San Bernardino shooter's iPhone, WhatsApp was just one of the companies that promised to increase encryption.

Today the popular chat tool made good on its promise, enabling full end-to-end encryption; this means that calls, messages, photos, videos, files, voice messages, and group chats are all protected with end-to-end encryption. Importantly, this extra layer of security is enabled by default, leading WhatsApp to claim it is "a leader in protecting your private communication".

Continue reading →

Whether it's down to stolen credentials, weak passwords or bot-based attacks, the threat of an account takeover is one of the major worries for most users.

Mobile identity company TeleSign is launching Behavior ID, a new offering that enables web and mobile applications to measure and analyze a user's behavioral patterns to provide continuous authentication, even after the user has been verified with traditional security measures like passwords.

Continue reading →

It might have taken the FBI quite some time to find a way to unlock a shooter's iPhone 5C, but it turns out to be trivially easy to access contacts and photos stored on the company’s newest flagship, the iPhone 6s.

The trick makes use of Siri and Twitter, and as the owner of a 6s I’ve been able to test this method myself, and can confirm not only that it works, but it’s very simple to implement.

Continue reading →