‘Most People Value Their Privacy a Lot’
By C.J. Thompson
Lorrie Cranor is a longtime champion of privacy and security issues.
A professor of computer science, engineering and public policy at Carnegie Mellon University, she also serves as director of the university’s CyLab Usable Privacy and Security Laboratory and is co-director of the MSIT privacy engineering masters’ program.
For more than two decades, Cranor’s research has illuminated usable — consumer-friendly — privacy and security technologies and methodologies.
Cranor, whose doctorate is from Washington University in St. Louis, served as chief technologist for the Federal Trade Commission in 2016.
She and CyLab researchers recently designed the blue “opt-out” icon now used on many websites to alert consumers how to decline the sale of their data. It resulted from amendments to the California Consumer Privacy Act (CCPA) in March.
Continue reading “Q&A: Lorrie Cranor of Carnegie Mellon University”
Calif. Bill Seeks to Stop Police From Unbridled License-Plate Data Collection
An image from the user guide for the Law Enforcement Archival Reporting Network (LEARN) system, Vigilant Solutions’ platform for law enforcement officers who access license-plate data.
By Fiona Tang
California legislators are considering a bill that would limit law enforcement’s retention of data obtained through automated license plate readers (ALPRs), hoping to quell alarms from privacy advocates after a state agency found widespread abuse among police.
Democratic State Sen. Scott Wiener introduced the License Plate Privacy Act in January after the California State Auditor released a report earlier last year revealing negligent misuse of ALPR data by authorities.
The activities, the report said, marked severe violations of an existing privacy law, S.B. 34, which had been on the books since January 2016.
“What we are seeing is agencies will maintain massive amounts of data in perpetuity — data that has nothing to do with any kind of investigation or suspected crime — and they are giving it out like candy, to basically any agency, even sometimes non-governmental agencies, anywhere in the country,” Wiener said last month in presenting the bill to the Senate Judiciary Committee.
Continue reading “‘Giving It Out Like Candy’”
By Rachel Looker
If you haven’t recently Googled yourself, it might be time you did.
A routine search could bring up a result with your name and a “free background report” at MyLife.com.
Clicking it takes you to a page with your age, current and previous addresses, religious views, marital status, net worth, political affiliation and many other personal details.
A graphic that resembles a speedometer indicates your “reputation score” based on “background details, personal reviews and social media posts,” according to MyLife’s website.
The gauge indicates how high or low your score is versus the national average.
Each profile contains other personal details, including court and arrest records that can be viewed on the website, some of which only are accessible via a premium, paid membership.
Continue reading “MyLife’s ‘Reputation’ Practices Under Scrutiny From DOJ, FTC”
By Robert Bateman
A government-sponsored plan in the U.K. could allow pubs and other venues to identify customers using facial-recognition technology — and some academics and advocates are worried about the implications for privacy and civil liberties.
The proposed scheme, which is being developed by British tech companies iProov and Mvine using a $103,000 government grant, has been touted as a means to ease COVID-19 restrictions without the use of so-called “vaccine passports.”
But iProov assured Digital Privacy News that subjects’ privacy would be protected. Still, the plans have drawn the ire of privacy advocates, who say it would violate individual privacy and other civil rights.
“There is no legitimate justification for including facial recognition or any other biometric applications in vaccine passport schemes,” said Ella Jakubowska, policy officer at European Digital Rights (EDRi), based in Brussels.
Continue reading “UK Considering Face-Data Scheme for Pubs, Raising Privacy Fears”
Amazon Expands Contactless ‘Palm’ Technology During Pandemic
By Fiona Tang
Amazon.com is opening new physical retail stores so customers can make purchases by scanning their palms, a step that researchers said capitalized on consumers’ concerns about hygiene during the COVID-19 pandemic.
The technology, called Amazon One, debuted in September at an Amazon Go store in Seattle. Officials touted the technology as welcomed during the pandemic but declined to comment further to Digital Privacy News.
It uses a “biometric identification system” that includes a hand scanner that can identify a customer based on such characteristics as “lines and creases in the user’s palm, veins, bones, soft tissue or other structures beneath the epidermis of the skin,” according to a patent Amazon filed in December 2019.
To sign up for Amazon One, a customer inserts a credit card and positions their palm above the scanner. The scanner then generates a “unique palm signature” and connects the customer’s card information to their palm.
Continue reading “‘A Terrible Idea’”
Huge Facebook Leak Brings the ‘Ability to Send More Targeted Phishing Emails’
By Rachel Looker
Facebook made headlines this month after news that a data leak exposed the personal information of more than 533 million users.
First reported April 3 by Business Insider, the leak included cellphone numbers, names, locations, birthdates and some email addresses for users in over 100 countries.
But Facebook said hackers obtained the data before September 2019 by “scraping” it from the platform through misuse of its contact importer tool.
“This feature was designed to help people easily find their friends to connect with on our services using their contact lists,” Facebook said in an April 6 blog post.
The platform said the contact importer had been updated to prevent software from imitating the app and uploading large sets of phone numbers to see if any matched a Facebook user.
Continue reading “Q&A: HIBP’s Troy Hunt”
Retailers Balance Privacy While Foiling Thieves as COVID-Related Crime Rises
An alleged shoplifter caught on surveillance video at the Homestyles Gallery craft mall in North Carolina before Christmas. The video was posted to social media. Credit: Homestyles Gallery
By Joanne Cleaver
Angie Smith noticed the red-haired woman who meandered into Homestyles Gallery, an accessories and craft mall in suburban Charlotte, N.C., days before Christmas.
But busy with customers, Smith didn’t realize until hours later that the woman had sashayed out with $700 in handcrafted jewelry from an artisan’s booth within the store.
The incident was caught on surveillance tape: The COVID-masked woman glancing around, opening a glass case, sweeping jewelry into a tote bag and trotting off-screen.
“We’ve had small losses before but nothing like this,” Smith, the mall’s co-owner, told Digital Privacy News.
Infuriated at the woman’s brazen theft, she posted a clip of the video to the shop’s Facebook page — touching off a minor storm of citizen detectives determined to help a popular local business recover from a petty crime.
Continue reading “‘We Don’t Hide the Cameras’”
By Nora Macaluso
A recent federal court ruling allowing U.S. Border Patrol agents to search travelers’ cellphones and laptops at will has privacy advocates worried about a civil rights rollback.
The U.S. Court of Appeals for the First Circuit in Boston found in February that warrantless searches did not violate the U.S. Constitution.
The court, in reversing a 2019 decision, said the “volume” of travelers crossing U.S. borders made warrantless searches “essential” to border protection.
Requiring warrants would “hamstring the agencies’ efforts to prevent border-related crime and protect this country from national security threats,” the court said in its Feb. 9 decision.
Continue reading “Experts Fear Civil Rights Rollback in Ruling on Border Data Searches”
UK Data-Law Plans Draw Advocates’ Ire
By Robert Bateman
The U.K. government has signaled its intention to diverge from the EU standards on data-protection and privacy law, claiming that a “less-European approach” could help drive economic growth.
But some experts told Digital Privacy News that the government’s proposals could weaken individual rights and could put EU trade at risk.
Since the U.K. fully transitioned out of the EU in January, it has been able to make changes to EU law, including the General Data Protection Regulation (GDPR), which passed in 2016.
According to Reuters, U.K. Culture Secretary Oliver Dowden said he hoped the country could “hold on to many of the strengths of GDPR in terms of giving people security about their data,” but focus “less on the burdens of the rules imposed on individual businesses.”
Continue reading “‘Gutting Privacy Rights’”
‘Just Because People Say Data Analytics Win Elections Doesn’t Mean It’s True’
By Vaughn Cockayne
Colin J. Bennett is a professor of political science at the University of Victoria in Canada. He is a fellow of the university’s Surveillance Studies Centre.
His research focuses on the use of surveillance policy at the domestic and international levels. His most recent research has been into the use of data analytics during elections and how it has affected worldwide democracies.
His books include “The Governance of Privacy” (2006) and “The Privacy Advocates: Resisting the Spread of Surveillance” (2008).
Bennett, who holds a doctorate from the University of Illinois at Urbana-Champaign, told Digital Privacy News that exporting “data-driven” political campaign strategies to other countries is a threat that should be resisted.
Continue reading “Q&A: Colin J. Bennett, University of Victoria”
By Robert Bateman
Apple Inc. faces an investigation by the French privacy regulator after a coalition of French startups alleged that the company was violating EU data-protection law.
France Digitale, an advocacy group comprising nearly 2,000 French businesses, contend that Apple tracked user behavior on iPhones and iPads by default, violating EU privacy laws, including the General Data Protection Regulation (GDPR), which took effect in 2018.
Apple officials retorted that the group’s allegations, filed in a March 8 complaint to the Commission Nationale de l’informatique et des Libertés (CNIL), as “patently false.”
Continue reading “Apple Faces French Privacy Complaint Over Tracking”
IBM’s Third Reich Ties Presage Today’s Big Tech Ambitions
By Samantha Stone
Edwin Black wrote two decades ago about a stalwart American business and its underreported role in Nazi atrocities.
His book, “IBM and the Holocaust,” was a success by any measure. It had a respectable stint as a New York Times best-seller. It was lavishly praised by other journalists. It won awards and was published in multiple languages.
Black maintains IBM has never challenged the substance of his book. For its 20th anniversary, Black has been making the podcast-interview rounds defending his work and underscoring how IBM’s activities presage today’s Big Data.
“What most people can derive from my book at this particular point in time is that history repeats itself,” he said in a February podcast on the U.K.’s Revelation TV.
Continue reading “Q&A: Author Edwin Black”
‘There Was a Time When We Wanted to Change China. That Illusion Is Long Gone’
By Charles McDermid
Last of three parts.
China is an increasingly aggressive global actor when democracy is at its weakest point in decades, writes German journalist Kai Strittmatter.
The result is a “global competition of systems” not seen since the end of the Cold War.
Strittmatter, 55, author of “We Have Been Harmonized: Life in China’s Surveillance State” (2019), says China is openly advertising the superiority of its system over Western democracies, all while trying to reshape global organizations and infiltrating the West’s think tanks, companies, media and schools.
In the last of a three-part interview, Strittmatter told Digital Privacy News that the time had come to stop being naïve about the nature and intentions of the Chinese Communist Party (CCP).
Continue reading “Q&A: Writer Kai Strittmatter”
Edward Snowden speaks Tuesday at the Priv8 Virtual Summit on Digital Privacy. Credit: Orchid Labs Inc.
By Jackson Chen
Governments and companies must rethink how they use personal data amid surging consumer demand for better privacy protections, former NSA contractor and whistleblower Edward Snowden and other global digital-privacy experts said this week.
“Privacy is what protects that right of inquiry that leads to progress,” Snowden, 37, who has been living in political asylum in Russia since August 2013, told Tuesday’s opening session of the “Priv8 Virtual Summit on Digital Privacy,” sponsored by Orchid Labs Inc.
“Privacy was never about something to hide,” he continued. “Privacy is about something to protect.
“Privacy is the right to self. It allows you to be different and distinct from the majority.”
Continue reading “Snowden, Experts Say Customers Pushing for More Data Protections”
By Joanne Cleaver
When the IRS calls, taxpayers must answer.
But even with new tools the Internal Revenue Service has introduced to try to secure digital communication, taxpayers still must guard their data and access information, so they don’t make themselves targets for privacy intrusions, experts told Digital Privacy News.
Largely in response to COVID-19 chaos intersecting with the possibility of fraud, the agency has created what it describes as a “secure” portal where taxpayers can view the information that it has on file for them.
If you use the site, however, don’t let your guard down, said Ronald Semaria, a former IRS agent and fraud consultant and investigator in Brooklyn, N.Y.
“There is no one foolproof site,” he told Digital Privacy News. “By the time someone makes up a program to protect you, somebody else is doing something to unprotect you.”
Continue reading “IRS Creates New ‘Secure’ Portal; Experts Caution: User Beware”
‘You Don’t Need a Policeman. You Have Become the Policeman’
By Charles McDermid
Second of three parts.
Kai Strittmatter speaks Mandarin, studied in Xian and Taipei during the ’80s — and, for more than 20 years, was Beijing correspondent for the German newspaper Sueddeutsche Zeitung.
His 2019 book — “We Have Been Harmonized: Life in China’s Surveillance State” — probably won’t make him welcome in the Middle Kingdom anytime soon.
He writes that Western assumptions that technology would force China to accept openness and democracy were dead wrong. Instead, these new tools are bringing the return of a totalitarianism that’s never been more “total.”
In the second of three interviews, Strittmater, 55, told Digital Privacy News that today’s China was way beyond anything George Orwell ever could have imagined.
Continue reading “Q&A: Journalist Kai Strittmatter”
By Robert Bateman
The U.K. is denying thousands of migrants access to their personal information using a controversial exemption to the country’s data-protection law, in a move that advocates say violates human rights.
The U.K.’s Home Office, which handles visas and immigration issues, relied on the controversial “immigration exemption” in as many as 72% of requests for personal information it received last year, according to a report released this month by the Open Rights Group (ORG).
Under U.K. law, individuals can make a “subject access request” to see what personal information an organization has about them.
The immigration exemption, which forms part of the U.K.’s Data Protection Act of 2018, allows an organization to reject an access request if granting so will be “likely to prejudice … the effective maintenance of immigration control.”
Continue reading “UK Denying Migrants Access to Personal Data, Report Finds”
‘China Was Always a Surveillance State’
By Charles McDermid
First of three parts.
Investigative reporter Kai Strittmatter has a clear-sighted view of modern China and a grim analysis of the global ambitions of the Chinese Communist Party (CCP).
Be warned: It’s alarming stuff.
A techno-dystopian dictatorship is laid bare in his 2019 book, “We Have Been Harmonized: Life in China’s Surveillance State,” which was drawn from Strittmatter’s 30 years of studying China, including more than 20 years as a correspondent in Beijing for the German newspaper Sueddeutsche Zeitung.
Strittmatter, 55, documents how AI surveillance startups were heavily financed by the state in exchange for loyalty to the CCP — all part of Beijing’s rush to become the world’s economic leader at any cost.
Continue reading “Q&A: Author Kai Strittmatter”
By Robert Bateman
Local government bodies across the U.K. are using surveillance equipment supplied by Chinese companies that are involved in suppressing the Uighur people in Xianjing province, research has revealed.
Researchers sent 52 freedom of information (FOI) requests to councils — local government authorities — across the U.K., with 65% of respondents disclosing that they owned surveillance technology supplied by Hikvision. Seven councils disclosed that they owned technology made by Dahua.
Both companies have been accused of helping to suppress the Uighurs and other minority groups in the Xianjing region in southeastern China.
“The U.K. needs to reconsider whether it is justifiable to use public funds to invest in surveillance equipment manufactured by companies linked to human-rights abuses,” said Samuel Woodhams, digital rights lead at the security research website Top10VPN, who conducted the research.
Continue reading “Local UK Governments Using Chinese CCTV Linked to Uighurs”
By Aishwarya Jagani
As governments and airlines worldwide prepare to issue “vaccine passports” — digital details of a person’s COVID-19 immunization status — privacy advocates are concerned over the security and privacy risks the documents pose.
“Any information shared digitally is at risk of being leaked,” Alexis Hancock, of the Electronic Frontier Foundation (EFF), told Digital Privacy News.
“And without good digital-privacy law internationally, this information can become easily associated with the rest of a person’s data without their knowledge and informed consent.”
Critics expressed fears that these digital passes could put sensitive medical and health data in the hands of authorities and law enforcement, endangering the privacy of millions of citizens.
Continue reading “Global ‘Vaccine Passports’ Raise Concerns Over Privacy and Inequity”