Daily Digest (12/2)

China Announces Rules On Mobile App Data Collection; Microsoft Files Patent to Record and Score Meetings via Body Movements; Washington State Launches Statewide COVID Exposure App; Schools in Ala. City Shut Down After Cyberthreat

China Announces Rules On Mobile App Data Collection 

China released draft rules Tuesday to limit mobile apps’ collection of personal data.

The drafted rules, published by the Cyberspace Administration of China, covers 38 kinds of apps — including online shopping apps, instant-messaging apps and even ride-hailing apps, Reuters reports. 

China drafted antimonopoly rules for tech firms last month and also has expressed concerns about data-protection and consumer rights. 

On multiple occasions, Chinese authorities have ordered apps to be suspended for mishandling user information. 

“In recent years, mobile internet applications have been widely used and have played an important role in promoting economic and social development and serving people’s livelihoods,” the agency said in a statement.

“At the same time, it is common for apps to collect … personal information beyond their scope — and users cannot install and use them if they refuse to agree.”

For ride-hailing apps, the draft rules concern a user’s phone number and other personal information, as well as their location and destination, which fall within the scope of required information.

Online payment apps will need the registered user’s phone numbers or other ID information, as well as the bank-card numbers of the payer and payee, according to the draft rules. 

The draft rules will be open for public comment until Dec. 16. 

Sources (all links external): 

Microsoft Files Patent to Record and Score Meetings via Body Movements

Microsoft filed a federal patent Tuesday for a system to monitor employees’ body language and facial expressions during work meetings to give the events an “overall quality score.” 

The filing suggested that it could be used in real-world meetings and online get-togethers, BBC News  reports. 

The proposed meeting rooms could be packed with sensors to monitor who has attended the meeting, the amount of time each participant spent contributing to the meeting and speech patterns “consistent with boredom and fatigue.”

Microsoft introduced the feature last year, allowing managers to track individual workers’ use of Microsoft’s Office 365 software — including Outlook email and the Teams meeting and Excel spreadsheet apps.

The patent also suggested that the technology could be used to identify problems that make meetings ineffectual. 

But one privacy advocate suggested to BBC News that the system would be “invasive” and a “major step back for workers’ rights.” 

“This type of employee surveillance software obstructs diversity in workplaces by operating on the false premise that there is a uniform, normative way that people work optimally,” said Big Brother Watch Director Silkie Carlo.

“A lot of surveillance tech is marketed as ‘innovative’ — but in reality is astoundingly retrograde.”

Washington State Launches Statewide COVID Exposure App

Washington state introduced a statewide coronavirus exposure app on Monday, joining more than a dozen states that already have introduced the technology to help stem the spread of COVID-19.

The app, created by Google and Apple, is used in more than 30 countries and more than a dozen states in the U.S., including New York, Colorado and Virginia, The Associated Press reports. 

“This offers Washingtonians another tool to help control the pandemic,” state Secretary of Health John Wiesman said. 

Washington was among five states who piloted the technology. 

At a news conference announcing the app, Democratic Gov. Jay Inslee said more than 200,000 people already had signed up since it went live that morning.

The app uses Bluetooth wireless technology to detect when someone who downloaded the device has been near another user who tested positive for the virus.

Cellphones using WA Notify will exchange random codes, which officials said were completely anonymous, with no location tracking or exchange of personal information, AP reports.

Schools in Ala. City Shut Down After Cyberthreat 

The Huntsville City Schools (HCS) system in Alabama closed Monday and Tuesday because of a ransomware attack.

The system urged students, families and staff to shut down any school-issued devices, AL.com reports. 

Officials also told parents of students in distance-learning programs to immediately power down school laptops.

Craig Williams, the district’s chief communications officer, confirmed that the system had treated the matter as a ransomware attack — and that administrators were  “working with authorities to work to resolve the issue.”

HCS was alerted to the cybersecurity threat after the IT desk received multiple calls, WHNT-TV in Huntsville reports. 

“When we started seeing that number of calls on a Monday morning, we realized something must be weird, something must be happening,” Williams said, “so our IT team immediately worked to identify — and they discovered it does appear to be a ransomware attack.”

The school system has not disclosed what information was compromised, but Superintendent Christine Finley said in a statement that “HCS encourages families to be extremely cautious in sharing personal information with anyone” and that they should “avoid opening any emails and do not click on any links from unfamiliar email accounts.”

— By DPN Staff