Have you created a ShazzleMail account on your smartphone? This is a required first step.

Yes No

Free Encrypted Email

Posts Tagged ‘#facebook’

2008

Germany orders Facebook to stop collecting WhatsApp user data

October 4, 2016

National data protection authority blocks recent privacy changes made by social network and commands existing shared data and phone numbers be deleted for 35 million users.
The German data protection agency has ordered Facebook to stop collecting user data from its WhatsApp messenger app and delete any data it has already received.

The social network announced in August that it would begin sharing data from its 1 billion-plus user base, including phone numbers, from WhatsApp users with Facebook for the purpose of targeted ads. It gave users the option of opting out of the data being used for advertising purposes, but did not allow them to opt out of the data sharing between WhatsApp and Facebook.

Hamburg’s Commissioner for Data Protection and Freedom of Information Johannes Caspar ruled on Tuesday that Facebook “neither has obtained an effective approval from the WhatsApp users, nor does a legal basis for the data reception exist”.

“It has to be [the users’] decision whether they want to connect their account with Facebook. Facebook has to ask for their permission in advance.”

Caspar also recalled that in the wake of Facebook’s 2014 acquisition of WhatsApp it had promised that they would not share user data.

Facebook’s German activities are headquartered in Hamburg, placing the social network under the jurisdiction of the regulator in the northern city.

Caspar ordered Facebook to delete any data already received from WhatsApp in Germany, saying that he was acting to protect the privacy of Germany’s 35 million WhatsApp users and that of people saved in each user’s address books, whose details might also be forwarded under the data-sharing arrangement.

A Facebook spokesperson said: “Facebook complies with EU data protection law. We will work with the Hamburg DPA in an effort to address their questions and resolve any concerns.”

The California-based company has faced several privacy challenges across Europe, including those from the Belgian data protection authority, in Germany and France. Facebook has maintained that it operates in Europe from its headquarters in Ireland and that its actions are therefore governed by Irish law.

The European Commission recently recommended tighter privacy and security requirements for services including WhatsApp and Microsoft-owned video calling service Skype, saying they should be regulated more like traditional telecoms.

Greater regulation could result in stricter data privacy provisions as well as requirements for emergency calling services and other facilities currently the preserve of mobile and fixed line telephony services.

Tags: , , ,

Shocking gossip

Password Sharing Is a Federal Crime, Appeals Court Rules

July 11, 2016

One of the nation’s most powerful appeals courts ruled Wednesday that sharing passwords can be a violation of the Computer Fraud and Abuse Act, a catch-all “hacking” law that has been widely used to prosecute behavior that bears no resemblance to hacking.
In this particular instance, the conviction of David Nosal, a former employee of Korn/Ferry International research firm, was upheld by the Ninth Circuit Court of Appeals, who said that Nosal’s use of a former coworker’s password to access one of the firm’s databases was an “unauthorized” use of a computer system under the CFAA.
The decision is a nightmare scenario for civil liberties groups, who say that such a broad interpretation of the CFAA means that millions of Americans are unwittingly violating federal law by sharing accounts on things like Netflix, HBO, Spotify, and Facebook. Stephen Reinhardt, the dissenting judge in the case, noted that the decision “threatens to criminalize all sorts of innocuous conduct engaged in daily by ordinary citizens.”
In the majority opinion, Judge Margaret McKeown wrote that “Nosal and various amici spin hypotheticals about the dire consequences of criminalizing password sharing. But these warnings miss the mark in this case. This appeal is not about password sharing.” She then went on to describe a thoroughly run-of-the-mill password sharing scenario—her argument focuses on the idea that Nosal wasn’t authorized by the company to access the database anymore, so he got a password from a friend—that happens millions of times daily in the United States, leaving little doubt about the thrust of the case.
The argument McKeown made is that the employee who shared the password with Nosal “had no authority from Korn/Ferry to provide her password to former employees.”
At issue is language in the CFAA that makes it illegal to access a computer system “without authorization.” McKeown said that “without authorization” is “an unambiguous, non-technical term that, given its plain and ordinary meaning, means accessing a protected computer without permission.” The question that legal scholars, groups such as the Electronic Frontier Foundation, and dissenting judge Stephen Reinhardt ask is an important one: Authorization from who?
Reinhardt argues that Nosal’s use of the database was unauthorized by the firm, but was authorized by the former employee who shared it with him. For you and me, this case means that unless Netflix specifically authorizes you to share your password with your friend, you’re breaking federal law.
“In the everyday situation that should concern us all, a friend or colleague accessing an account with a shared password would most certainly believe—and with good reason—that his access had been ‘authorized’ by the account holder who shared his password with him,” Reinhardt wrote in a powerful dissent that was primarily concerned with “the government’s boundless interpretation of the CFAA.”
“The majority does not provide, nor do I see, a workable line which separates the consensual password sharing in this case from the consensual password sharing of millions of legitimate account holders, which may also be contrary to the policies of system owners,” he wrote. “There simply is no limiting principle in the majority’s world of lawful and unlawful password sharing.”
Notably, Reinhardt appears to have a commanding knowledge of what constitutes “hacking,” something that comes up over and over again both in the media and in the courts. He said that the decision “loses sight of the anti-hacking purpose of the CFAA.”
“There is no doubt that a typical hacker accesses an account ‘without authorization’: the hacker gains access without permission—either from the system owner or a legitimate account holder,” he wrote. Using someone else’s password with their permission but not the system’s owner isn’t “hacking,” but that’s what the court is treating it as. Reinhardt noted that all 50 states have their own more narrow computer trespassing statutes, and that the case would have been better suited for civil, not criminal, proceedings.
What does this mean for you? In the short term, unless Netflix or HBO seek to get federal prosecutors to go after many of its customers, probably nothing. So far, neither of those services have shown any inclination to do so, and have made it easy to share your accounts with others. But it does set a scary precedent that should give anyone who shares passwords some pause.
The Ninth Circuit covers much of the West Coast, including Silicon Valley—many tech cases are brought there. The decision will be binding in that circuit, and will be looked at to guide decisions elsewhere in the country.
Cases like these do come up with some regularity. A decision is expected soon in a case called Facebook v Power Ventures, in which a company scraped information from Facebook with permission from its users, but not from Facebook. Once again, the question of “authorization” will come into play.

By Jason Koebler
www.motherboard.vice.com

Tags: , , , , , , , ,

151006-max-schrems-0450_180c0c2499e41629332d216d09f930e5.nbcnews-ux-320-320

Europe’s Top Court Backs Law Student in Facebook Privacy Case

October 6, 2015

LUXEMBOURG — The European Union’s highest court ruled Tuesday in favor of an Austrian law student who claims a trans-Atlantic data protection agreement doesn’t adequately protect consumers, a verdict that could have far-reaching implications for tech companies doing business in Europe.

Image: Max Schrems
Max Schrems waits for the verdict of the European Court of Justice in Luxembourg on Tuesday. JULIEN WARNAND / EPA

Max Schrems launched the case following revelations two years ago by former National Security Agency contractor Edward Snowden about the NSA’s surveillance programs.

Schrems complained to the data protection commissioner in Ireland, where Facebook has its European headquarters, that U.S. law doesn’t offer sufficient protection against surveillance of data transferred by the social media company to servers in the United States.

Irish authorities initially rejected his complaint, pointing to a 2000 decision by the EU’s executive Commission that, under the so-called “safe harbor” agreement, the U.S. ensures adequate data protection.

The agreement has allowed for the free transfer of information by companies from the EU to U.S. It has been seen as a boost to trade since, absent such a deal, swift and smooth data exchange over the Internet would be much more difficult.

Without “safe harbor,” personal data transfers are forbidden, or only allowed via costlier and more time-consuming means, under EU laws that prohibit data-sharing with countries deemed to have lower privacy standards, of which the United States is one.

On Tuesday, the European Court of Justice ruled the decision by the Commission invalid. It said that the “safe harbor” deal enables interference by U.S. authorities with fundamental rights and contains no reference either to U.S. rules to limit any such interference or to effective legal protection against it.

The court said the effect of the ruling is that the Irish data commissioner will now be required to examine Schrems’ complaint “with all due diligence.”

Once it has concluded its investigation, the authority must “decide whether … transfer of the data of Facebook’s European subscribers to the United States should be suspended on the ground that that country does not afford an adequate level of protection of personal data,” the court said in a summary of its ruling.

Image: Facebook and European Union logos
A 3D-printed Facebook logo is seen in front of the logo of the European Union in this picture illustration. DADO RUVIC / Reuters, file

Facebook said it couldn’t immediately comment.

Schrems said he hoped the ruling will be a milestone for online privacy.

“This decision is a major blow for U.S. global surveillance that heavily relies on private partners,” Schrems said in a statement. “The judgement makes it clear that U.S. businesses cannot simply aid U.S. espionage efforts in violation of European fundamental rights.”

However, he noted that the ruling doesn’t bar data transfers from the EU to the U.S., but rather allows national data protection authorities to review individual transfers.

“Despite some alarmist comments I don’t think that we will see mayor disruptions in practice,” Schrems said.

But Richard Cumbley, global head of technology, media and telecommunications at law firm Linklaters, disagreed.

“This is extremely bad news for EU-U.S. trade,” he said. “Without ‘safe harbor,’ [businesses] will be scrambling to put replacement measures in place.” 

Tags: , , , ,

Introducing ShazzleMail Email and How it Works

Privacy is your Fundamental Human Right.

Our Daily Blog
main-snowden
Edward Snowden’s Autobiography Makes a Plea for the Fourth Amendment, the Right to Privacy, and Encryption
September 24, 2019

America's most famous whistleblower calls for restricting the power of government. Article by SCO...

Read more
ph
Chinese deepfake app Zao sparks privacy row after going viral
September 3, 2019

Critics say face-swap app could spread misinformation on a massive scale A Chinese app that lets ...

Read more
1463600977631262
Google tightens grip on some Android data over privacy fears, report says
August 19, 2019

The search giant ends a program that provided network coverage data to wireless carriers. BY CARR...

Read more
4000
Wikipedia co-founder slams Mark Zuckerberg, Twitter and the ‘appalling’ internet
July 8, 2019

Elizabeth Schulze Wikpedia Co-Founder Larry Sanger said in an interview social media companies ...

Read more
venmo_pub_priv
Why America Needs a Thoughtful Federal Privacy Law
June 26, 2019

More than a dozen privacy bills have been introduced in this Congress. Here’s what it needs to do....

Read more