Drizly CEO accountable for alleged security failures

The agency announced Monday that its four commissioners had voted unanimously to issue a proposed order against alcohol delivery platform Drizly and its CEO James Cory Rellas for allegedly failing to implement adequate security measures, which eventually resulted in a data 2020 breach exposing personal information on about 2.5 million consumers.

The FTC claims that despite being alerted to the security concerns two years before the breach, Drizly and Rellas did not do enough to protect their users’ information.

While settlements like this are not that uncommon for the FTC, its decision to name the CEO and have the stipulations follow him beyond his tenure at Drizly exemplifies an approach favored by Democratic Chair Lina Khan. Some progressive enforcers have argued that naming tech executives in their lawsuits should create a stronger deterrence signal for other potential violators.

#Drizly #CEO #FTC #Uber #user #personal_data #security #breach

https://www.cnbc.com/2022/10/24/ftc-seeks-to-hold-drizly-ceo-accountable-for-alleged-security-failures.html

“How Dare They Peep into My Private Life?”

Human Rights Watch

Children’s Rights Violations by Governments that Endorsed Online Learning During the Covid-19 Pandemic.

On school days, 9-year-old Rodin wakes up every morning at 8 a.m. in Istanbul, Turkey. (...) By 9 a.m., he logs into class and waves hello to his teacher and to his classmates. (...)

Unbeknownst to him, an invisible swarm of tracking technologies surveil Rodin’s online interactions throughout his day. Within milliseconds of Rodin logging into class in the morning, his school’s online learning platform begins tracking Rodin’s physical location—at home in his family’s living room, where he has spent most of his days during the pandemic lockdown. The virtual whiteboard passes along information about his doodling habits to advertising technology (AdTech) and other companies; when Rodin’s math class is over, trackers follow him outside of his virtual classroom and to the different apps and sites he visits across the internet. The social media platform Rodin uses to post his homework silently accesses his phone’s contact list and downloads personal details about his family and friends. Sophisticated algorithms review this trove of data, enough to piece together an intimate portrait of Rodin in order to figure out how he might be easily influenced. (...)

This report is a global investigation of the education technology (EdTech) endorsed by 49 governments for children’s education during the pandemic. Based on technical and policy analysis of 164 EdTech products, Human Rights Watch finds that governments’ endorsements of the majority of these online learning platforms put at risk or directly violated children’s privacy and other children’s rights, for purposes unrelated to their education. (...)

Most online learning platforms installed tracking technologies that trailed children outside of their virtual classrooms and across the internet, over time. (...)

Children are surveilled at dizzying scale in their online classrooms. Human Rights Watch observed 146 EdTech products directly sending or granting access to children’s personal data to 196 third-party companies, overwhelmingly AdTech. (...)

Complete article

Tags: #education #school #online_learning #tracking #trackers #tracking_technology #adtech #edtech #privacy #data #data_mining #profiling #profile #children #personal_data #surveillance_capitalism

How Facebook tracks you on Android (even if you don't have a Facebook account)

Hackernoon

(...) 1 Facebook is able to track you because Android developers of 3rd party apps (example: Indeed Job Search) implement Facebook’s Software Development Kit (SDK).
2 SDK is a collection of tools that eases the creation of software. By using Facebook SDK, developers can do advanced analytics without the need to code it from scratch. SDK is like a Swiss Army Knife. With it, you can start your job immediately instead of having to build your own scissors, knife, corkscrew etc.
3 This article is written based on the research conducted by Frederike Kaltheuner and Christopher Weatherhead. You can watch the full video here. The official study can be found here. (...)

According to Privacy International, research done by the University of Oxford has suggested that approximately 42.55% of the free apps in the Google Play Store could share data with Facebook. (...)

Out of the 42.55%, this study picked 34 apps, based on the fact that they have either a huge number of installations, or they involve sensitive information such as religion and health, or they are simply utility apps (You know, torchlight, QR code scanner, fart sound etc). (...)

Out of the 34 apps, over 61% of them automatically transfer data to Facebook the moment a user opens the app. (...)

What’s our defense? (...)

1. Reset your advertising identifier (Very simple)
Every device has an advertising identifier (aka ad id). You can’t stop Facebook or Google from tracking you but you can make their tracking difficult by frequently resetting your ad id. If you reset it, in theory, Facebook and Google algorithms will view you as a different person in your next online activity.
Android Phone: Go to settings > Google > Ads > Reset advertising identifier
iPhone: Go to settings > Privacy > Advertising > Reset advertising identifier

2. Limit ad personalization (Very simple)
In theory, this should limit the amount of data collected by the companies. However, this study showed that we can end up sharing more data to companies if we limit ad personalization. But I will not go into the details of that.
Android: Go to Settings > Google > Ads > Opt Out of Personalized Advertising
iPhone: Go to settings > Privacy > Advertising > turn on ‘Limit Ad Tracking’

3. Review permissions (Very annoying)
Did you notice that apps these days have been asking for permissions before you carry out a simple task like importing a photo or opening a map? Yeah, it’s irritating but it’s crucial. This allows you to have greater control of your privacy. Not perfect, but at least it helps to a certain extent.

4. Use Brave browser to surf & use DuckDuckGo to search (Simple)
Brave (as opposed to Google Chrome) is a web browser which focuses a lot more on data privacy.
DuckDuckGo (as opposed to Google Search) is a search engine which distinguishes itself from other search engines by not profiling its users.

5. Educate yourself / your parents / your children on how the Internet works (Not so simple)
Education is the most powerful weapon. There are tons of articles and YouTube videos explaining how computers and network works; go read them up. However, if the content is too complex, especially for the older generations and the newcomers (aka your children), you can check out Potato Pirates -Enter The Spudnet. It’s a board game that’s developed to teach cybersecurity and internet piracy without computers. (...)

Full article

Tags: #privacy #data #data_mining #surveillance_capitalism #facebook #apps #android #ios #tracking #personal_data #kayak #brave #brave_browser #duckduckgo #permissions #Software_Development_Kit #SDK