Have you created a ShazzleMail account on your smartphone? This is a required first step.

Yes No

Free Encrypted Email

Posts Tagged ‘#facebook’

private

Just Don’t Call It Privacy

September 23, 2018

What do you call it when employers use Facebook’s advertising platform to show certain job ads only to men or just to people between the ages of 25 and 36?

How about when Google collects the whereabouts of its users — even after they deliberately turn off location history?

Or when AT&T shares its mobile customers’ locations with data brokers?

American policymakers often refer to such issues using a default umbrella term: privacy. That at least is the framework for a Senate Commerce Committee hearing scheduled for this Wednesday titled “Examining Safeguards for Consumer Data Privacy.”

After a spate of recent data-mining scandals — including Russian-sponsored ads on Facebook aimed at influencing African-Americans not to vote — some members of Congress are now rallying behind the idea of a new federal consumer privacy law.
At this week’s hearing, legislators plan to ask executives from Amazon, AT&T, Google, Twitter and other companies about their privacy policies. Senators also want the companies to explain “what Congress can do to promote clear privacy expectations without hurting innovation,” according to the hearing notice.

There’s just one flaw with this setup.

In a surveillance economy where companies track, analyze and capitalize on our clicks, the issue at hand isn’t privacy. The problem is unfettered data exploitation and its potential deleterious consequences — among them, unequal consumer treatment, financial fraud, identity theft, manipulative marketing and discrimination.
In other words, asking companies whose business models revolve around exploiting data-based consumer-influence techniques to explain their privacy policies seems about as useful as asking sharks to hold forth on veganism.

“Congress should not be examining privacy policies,” Marc Rotenberg, the executive director of the Electronic Privacy Information Center, a prominent digital rights nonprofit, told me last week. “They should be examining business practices. They should be examining how these firms collect and use the personal data of customers, of internet users.”

The Senate Commerce hearing, however, doesn’t seem designed to investigate commercial surveillance and influence practices that might merit government oversight.
For one thing, only industry executives are currently set to testify. And most of them are lawyers and policy experts, not engineers versed in the mechanics of data-mining algorithms.

Companies are sending their “policy and law folks to Washington to make the government go away — not the engineering folks who actually understand these systems in depth and can talk through alternatives,” Jonathan Mayer, an assistant professor of computer science and public affairs at Princeton University, told me.

That may be because Congress is under industry pressure.

California recently passed a new privacy law that would give Californians some power over the data companies’ hold on them. Industry groups hope to defang that statute by pushing Congress to pass federal privacy legislation that would overrule state laws. The industry-stacked Senate hearing lineup seems designed to pave the way for that, said Danielle Citron, a law professor at the University of Maryland.

Frederick Hill, a spokesman for the Senate Commerce Committee, said the group planned future hearings that would include other voices, such as consumer groups. But “for the first hearing,” Mr. Hill said, “the committee is bringing in companies most consumers recognize to make the discussion about privacy more relatable.”

What is at stake here isn’t privacy, the right not to be observed. It’s how companies can use our data to invisibly shunt us in directions that may benefit them more than us.

Many consumers know that digital services and ad tech companies track and analyze their activities. And they accept, or are at least resigned to, data-mining in exchange for conveniences like customized newsfeeds and ads.

But revelations about Russian election interference and Cambridge Analytica, the voter-profiling company that obtained information on millions of Facebook users, have made it clear that data-driven influence campaigns can scale quickly and cause societal harm.
And that leads to a larger question: Do we want a future in which companies can freely parse the photos we posted last year, or the location data from the fitness apps we used last week, to infer whether we are stressed or depressed or financially strapped or emotionally vulnerable — and take advantage of that?

“Say I sound sick when I am talking to Alexa, maybe they would show me medicine as a suggestion on Amazon,” said Franziska Roesner, an assistant professor of computer science at the University of Washington, using a hypothetical example of Amazon’s voice assistant. “What happens when the inferences are wrong?”

(Amazon said it does not use Alexa data for product recommendations or marketing.)

It’s tough to answer those questions right now when there are often gulfs between the innocuous ways companies explain their data practices to consumers and the details they divulge about their targeting techniques to advertisers.

AT&T’s privacy policy says the mobile phone and cable TV provider may use third-party data to categorize subscribers, without using their real names, into interest segments and show them ads accordingly. That sounds reasonable enough.

Here’s what it means in practice: AT&T can find out which subscribers have indigestion — or at least which ones bought over-the-counter drugs to treat it.

In a case study for advertisers, AT&T describes segmenting DirecTV subscribers who bought antacids and then targeting them with ads for the medication. The firm was also able to track those subscribers’ spending. Households who saw the antacid ads spent 725 percent more on the drugs than a national audience.

Michael Balmoris, a spokesman for AT&T, said the company’s privacy policy was “transparent and precise, and describes in plain language how we use information and the choices we give customers.”
But consumer advocates hope senators will press AT&T, Amazon and other companies this week to provide more details on their consumer-profiling practices. “We want an inside look on the analytics and how they’re categorizing, ranking, rating and scoring us,” Professor Citron said.

Given the increased public scrutiny, some companies are tweaking their tactics.

AT&T recently said it would stop sharing users’ location details with data brokers. Facebook said it had stopped allowing advertisers to use sensitive categories, like race or religion, to exclude people from seeing ads. Google created a feature for users to download masses of their data, including a list of all the sites Google has tracked them on.

Government officials in Europe are not waiting for companies to police themselves. In May, the European Union introduced a tough new data protection law that curbs some data-mining.

It requires companies to obtain explicit permission from European users before collecting personal details on sensitive subjects like their religion, health or sex life. It gives European users the right to see all of the information companies hold about them — including any algorithmic scores or inferences.

European users also have the right not to be subject to completely automated decisions that could significantly affect them, such as credit algorithms that use a person’s data to decide whether a bank should grant him or her a loan.

Of course, privacy still matters. But Congress now has an opportunity to press companies like Amazon on broader public issues. It could require them to disclose exactly how they use data extracted from consumers. And it could force companies to give consumers some rights over that data.

Tags: , , ,

emailtracking-ta

Apple’s App Store Privacy Crackdown May Hurt Facebook’s Onavo

June 15, 2018

Apple Inc.’s new rules for app developers limit their ability to harvest user contact data, but they also could hurt a key app owned by Facebook Inc. called Onavo Protect.

The iPhone maker’s updated App Store Review Guidelines ban applications that “collect information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing.” This could give Apple grounds to remove the Onavo app, although the software is still available despite the rules kicking in last week.

Onavo Protect, when installed on an iPhone or Android device, uses a virtual private network to scan incoming and outgoing internet connectivity. It also gathers information about users’ devices, their location, apps installed on the gadgets and how people use those apps, what websites they visit, and the amount of data used, Facebook wrote in answers to Congressional questions that the social network operator posted online Monday.

Onavo collects data on other apps via networks, rather than through devices. The iPhone maker already blocks apps from getting information from other apps on the device itself via a technology called sandboxing.

Apple’s new guidelines “sound like they’re almost written in response to what Onavo and others have been doing,” said Will Strafach, a researcher who has studied Onavo Protect and focuses on the security of Apple’s iOS mobile operating system. A Facebook spokeswoman declined to comment.

Apple has criticized Facebook this year for privacy missteps, and the iPhone maker recently announced new controls for iPhones, iPads and Macs that will limit how internet companies like Facebook and Google track web browsing.

Tags: , ,

hacker-coder-developer-software-programmer-alphanumeric-matrix

Facebook Gave Device Makers Deep Access to Data on Users and Friends

June 5, 2018

As Facebook sought to become the world’s dominant social media service, it struck agreements allowing phone and other device makers access to vast amounts of its users’ personal information.

Facebook has reached data-sharing partnerships with at least 60 device makers — including Apple, Amazon, BlackBerry, Microsoft and Samsung — over the last decade, starting before Facebook apps were widely available on smartphones, company officials said. The deals allowed Facebook to expand its reach and let device makers offer customers popular features of the social network, such as messaging, “like” buttons and address books.

But the partnerships, whose scope has not previously been reported, raise concerns about the company’s privacy protections and compliance with a 2011 consent decree with the Federal Trade Commission. Facebook allowed the device companies access to the data of users’ friends without their explicit consent, even after declaring that it would no longer share such information with outsiders. Some device makers could retrieve personal information even from users’ friends who believed they had barred any sharing, The New York Times found.

Most of the partnerships remain in effect, though Facebook began winding them down in April. The company came under intensifying scrutiny by lawmakers and regulators after news reports in March that a political consulting firm, Cambridge Analytica, misused the private information of tens of millions of Facebook users.

In the furor that followed, Facebook’s leaders said that the kind of access exploited by Cambridge in 2014 was cut off by the next year, when Facebook prohibited developers from collecting information from users’ friends. But the company officials did not disclose that Facebook had exempted the makers of cellphones, tablets and other hardware from such restrictions.

“You might think that Facebook or the device manufacturer is trustworthy,” said Serge Egelman, a privacy researcher at the University of California, Berkeley, who studies the security of mobile apps. “But the problem is that as more and more data is collected on the device — and if it can be accessed by apps on the device — it creates serious privacy and security risks.”

In interviews, Facebook officials defended the data sharing as consistent with its privacy policies, the F.T.C. agreement and pledges to users. They said its partnerships were governed by contracts that strictly limited use of the data, including any stored on partners’ servers. The officials added that they knew of no cases where the information had been misused.

The company views its device partners as extensions of Facebook, serving its more than two billion users, the officials said.

“These partnerships work very differently from the way in which app developers use our platform,” said Ime Archibong, a Facebook vice president. Unlike developers that provide games and services to Facebook users, the device partners can use Facebook data only to provide versions of “the Facebook experience,” the officials said.

Some device partners can retrieve Facebook users’ relationship status, religion, political leaning and upcoming events, among other data. Tests by The Times showed that the partners requested and received data in the same way other third parties did.

Facebook’s view that the device makers are not outsiders lets the partners go even further, The Times found: They can obtain data about a user’s Facebook friends, even those who have denied Facebook permission to share information with any third parties.

In interviews, several former Facebook software engineers and security experts said they were surprised at the ability to override sharing restrictions.

“It’s like having door locks installed, only to find out that the locksmith also gave keys to all of his friends so they can come in and rifle through your stuff without having to ask you for permission,” said Ashkan Soltani, a research and privacy consultant who formerly served as the F.T.C.’s chief technologist.

How One Phone Gains Access to Hundreds of Thousands of Facebook Accounts
ce
Gabriel J.X. Dance
606 friends
of Mr. Dance

Michael LaForgia, a New York Times reporter, used the Hub app on a BlackBerry Z10 to log into Facebook.

After connecting to Facebook, the BlackBerry Hub app was able to retrieve detailed data on 556 of Mr. LaForgia’s friends, including relationship status, religious and political leanings and events they planned to attend. Facebook has said that it cut off third parties’ access to this type of information in 2015, but that it does not consider BlackBerry a third party in this case.

The Hub app was also able to access information — including unique identifiers — on 294,258 friends of Mr. LaForgia’s friends.

By Rich Harris and Gabriel J.X. Dance

Details of Facebook’s partnerships have emerged amid a reckoning in Silicon Valley over the volume of personal information collected on the internet and monetized by the tech industry. The pervasive collection of data, while largely unregulated in the United States, has come under growing criticism from elected officials at home and overseas and provoked concern among consumers about how freely their information is shared.

In a tense appearance before Congress in March, Facebook’s chief executive, Mark Zuckerberg, emphasized what he said was a company priority for Facebook users.“Every piece of content that you share on Facebook you own,” he testified. ”You have complete control over who sees it and how you share it.”

But the device partnerships provoked discussion even within Facebook as early as 2012, according to Sandy Parakilas, who at the time led third-party advertising and privacy compliance for Facebook’s platform.

“This was flagged internally as a privacy issue,” said Mr. Parakilas, who left Facebook that year and has recently emerged as a harsh critic of the company. “It is shocking that this practice may still continue six years later, and it appears to contradict Facebook’s testimony to Congress that all friend permissions were disabled.”

The partnerships were briefly mentioned in documents submitted to German lawmakers investigating the social media giant’s privacy practices and released by Facebook in mid-May. But Facebook provided the lawmakers with the name of only one partner — BlackBerry, maker of the once-ubiquitous mobile device — and little information about how the agreements worked.

The submission followed testimony by Joel Kaplan, Facebook’s vice president for global public policy, during a closed-door German parliamentary hearing in April. Elisabeth Winkelmeier-Becker, one of the lawmakers who questioned Mr. Kaplan, said in an interview that she believed the data partnerships disclosed by Facebook violated users’ privacy rights.

“What we have been trying to determine is whether Facebook has knowingly handed over user data elsewhere without explicit consent,” Ms. Winkelmeier-Becker said. “I would never have imagined that this might even be happening secretly via deals with device makers. BlackBerry users seem to have been turned into data dealers, unknowingly and unwillingly.”

In interviews with The Times, Facebook identified other partners: Apple and Samsung, the world’s two biggest smartphone makers, and Amazon, which sells tablets.

An Apple spokesman said the company relied on private access to Facebook data for features that enabled users to post photos to the social network without opening the Facebook app, among other things. Apple said its phones no longer had such access to Facebook as of last September.

Samsung declined to respond to questions about whether it had any data-sharing partnerships with Facebook. Amazon also declined to respond to questions.

Usher Lieberman, a BlackBerry spokesman, said in a statement that the company used Facebook data only to give its own customers access to their Facebook networks and messages. Mr. Lieberman said that the company “did not collect or mine the Facebook data of our customers,” adding that “BlackBerry has always been in the business of protecting, not monetizing, customer data.”

Microsoft entered a partnership with Facebook in 2008 that allowed Microsoft-powered devices to do things like add contacts and friends and receive notifications, according to a spokesman. He added that the data was stored locally on the phone and was not synced to Microsoft’s servers.

Facebook acknowledged that some partners did store users’ data — including friends’ data — on their own servers. A Facebook official said that regardless of where the data was kept, it was governed by strict agreements between the companies.

“I am dumbfounded by the attitude that anybody in Facebook’s corporate office would think allowing third parties access to data would be a good idea,” said Henning Schulzrinne, a computer science professor at Columbia University who specializes in network security and mobile systems.

The Cambridge Analytica scandal revealed how loosely Facebook had policed the bustling ecosystem of developers building apps on its platform. They ranged from well-known players like Zynga, the maker of the FarmVille game, to smaller ones, like a Cambridge contractor who used a quiz taken by about 300,000 Facebook users to gain access to the profiles of as many as 87 million of their friends.

Those developers relied on Facebook’s public data channels, known as application programming interfaces, or APIs. But starting in 2007, the company also established private data channels for device manufacturers.

At the time, mobile phones were less powerful, and relatively few of them could run stand-alone Facebook apps like those now common on smartphones. The company continued to build new private APIs for device makers through 2014, spreading user data through tens of millions of mobile devices, game consoles, televisions and other systems outside Facebook’s direct control.

Facebook began moving to wind down the partnerships in April, after assessing its privacy and data practices in the wake of the Cambridge Analytica scandal. Mr. Archibong said the company had concluded that the partnerships were no longer needed to serve Facebook users. About 22 of them have been shut down.

The broad access Facebook provided to device makers raises questions about its compliance with a 2011 consent decree with the F.T.C.

The decree barred Facebook from overriding users’ privacy settings without first getting explicit consent. That agreement stemmed from an investigation that found Facebook had allowed app developers and other third parties to collect personal details about users’ friends, even when those friends had asked that their information remain private.

After the Cambridge Analytica revelations, the F.T.C. began an investigation into whether Facebook’s continued sharing of data after 2011 violated the decree, potentially exposing the company to fines.

Facebook officials said the private data channels did not violate the decree because the company viewed its hardware partners as “service providers,” akin to a cloud computing service paid to store Facebook data or a company contracted to process credit card transactions. According to the consent decree, Facebook does not need to seek additional permission to share friend data with service providers.

“These contracts and partnerships are entirely consistent with Facebook’s F.T.C. consent decree,” Mr. Archibong, the Facebook official, said.

But Jessica Rich, a former F.T.C. official who helped lead the commission’s earlier Facebook investigation, disagreed with that assessment.

“Under Facebook’s interpretation, the exception swallows the rule,” said Ms. Rich, now with the Consumers Union. “They could argue that any sharing of data with third parties is part of the Facebook experience. And this is not at all how the public interpreted their 2014 announcement that they would limit third-party app access to friend data.”

To test one partner’s access to Facebook’s private data channels, The Times used a reporter’s Facebook account — with about 550 friends — and a 2013 BlackBerry device, monitoring what data the device requested and received. (More recent BlackBerry devices, which run Google’s Android operating system, do not use the same private channels, BlackBerry officials said.)

Immediately after the reporter connected the device to his Facebook account, it requested some of his profile data, including user ID, name, picture, “about” information, location, email and cellphone number. The device then retrieved the reporter’s private messages and the responses to them, along with the name and user ID of each person with whom he was communicating.

The data flowed to a BlackBerry app known as the Hub, which was designed to let BlackBerry users view all of their messages and social media accounts in one place.

The Hub also requested — and received — data that Facebook’s policy appears to prohibit. Since 2015, Facebook has said that apps can request only the names of friends using the same app. But the BlackBerry app had access to all of the reporter’s Facebook friends and, for most of them, returned information such as user ID, birthday, work and education history and whether they were currently online.

The BlackBerry device was also able to retrieve identifying information for nearly 295,000 Facebook users. Most of them were second-degree Facebook friends of the reporter, or friends of friends.

In all, Facebook empowers BlackBerry devices to access more than 50 types of information about users and their friends, The Times found.

Facebook’s view that the device makers are not outsiders lets the partners go even further, The Times found: They can obtain data about a user’s Facebook friends, even those who have denied Facebook permission to share information with any third parties.

In interviews, several former Facebook software engineers and security experts said they were surprised at the ability to override sharing restrictions.

“It’s like having door locks installed, only to find out that the locksmith also gave keys to all of his friends so they can come in and rifle through your stuff without having to ask you for permission,” said Ashkan Soltani, a research and privacy consultant who formerly served as the F.T.C.’s chief technologist.

Tags: ,

4000

Facebook loses Belgian privacy case, faces a hefty fine

February 19, 2018

A Belgian court threatened Facebook with a fine of up to 100mil euros (RM480mil) if it continued to break privacy laws by tracking people on third party websites.

In a case brought by Belgium’s privacy watchdog, the court also ruled on Friday that Facebook had to delete all data it had gathered illegally on Belgian citizens, including people who were not Facebook users themselves.

Facebook, which will be fined 250,000 euros (RM1.2mil) a day or up to 100 million euros if it does not comply with the court’s judgement, said in a statement it would appeal the ruling.

“Facebook informs us insufficiently about gathering information about us, the kind of data it collects, what it does with that data and how long it stores it,” the court said.

image: https://content.aimatch.com/default.gif

image: https://content.thestar.com.my/smg/settag/name=lotame/tags=

The social media group uses different methods to track the online behaviour of people if they are not on the company’s web site by placing cookies and invisible pixels on third party web sites, the court said.

Facebook said the technologies it uses were in line with industry standards and it gives users the right to opt out of data collection on websites and applications off its platform being used for advertisements.

“We’ll comply with this new law, just as we’ve complied with existing data protection law in Europe,” said Richard Allan, Facebook’s vice president of public policy for Europe, Middle East Africa.

Belgium’s privacy watchdog welcomed the ruling.

“Facebook has just launched a large campaign where they stress the importance of privacy. We hope they will now make this a reality,” it said. — Reuters

Read more at https://www.thestar.com.my/tech/tech-news/2018/02/19/facebook-loses-belgian-privacy-case-and-faces-a-hefty-fine/#7SQduj6FoywOZECt.99

Tags: , ,

SAN FRANCISCO - OCTOBER 24:  Dustin Moskovitz, co-founder of Facebook, delivers his keynote address at the CTIA WIRELESS I.T. & Entertainment 2007 conference October 24, 2007 in San Francisco, California. The confernence is showcasing the lastest in mobile technology and will run through October 25.  (Photo by Kimberly White/Getty Images)

Google and Facebook are watching our every move online. It’s time to make them stop

January 31, 2018

Facebook CEO Mark Zuckerberg, left, and Google CEO Larry Page
To make any real progress in advancing data privacy this year, we have to start doing something about Google and Facebook. Not doing so would be like trying to lose weight without changing your diet. Simply ineffective.

The impact these two companies have on our privacy cannot be understated. You may know that hidden trackers lurk on most websites you visit, soaking up your personal information.

What you may not realize, though, is 76 percent of websites now contain hidden Google trackers, and 24 percent have hidden Facebook trackers, according to the Princeton Web Transparency & Accountability Project. The next highest is Twitter with 12 percent. It is likely that Google or Facebook are watching you on many sites you visit, in addition to tracking you when using their products.

As a result, these two companies have amassed huge data profiles on each person, which can include your interests, purchases, search, browsing and location history, and much more. They then make your sensitive data profile available for invasive targeted advertising that can follow you around the Internet.

This advertising system is designed to enable hyper-targeting, which has many unintended consequences, such as the ability for bad actors to use the system to influence the most susceptible or to exclude groups in a way that facilitates discrimination.

“These two companies have amassed huge data profiles on each person, which can include your interests, purchases, search, browsing and location history, and much more.”
Because of their entrenched positions in a wide array of Internet services, each collecting personal information that together combine into these massive digital profiles, Google and Facebook can offer hyper-targeting much better than the competition.

As a result, they now make up 63 percent of all digital advertising, and accounted for 74 percent of this market’s growth in 2017, according to eMarketer. Together they form a tight digital advertising duopoly, showing no signs of abating.

Google and Facebook also use your data as input for increasingly sophisticated AI algorithms that put you in a filter bubble — an alternate digital universe that controls what you see in their products, based on what their algorithms think you are most likely to click on.

These echo chambers distort people’s reality, creating a myriad of unintended consequences such as increasing societal polarization. On their unending march to profit from more and more personal information, Google and Facebook have shown little regard for all the negative consequences of their runaway algorithms.

So how do we move forward from here?

Don’t be fooled by claims of self-regulation, as any useful long-term reforms of Google and Facebook’s data privacy practices fundamentally oppose their core business models: hyper-targeted advertising based on more and more intrusive personal surveillance. Change must come from the outside.

Unfortunately, we’ve seen relatively little from Washington. Congress and federal agencies need to take a fresh look at what can be done to curb these data monopolies. They first need to demand more algorithmic and privacy policy transparency, so people can truly understand the extent of how their personal information is being collected, processed and used by these companies. Only then can informed consent be possible.

They also need to legislate that people own their own data, enabling real opt-outs. Finally, they need to restrict how data can be combined including being more aggressive at blocking acquisitions that further consolidate data power, which will pave the way for more competition in digital advertising.

Until we see such meaningful changes, consumers should vote with their feet. DuckDuckGo found that about a quarter of American adults are already taking significant actions to take back their privacy. Helping in this effort are seamless browser add-ons that will block Google and Facebook’s hidden trackers across the Internet, as well as more private alternatives to their core services. I can say from my own experience, you can indeed live Google and Facebook free.

If we do nothing about Google and Facebook, we will get more of the same: more hyper-targeting, more algorithmic bias, less competition and the further erosion of collateral industries, like media. Enough is enough.

The complete loss of personal privacy in the Internet age is not inevitable. Through thoughtful regulation and increased consumer choice, we can choose a brighter path. I hope to look back at 2018 as a turning point in data privacy, where we awoke to the unacceptable implications of two companies controlling so much of our digital future.

Commentary by Gabriel Weinberg, CEO and founder of DuckDuckGo, which makes online privacy tools, including an alternative search engine to Google. Follow him on Twitter @yegg .

For more insight from CNBC contributors, follow @CNBCopinion on Twitter.

Tags: , ,

Introducing ShazzleMail Email and How it Works

Privacy is your Fundamental Human Right.

Our Daily Blog
apple
Apple launches privacy portal, initiatives
October 18, 2018

Apple (NASDAQ:AAPL) launches a new privacy website letting users find personal data the company has ...

Read more
private
Just Don’t Call It Privacy
September 23, 2018

What do you call it when employers use Facebook’s advertising platform to show certain job ads onl...

Read more
static2.politico.com
Privacy and security: no simple solution, warns Rachel Dixon
September 18, 2018

The tide is turning when it comes to privacy and security, with Australians gradually becoming more ...

Read more
emailtracking-ta
Are you privacy literate?
September 11, 2018

Online privacy is a new literacy that educators and students need to learn and practice. But what sh...

Read more
monero
Monero (XMR) The Privacy Oriented Coin Story And Latest: 10.00% Increase – Showcasing Predicted Success
September 5, 2018

Seaming like out of the blue, Monero (XMR) is taking center stage for the last couple of week consta...

Read more