‘Encryption is deeply threatening to power’: Meredith Whittaker of messaging app Signal

The Guardian

The woman in charge of the secure communication channel remains implacably opposed to the ‘disease’ of surveillance – and concerned about the sharing of personal data.

(Text continues underneath the photo.)

Meredith Whittaker: ‘We will hold the line.’

Surveillance, she says, was a “disease” from the very beginning of the internet, and encryption is “deeply threatening to the type of power that constitutes itself via these information asymmetries”. All of which means that she doesn’t expect the fight to end any time soon. “I don’t think these arguments are in good faith. There’s a deeper tension here, because in 20 years of the development of this metastatic tech industry, we have seen every aspect of our lives become subject to mass surveillance perpetrated by a handful of companies partnering with the US government and other ‘Five Eyes’ agencies to gather more surveillance data about us than has ever been available to any entity in human history. (...)

The criticisms of encrypted communications are as old as the technology: allowing anyone to speak without the state being able to tap into their conversations is a godsend for criminals, terrorists and paedophiles around the world.

But, Whittaker argues, few of Signal’s loudest critics seem to be consistent in what they care about. “If we really cared about helping children, why are the UK’s schools crumbling? Why was social services funded at only 7% of the amount that was suggested to fully resource the agencies that are on the frontlines of stopping abuse?” (...)

“Signal either works for everyone or it works for no one. Every military in the world uses Signal, every politician I’m aware of uses Signal. Every CEO I know uses Signal because anyone who has anything truly confidential to communicate recognises that storing that on a Meta database or in the clear on some Google server is not good practice.” (...)

Complete article

Tags: #messaging #messaging_app #message_app #whatsapp #signal #facebook #meta #google #alphabet #privacy #surveillance #mass_surveillance #surveillance_capitalism #surveillance_advertising #privacy #data #data_mining #personal_data

Drizly CEO accountable for alleged security failures

The agency announced Monday that its four commissioners had voted unanimously to issue a proposed order against alcohol delivery platform Drizly and its CEO James Cory Rellas for allegedly failing to implement adequate security measures, which eventually resulted in a data 2020 breach exposing personal information on about 2.5 million consumers.

The FTC claims that despite being alerted to the security concerns two years before the breach, Drizly and Rellas did not do enough to protect their users’ information.

While settlements like this are not that uncommon for the FTC, its decision to name the CEO and have the stipulations follow him beyond his tenure at Drizly exemplifies an approach favored by Democratic Chair Lina Khan. Some progressive enforcers have argued that naming tech executives in their lawsuits should create a stronger deterrence signal for other potential violators.

#Drizly #CEO #FTC #Uber #user #personal_data #security #breach

https://www.cnbc.com/2022/10/24/ftc-seeks-to-hold-drizly-ceo-accountable-for-alleged-security-failures.html

“How Dare They Peep into My Private Life?”

Human Rights Watch

Children’s Rights Violations by Governments that Endorsed Online Learning During the Covid-19 Pandemic.

On school days, 9-year-old Rodin wakes up every morning at 8 a.m. in Istanbul, Turkey. (...) By 9 a.m., he logs into class and waves hello to his teacher and to his classmates. (...)

Unbeknownst to him, an invisible swarm of tracking technologies surveil Rodin’s online interactions throughout his day. Within milliseconds of Rodin logging into class in the morning, his school’s online learning platform begins tracking Rodin’s physical location—at home in his family’s living room, where he has spent most of his days during the pandemic lockdown. The virtual whiteboard passes along information about his doodling habits to advertising technology (AdTech) and other companies; when Rodin’s math class is over, trackers follow him outside of his virtual classroom and to the different apps and sites he visits across the internet. The social media platform Rodin uses to post his homework silently accesses his phone’s contact list and downloads personal details about his family and friends. Sophisticated algorithms review this trove of data, enough to piece together an intimate portrait of Rodin in order to figure out how he might be easily influenced. (...)

This report is a global investigation of the education technology (EdTech) endorsed by 49 governments for children’s education during the pandemic. Based on technical and policy analysis of 164 EdTech products, Human Rights Watch finds that governments’ endorsements of the majority of these online learning platforms put at risk or directly violated children’s privacy and other children’s rights, for purposes unrelated to their education. (...)

Most online learning platforms installed tracking technologies that trailed children outside of their virtual classrooms and across the internet, over time. (...)

Children are surveilled at dizzying scale in their online classrooms. Human Rights Watch observed 146 EdTech products directly sending or granting access to children’s personal data to 196 third-party companies, overwhelmingly AdTech. (...)

Complete article

Tags: #education #school #online_learning #tracking #trackers #tracking_technology #adtech #edtech #privacy #data #data_mining #profiling #profile #children #personal_data #surveillance_capitalism

How Facebook tracks you on Android (even if you don't have a Facebook account)

Hackernoon

(...) 1 Facebook is able to track you because Android developers of 3rd party apps (example: Indeed Job Search) implement Facebook’s Software Development Kit (SDK).
2 SDK is a collection of tools that eases the creation of software. By using Facebook SDK, developers can do advanced analytics without the need to code it from scratch. SDK is like a Swiss Army Knife. With it, you can start your job immediately instead of having to build your own scissors, knife, corkscrew etc.
3 This article is written based on the research conducted by Frederike Kaltheuner and Christopher Weatherhead. You can watch the full video here. The official study can be found here. (...)

According to Privacy International, research done by the University of Oxford has suggested that approximately 42.55% of the free apps in the Google Play Store could share data with Facebook. (...)

Out of the 42.55%, this study picked 34 apps, based on the fact that they have either a huge number of installations, or they involve sensitive information such as religion and health, or they are simply utility apps (You know, torchlight, QR code scanner, fart sound etc). (...)

Out of the 34 apps, over 61% of them automatically transfer data to Facebook the moment a user opens the app. (...)

What’s our defense? (...)

1. Reset your advertising identifier (Very simple)
Every device has an advertising identifier (aka ad id). You can’t stop Facebook or Google from tracking you but you can make their tracking difficult by frequently resetting your ad id. If you reset it, in theory, Facebook and Google algorithms will view you as a different person in your next online activity.
Android Phone: Go to settings > Google > Ads > Reset advertising identifier
iPhone: Go to settings > Privacy > Advertising > Reset advertising identifier

2. Limit ad personalization (Very simple)
In theory, this should limit the amount of data collected by the companies. However, this study showed that we can end up sharing more data to companies if we limit ad personalization. But I will not go into the details of that.
Android: Go to Settings > Google > Ads > Opt Out of Personalized Advertising
iPhone: Go to settings > Privacy > Advertising > turn on ‘Limit Ad Tracking’

3. Review permissions (Very annoying)
Did you notice that apps these days have been asking for permissions before you carry out a simple task like importing a photo or opening a map? Yeah, it’s irritating but it’s crucial. This allows you to have greater control of your privacy. Not perfect, but at least it helps to a certain extent.

4. Use Brave browser to surf & use DuckDuckGo to search (Simple)
Brave (as opposed to Google Chrome) is a web browser which focuses a lot more on data privacy.
DuckDuckGo (as opposed to Google Search) is a search engine which distinguishes itself from other search engines by not profiling its users.

5. Educate yourself / your parents / your children on how the Internet works (Not so simple)
Education is the most powerful weapon. There are tons of articles and YouTube videos explaining how computers and network works; go read them up. However, if the content is too complex, especially for the older generations and the newcomers (aka your children), you can check out Potato Pirates -Enter The Spudnet. It’s a board game that’s developed to teach cybersecurity and internet piracy without computers. (...)

Full article

Tags: #privacy #data #data_mining #surveillance_capitalism #facebook #apps #android #ios #tracking #personal_data #kayak #brave #brave_browser #duckduckgo #permissions #Software_Development_Kit #SDK