Articles about Privacy

EFF (the Electronic Frontier Foundation) has filed a Freedom of Information (FOIA) lawsuit against the Justice Department. The digital rights group wants to learn whether the government has made use of secret court orders to force tech companies to provide access to encrypted user data.

After the Apple vs the FBI battle, there has been renewed interest in how companies handle not only encryption, but government requests for access to such data. With services such as WhatsApp enabling end-to-end encryption, attention has now switched to what might be happening in the background without users' knowledge. While Apple very publicly refused to provide decryption keys, EFF -- and others -- are concerned that secret court orders may be used to hide what is really happening.

Continue reading →

Apple has revealed that Chinese authorities have asked for access to the company's source code in the last couple of years. The revelation was made by Apple general counsel Bruce Sewell as he tried to deflect accusations that have sprung up in the wake of the San Bernardino iPhone case.

The battle between Apple and the FBI rumbled on for a while as authorities asked the iPhone manufacturer to crack encryption or provide a backdoor into the phone at the center of the case. Apple refused to help the FBI, leading to accusations that the company was failing to help US authorities whilst assisting those abroad. Apple categorically denies handing over information to the Chinese authorities.

Continue reading →

Reinvigorated interest in privacy, security and surveillance means that the transparency reports published by tech companies are always greeted with some enthusiasm. How much data are governments around the world asking for from companies? How much user data are companies handing over to the authorities?

Apple's latest transparency report reveals that the iPhone manufacturer has complied with an increased number of requests for data -- including 80 percent of requests in North America, and 97 percent in Latin America. But while the report makes for interesting reading, it also highlights a problem that Microsoft recently sued the Department of Justice over: even if companies want to be transparent about data requests, when it comes to National Security Requests it is not even possible to report the precise number of requests that have been received.

Continue reading →

The major messaging services are now placing a greater emphasis on their users' privacy and security, following the heated encryption debate started by Apple and the FBI. Viber has just announced end-to-end encryption support, making it the second leading player this month to introduce this feature after WhatsApp.

Viber has over 700 million users across the globe, but its end to end encryption feature will not be available everywhere right away. The company is focusing on Belarus, Brazil, Israel and Thailand first, with other markets to get the same treatment in the weeks that follow.

Continue reading →

Who Stalks My Cam is a free Windows application which alerts you to dubious software attempting to access your webcam.

The download unzips to a regular installer, but there’s also a portable version if you just want to take a quick look. Once it’s running, Who Stalks My Cam displays an audio alert and a popup whenever a program tries to access your webcam.

Continue reading →

There's nothing like a good sex scandal to get people talking, and that's certainly what's happened in the case of a celebrity threesome that's currently subject to a superinjunction banning the involved parties from being named. While the identities of the couple cannot be revealed by British newspapers, their names are well-known in other parts of the world, and all over the web.

The British press has played ball, agreeing not to name YMA, his husband PJS and the two others, AB and CD with whom a threesome is supposed to have taken place but it is impossible for law enforcement agencies to control what appears online. Google has been the first port of call for many curious-minded people eager to learn the names of those involved, and the search giant has said that -- despite many requests to do so -- it will not censor search results that could lead people to the names.

Continue reading →

Google is looking to take steps that will enable Chrome users to make more informed decisions about the extensions they install. Specifically, developers will have to provide more information about data collections in the interests of transparency.

In addition, developers will have to produce a privacy policy for their extensions, and must ask for permission before collecting data about users. Google's new User Data Policy introduces these extra requirements in the wake of increased demands from users for more information about what is going on in the background.

Continue reading →

After a whole lot of discussion and debate, new general data protection regulations have been approved by the European Parliament.

In what has been described as a watershed moment for enterprise IT, the unification of Europe’s multiple data protection regulations into one common law signals a new beginning for businesses and consumers alike.

Continue reading →

Generating a shortened URL to share content may seem like a good idea, but it may also expose you to unnecessary security risks, a new research paper shows. Titled Gone in Six Characters: Short URLs Considered Harmful for Cloud Services, it explains how short URLs can be used by malicious players to plant malware, copy personal files, and retrieve all sorts of personal information, like your home address, among other things.

URL shorteners, as their name suggest, are meant to bring long links, that can contain dozens of characters, usually down to just a few letters and numbers. That has some clear benefits: shortened URLs suit SMS messages and tweets better, look nicer in conversations, and allow services to track the number of clicks for a specific link, among other things. But the fact that they only contain a handful of characters makes them susceptible to brute-force search.

Continue reading →

British workers are mostly unaware about their privacy rights at work, a new survey suggests. Security firm Comparitech.com has polled 1,000 employees living in the UK, and according to the poll, 53 percent don’t believe bosses should be allowed to read their private communications during working hours.

What’s more, 36 percent said bosses aren’t allowed, legally, to read such emails and texts, while 13 percent said they’d quit their job if they found out their bosses were reading their private communications.

Continue reading →

In light of Edward Snowden's surveillance revelations, regular transparency reports from technology companies about the requests they have received from governments about data requests have become very common. But despite the name, transparency reports are not very transparent -- there are great restrictions on what companies like Microsoft are able to report. The company believes this is unconstitutional.

The restrictions are so strict that it is not even possible to precisely report the number of requests for user data that have been received. Instead, this data must be conveyed in bands such as 0-499, 500-999, and so on. Now Microsoft has had enough. There are privacy concerns, of course, but most disturbing is that in half of cases of requests for customer data, Microsoft has been gagged from letting those affected know about the governmental interest. As a result, Microsoft has decided to sue the Department of Justice in a bid to be more transparent.

Continue reading →

According to a new survey 78 percent of organizations say that security outweighs cost savings and user experience when choosing identity management solutions.

The survey by access control specialist SecureAuth used responses from over 230 IT security professionals in the US and UK.

Continue reading →

Laws surrounding online surveillance will always prove controversial, and this is certainly true of the UK's proposed Investigatory Powers Bill -- aka the Snooper's Charter. Currently in draft form, the final content and scope of the bill could be set today as the European Court of Justice rules on a challenge brought against the existing Data Retention and Investigatory Powers Act 2014 (Dripa).

The case has the support of many European states, and the outcome of the case will determine the powers of data collection the UK government is able to exercise. It is expected that the case could be one of the deciding factors in the in-out referendum in June when the UK votes on whether to remain part of Europe or to go it alone.

Continue reading →

The transfer of data between the US and Europe has been something of a privacy and security nightmare. In an attempt to improve privacy protection, the European Commission established the EU-US Privacy Shield "to restore trust in transatlantic data flows" post-Edward Snowden's NSA surveillance revelations, replacing the controversial Safe Harbor arrangement.

Today Microsoft has announced its support for the principles the framework says that companies will have to abide by. More than this, Vice President for EU Government Affairs at Microsoft, John Frank, says the company will comply with Data Protection Authorities advice in disputes, and cooperate with them on data transfer processes.

Continue reading →

The idea of an injunction to prevent newspapers from publishing certain stories are nothing new, far from it. But in recent years, a new breed of superinjunction has been born. These not only prevent the publishing of stories, but can also block the publishing of the names of those involved. Some superinjunctions are such that even reporting the existence of the superinjunction is prohibited.

In recent weeks, a celebrity couple took out a superinjunction to prevent the press from publishing details of an alleged affair (well, a threesome if we cut to the chase). The gagging order prevented news outlets in the UK referring to the couple as anything other than the initials PJS and YMA (not their actual initials, by the way) and the other participants in the alleged ménage à trois as AB and CD. But today a Scottish newspaper took the decision to reveal the names of the couple -- but it could only do so in its print edition, because of the way laws written for the printed press have been awkwardly applied to the web.

Continue reading →