privacy

Link

Lawmakers Want Apple to Turn Privacy Talk into Action

Andrew Orr ·

Although Tim Cook vocally supports privacy laws in the United States, Apple doesn’t actually support many of them.

A number of privacy advocates and U.S. lawmakers — who did not attend the meeting — say Apple has not put enough muscle behind any federal effort to tighten privacy laws. And state lawmakers, who are closest to passing rules to limit data sharing, say Apple is an ally in name only — and in fact has contributed to lobbying efforts that might undermine some new data-protection legislation.

This is something I’ve noticed as well. I think Tim and co should do more to support privacy legislation.

Link

Apple VPN as the Company's Latest Privacy Service

Andrew Orr ·

Michael Grothaus argues that an Apple VPN should be the company’s next privacy service.

The obvious existing bundle this VPN could slip into would be iCloud. Apple could offer an “iCloud VPN” service to all paid iCloud subscribers. And because Apple controls all the hardware and operating systems of the devices it makes, its VPN setup could be dead simple: if you’re signed into iCloud on your device, iCloud VPN is set up, running, and protecting your browsing activity from outsiders without you having to click a single button.

I’m not so sure I want an Apple VPN. Remember, this would mean that Apple could potentially know all of your network traffic unless they had a no logging policy.

Link

Data Aggregator Claims Sign in With Apple Won't Have a Big Impact

Andrew Orr ·

Kazuki Ota, founder and CEO of data aggregator Arm Treasure Data, said that although Sign in With Apple will limit some tracking, it won’t eliminate it completely.

Treasure Data’s ID Unification feature can take attributes of multiple IDs and combine them into one profile across data sources. “Eighty to 90% of the work of creating this type of clean profile is actually having a lot of clean-up process of the data and also having a higher quality data,” Ota said. “It won’t be perfect, to be honest, because 100% clean data is almost an imaginary situation.”

I look forward to seeing the impact Sign in With Apple will have.

Link

Open ID Foundation Publishes Letter about Sign in With Apple

Andrew Orr ·

The Open ID foundation published an open letter to Craig Federighi regarding Sign in With Apple. Although the foundation praised Apple for the initiative, it worries that it strays too far from Open ID and opens users to security and privacy risks.

The current set of differences between OpenID Connect and Sign In with Apple reduces the places where users can use Sign In with Apple and exposes them to greater security and privacy risks. It also places an unnecessary burden on developers of both OpenID Connect and Sign In with Apple. By closing the current gaps, Apple would be interoperable with widely-available OpenID Connect Relying Party software.

Link

UK ISPA Hates Mozilla's DNS Over HTTPS Privacy Tool

Andrew Orr ·

If you use your internet service provider’s default DNS, they can see everything you do on the web. It comes as no surprise that ISPs don’t like privacy tools like Mozilla’s DNS over HTTPS (DoH) technology in Firefox. The UK Internet Services Providers’ Association (ISPA) declared Mozilla a 2019 Villain, alongside President Trump.

ISPA Internet Villain

Mozilla – for their proposed approach to introduce DNS-over-HTTPS in such a way as to bypass UK filtering obligations and parental controls, undermining internet safety standards in the UK

Link

Amazon Alexa Voice Recordings are Stored Indefinitely

Andrew Orr ·

In a letter to U.S. senators Amazon said it keeps your Alexa voice recordings indefinitely unless you manually delete them.

In the letter to Coons, Amazon noted that for Alexa requests that involve a transaction, like ordering a pizza or hailing a rideshare, Amazon and the skill’s developers can keep a record of that transaction. That means that there’s a record of nearly every purchase you make on Amazon’s Alexa, which can be considered personal information.

Link

Futurebook is a Parody Dystopian Social Media Site

Andrew Orr ·

Futurebook is a parody social media website by Open Rights Group. It aims to give people an example of what a future without privacy would look like. Yeah, even less privacy than we have today.

Futurebook is a parody social media website designed to warn users about how changes in Government policy could negatively impact rights to freedom of expression and privacy and disrupt user experiences online.

The website features disabled comments, invasive advertising, blocked content and throttled streaming. These are all potential outcomes of UK digital policy developments after leaving the European Union.

 

Link

Private Social Network MeWe Reaches Over 5 Million Members

Andrew Orr ·

MeWe is a social network with privacy in mind, and it recently surpassed 5 million members. Additionally it closed a US$4.5 million offering, bringing the company’s total funds raised to US$15 million.

MeWe is on track to have 30 million members by yearend, and projects 150 million by the end of 2020. MeWe achieved 405% growth in 2018 and is already growing twice as fast on a daily basis in 2019. MeWe’s growth is organic—it runs no paid marketing campaigns.

It’s good to see MeWe doing well. I don’t use it anymore, but I still recommend it to people looking for a private social network.

Link

On Covering Up Your iPhone Selfie Camera

Andrew Orr ·

Jack Morse writes how we should cover up our phone’s selfie camera, but doesn’t spend much time telling us why. 90% of the article is about webcams on laptops. The only phone-related thing mentioned is the iOS FaceTime bug. Ultimately the choice to cover up the selfie camera is a personal one, but I wouldn’t worry too much about it.

This writer has used the Post-it Note technique for a few years, and it works wonders. While every now and then I get some weird looks from strangers or friends when they see that I cover my selfie camera, just like with laptop webcam covers it’s likely they’ll all be doing the same before too long.

Link

Facebook VP Nick Clegg Makes a Compelling Pro-Apple Argument

Andrew Orr ·

Facebook VP Nick Clegg makes the same argument as Sundar Pichai when it comes to Apple. Although he thinks he’s making an argument against Apple, he’s really arguing for Apple.

Facebook is free — it’s for everyone. Some other big tech companies make their money by selling expensive hardware or subscription services, or in some cases both, to consumers in developed, wealthier economies. They are an exclusive club, available only to aspirant consumers with the means to buy high-value hardware and services.

Facebook is free only because they sell advertising using customer data. Apple makes money from hardware and subscriptions. It’s precisely because of companies like Facebook and Google that privacy is seen as a luxury.

Link

YouTube Under Federal Investigation Over Children’s Privacy

Andrew Orr ·

The U.S. government is investigating YouTube for allegedly violating children’s privacy.

The complaints contended that YouTube, which is owned by Google, failed to protect kids who used the streaming-video service and improperly collected their data in violation of the Children’s Online Privacy Protection Act, a 1998 law known as COPPA that forbids the tracking and targeting of users younger than age 13.

Link

Openly Operated Wants to Improve Privacy Policies

Andrew Orr ·

Openly Operated is a certification for apps and services. The certification process ensures that they live up to their privacy and security claims with an audit.

An OO-certified app or site must meet three criteria. First, it needs to demonstrate “a basic level of transparency” by making its code and infrastructure — among other things — public and fully documented. Second, it needs to lay out its policy in the form of “claims with proof,” establishing what user data is collected, who can access it, and how it’s being protected. Third, those claims must be evaluated by an OO-certified auditor who then makes the audit results public.

I’ve complained about privacy policies before, and this sounds like a great idea. I hope it gets traction.

Link

Bluetooth Beacons Can Track You Inside Stores

Andrew Orr ·

Bluetooth beacons are small devices that some stores hide throughout the building. Apps on your phone can pick up the signals they emit and send information back.

In order to track you or trigger an action like a coupon or message to your phone, companies need you to install an app on your phone that will recognize the beacon in the store. Retailers (like Target and Walmart) that use Bluetooth beacons typically build tracking into their own apps. But retailers want to make sure most of their customers can be tracked — not just the ones that download their own particular app.

I bet iOS 13’s new Bluetooth controls will affect this.

Link

How Surveillance Affects the Legal System: A Judge’s View

Andrew Orr ·

We often read about surveillance from the perspective of us, the users, or technology companies. Here is a judge’s view on it.

Congress is way behind in determining how far the police can go in using technology to invade people’s privacy, and many of the legal disputes arising from this collision have not reached the Supreme Court. For the public, as a practical matter, the rules of the road are being decided by prosecutors. Your privacy is not their highest priority.

I think that’s ultimately the heart of the matter: We have a technologically-inept government.

Link

Most Privacy Policies Exceed Reading Standards With Low Readability

Andrew Orr ·

Journalists at The New York Times read 150 privacy policies, finding most of them to be incomprehensible with low readability scores.

To be successful in college, people need to understand texts with a score of 1300. People in the professions, like doctors and lawyers, should be able to understand materials with scores of 1440, while ninth graders should understand texts that score above 1050 to be on track for college or a career by the time they graduate. Many privacy policies exceed these standards.

I wish there was a standard for privacy policies so companies can’t hide their sins behind jargon. In the mean time, I use this website.

Link

Governments Are Terrible at Securing Data

Andrew Orr ·

It absolutely infuriates me when agencies like the FBI, and governments like Australia, the U.S., Germany, and more want us to break encryption or circumvent it with a back door. As Mathew Gault writes, they are completely inept at securing data. Even the NSA, which likes to think it’s the “world leader in cryptology” got hacked.

Regular phone and internet users remain vulnerable, forced to take individual protective measures, like a poor wage-worker without health insurance who’s told to secure her nest egg by cutting out morning lattes.