Commercial and Industrial Threats to Privacy

One of the greatest of these threats to privacy is in the form of Supermarket Discount Cards.  But in the past, big companies have been known to toss privacy out the window when there is money to be made.  Historically:

  • A certain delivery company stated that it would never sell the database of digitized signatures collected when it started using electronic pads — and then, some years later, did exactly that.
  • Companies with very rigorous privacy policies, having collected significant amounts of personal customer data, have gone bankrupt, and the files have been offered for sale.
  • Intruders have broken into companies and stolen personal information from computerized files — or even planted backdoors and logging/reporting software in their systems.*

Note:  The material about RFID chips has been moved to another page.




Marketing firm admits using your own phone to listen in on your conversations.  Your long-held suspicions are confirmed, according to a report:  Your phone really is listening to you.  A marketing firm whose clients include Facebook and Google has privately admitted that it listens to users' smartphone microphones and then places ads based on the information that is picked up, according to 404 Media.  Cox Media Group, the television and radio news conglomerate, admitted in a pitch deck to investors that its "Active Listening" software uses artificial intelligence to "capture real-time intent data by listening to our conversations," according to the report. "Advertisers can pair this voice-data with behavioral data to target in-market consumers," the company wrote in the pitch deck.

Microsoft Announces Feature That Saves a Screenshot of Your Computer Every Few Seconds.  What Could Go Wrong?  Attempts to normalise ever more intrusive 'SMART' technologies have taken a concerning turn with Microsoft's recent announcement of the Recall feature planned for its Copilot+ Windows 11 PC range.  Whilst not marketed as a surveillance capability, a system which automatically takes a screenshot of the user's activity every few seconds, and saves it as a permanent record, opens up worrying possibilities.  Microsoft's argument for this capability is that it avoids people having to remember where they put a file, or which webpages they were viewing, and by scanning these stored images with machine learning algorithms, and by utilising the capabilities of Large Language Models, Recall can help users to 'recall' those things which most people can remember whilst relying solely on that hardware which resides inside their own skulls.

The Editor says...
This new feature will never be made available to the police or the FBI.  Unless they ask.

Target Illegally Collects Customers' Biometric Data, Class Action Lawsuit Alleges.  Retail giant Target illegally collected and stored customers' biometric data, including face and fingerprint scans, according to an Illinois woman who filed a class action lawsuit against the Minnesota-based company on behalf of herself and other customers.  Arnetta Dean alleges Target violated Illinois' Biometric Information Privacy Act (BIPA) by collecting customers' data without obtaining written consent or sharing data retention and destruction policies.  The lawsuit, filed on March 11 in the Circuit Court of Cook County, Illinois, also claims the company did not provide the necessary disclosures or allow customers to opt out of the data collection practices.

Yes, Your Car Is Spying on You and the Data Is Being Sold.  I drive an older car — a Lexus LS430 from 2005, so I can rest assured of two things:  an amazingly comfortable ride and that the tech in my vehicle is way too old to collect data to be sold online.  You, however, may not be so lucky.  Some late-model cars are secretly collecting data on your driving habits, and selling the results for profit.  [Tweet]  Not only is this practice super creepy, but it could be costing you money and, if what I suspect is the case, giving the government a window into your behavior. [...] Of course, I am kidding myself when I think I am safe from this sort of spying.  I have a smartphone.  It is probably listening to my every word and saying it to Google.  If OnStar can generate a 258-page report on some guy's driving habits, who knows what Google has on me.

The Editor says...
Unless the data is harvested during my car's annual state inspection, I don't know of any way the manufacturer could get access to it, because my car hasn't been back to the dealership but one time since the year I bought it.  (And that was the time the dealership lied about the state of the car in order to avoid replacing an expensive part that was still under warranty.)

Did someone mention OnStar?

Canadian vending machines were secretly using facial recognition software; nobody would have known except for a display error.  A vending machine at the University of Waterloo malfunctioned and displayed a rather worrisome error to the users.  No one was aware that the vending machines, which sold snacks like chocolate bars and chips, were using facial recognition software.  'We wouldn't have known if it weren't for the application error.  There's no warning here,' said River Stanley, a fourth-year student, who investigated the machines for an article in the university publication, mathNEWS.  As news of the facial recognition software error spread around campus, students started covering a small hole on the machines where it was suspected that the camera was housed.  Stanley said.

Your washing machine could be sending 3.7 GB of data a day.  An LG washing machine owner and self-confessed fintech geek has asked the Twitterverse why his smart home appliance ate an average of 3.66 GB of data daily.  Concerned about the washer's internet addiction, Johnie forced the device to go cold turkey and blocked it using his router UI.  Had the LG washer been hacked, hijacked, or otherwise tampered with over the net — or is this the average data consumption for a modern smart appliance?  [Tweet]

Your smart speaker data is used in ways you might not expect.  Smart speakers offer amazing convenience — from playing your favorite tunes to re-ordering toilet paper — with only a simple voice command.  But that convenience can come with a steep cost in privacy that many consumers aren't even aware they're paying.  We've all had the uncanny experience of searching for something on the internet and then suddenly ads for that very thing are popping up everywhere we look online.  It's no coincidence, said Umar Iqbal, an assistant professor of computer science and engineering at the McKelvey School of Engineering at Washington University in St.  Louis.  "My collaborators and I uncovered that Amazon uses smart speaker interaction data to infer user interests and then uses those interests to target personalized ads to the user," Iqbal said.  "That's something that Amazon was not upfront about before our research."

How to tell if your boss is spying on you.  Did you know that your boss can watch what you're up to when you're working, especially if you're using the company's equipment or networks.  That's their legal right, but they also have to play by some rules, be transparent, and tell you about it. [...] You should be aware that some software invades your privacy as an employee by capturing screenshots, logging keystrokes, and taking webcam pictures without your consent.

Three major tax preparation companies [are] accused of sharing information with Google and Meta.  Three of America's largest tax preparation companies have been accused of sharing tens of millions of taxpayers' sensitive financial data with tech giants Google and Meta without their consent.  A seven-month congressional probe, led by Massachusetts Senator Elizabeth Warren, alleges H&R Block, TaxAct and TaxSlayer used visitor tracking technology embedded in websites to share the information.  In a potential violation of federal law, the investigation found data was in some cases misused by Facebook parent company Meta for targeted advertising.

Is Your Homeowner's Association Playing Big Brother Without Your Knowledge?  Apparently, it is not only local governments that will engage in tyranny.  Homeowner's associations (HOAs) have also been found to participate in some questionable practices.  In some cases, they have essentially formed their own mini surveillance states, monitoring residents — sometimes without their knowledge. [...] Communities across the United States are experiencing increased surveillance without the knowledge or consent of many residents, thanks to a partnership between police departments and private surveillance company Flock Safety, a startup founded in Atlanta in 2017 and currently valued at around $3.5 billion.  The company has strategically focused on homeowners associations (HOAs) to become one of the largest surveillance vendors in the United States.  HOAs are a prime target for Flock due to their large budgets and potential access to private gated areas that are normally out of reach for law enforcement.

Home Surveillance Cameras Pose Privacy Risks, Data Leakage by Hacking.  The Hong Kong Consumer Council tested the cyber security of ten home surveillance cameras on the market and found that only one model complied with the European cyber security standard.  At the same time, the other nine posed various cyber security concerns, including the transmission of videos and data without encryption and failure to defend against "brute-force attacks" by hackers to crack passwords.  In addition, the security of user data storage could have been improved in many apps, with half of the tested models able to access the user files stored in intelligent devices through Android apps.  Some apps even requested excessive permission.

While you are watching your TV, your TV is watching you.  In February 2018, an analysis by the reputed magazine Consumer Reports announced that their testing revealed that the increasingly ubiquitous "smart TV" was capable of "watching" the viewer and keeping a detailed record of the viewer's TV watching patterns and related behaviour.  As more of smart devices find a place in the average home, there are other gadgets that can work in tandem with smart TVs to perform the task of "watching."  Consider, for instance, the Alexa device that responds to voice commands to perform simple tasks, including connecting with a smart TV to control the smart TV.  All such devices and functions rely on the fact that these devices always "surveil" their environment — watching with built-in cameras, listening with built-in microphones, and capturing data with built-in sensors.  Real people occupy the space that is under the surveillance of these devices.

Blackstone to acquire Ancestry.com for $4.7 billion, giving investment firm total ownership of all DNA from every person who's ever used the service.  The world's largest provider of DNA services has been gobbled up by Wall Street investment giant Blackstone.  For $4.7 billion, Blackstone purchased Ancestry.com from private equity rivals Silver Lake, Spectrum Equity, and Permira, placing a "big bet," as Reuters describes it, "on family-tree chasing as well as personalized medicine."  In case you are unfamiliar with the services it offers, Ancestry.com allows customers to not only trace their genealogy but also identify specific genetic health risks using testing kits.  Blackstone's hope is that because of the Wuhan coronavirus (Covid-19), more customers will stay home and use Ancestry.com's services, generating more profits for the investment firm.

Zuckerberg's Meta Hit with €390 Million Fine for Ignoring Privacy Rules.  In the age of social media, almost everyone who possesses a profile on any one of the major online platforms (Twitter, Facebook, TikTok) can tell you a story about how they conducted a web search for a specific service or product, only to immediately see an ad for said service or product upon logging into their favorite social media app.  It's enough to stir up paranoia for many as the brutal reality of the information age is that we are, in fact, being closely monitored by the applications, websites, and devices that we remain tethered to as if they were an extension of our physical beings.  So the question becomes, where is the line drawn between what information is necessary for app makers and websites to collect to improve the user experience, and what constitutes negligent abuse?

Windows 11 Sends Tremendous Amount of User Data to Third Parties, YouTuber Claims.  Many programs collect user data and send it back to their developers to improve software or provide more targeted services.  But according to the PC Security Channel (via TechSpot), Microsoft's Windows 11 sends data not only to the Redmond, Washington-based software giant, but also to multiple third parties.  To analyze DNS traffic generated by a freshly installed copy of Windows 11 on a brand-new notebook, the PC Security Channel used the Wireshark network protocol analyzer that reveals precisely what is happening on a network.  The results were astounding enough for the YouTube channel to call Microsoft's Windows 11 "spyware."  As it turned out, an all-new Windows 11 PC that was never used to browse the Internet contacted not only Windows Update, MSN and Bing servers, but also Steam, McAfee, geo.prod.do, and Comscore ScorecardResearch.com.  Apparently, the latest operating system from Microsoft collected and sent telemetry data to various market research companies, advertising services, and the like.

Some Information Is More Equal Than Others.  Individual data ownership is a major, underappreciated issue in the 21st century. [...] Information about where we have been, what we have bought, etc., may today be found not only on our phones but throughout the information environment we inhabit:  emails, social media, and location data all bear witness to our innermost actions.  Much of this data is used to benefit private companies and government, who have an interest in harvesting ever more of it.  Attempts to keep individual information from being commercialized by "data monarchs" has been criticized as "injecting enormous friction into free flow of information ... a significant amount of data sharing serves important public interests and values.  The friction and disruption from any system of payments for data would undermine these interests and values ... with little benefit for individual privacy."

Hackers leak email addresses of 235 million Twitter users: report.  Hackers obtained the email addresses of more than 235 million Twitter users and published them on an internet forum, according to a cybersecurity expert.  The breach "will unfortunately lead to a lot of hacking, targeted phishing and doxxing," Alon Gal, co-founder of Israeli cybersecurity-monitoring firm Hudson Rock, wrote on LinkedIn.  On his LinkedIn page, Gal — who called the breach "one of the most significant leaks I've seen" — posted screenshots of the hacked email addresses that he found on the dark web.

Security Loophole in Google Home Speakers Let Hackers Snoop on Private Conversations.  It was recently revealed that a security loophole within Google Home speakers allowed hackers to snoop on conversations.  A bug allowed hackers to install a backdoor account on a Google Home smart speaker device and use it via remote control to eavesdrop on unsuspecting owners by accessing its microphone feed, reported Bleeping Computer.  Security researcher Matt Kunze was recently rewarded a total of $107,500 by Google for discovering the security issue in January 2021, while experimenting with his own Google Home mini-speaker.  Kunze notified Google in March 2021 and later published the technical details about his findings, along with a potential attack scenario, which explained how the flaw could be exploited by an outside actor.

The most creepy iPhone setting needs to be adjusted.  Every app on your iPhone comes with a certain set of permissions depending on what the app is used for.  For example, Instagram will ask permission to access your camera and photos app so you can take and post pictures, while WhatsApp will ask for access to your microphone to send voice notes.  Some apps take it further asking for your "precise" location.  It's imperative to know what exactly they're asking you for.

A Twitter data tracker inhabits tens of thousands of websites.  Tens of thousands of websites belonging to government agencies, Fortune 500 companies and other organizations host Twitter computer code that sends visitor information to the social media giant, according to research first reported by The Cybersecurity 202.  And virtually none of them have used a Twitter feature to put restrictions on what the company can do with that data, said digital ad analysis firm Adalytics, which conducted the study.  The presence of Twitter's code — known as the Twitter advertising pixel — has grown more troublesome since Elon Musk purchased the platform.

Tax Filing Websites Have Been Sending Users' Financial Information to Facebook.  Major tax filing services such as H&R Block, TaxAct, and TaxSlayer have been quietly transmitting sensitive financial information to Facebook when Americans file their taxes online, The Markup has learned.  The data, sent through widely used code called the Meta Pixel, includes not only information like names and email addresses but often even more detailed information, including data on users' income, filing status, refund amounts, and dependents' college scholarship amounts.  The information sent to Facebook can be used by the company to power its advertising algorithms and is gathered regardless of whether the person using the tax filing service has an account on Facebook or other platforms operated by its owner, Meta.  Each year, the Internal Revenue Service processes about 150 million individual returns filed electronically, and some of the most widely used e-filing services employ the pixel, The Markup found.

Your New Mazda Knows if You Are Naughty or Nice and Doesn't Keep It a Secret.  In the digital age, it has become increasingly important for many people around the world to protect their identity online.  Considering there are a lot of dangers online and many risks associated with surfing the web, this comes as no surprise.  Even though there is no physical interaction, we still want to remain safe and make sure our data is handled responsibly.  However, many unfortunate cyber incidents that have happened in the last couple of years proved it is important to have a good understanding of what the internet is and how we can all safely access it.  But the digital era does not stop at PCs, laptops, phones, or tablets.  The connectivity has reached cars for quite some time, and the introduction of advanced software in vehicles means concerns about how personal data is being collected and used are starting to pop up more often.

TikTok's Chinese parent company planned to monitor the location of specific Americans without their knowledge.  I'm not the least bit surprised this is where this story is ending up.  Starting last summer there were reports that, despite corporate denials, data on American TikTok users was essentially available to engineers at the parent company ByteDance in China. [...] Under Chinese law, anything that is available to corporations in China is automatically subject to seizure by the Chinese government.  Again, this has all been denied repeatedly by ByteDance and by TikTok in the US, but this summer Buzzfeed published a story confirming the CNBC report from last year based on leaked audio from inside the company. [...] The problem is that China could, in theory, single out certain individuals it is interested in and watch their online behavior very closely.  In fact, the story today from Forbes suggests they planned to do more than that.  They planned to monitor the locations of certain Americans without their knowledge or consent.

Google Employees Are Laughing at You for Thinking 'Incognito Mode' Is Private.  According to a series of internal communications discovered in court, Google employees joked about Chrome's "Incognito mode" and criticized the company for failing to meet users' expectations of privacy.  Google is currently the target of a class action lawsuit in California over its misleading claims of privacy.  Court documents obtained by Bloomberg reveal that a Google engineer suggested in 2018 that the Incognito mode icon be changed to "Guy Incognito," a Simpsons character who looks exactly like Homer Simpson except for his mustache.  According to the Google employee, the character "accurately conveys the level of privacy [Incognito mode] provides" compared to Chrome's standard browsing mode.  In a 2021 email, Google marketing chief Lorraine Twohill urged the implementation of a more secure Incognito mode as a means of gaining users' trust.

American Airlines breach was gold mine for identity thieves.  A recent data breach at American Airlines was relatively small, but the customer information stolen appears to be a jackpot for criminals engaged in identity theft.  The breach, announced on Sept. 20, affected a "very small number" of customers and employees, the airline said in a statement, with reports of about 1,700 people affected.  However, the breach reportedly included Social Security and driver's license numbers, data that can be used to steal victims' identities.  American Airlines is among several airlines and travel-related companies that have been the victims of such breaches in recent years.  India-based Akasa Air reported one in August, and Philippine Airlines reported its own in mid-September.  However, these recent thefts may say more about the security of the individual companies than about the industry at large, some cybersecurity experts said.

China's TikTok spies on user keystrokes; can track passwords, personal data: report.  A software researcher found code on the Chinese TikTok app that appears to be spying on user keystrokes and could be used to steal credit card information, passwords and other sensitive information.  Last week, Austria-based software researcher Felix Krause published a report documenting how different apps inject malicious JavaScript code into third-party websites that allow them to log keystrokes.  Krause found that the popular video-sharing app TikTok, which is owned by the Chinese company ByteDance, uses this malicious code.  The script reportedly runs on TikTok's in-app browser, allowing it to see what users are typing in when they open up links shared through the app.

Study: 99% Of COVID-19 Data Websites Secretly Track Users.  The study analyzed three types of websites: official governmental websites of "G20" countries around the world; websites of international organizations such as the United Nations and popular websites used for COVID-19 tracking and information.  It measured these sites' use of "cookies" — personal data related to your browsing history that websites can retrieve at a later time.  "Web cookies have been exploited to collect information about users' online activities and interests," notes the paper.  "Our results show that, unfortunately, tracking is a serious concern, as in some countries up to 90% of these websites create cookies of third-party trackers without any consent from users," explains a summary of the findings.

Instagram testing facial scanning tech for kids to verify ages, lawmakers cry foul.  Instagram has a new idea for how to determine kids' ages online — direct the children to videotape themselves, upload the content, and then the company will deploy facial scanning technology.  The Meta-owned social platform is partnering with tech company Yoti to test how the scanning tech can be used to verify children.  "After you take a video selfie, we share the image with Yoti, and nothing else," Instagram said on its blog.  "Yoti's technology estimates your age based on your facial features and shares that estimate with us.  Meta and Yoti then delete the image."

The Editor says...
Ri-i-i-ight.  We promise to delete your pictures as soon as we get a good look.  And we won't ever share them with anybody.  If you believe that, you're too young to agree to anybody's "terms of service."

Microsoft Office 365 has ability to 'spy' on workers.  Businesses can use risk management tools in Microsoft Office to covertly monitor the activities of employees on work-issued computers.  The software company provides tools in its Office 365 suite that can be used by employers to read staff emails and monitor how long they spend on calls and how many meetings they attend.  The surveillance capabilities of Microsoft's Office suite, which is widely used by businesses across the world, were disclosed in a dissertation by a researcher at University College London (UCL).  The research shows that companies continue to exploit capabilities built into Office 365 to monitor staff computers some 18 months after Microsoft took steps to protect employees' privacy.

TikTok Lied to Senate, China Controls the Data, Americans Don't.  This is why smart travelers take burner phones to China that don't log into any of their existing accounts and one of the worst user data hacks in America happened when an employee accessed root out of China.  But this is evidence from the inside that TikTok is just another data trap. [...] Why would anyone expect anything else?  This is how Chinese companies work.  The locus of control is always going to be with their own people and the idea that Americans would be allowed to act as gatekeepers over Chinese execs was always implausibly absurd.  Americans working for TikTok are there to take orders from China.  Not the other way around.

Twitter to pay $150M to settle federal suit over data collection practices.  The federal government announced Wednesday that Twitter has agreed to pay $150 million in civil penalties and change its data privacy measures after the platform profited off of deceptively collecting user data for six years.  The Department of Justice and the Federal Trade Commission announced a settlement and complaint with Twitter that, if approved by a federal court, would result in a $150 million penalty.  That covers admission by the social media giant that between May 2013 and September 2019, the company told users it was collecting their telephone numbers and email addresses for account security purposes.  But Twitter failed to disclose that it also would use that information to help companies send targeted advertisements to users.

Some Top 100,000 Websites Collect Everything You Type — Before You Hit Submit.  Researchers at Belgium's Katholieke Universiteit Leuven, Radboud University in the Netherlands, and Switzerland's University of Lausanne analyzed the top 100,000 websites and found a significant number record some or all of visitors' typewritten data.  The researchers estimated 1,844 sites gathered a European Union user's email address without consent, while 2,950 logged a U.S. user's email.  Many sites incorporate third-party marketing and analytics services that perform data-logging.  After crawling sites for password leaks last May, the researchers found 52 sites in which third parties, including Russian technology company Yandex, were incidentally collecting password data prior to submission.

Researchers Find Potential Way to Run Malware on iPhone Even When it's OFF.  A first-of-its-kind security analysis of iOS Find My function has identified a novel attack surface that makes it possible to tamper with the firmware and load malware onto a Bluetooth chip that's executed while an iPhone is "off."  The mechanism takes advantage of the fact that wireless chips related to Bluetooth, Near-field communication (NFC), and ultra-wideband (UWB) continue to operate while iOS is shut down when entering a "power reserve" Low Power Mode (LPM).  While this is done so as to enable features like Find My and facilitate Express Card transactions, all the three wireless chips have direct access to the secure element, academics from the Secure Mobile Networking Lab (SEEMOO) at the Technical University of Darmstadt said in a paper entitled "Evil Never Sleeps."

Russia is after your personal data.  A new phone app which offers users a free digital avatar is taking facial-recognition quality photographs and sending them to Moscow, prompting major concerns within the cyber security community.  Tens of thousands of people have already uploaded their photographs to the servers of the New Profile Pic app in return to the free avatar.  However, many will be unaware that the company behind the app, Linerock Investments, is based in an apartment complex overlooking the Moscow River, beside Russia's Ministry of Defence and just three miles from Red Square.  Jake Moore, Global Cybersecurity Advisor, ESET Internet Security told MailOnline that people have to be incredibly careful when uploading photographs or personal data to a brand new website.

Tenn family say AirTag was used to track them during Disney World visit.  A Columbia, Tennessee family claims they were stalked via an Apple AirTag while walking through Disney World theme park.  An Apple AirTag is a coin-shaped device designed to help users keep track of their belongings' location.  For instance, one might put an AirTag in their backpack, so that in case they misplace their backpack, they can look up its location on their phone.  But something entirely different happened to the family of Jennifer Gaston.  As the family was reportedly headed back to their vehicle after a day of walking through the theme park, Gaston's 17-year-old daughter, Madison, received a notification on her phone — presumably an iPhone — that there was an Apple AirTag moving with her.

Muting your mic reportedly doesn't stop big tech from recording your audio.  Anytime you use a video teleconferencing app, you're sending your audio data to the company hosting the services.  And, according to a new study, that means all of your audio data.  This includes voice and background noise whether you're broadcasting or muted.  Researchers at the University of Wisconsin-Madison investigated "many popular apps" to determine the extent that video conferencing apps capture data while users employ the in-software 'mute' button.

Big Brother Is Watching:  Amazon Worker Chat App to Ban Naughty Words Like 'Union,' 'Restrooms,' 'Pay Raise'.  An automatic word monitor in a new Amazon worker chat app will ban a variety of words and phrases, such as "union," "fairness," "pay raise," "slave labor," and "master," among other terms, according to internal documents obtained by the Intercept.  Amazon will block and flag employee posts on an internal messaging app that the company deems problematic, according to internal company documents obtained by the Intercept.  The app is still in the planning phase and has not yet been launched.

Eyeball-tracking MoviePass app will make a captive audience out of you — literally.  To sum up its history, MoviePass, co-founded by a man named Stacy Spikes, began as a flat fee cinema subscription service.  Originally, a member would pay $30 a month to get tickets to see a movie in theater up to once a day.  However, after Spikes had been pushed out of his own company, the new regime lowered the price to $9.95 a month.  Unsurprisingly, the company folded.  Spikes then bought the name back and has just relaunched the company as a movie coupon app, to be run on block-chain technology.  The idea is that you can earn or buy credits over the app, and then redeem them at participating cinemas.  It's the earning the credits part that makes MoviePass sound creepy.  Spikes has developed a feature called "PreShow."  PreShow would essentially be a package of ads that a MoviePass user could watch to earn credits, perhaps enough credits to redeem at a cinema for the entire price of a film.  To make sure the user really does watch the ads, though, PreShow will rely on the user's eye movements being tracked by the camera on his smartphone.  If the user looks away, the PreShow will stop.  In short, to get your movie coupon credits, you'd have to agree to allow PreShow to watch you watching it.

How to Tell Which Emails Quietly Track You.  Everyone sends emails now:  political parties, your book club, freelance journalists, the social networks you're signed up to, your parents, that online store that you only bought one item from a decade ago, and many, many more.  What do a lot of those email senders have in common?  They want to know whether the messages they send you are being opened, and there are a variety of tools available to help them do just that — tools that aren't all that hard to use.  A tracking pixel, embedded somewhere in the email, is how most people monitor whether an email gets opened.  Once the tiny, hidden single-pixel image is loaded, it reports back to base.  Their use across emails is now up to "endemic" levels according to some experts.  Tracking pixels can report the times and dates their associated email was opened, as well as the location of the device used, and the email client involved.

TikTok shares your data more than any other social media app — and it's unclear where it goes, study says.  Two of your social media apps could be collecting a lot of data on you — and you might not like what one of them is doing with it.  That's according to a recent study, published last month by mobile marketing company URL Genius, which found that YouTube and TikTok track users' personal data more than any other social media apps.  The study found that YouTube, which is owned by Google, mostly collects your personal data for its own purposes — like tracking your online search history, or even your location, to serve you relevant ads.  But TikTok, which is owned by Chinese tech giant ByteDance, mostly allows third-party trackers to collect your data — and from there, it's hard to say what happens with it.  With third-party trackers, it's essentially impossible to know who's tracking your data or what information they're collecting, from which posts you interact with — and how long you spend on each one — to your physical location and any other personal information you share with the app.

Facebook keeps collecting people's data and building their profiles even when their accounts are deactivated.  Brains hooked up to machines by mad scientists.  Tortured spirits stuck between this world and the next.  Limp bodies force-fed to stay alive.  Any of these creepy horror flick scenarios might be fitting to describe how Facebook treats deactivated accounts.  Not only does the company keep these otherwise dormant digital beings on life-support indefinitely, it continues to latch new data shared by advertisers to deactivated accounts, fortifying identifiable profiles just in case their masters return to electrify them back to life.  Despite Facebook's recent virtue-signaling on privacy, the company does not make it clear to people that when they deactivate their accounts, its vampiric data connections continue to suck new information from advertisers, revealing people's personal interests, recent purchases and other interactions.

Fight the American Stasi with Mockery.  In a 2019 article for The Atlantic, "The Lingering Trauma of Stasi Surveillance," Charlotte Bailey explores how many of the thousands of Germans who were victims of the The Ministry for State Security — commonly known as the Stasi — still suffer from psychological trauma. [...] The Stasi, Bailey writes, "wiretapped, bugged, and tracked citizens.  It steamed open letters and drilled holes in walls.  It had nearly 200,000 unofficial informers and hundreds of thousands more occasional sources providing information on their friends, neighbors, relatives, and colleagues. [...] The record of your permanent digital footprint and the growing power of tech companies such as Facebook, Google, and YouTube mean that just a few companies have more information about you, and power over you, in 2022 than the Stasi could ever have imagined.  With an entire spy apparatus available on their phones, students snitch on each other.

Why 'Metaverse' Is Big Brother In Disguise.  [Scroll down]  Look around you.  Everywhere you turn, people are so addicted to their internet-connected screen devices — smart phones, tablets, computers, televisions — that they can go for hours at a time submerged in a virtual world where human interaction is filtered through the medium of technology.  This is not freedom.  This is not even progress.  This is technological tyranny and iron-fisted control delivered by way of the surveillance state, corporate giants such as Google and Facebook, and government spy agencies such as the National Security Agency.  So consumed are we with availing ourselves of all the latest technologies that we have spared barely a thought for the ramifications of our heedless, headlong stumble towards a world in which our abject reliance on internet-connected gadgets and gizmos is grooming us for a future in which freedom is an illusion.

Big Tech Unleashes a Sophisticated New Weapon in Their War on Online Anonymity.  After years of steadily accumulating power, 2021 is the year that Big Tech well and truly flexed its muscle.  Gone are the days of banning mere Twitter pundits and demonetizing YouTube channels.  In 2021, Big Tech silenced the sitting US president.  They stopped the elected chief executive of the world's largest economy and most powerful military from communicating with the American people.  He lost the ability to tweet, post videos, or even send out a mass email.  The past year has shown that no celebrity or official is so powerful they are beyond the reach of the tech ban hammer.  Yet with all the focus on censorship of big names, conservatives risk forgetting about an all-important right in today's tech-dominated age:  The right to anonymous speech.  Revolver readers don't need to be told that it's more dangerous than ever in America and the West more broadly to voice an opinion at odds with the official, regime-sanctioned one mandated in Washington.  A wrong word, or any word mentioned to the wrong person or in the wrong venue can destroy a career, a reputation, a livelihood.

The Greenburg files:  Is there a file on you?  Scottsdale moms stumble upon political Google Drive trove.  A group of mothers in the Scottsdale Unified School District community are questioning an online dossier that has digital connections to school board President Jann-Michael Greenburg and his father, Mark.  The Greenburgs deny any involvement or knowledge of the Google Drive in question, however the active link to the site was made private around 11 a.m. Nov. 9, after Independent Newsmedia called the family.  The digital dossier is housed on Google Drive and contains content, including photos of district parents and at least one minor, personal financial documents, including professional certifications, and mortgage statements.

The Telescreens in Your Home Are Watching Your Every Move.  A woman who uses the apt TikTok handle @my.data.not.yours has posted a video detailing the truly shocking extent of Amazon's surveillance of her daily life.  She requested "all the data Amazon has on me," explaining, "I have two Dots and one Echo."  Between them, these devices have collected an astonishing amount of data.  She goes through the folders Amazon sent her and says of one audio folder,: "There are 3,534 short audio clips in this file alone."  This is, she says, "so scary." [...] This is an age of massive federal overreach and restriction of freedom; Amazon's data collection of trivia may appear to be completely innocuous now, but nothing much needs to change for it to be used against Americans in all sorts of ways.

I found an Amazon folder with thousands of audio recordings from my home gadgets.  A woman was shocked to discover just how much data Amazon has collected about her.  She posted a viral TikTok video explaining how she requested to see the data but wasn't expecting to receive so much.  TikToker my.data.not.yours explained:  "I requested all the data Amazon has on me and here's what I found."  She revealed that she has three Amazon smart speakers.  Two are Amazon Dot speakers and one is an Echo device.  Her home also contains smart bulbs.  She said:  "When I downloaded the ZIP file these are all the folders it came with."  The TikToker then clicked on the audio file and revealed thousands of short voice clips that she claims Amazon has collected from her smart speakers.

The Editor says...
If Amazon does this, you can safely presume that the government does, too.

Hacked: Firm that routes all major U.S. carriers' text messages reveals 5-year breach.  A telecommunications firm that helps popular carriers like Verizon, AT&T and T-Mobile route text messages between one another and carriers abroad, Syniverse, recently disclosed that it was the victim of a five-year-long breach.  In a Securities and Exchange Commission filing that was published last week, Syniverse disclosed that it learned in May about "unauthorized access to its operational and information technology systems by an unknown individual or organization."  Syniverse routes billions of text messages each year.  Although the firm says it notified law enforcement and carried out an internal investigation, they did not publicize the hacking, which they determined started in May of 2016.  Therefore, hackers may have had unlimited access to people's text messages for the last five years.

The Rise of One-Time Password Interception Bots.  In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords.  That service quickly went offline, but new research reveals a number of competitors have since launched bot-based services that make it relatively easy for crooks to phish OTPs from targets.

Apple is working on technology to help diagnose mental health conditions by spotting key signs in how you use your smartphone.  Apple is working on new technology that could be used to help diagnose mental health conditions such as depression and cognitive decline, insiders claim.  Working with the University of California in Los Angeles and biotech firm Biogen, Apple is hoping to get more out of the health-related sensors in its devices.  The firm already has a wide health-related technology offerings, including heart, sleep and activity monitoring through the Apple Watch and iPhone.

Massive Microsoft Power Apps data breach exposes personal details of 38 million people.  Personal data of 38 million people has been exposed following a breach of Microsoft's Power Apps.  The data includes social security and phone numbers, COVID vaccination status and home addresses.  Companies affected by the breach include American Airlines, New York City public schools, Ford, the Maryland Department of Health, and the New York City Municipal Transportation Authority.

Apple's Plan to "Think Different" About Encryption Opens a Backdoor to Your Private Life.  Apple has announced impending changes to its operating systems that include new "protections for children" features in iCloud and iMessage.  If you've spent any time following the Crypto Wars, you know what this means:  Apple is planning to build a backdoor into its data storage system and its messaging system.  Child exploitation is a serious problem, and Apple isn't the first tech company to bend its privacy-protective stance in an attempt to combat it.  But that choice will come at a high price for overall user privacy.  Apple can explain at length how its technical implementation will preserve privacy and security in its proposed backdoor, but at the end of the day, even a thoroughly documented, carefully thought-out, and narrowly-scoped backdoor is still a backdoor.

The Editor says...
Apple's excuse — that they're only looking for child pornography — is a thin wrapper to make us think their intentions are honorable.  If the mechanism is in place to sift through your words and pictures, it will soon be used to find "deadbeat dads," tax evaders, gang members, and anybody who's wanted by the FBI.  At that point, if Apple still hears no objections, there can be no doubt that they will start using this wholesale surveillance technology for left-wing political purposes.

'Privacy Company' Apple Plans To Monitor All US iPhones For Evidence Of Child Porn.  As the old saying goes:  If you aren't doing anything illegal, then you have nothing to fear from surveillance.  Smartphones already act like tracking devices broadcasting the whereabouts of their owners, but Apple is about to open the door to far more advanced forms of smartphone-based voluntary surveillance by launching a new program designed to detect and report iPhone users who are found to have child pornography — known by the academic-speak acronym CSAM — which stands for Child Sexual Abuse Materials.  According to a handful of academics who were offered a sneak preview of the company's plans — then promptly spilled the beans on Twitter, and in interviews with the press.

Natick couple harassed by eBay tell their story for the first time.  Natick resident David Steiner was puttering in his garage on a sunny Sunday morning when a neighbor walking a dog called out to him:  "Hey, your fence has been tagged."  Steiner, who with his wife, Ina, publishes a news website about the e-commerce industry from their home, thought his neighbor must be joking — who would be graffitiing his new white vinyl fence on their quiet, tree-lined street?  It was June of 2019, and he had no clue that the vandalism was just the start of a bizarre harassment campaign directed by senior executives at one of the country's leading Internet companies, eBay.  Ultimately, the events would shatter the Steiners' peaceful suburban life, result in criminal charges against six eBay employees and a contractor, five of whom have pleaded guilty, and contribute to the departure of eBay's chief executive.

QR Menu Codes Are Everywhere, and Tracking You More Than You Think.  If you've returned to the restaurants and bars that have reopened in your neighborhood lately, you might have noticed a new addition to the post-quarantine decor:  QR codes.  Everywhere.  And as they've become more ubiquitous on the dining scene, so has the quiet tracking and targeting that they do.  That's according to a new analysis by the New York Times, that found these QR codes have the ability to collect customer data — enough to create what Jay Stanley, a senior policy analyst at the American Civil Liberties Union, called an "entire apparatus of online tracking," that remembers who you are every time you sit down for a meal.  While the data itself contains pretty uninteresting information, like your order history or contact information, it turns out there's nothing stopping that data from being passed to whomever the establishment wants. [...] Because they're a touchless way to transmit information, restaurants, and retailers have adopted them en masse.  And despite the fact that they're divisive for all sorts of very good reasons, most businesses seem to agree that they're here to stay, even once the COVID-19 crisis is finally over.

Amazon's mission:  Getting a 'key' to your apartment building.  Amazon is tired of ringing doorbells.  The online shopping giant is pushing landlords around the country — sometimes with financial incentives — to give its drivers the ability to unlock apartment building doors themselves with a mobile device.  The service, dubbed Key for Business, is pitched as a way to cut down on stolen packages by making it easy to leave them in lobbies and not outside.  Amazon benefits because it enables delivery workers to make their rounds faster.  And fewer stolen packages reduces costs and could give Amazon an edge over competitors.  Those who have installed the device say it reduces the constant buzzing by delivery people and is a safer alternative to giving out codes to scores of delivery people.

Revealed: leak uncovers global abuse of cyber-surveillance weapon.  Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.  The investigation by the Guardian and 16 other media organisations suggests widespread and continuing abuse of NSO's hacking spyware, Pegasus, which the company insists is only intended for use against criminals and terrorists.  Pegasus is a malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.  The leak contains a list of more than 50,000 phone numbers that, it is believed, have been identified as those of people of interest by clients of NSO since 2016.

Facebook reportedly fired 52 employees who were caught spying on users.  Facebook fired 52 employees for abusing their access to the social network's user data — including creepy men who obtained location data on women they were romantically interested in, according to a new report.  Using their access to troves of user data through Facebook's internal systems, male engineers were able to view women's locations, private messages, deleted photos and more, according to a bombshell report in the Telegraph.  In one instance described in the report, a Facebook engineer was on vacation with a woman in Europe when the two got into a fight and the woman wanted time alone.  Using Facebook data, the engineer reportedly tracked her down at her new hotel and confronted her.

FCC lifts rules so Amazon can build radar devices to track users' sleep.  The Federal Communications Commission waived its rules so Amazon can build radar sensors that the company says would be used to track people's sleep.  The federal government's exemption for Amazon paves the way for the tech giant to monitor users' movements in the bedroom with extreme precision — all without users having to press a button.  The FCC accepted Amazon's claim that the tech would be used to improve users' health and wellness.

The Editor says...
Ri-i-i-ight.  And the radar technology will never be used for any other application, and there's no threat at all to anyone's privacy.  Why does Amazon care when you sleep?  If you let Amazon into your house this far, you might as well put a sign in your front window that says, WE ARE ALL ASLEEP.

Big Tech's threat to democracy.  The convenience of the smart home may be worth the price; that's for each of us to decide.  But to do so with open eyes, one has to understand what the price is.  After all, you don't pay a monthly fee for Alexa, or Google Home.  The cost, then, is a subtle one:  a slight psychological adjustment in which we are tipped a bit further into passivity and dependence.  The Sleep Number Bed is typical of smart home devices, as Harvard business school Professor Shoshana Zuboff describes in The Age of Surveillance Capitalism.  It comes with an app, of course, which you'll need to install to get the full benefits.  Benefits for whom?  Well, to know that you would need to spend some time with the 16-page privacy policy that comes with the bed.  There you'll read about third-party sharing, analytics partners, targeted advertising, and much else.  Meanwhile, the User Agreement specifies that the company can share or exploit your personal information even "after you deactivate or cancel ... your Sleep Number account."  You are unilaterally informed that the firm does not honor "Do Not Track" notifications.  By the way, the bed also transmits the audio signals in your bedroom.  (I am not making this up.)

How the Global World Is Losing Control.  Smart software agents are ubiquitous:  on our phones, computers, even on that doodad you bought for grandma that plays music and reads out the weather report in response to voice commands.  "Siri, Alexa, Cortana and the unstoppable rise of the digital assistant ... The brain implants are not ready yet, but artificial intelligence of a different kind is being let loose on some of these creeping problems of modern life."  Are they really working for us?  To reassure yourself, why not ask:  "Google are you spying on me?"  The answer ought to set your mind at ease.

Read this and you won't click 'I agree' ever again:  We're being spied on by phones, computers, TVs, cars — even the doorbells.  Most of us know that our personal data is being collected, stored and analysed thanks to our relationship with our mobile phones, computers and the internet.  But are we really aware of the full extent of the privacy invasions into our daily lives?  Let's start at dawn.  What is the first thing you do when you wake up?  You probably check your phone.  By doing that, you are informing a whole host of busybodies — your smartphone manufacturer, app developers and your mobile company, as well as intelligence agencies (if they happen to be watching you) — what time you wake up, where you've been sleeping and who you share a bed with, providing they keep their phone with them too.

Big Brother, Inc:  Amazon devices share your network connection without your consent?  Starting today [6/8/2021], your Amazon Echo and Ring systems will default to opening a "small slice" of your wireless networks as part of their new Sidewalk program to neighbors, and, er... anyone else within range of your house.  What could go wrong?  Not much, says the New York Times:  ["]Depending on your perspective, Sidewalk is either terrific news about some potentially cool capabilities for your smart-home devices or a ham-fisted and terminally awful privacy and security gamble that offers little benefit to device owners while further expanding Amazon's already sizable reach into American households.  We think it's actually a little of both. ...["]

TikTok quietly changes rules to harvest scans of your FACE and voice in creepy 'biometric collection'.  TIKTOK has updated its privacy policy in the US so it can collect things like "faceprints and voiceprints" from its users.  The app said it "may collect biometric identifiers and biometric information" from users but would need consent before this data is taken.

Amazon to turn on Sidewalk Wi-Fi sharing service next week.  Amazon is launching a new service called Sidewalk with the goal of improving signal strength and reliability.  It works by connecting your Alexa devices with your neighbors' devices.  The concept raises red flags for some people.  But should it?

'Location Off Should Mean Location Off': Google Hit With Lawsuit Over Data Collection 'Schemes'.  Arizona Attorney General Mark Brnovich says that Google continues to collect location data even after users turn off tracking on their smartphones and other devices, citing concerns from company employees about its data-collection practices, in the latest update of a lawsuit against the tech giant.  According to documents that were submitted in court by Brnovich's office last week, emails that were sent among Google engineers expressed concerns about the company's location data collection efforts after an Associated Press report in 2018; the engineers suggested that they believed the AP article was correct.  "So there is no way to give a third-party app your location and not Google?  This doesn't sound like something we would want on the front page of the [New York Times]," one employee allegedly stated in a newly unredacted section.

Your Car Is Spying On You, and a CBP Contract Shows the Risks.  U.S. Customs and Border Protection purchased technology that vacuums up reams of personal information stored inside cars, according to a federal contract reviewed by The Intercept, illustrating the serious risks in connecting your vehicle and your smartphone.  The contract, shared with The Intercept by Latinx advocacy organization Mijente, shows that CBP paid Swedish data extraction firm MSAB $456,073 for a bundle of hardware including five iVe "vehicle forensics kits" manufactured by Berla, an American company.  A related document indicates that CBP believed the kit would be "critical in CBP investigations as it can provide evidence [not only] regarding the vehicle's use, but also information obtained through mobile devices paired with the infotainment system."  The document went on to say that iVe was the only tool available for purchase that could tap into such systems.

China's digital currency could bring surveillance state to wallets at expense of US dollar.  China's emerging digital currency could enhance the yuan's importance in the international financial system at the expense of the U.S. dollar and extend the Chinese surveillance state into wallets around the world.  A combination of visibility of currency users and technical control is a monetary dream for Chinese communist officials, who have staked their regime on their ability to monitor and curtail private activity within China.  The digital yuan's acceptance beyond mainland China could give the regime a significant geo-economic tool, one that bypasses the network of banks and financial institutions that are subject to U.S. laws and binds client states more directly to Beijing.  Beijing's moves come amid tensions with the Biden administration as the new government in Washington continues calibrating its China policy after the Asian giant's tactics led former President Donald Trump to sour on its president, Xi Jinping, after spending years touting their alleged friendship.

Freedom Fading.  [Scroll down]  Many of us, particularly the young, live out our social lives online — through Instagram, Facebook, Twitter — and manage our lives at the behest of its aggressive stepsisters, Amazon, Apple, and Google.  We post, we purchase, we tweet, we opine, we share vital information and also gather vital information using their platforms.  These enterprises provide the bulk of our access to the outside world.  It has become obvious to careful observers, though, that these digital giants are not neutral players in this game.  We are being watched, and we are being tracked.  Corporate Goliaths are assiduously collecting every piece of information they can on our purchasing habits, our preferences, our private lives — even our travel patterns.  Rod Dreher reports that this "surveillance capitalism hoovers up detailed personal data about individuals and analyzes it with sophisticated algorithms to predict people's behavior."  The initial goal of this online data harvesting is, of course, monetization of information — profit, for short.  But there is a darker side.  Sophisticated algorithms have another consequence.  "The rapidly growing power of information technology and its ubiquitous presence in daily life," Dreher warns, "immensely magnifies the ability of those who control institutions to shape society according to their ideals" (emphasis added).

Chinese smart TVs are snooping on their owners.  Hundreds of millions of Chinese consumers had a surprise discovery last week:  Their TV sets know a lot more about them than they'd ever thought, or ever agreed to.  It turns out Beijing-based Gozen Data, a leading Chinese TV viewership analytics firm, has been collecting personal data in real time using smart TVs — without users' consent.  The practice was first exposed when a user on V2EX, an online forum for tech enthusiasts, noticed their Skyworth-brand smart TV had become slow and analyzed the code of back-end programs to figure out why.  What they found was a program that scans the user's Wi-Fi every 10 minutes and uploads a wide range of information to Gozen Data's website.

Shedding light on fairness in AI with a new data set.  Facebook AI has built and open-sourced a new, unique data set called Casual Conversations, consisting of 45,186 videos of participants having nonscripted conversations.  It serves as a tool for AI researchers to surface useful signals that may help them evaluate the fairness of their computer vision and audio models across subgroups of age, gender, apparent skin tone, and ambient lighting.  To our knowledge, it's the first publicly available data set featuring paid individuals who explicitly provided their age and gender themselves — as opposed to information labeled by third parties or estimated using ML models.

Numerous additional stories about privacy.  If you prefer to drink from a fire hydrant, sources like this are out there.

P&G Is Looking for Ways Around Apple's New Privacy Rules.  Consumer goods giant Procter & Gamble is testing an advertising technique developed in China that gathers iPhone data for targeted advertisements as companies look for ways to bypass Apple's new privacy measures.  P&G is preparing for an era in which new tools and customer preferences limit the amount of data available to marketers, Dow Jones reported, citing sources.  The Cincinnati company is partnering with dozens of Chinese trade groups and tech firms working with the state-backed China Advertising Association to develop the new technique, which would use a technology called device fingerprinting.

Today's blacklisted Americans:  Conservatives on the email provider MailChimp.  They're coming for you next:  The email provider MailChimp has since the November election made it a clear policy to routinely cancel the accounts of conservatives if they dare send out any emails it deems politically incorrect.  In November MailChimp instantly disabled the email account of two tea party organizations, one in Virginia and the other in South Carolina, when they each tried to send out email notices to their members about post-election pro-Trump rallies.  In January MailChimp did the same to a conservative organization in California that was running a conference calling for the end of the overbearing lockdown rules imposed by the Democrat governor Gavin Newsom.

The Editor says...
For helpful tips, please see "If you think somebody is reading your email..." on this page or this page.

T-Mobile to Step Up Ad Targeting of Cellphone Customers.  Wireless carrier tells subscribers it could share their masked browsing, app data and online activity with advertisers unless they opt out[.]  A T-Mobile spokeswoman said the changes give subscribers advertising that aligns with their interests.  "We've heard many say they prefer more relevant ads so we're defaulting to this setting,"

Four hidden ways Big Tech platforms suck up your data.  Big Tech companies such as Facebook, Google, and Amazon collect personal user data from many different sources to create "secret identities" of people in order to understand users' personality traits, predict purchasing behavior, and ultimately sell these profiles to advertisers and sometimes the government.  Most often, users don't even realize that their data is being collected and exploited by tech companies.  Besides advertisers, millions of people's personal user data has also been sold to U.S. federal agencies for border control purposes as well as to the military for counterterrorism purposes.  User data can also be used by machine learning or artificial intelligence tools that are being used by entities in the criminal justice system to help the government make decisions, including who should be imprisoned to a person's ability to enter a country.

Student Surveillance Vendor Proctorio Files SLAPP Lawsuit to Silence A Critic.  During the pandemic, a dangerous business has prospered:  invading students' privacy with proctoring software and apps.  In the last year, we've seen universities compel students to download apps that collect their face images, driver's license data, and network information.  Students who want to move forward with their education are sometimes forced to accept being recorded in their own homes and having the footage reviewed for "suspicious" behavior.  Given these invasions, it's no surprise that students and educators are fighting back against these apps.  Last fall, Ian Linkletter, a remote learning specialist at the University of British Columbia, became part of a chorus of critics concerned with this industry.  Now, he's been sued for speaking out.  The outrageous lawsuit — which relies on a bizarre legal theory that linking to publicly viewable videos is copyright infringement — will become an important test of a 2019 British Columbia law passed to defend free speech, the Protection of Public Participation Act, or PPPA.

Amazon's new rotating, follow-you camera is useful — and invasive.  The covid-19 Zoom boom has turned us into camera operators.  Making sure everyone's face can be seen in the videoconference is a daily struggle.  Along comes Amazon's new Echo Show 10, a countertop camera and computer that tries to follow you.  Spinning in a motorized circle, it does its best to track your body so you're always in the shot — and in view of its 10.1-inch screen.  I spend so much time on video calls, I was tempted to splurge on one of these $250 robot Alexas.  But I won't be buying one after testing a review unit for a few days.  While it was useful for in-motion video chats, the Echo Show under-delivered in functions I'd want from a gadget taking valuable counter space.  And since it's both passively listening and watching, the Echo Show needs a more thoughtful approach to privacy.  One of its new commands is, literally, "Alexa, stop following me."  And Amazon added an opt-in surveillance function to the device that, at least for me, crosses the line from innovative to invasive.

The Editor says...
I've never been on a Zoom call ... as far as I know.

Microsoft and Friends Want to Destroy Online Privacy.  Microsoft has teamed up with a number of tech and media companies to create a system of tracing content around the internet that could destroy online privacy and anonymity, radically transforming the nature of the web.  Against stiff competition, the alliance of tech and media giants has devised a plan that may constitute Big Tech's most brazen power-grab yet.

Will Small Businesses Burn through Americans' Goodwill by Snitching on Their Customers?  [Scroll down]  It was my first visit to the establishment, and when I stepped inside, a pink-haired receptionist with rhinestone-studded cheekbones took my temperature and handed me the questionnaire.  I dutifully answered the 15 questions on page one pertaining to any physical symptoms I may be experiencing.  Then I turned to page two, stopping abruptly when I read the first questions:  "Did you take part in a social gathering of more than 10 people in the last week in which you were within 6 feet of others?" followed by "If yes, was everyone wearing a mask/face covering, you included?"  I puzzled over the questions.  Had I mistakenly stepped into a doctor's office rather than a hair salon?  Was a small business truly probing into my recent involvement with other people just so I could get my hair trimmed and styled?  Perhaps page three would require my blood type and Social Security number.  I also wondered what the salon's policy would be if I answered "yes" to either question.  Would they deny me service?  More importantly, would they send my private information to the Oregon Health Authority to follow up?

Instagram Will Now Monitor Your Private Messages To Watch For 'Hate Speech'.  Instagram announced in the past week that they will begin policing private direct messages in their latest crackdown on so-called "hate speech" on their platform, a report says.  In line with the recent racial abusive comments that are "targeted at footballers in the U.K." after losing a match, the social media platform Instagram announced Wednesday that they will be imposing stricter measures in order "to help prevent" the further spread of abuse and hate speech in direct messages, Daily Wire reported.

Crossing the Digital Rubicon.  Generally, people know how their lives are invasively monitored, their most intimate details packaged and sold as a commodity on markets they have little to no control over.  Fatalistic shrugs of 'what can you do' and declarations of 'I can't live without my phone' ensue.  Perhaps it is a fair trade.  Detailed personal profiles are exchanged for handheld convenience along with dogged artificial intelligence analyzing what product or service will successfully secure our money — or even our loyalty.  Brand loyalty is a highly-prized substance as franchise owners around the world attest.  Other forms of allegiance are also highly-prized.  Consider if your private personal details, even intimate psychological profiles, are instead exploited for coercion to an ideology.

Ex-ADT employee admits hacking into 200+ live cameras, spying on naked women and couples having sex.  A former ADT employee admitted Thursday [1/21/2021] that he hacked into the video feeds of more than 200 Texas customers to spy on naked women and couples having sex inside their homes.  Telesforo Aviles, 35, logged into customers' accounts more than 9,600 times over a four-year period "in order to view their footage for sexual gratification," he admitted in federal court.  "This defendant, entrusted with safeguarding customers' homes, instead intruded on their most intimate moments," Acting U.S. Attorney Prerak Shah said in a statement.  The creep, who worked as a home security technician before being fired last year, pleaded guilty to computer fraud and now faces up to five years in federal prison.

ZOOM is a Chinese Communist Party company spying on you.  China is making us dependent on them for pharmaceuticals, basketball, movies, news, iPhones, and other technology, even Zoom calls.  Yet, the Chinese Communists (CCP) are allowed to spy on us through their technology, including TicToc and even ZOOM.  Americans think ZOOM is an American company.  It is not.  It is a Chinese Communist Party company and they are using it to spy on us.  The DOJ filed charges against an executive this past week, who appears to be in China.  He was censoring ZOOM conversations in the United States and giving IP addresses to his Maoist rulers of people who criticized the CCP.  The DOJ is allowing ZOOM to continue operating.

Never click on this kind of Zoom invite.  You'll thank us forever.  Your inbox is chock full of Zoom invitations, as everyone from your boss to your Aunt Elaine to your book club keeps your work and social calendars packed.  But amid the sales meeting slots and the family holiday reunions lurk Zoom invites that want to do the opposite of welcome you.  They want to steal your personal information and ruin you.  Zoom phishing scams are the latest conduit for planting malware, designed to leave victims with stolen identities, destroyed credit histories, compromised passwords, and empty bank accounts.

FCC orders US telecom companies to rip out Huawei equipment.  US carriers and telecommunications companies receiving Universal Service funding are now required to remove all Huawei technology, by order of the federal government.  The US Federal Communications Commission has ordered certain carriers to "rip and replace" all equipment produced by Huawei.  It follows continuing investigations into claims that Huawei represents a threat to national security, and Huawei's application for a review of a similar ruling by the Public Safety and Homeland Security Bureau in June.  "A laundry list of evidence before us compels this result," said FCC chairman Ajit Pal in a statement.  "But to summarize some of the main points, Huawei has a long and well-documented history of close ties to the Chinese military and intelligence communities, as well as the Chinese Communist Party, at every level of the company — all the way up to its founder."

Playstation Says it Will Enable Voice Chats to be Recorded So Players Can be Snitched on for Mean Words.  Sony has announced that it will allow Playstation users to record in-game voice chats so players can snitch on each other for mean words said during private conversations.  Yes, really.  The game console's latest update forces users to waive their privacy rights, allowing others to report them and get their accounts banned for speech violations.  "Following this update, users are seeing a notification about Party Safety and that voice chats in parties may be recorded," Sony announced.  "Voice chat recording for moderation is a feature that will be available on PS5 when it launches, and will enable users to record their voice chats on PS5 and submit them for moderation review.  The pop up you're seeing on PS4 right now is to let you know that when you participate in a chat with a PS5 user (post-launch), they may submit those recordings from their PS5 console to SIE."

It's 2020, so why am I still able to read your pager traffic?  On this blog we have posted numerous times about privacy breaches stemming from insecure wireless pager traffic.  Anyone with a radio or SDR can receive and decode pager messages, and this has been known and done since the 1980's.  Cameron's talk explains how paging systems work, who are the modern users of pagers, how to capture and decode pager messages and how to best log and filter through messages.  He goes on to describe a number of major pager security breaches that he's personally seen.  [Video clip]

60 Percent of Police Drones Are Chinese Made.  Chinese manufacturers produced more than three in five drones used by local and state law enforcement, potentially exposing sensitive geographic and personal data to the Chinese government.  Chinese tech companies have sold or gifted drones to more than 970 law enforcement and first responder agencies across the country, presenting a massive national security risk, according to a new report by John Venable and Lora Ries, senior research fellows at the conservative Heritage Foundation.  The authors of the report warn that the Chinese government can compel these companies to cough up sensitive data collected in the United States.  The technology could help Beijing identify vulnerabilities in U.S. critical infrastructure and track down the location of American civic leaders.

What TikTok Hides Beneath Its Addicting Little Videos Should Scare You.  Like almost all social media companies, TikTok collects an enormous amount of data on its users, including IP addresses and browsing history.  Researchers have raised serious privacy and data security concerns about the app for years.  In early 2019, TikTok paid a $5.7 million fine to the U.S. Federal Trade Commission for illegally "collecting and exposing locations of young children, as well as failing to delete information on underage children when instructed to do so."  TikTok was under similar investigations in the United Kingdom and India for allegations over its collection and misuse of data gathered from children.  In January 2020, internet research company Check Point Research reported several vulnerabilities within the TikTok application, which researchers said could easily allow malicious attackers to hurt a TikTok user by making private videos public or revealing information saved on the account, such as personal emails.

California Police, Amazon Ring Partnerships Raise Concerns.  As nationwide protests force a deep examination of police tactics and funding, technology companies say they are re-evaluating their relationship with law enforcement as well.  Amazon has halted police use of its facial recognition technology for one year and the website Nextdoor has stopped forwarding tips to police.  Now, privacy groups and activists are scrutinizing the relationships between Amazon and local police departments that allow law enforcement to request access to video recordings from doorbell cameras installed in private homes.  Amazon's expanding network of law enforcement "partners" for its Neighbors app remains intact, an arrangement that critics say is designed to boost sales of its Ring cameras and capitalize on fears of property crime.  Social media and news channels are filled with stories of package thieves and other incidents captured on Ring cameras, which acts as a form of marketing for the products.

New TikTok Ban Suddenly Hits Millions Of Users As Serious Problems Get Worse.  Security concerns are nothing new to TikTok — the Chinese viral sensation that has grown fast enough to compete with the likes of WhatsApp, YouTube and Instagram for downloads.  Few if any apps better reflect our time in coronavirus lockdowns than this bitesize video sharing platform, but with great power comes great responsibility, and, so the arguments run, TikTok has totally failed the test.  While TikTok's headline security warnings have been mainly in the U.S., with cybersecurity alerts and reports of military bans, the platform has actually seen more ruthless treatment at the hands of governments elsewhere — particularly India.  Some fourteen months ago, I reported on the country banning TikTok over concerns for child welfare, following modest U.S. fines for data misuse.

Did Your iPhone Secretly Install a COVID-19 Tracker?  Users are reporting that the latest update for iOS (the iPhone's operating system) automatically installed coronavirus contact-tracing software onto their phones.  The change appears to have come with update iOS 13.5 back in May and all subsequent updates.  The tracking option was installed discreetly on users' phones without announcement.  It can be toggled on and off by going to settings > privacy > health.

Apple Suddenly Catches TikTok Secretly Spying On Millions Of iPhone Users.  As I reported on June 23, Apple has fixed a serious problem in iOS 14, due in the fall, where apps can secretly access the clipboard on users' devices.  Once the new OS is released, users will be warned whenever an app reads the last thing copied to the clipboard.  As I warned earlier this year, this is more than a theoretical risk for users, with countless apps already caught abusing their privacy in this way.  Worryingly, one of the apps caught snooping by security researchers Talal Haj Bakry and Tommy Mysk was China's TikTok.  Given other security concerns raised about the app, as well as broader worries given its Chinese origins, this became a headline issue.

Big Tech is Strangling Us.  In 2017 Roger McNamee highlighted the fact that "the big Internet companies know more about you than you know about yourself, which gives them huge power to influence you, to persuade you to do things that serve their economic interests."  Thus, in 2013 "a study found that average consumers check their smartphones 150 times a day.  And that number has probably grown.  People spend 50 minutes a day on Facebook.  Other social apps such as Snapchat, Instagram, and Twitter combine to take up still more time.  Those companies maintain a profile on every user, which grows every time you like, share, search, shop or post a photo.  Google also is analyzing credit card records of millions of people."

Zoom Teleconferencing App 'Mistakenly' Exposed Data To China.  The Zoom teleconferencing app has been "mistakenly" routing user data through China, the Silicon Valley company admitted Friday evening [4/3/2020].  The app has surged in popularity as workers and students the world over are stuck in their homes amid the coronavirus pandemic.  Schools have been using the app for online classes while companies and even governments have been using it to hold meetings, and much of that data may have been exposed to China, the Financial Times reported.  Certain calls were "allowed to connect to systems in China, where they should not have been able to connect," the company said in a statement.

Billionaire founder of Zoom has offloaded more than $38 million in company stock.  The CEO and founder of Zoom Video Communications has offloaded more than $38 million worth of stock in the company now facing intense scrutiny over alleged privacy breaches, DailyMail.com can reveal.  Zoom's profile and stock skyrocketed as millions of users turned to it to keep in touch with colleagues, friends and family during the COVID-19 crisis lockdowns.  But it has been hit by a string of privacy concerns and allegations that the company failed to live up to its claim that communications were 'end to end encrypted.'  Instead, code in the original App allowed users' personal data to be disclosed to third parties, including Facebook.

Zoom accused in lawsuit of improperly sharing user data with Facebook.  Zoom Video Communications, the popular online video conferencing platform, is facing a class-action lawsuit for allegedly sharing users' data with companies like Facebook without those individuals' consent.  The suit, filed in federal court in California by a Zoom user, accuses the company of failing to "properly safeguard the personal information of the increasing millions of users" of its platform and disclosing that information without adequate notice or authorization to Facebook and possibly other third parties.  It alleges that the behavior invades the privacy of users and violates California's Unfair Competition Law, Consumers Legal Remedies Act and the Consumer Privacy Act.

We polled Americans about which big tech companies they trust with their personal information.  Americans generally believe the biggest tech companies have too much power and ought to be split up.  Among survey respondents:
  •   56 percent said the government should break up tech companies if they control too much of the economy
  •   72 percent said that Facebook has too much power
  •   51 percent said Google and YouTube should be split into separate companies
With multiple investigations now underway against the tech giants at both the state and federal levels — and with the threat of even more regulation should a Democrat win the presidency — there's good cause for companies to pay attention to the rise of anti-tech sentiment.

Federally Subsidized Smartphones Contain Chinese Spyware.  Smartphones being given by the federal government to low-income people have Chinese spyware installed, spyware that can't be removed and that gives agents of Beijing considerable control over those subsidized phones.  According to researchers quoted in various media reports of the discovery of the malware, the Android OS devices given to people participating in the federally funded and FCC-managed Lifeline Assistance program are pre-loaded with applications that give the Chinese access to private data, including contacts and texts, and that allow the company that developed one of the apps to remotely download additional apps to the phone without user participation. [...] Another app pre-installed on the UMX phones is the Settings app.  The Settings app is critical to the function of the phone and as such cannot be removed without rendering the phone useless.  Unlike other phones' native settings apps, the UMX Settings app — developed by the Chinese — grants the developer the ability to remotely install hidden ads onto the phone without user permission.

Hackers Can Hijack Your House Through Your Light Bulb, Researchers Discover.  Homes and businesses that use smart light bulbs are at risk of being hacked and even spied on, new research has revealed.  The vulnerability, which affects the market-leading Philip Hue smart bulb, was discovered by researchers at security firm Check Point, who claim cyber criminals could use it to plant spyware or ransomware on home networks.  It works by exploiting a flaw with the popular ZigBee protocol, which is commonly used within wireless networks.

Facebook has finally launched its "clear history" button, but it doesn't delete anything.  It's worth going and seeing for yourself just how much data about you is being shared with Facebook. [...] I counted a grand total of 812 apps and websites sending data about me back to Facebook, from national newspapers to my local coffee shop.  At this point, it feels safe to assume that most of the websites I'm visiting or apps I'm signing up to are probably sharing data on me with Facebook.

Smart doorbell company Ring may be surveilling users through its app.  Amazon's smart doorbell company Ring may be using its app to surveil users, a report from the Electronic Frontier Foundation revealed on Wednesday [1/29/2020].  The "Ring for Android" app shares user data including names, private IP addresses, mobile network carriers and sensor data with a number of third-party trackers, the investigation found.  At least four analytics and marketing companies receive such information from customer devices.  "Ring claims to prioritize the security and privacy of its customers, yet time and again we've seen these claims not only fall short, but harm the customers and community members who engage with Ring's surveillance system," Bill Budington, senior staff technologist at the EFF and author of the report, said.

What does your car know about you?  We hacked a Chevy to find out.  Behind the wheel, it's nothing but you, the open road — and your car quietly recording your every move.  On a recent drive, a 2017 Chevrolet collected my precise location.  It stored my phone's ID and the people I called.  It judged my acceleration and braking style, beaming back reports to its maker General Motors over an always-on Internet connection.  Cars have become the most sophisticated computers many of us own, filled with hundreds of sensors.  Even older models know an awful lot about you.  Many copy over personal data as soon as you plug in a smartphone.  But for the thousands you spend to buy a car, the data it produces doesn't belong to you.  My Chevy's dashboard didn't say what the car was recording.  It wasn't in the owner's manual.  There was no way to download it.

Why is a 22GB database containing 56 million US folks' personal details sitting on the open internet using a Chinese IP address?  A database containing the personal details of 56.25 m[illion] US residents — from names and home addresses to phone numbers and ages — has been found on the public internet, served from a computer with a Chinese IP address, bizarrely enough.  The information silo appears to have been obtained somehow from Florida-based CheckPeople.com, which is a typical people-finder website:  for a fee, you can enter someone's name, and it will look up their current and past addresses, phone numbers, email addresses, names of relatives, and even criminal records in some cases, all presumably gathered from public records.  However, all of this information is not only sitting in one place for spammers, miscreants, and other netizens to download in bulk, it's being served from an IP address associated with Alibaba's web hosting wing in Hangzhou, east China, for reasons unknown.  It is a perfect illustration that not only is this sort of personal information in circulation, it's also in the hands of foreign adversaries.

Google-Connected Cameras Show Images Inside Strangers' Homes.  Owners of smart cameras linked to Google accounts have reported seeing images from inside strangers' homes.  One user shared still images online that were taken by other people's cameras, including pictures of people sleeping, children playing with toys and even a baby asleep in a crib.  "When I load the Xiaomi camera in my Google Home Hub I get stills from other people's homes," a Reddit user by the name Dio-V wrote.  The images were shared on 1 January and appear to be taken on the same day.  Google acknowledged the issue and claimed it only affected cameras made by Xiaomi.

Blind man's bluff:  The curse of secret investigation.  As Adam Mill dramatically put it:  "It's the greatest scandal in U.S. legal history.  Most chilling of all is that the current FBI chief, Christopher Wray, recently shrugged-off FBI agents lying to the FISA court."  Maybe Wray was not surprised.  But Mill may have been wrong in applying the phrase "greatest scandal" to the FISA affair.  The New York Times editorial board argues that a much bigger abuse is being inflicted upon an unsuspecting public.  Every moment of every day you are under surveillance by your phone and providers don't even apply for a warrant.  NYT reporters were given a workaday data set collected by application providers.

Total Surveillance Is Not What America Signed Up For.  It is a federal crime to open a piece of junk mail that's addressed to someone else.  Listening to someone else's phone call without a court order can also be a federal crime.  The Supreme Court has ruled that the location data served up by mobile phones is also covered by constitutional protections.  The government can't request it without a warrant.  But the private sector doesn't need a warrant to get hold of your data.  There's little to prevent companies from tracking the precise movements of hundreds of millions of Americans and selling copies of that dataset to anyone who can pay the price. [...] Your smartphone can broadcast your exact location thousands of times per day, through hundreds of apps, instantaneously to dozens of different companies.  Each of those companies has the power to follow individual mobile phones wherever they go, in near-real time.  That's not a glitch in the system.  It is the system.

One of the most popular chat apps in the US is actually a foreign spy tool.  The United Arab Emirates is using one of the most popular messaging apps in the United States to track the conversations, locations, and interactions of all of the app's users.  The app ToTok became one of the most downloaded messaging apps in the U.S. last week on both Apple and Google's app store.  The app, sold as a safe and secure way to communicate, is being used by the U.A.E. to spy on its own people and others around the world, according to the New York Times.  ToTok is most popular in the U.A.E., but also serves millions of users in Africa, Asia, Europe, the Middle East, and North America.  The company that created ToTok, Breej Holding, is believed to be a front group for an Abu Dhabi-based hacking firm called DarkMatter.

Don't Buy Ring Or Other Home Surveillance Devices For Anyone, Ever.  Looking for last-minute presents?  Don't buy Amazon's Ring home camera system.  Easily hackable, super creepy, and massively Orwellian, Ring and other home surveillance tech give you the illusion of protection while stealing your privacy and autonomy.  Ring isn't the only device to have been hacked.  Nest, Alexa, and baby monitors are just a few of the home devices that have bad actors have hacked and manipulated.  A perv recently used a Ring camera to gain access to an eight-year-old girl's bedroom.  Her parents had installed the device to keep tabs on her.  Through the camera, a truly disgusting man can be heard to say:  "I'm your best friend, I'm Santa Claus."  The girl calls out for her mother, and the voice repeats:  "I'm Santa Claus, don't you wanna be my best friend?"

Your car could be at risk of cyberattacks.  Smart cars may make our lives easier on the road, but they are also easily hacked by cyber criminals.  Scientists have found 'holes' in these systems that lets digital deviants access your data or worse, take over the vehicle.  The first hole is when users plug their smartphone into their smart car, which is an open door for hackers to breach vehicle systems.

Amazon, Apple and Google join forces to make their home products 'speak to each other' to make smart homes a reality.  Amazon, Apple and Google will work together to create a new common standard that will make it easier for smart devices to speak to each other.  It is a move the technology giants hope will make it easier for consumers as they will be able to use different devices from a variety of companies on the same network.  'We believe that the protocol has the potential to be widely adopted across home systems and assistants', the new group said in a statement.

The Editor says...
There is no reason to make these devices talk to each other, except to exchange information about you.

Staten Island creep hacks into Ring security camera to spy on teenager.  A creep hacked into Ring security cameras installed in a Staten Island home to spy on a teenage boy and chat with him — and now his mother is mulling a lawsuit against the company.  Gina Sgarlato's 13-year-old son, Blake, was in the kitchen area of the family's Sunnyside home Wednesday when he heard a creepy voice coming from one of the half-dozen security cameras mounted in the house.  "Hello.  I see you," the male voice says, prompting the startled teen to respond, "What?" according to security camera footage obtained by The [New York] Post.

Tennessee family says hackers accessed Ring camera in 8-year-old girl's room, taunted her.  A family wants to warn others after an alarming video was discovered from inside their 8-year-old daughter's room.  Ashley LeMay shared the video with FOX 17 News and says hackers gained access to a Ring video camera that had only been in her daughter's room for a few days.  The story is a horrifying one for families, as what was supposed to add more protection for a child turned into a scary situation.

FTC warns Christmas buyers that smart toys are a security risk.  Thinking of giving a young person an internet-connected smart toy this Christmas?  If so, the US Federal Trade Commission (FTC) wants you to think very carefully about the hidden and serious security risks you might be handing over with it.  It would be easy to dismiss such advice as glaringly obvious, but the FTC puts its finger on three capabilities that often spell trouble.

Your Smart TV could be spying on you, FBI warns.  Consumers need to think seriously about the security of their Internet-connect Smart TVs, according to the FBI.  "A number of the newer TV's also have built-in cameras," the FBI's Portland field office said, in a statement.  "In some cases, the cameras are used for facial recognition so the TV knows who is watching and can suggest programming appropriately.  There are also devices coming to market that allow you to video chat with grandma in 42' [sic] glory."  "Beyond the risk that your TV manufacturer and app developers may be listening and watching you, that television can also be a gateway for hackers to come into your home," the FBI added.

The Surveillance Century: Who Should Own Your Data?  The best way to prevent spying on people is to spy on the spies and spot them first.  Ever since Microsoft won the national defense cloud computing contract they've had an implicit brief to watch all the major hacking threats to that system.  The "Big Four" are apparently China, Russia, Iran, and North Korea.  Though most of the media attention has been focused on Russia, even the smaller players pose a threat.  "A hacking group that appears to be linked to the Iranian government attempted to break into U.S. President Donald Trump's re-election campaign but were unsuccessful," sources familiar with the operation told Reuters.  To stop them, Microsoft has to spot them first.

Facebook rolls out update to patch iOS camera bug.  Facebook's latest iOS update out Wednesday addresses a bug that has been inadvertently activating the cameras of some users of the social network's popular Apple iPhone app.  A version of Facebook's iOS app released Friday contains a software flaw that abruptly opens the app's camera feature, according to the social networking company.  Facebook acknowledged the glitch after social media users began sharing videos over the weekend showing their smartphone cameras suddenly becoming operational while using the app's other features.

The Facebook app has been quietly turning on people's cameras and freaking them out.  So paranoid 21st-century folk may not be entirely happy to hear about a 'bug' which turns on their phone's camera whilst they're using the Facebook app.  The glitch affects iPhone owners, who said their camera suddenly switched itself on while they were scrolling through their feed, watching videos or looking at photos.  When people turned the video to full-screen mode and then switched back to Facebook's normal view, they could see a little open space on the left and the camera app in the background.  Several people have tweeted about the bug and it has been replicated by tech journalists.

Facebook is secretly using your iPhone's camera as you scroll your feed.  iPhone owners, beware.  It appears Facebook might be actively using your camera without your knowledge while you're scrolling your feed.  The issue has come to light after a user going by the name Joshua Maddux took to Twitter to report the unusual behavior, which occurs in the Facebook app for iOS.  In footage he shared, you can see his camera actively working in the background as he scrolls through his feed.

Police interrogate Alexa for clues in fatal spear-stabbing.  Police in South Florida plan to interrogate a potential witness to a fatal stabbing:  Amazon's Alexa smart speaker app.  Last week, the South Florida SunSentinel reported that police in Hallandale Beach issued a search warrant for anything recorded by two devices — an Echo and Echo Dot — found in the apartment where a woman who was arguing with her boyfriend was killed in July.  Police have accused Adam Reechard Crespo of murdering his girlfriend, Silvia Galva.

Advice: unload your Fitbits.  News:  Google to acquire Fitbit, valuing the smartwatch maker at about $2.1B.  How does this acquisition make your life better?  What can possibly go wrong?  "Nothing," based on this reassurance from Fitbit's CEO: [...] Uh huh, just "trust me."  All that history of personally identifiable information going into Google's Big Data?  "Can't wait" until we inevitably get fully-government-controlled healthcare (Elizabeth Warren must be salivating over this acquisition).  The federal bureaucrats will love this level of invasive information and will "find a way" to get their hands on this data.

Spotify is giving free Google Home Minis to all Spotify Premium users.  If you're a Spotify Premium user (whether you've had it for years or are just signing up today), you can get a free Google Home Mini.  Yes, you read that correctly and we read the fine print for you — Spotify is giving away Google Home Minis to all Spotify Premium users.

The Editor says...
I'm not sure what Spotify is, but whatever its value may be, I wouldn't put a microphone in my house so Google could listen 24/7, no matter what incentives were offered.  Why do you suppose Google and Amazon (see below) are offering incentives to get these devices into more residences?

Get an Amazon Echo Dot for Just $9 Today.  If you're an Amazon Prime member — and we haven't scared you off from smart speakers altogether just yet — now might be your chance to finally pull the trigger.  Right now, Amazon Prime members can buy an Echo Dot, which normally sells for $49.99 on the site, for just $8.98.  You can use your Echo to read the news, listen to audiobooks or just use it as a fancy alarm clock (as I do); you'll also get a free month of Amazon Music Unlimited out of the deal, which you can cancel at any time.

The Editor says...
Exactly as above, I wouldn't put one of these things in my house, either, no matter what the incentives.  The only difference here is that Amazon can listen 24/7 rather than Google.  It's one thing to have your privacy invaded by a big company without your permission, but you can't complain when you have invited them to do so.

Sinister prankster hacks Nest camera, threatens to kidnap baby.  A California father said this week that a hacker infiltrated his Nest camera, commandeered the voice function and threatened to steal his baby — the latest in a string of disturbing security breaches of the devices. [...] Other Nest users across the country have reported hackers infiltrating their devices, yelling curses at owners and even using the device to raise the temperature on their thermostats.  In January, an Illinois couple said a voice spoke to their child through their Nest camera and later spewed obscenities at them.

Google Executive:  You Should Warn Guests About Smart Speakers in Your Home.  BBC News reports that during a recent interview, Google's devices chief Rick Osterloh was asked if homeowners should warn guests that smart devices such as Google Home or Amazon Echo were in use.  The Google executive seemed surprised by the question but eventually agreed that they should indeed be informed.

Here's how Alexa learned to speak Spanish without your help.  Now that Alexa knows how to speak Spanish in the US, there's a common question: how did it learn the language when it didn't have the benefit of legions of users issuing commands?  Through new tools, it seems.  Amazon has revealed a pair of system that helped Alexa hone its español (and Hindi, and Brazilian Portugese) using just a tiny amount of reference material.  Effectively, they gave the natural language machine learning model a jumpstart.  The first tool studies a handful of "golden utterances" (that is, reference commands suggested by the developers) to learn general syntax and semantics patterns.  After that, it produces "rewrite expressions" that themselves create thousands of new yet similar sentences to work from.  The system works quickly — you could move from 50 utterances to a fully operational linguistic set in less than two days.

Apple under scrutiny for sending Safari browsing data to China's Tencent.  Apple is attracting scrutiny for its practice of checking if the websites you're visiting visiting are fraudulent and malware-infested after Chinese internet conglomerate Tencent was found listed as a Safe Browsing provider.  The Safari feature — dubbed "Fraudulent Website Warning" in iOS and macOS — is meant to enhance online security by cross-referencing URLs against a blacklist service provided by safe browsing providers such as Google and Tencent.  "This feature appears to be 'on' by default in iOS Safari, meaning that millions of users could potentially be affected," said John Hopkins cryptography professor Matthew Green.

Amazon Workers May Be Watching Your Cloud Cam Home Footage.  In a promotional video, Amazon.com Inc. says its Cloud Cam home security camera provides "everything you need to monitor your home, day or night."  In fact, the artificially intelligent device requires help from a squad of invisible employees.  Dozens of Amazon workers based in India and Romania review select clips captured by Cloud Cam, according to five people who have worked on the program or have direct knowledge of it.  Those video snippets are then used to train the AI algorithms to do a better job distinguishing between a real threat (a home invader) and a false alarm (the cat jumping on the sofa).  An Amazon team also transcribes and annotates commands recorded in customers' homes by the company's Alexa digital assistant, Bloomberg reported in April.

Smart TVs Caught Sending Sensitive User Data To Facebook And Netflix.  A study by researchers from Northeastern University and Imperial College London found that many popular smart TV models, including models by Samsung and LG, as well as streaming dongles Roku and Amazon FireTV, are leaking sensitive user data to advertisers.  The models listed above would share data like location and IP address with Netflix, Facebook and third-party advertisers, according to the FT.

Home Depot And Lowe's Accused Of Scanning Millions Of Customers Faces.  Home improvement stores like Home Depot and Lowe's have become partners in Big Brother's ever expanding public surveillance program.  Home Depot's "You Can Do It.  We Can Help" slogan should really say, "We Can Do It.  We Can Help Big Brother."  And Lowe's "Do It Right For Less.  Start At Lowe's" slogan should say, "Doing It Right And Identifying Every Customer, Starts At Lowe's."  According to the Cook County Record, two recent class action lawsuits accuse Home Depot and Lowe's of secretly using facial recognition to identify customers as soon as they enter their stores.

The Editor says...
Good.  Send an email to my wife telling her that I just walked in to Home Depot, and I'm headed toward the cable ties and wire nuts.  Wait, now I'm just walking up and down the lumber aisle, because the smell reminds me of the Saturday mornings in 1963 when my dad would take me to the lumber yard.  Okay, maybe they don't have access to those details -- yet.

Amazon's Alexa to accept donations for 2020 presidential candidates.  Starting in October, users of Amazon's voice-controlled home assistant, Alexa, will be able to verbally make a political contribution between $5 and $200 to a participating 2020 presidential candidate, the company announced Wednesday [9/18/2019].  In order to use the new Alexa Political Contributions feature, users must have voice purchasing enabled in their Alexa settings, as well as valid default payment method in their Amazon accounts.  "Alexa, donate [amount] to [candidate name]" is another phrase users can say to support a preferred political hopeful.

The Editor says...
Do you really want Amazon to know all about your political contributions?

This Company Built a Private Surveillance Network.  We Tracked Someone With It.  In just a few taps and clicks, the tool showed where a car had been seen throughout the U.S. A private investigator source had access to a powerful system used by their industry, repossession agents, and insurance companies.  Armed with just a car's plate number, the tool — fed by a network of private cameras spread across the country — provides users a list of all the times that car has been spotted.  I gave the private investigator, who offered to demonstrate the capability, a plate of someone who consented to be tracked.

The Surveillance State:  Have Americans Unwittingly Opted In?  When was the last time you sat down and read through the entirety of an app or hardware devices terms of use?  The usually thousands of words long legalese omelet is easily bypassed by scrolling to the bottom of the page and clicking on the "I agree" box and unfortunately, that's what most Americans in the modern world of instant gratification tend to do.  I mean, all of these apps that we use on a regular basis to order food, listen to music, and even find a mate, require that we "opt in," and whether we have a conscious understanding or what that truly means or not, doing so has allowed for everything from the contents of your inbox and contact list to control of your phones camera and microphone to be manipulated by the application.

Google's newest smart home device is always listening and watching.  Google's latest smart product has some users wary, as concerns grow over the 'spying' abilities of internet-connected home devices.  The firm launched the successor to its Nest Hub (formerly called the Home Hub) on Tuesday, offering its Smart Display with Google Assistant and a bigger, 10-inch screen.  And, unlike those before it, the $229 Nest Hub Max has a built in camera that can recognize different faces.

Are Google, Amazon, Apple Smart Speakers Carrying On Secret Surveillance?  The founder of a major venture capital firm in Silicon Valley and former executive at Time Warner and AOL believes surveillance is the main objective of voice-commanded "smart speakers" such as Amazon's Alexa, Google's Home, and others.  "I would say that there's two or three layers, sort of problematic layers, with these new smart speakers, smart earphones that are in market now," said John Borthwick during an interview with Yahoo Finance Editor-in-Chief Andy Serwer.  "And so the first is, from a consumer standpoint, user standpoint, is that these, these devices are being used for what's — it's hard to call it anything but surveillance," Borthwick added.  Borthwick's privileged position on the inside of these major tech firms and the firms that fund them give his opinion weight and that weight should make owners of these devices worry.

Big Tech Investor:  Google and Amazon use Smart Speakers as Surveillance Systems.  Tech investor John Borthwick says that smart speakers from the like of Amazon and Google are being used for mass surveillance.  Borthwick is forthcoming with his assertion that the information gathering performed by such devices is the same thing as surveillance.  Borthwick is the founder of venture capital firm Betaworks and former Time Warner and AOL executive.  "I would say that there's two or three layers sort of problematic layers with these new smart speakers, smart earphones that are in the market now," Borthwick told Yahoo Finance Editor-in-Chief Andy Serwer during an interview for his series Influencers.  "And so the first is, from a consumer standpoint, user standpoint, is that these, these devices are being used for what's — it's hard to call it anything but surveillance," Borthwick said.

Google reveals major iPhone security flaws that let websites hack phones.  Security researchers working in Google's Project Zero team say they have discovered a number of hacked websites which used previously undisclosed security flaws to indiscriminately attack any iPhone that visited them.  Motherboard reports that the attack could be one of the largest ever conducted against iPhone users.  If a user visited one of the malicious websites using a vulnerable device, then their personal files, messages, and real time location data could be compromised.  After reporting their findings to Apple, the iPhone manufacturer patched the vulnerabilities earlier this year.

Apple apologizes for letting contractors eavesdrop on Siri's sex recordings.  Sorry we've been eavesdropping on your sex life.  Apple on Wednesday [8/28/2019] apologized to its users for employing third-party contractors to listen to audio recordings picked up by its Siri voice assistant, including when the voice assistant program was accidentally triggered by muffled background noise.  The practice — in which Apple had contractors listened to recordings to grade Siri's performance — made waves after a whistleblower said the voice assistant routinely recorded people having sex, as well as making drug deals and discussing confidential medical information.  "We realize we haven't been fully living up to our high ideals, and for that we apologize," Apple said Wednesday.

Doorbell-camera firm Ring has partnered with 400 police forces, extending surveillance reach.  The doorbell-camera company Ring has quietly forged video-sharing partnerships with more than 400 police forces across the United States, granting them access to homeowners' camera footage and a powerful role in what the company calls the nation's "new neighborhood watch."  The partnerships let police automatically request the video recorded by homeowners' cameras within a specific time and area, helping officers see footage from the company's millions of Internet-connected cameras installed nationwide, the company said.  Officers don't receive ongoing or live-video access, and homeowners can decline the requests, which Ring sends via email, thanking them for "making your neighborhood a safer place."

Apple Just Gave 1.4 Billion iPad, iPhone Users A Reason To Leave.  Last month The Guardian revealed Apple was employing contractors to listen to and "grade" Siri recordings and they "regularly" heard confidential information from iPhone and iPad users, including medical information, drug deals and recordings of couples having sex.  And now a new report from the Irish Examiner has given a sense of scale to what was happening.  "Contractors in Cork [Ireland] were expected to each listen to more than 1,000 recordings from Siri every shift, before Apple suspended the practice last month," explains the Examiner, who got its information from "an employee who had their contract abruptly terminated this week."

Did Mark Zuckerberg Lie Under Oath About Facebook Eavesdropping Through Your Phone?  Last April, in front of the U.S. House Committee on Energy and Commerce, Facebook CEO Mark Zuckerberg told Congress that the social media giant was "not collecting any information verbally on the microphone," and "does not have contracts with anyone else who is."  On Tuesday [8/13/2019] this week, Bloomberg reported that Facebook has indeed been paying outside contractors to transcribe clips of audio from users.

Facebook Has Been Paying Outside Contractors to Listen to and Transcribe Users' Audio Messages.  Facebook has been using outside contractors to listen to and transcribe users' audio clips, again raising questions about the transparency of the company's terms of service and its handling of sometimes-sensitive personal data.  The latest disclosure came via a Bloomberg report that found the company has been using hundreds of outside contractors to provide text versions of audio messages sent through Facebook Messenger.  The social media company confirmed to Bloomberg that it had been transcribing audio messages, saying that the transcription was limited to those who opted in to the text transcription service option on Facebook's Messenger app.  Facebook said the purpose of hiring human transcribers was to provide a check on the company's artificial intelligence translations of anonymized messages and improve their accuracy.

Ninth Circuit Advances $35 Billion Privacy Suit Against Facebook.  Rejecting arguments that Facebook users suffered no "concrete harm" by having their facial data mapped and stored, the Ninth Circuit advanced a $35 billion class action against the social media giant Thursday [8/8/2019].  Facebook sought to swat down the lawsuit last year after U.S. District Judge James Donato ordered it to alert users about an upcoming trial on claims that it harvested facial data in violation of an Illinois privacy law.

What Hillary, Seth, and Paige Have in Common.  Recently we learned that over 100 million Americans' sensitive personal information — names, dates of birth, Social Security numbers, credit histories, income information — was stolen from a major U.S. financial institution from what is often touted as a new, "highly secure," cloud-based data storage system.  But here's the reality:  No one's information is safe in the modern world, because all systems rely on human beings, who are inherently untrustworthy.

Siri records fights, doctor's appointments, and sex (and contractors hear it).  Voice assistants are growing in popularity, but the technology has been experiencing a parallel rise in concerns about privacy and accuracy.  Apple's Siri is the latest to enter this gray space of tech.  This week, The Guardian reported that contractors who review Siri recordings for accuracy and to help make improvements may be hearing personal conversations.  One of the contract workers told The Guardian that Siri did sometimes record audio after mistaken activations.  The wake word is the phrase "hey Siri," but the anonymous source said that it could be activated by similar-sounding words or with the noise of a zipper.  They also said that when an Apple Watch is raised and speech is detected, Siri will automatically activate.

Google finds cheap way out of multibillion-dollar 'wi-spy' suit.  Google is poised to pay a modest $13 million to end a 2010 privacy lawsuit that was once called the biggest U.S. wiretap case ever and threatened the internet giant with billions of dollars in damages.  The settlement would close the books on a scandal that was touched off by vehicles used by Google for its Street View mapping project.  Cars and trucks scooped up emails, passwords and other personal information from unencrypted household Wi-Fi networks belonging to tens of millions of people all over the world.  The debacle became known as "Wi-Spy," and it caused almost as much of an uproar as Facebooks's more recent Cambridge Analytica scandal.

Equifax agrees to pay $700M after massive data breach.  The Wall Street Journal says Equifax will pay around $700 million to settle with the Federal Trade Commission over a 2017 data breach that exposed Social Security numbers and other private information of nearly 150 million people.

Zuckerberg's new cryptocurrency is absolutely terrifying.  Does this strike anyone else as terrifying?  A company that has operated with impunity, under zero federal regulations, whose CEO, Mark Zuckerberg, has been called — in a hapless act of political theater — to explain his shadowy practices before Congress, yet has never offered specific correctives to any of his outfit's failings or overreaches or unintended consequences, makes its next big move this?  As declarations go, it's astonishing.  Zuckerberg is out for nothing less than dominion over us all.  If you're one of the site's 2.6 billion users, Facebook's operators know where you are all the time, whether you're logged on or not.  They know what you're buying, even if you're in a brick-and-mortar shop.  They scan photos you upload for biometrics.  They mine your data and sell it to advertisers, but they won't say how much of it, only that it's a small amount, promise.  Facebook's not the product.  We are.

FaceApp security concerns:  Russians now own all your old photos.  The eerie FaceApp photo filter, which uses AI to digitally age your face, has gone viral, with millions on social media sharing their sagging simulacrum, including celebs such as Drake, the Jonas Brothers and Kevin Hart.  However, experts warn that the free "old age filter," created in 2017 by developers at Wireless Lab in St. Petersburg, Russia, poses security concerns that may give them access to your personal information and identity.

How Much Do We Trust Alexa, Siri, Nest, and Ring — and Their Makers?  The electronic "smart home" promises endless convenience and security.  People will control the temperature of their home from their office.  This fall, Walmart will launch a service that will let a delivery worker unlock a house with an app and then stock its refrigerator with food, all monitored by a live camera on the worker's chest.  It all sounds too good to be true.  And maybe it is.  Before we plunge headlong into the Brave New World of smart homes, let's pause and consider potential bugs in the system.

In Stores, Secret Surveillance Tracks Your Every Move.  I worked as a senior software engineer for a year for one of these companies, on the core product. [...] This really is the bigger story, but the article has missed it.  Apps really are random bits of software strangers run on your phone.  Users have no idea which sketchy friend-of-a-friend-of-a-friend has just managed to get his API running on their phone.  Simple solution to this:  do not install apps on your phone.  I'm not kidding.  People have the expectation they are buying a phone — paying a lot of money for a phone — to put apps on it and use them, and that it must be possible to do this, because they've spent a bunch of money on it.  This is not the case.  The time when apps could be used on phones has passed.  You cannot now buy a phone to run apps, because it is not safe to do so.  This means phones no longer make sense.  It is in fact I would say a tragedy of the commons.  If you are going to do this [...] silly thing, don't do it in this [...] silly way.  Root your phone first and get a firewall installed — and don't log into Google on your phone, not ever.

Report: FTC Fines Facebook $5 Billion for Privacy Violations.  The Federal Trade Commission (FTC) reportedly approved a $5 billion settlement with Facebook on Friday following the social media giant's handling of the Cambridge Analytica scandal.  This serves as the largest fine the FTC has given out for privacy violations; however, politicians and activists have said that this fine serves as a "bargain" for Facebook.  The Wall Street Journal cited a person familiar with the matter, suggesting that the FTC voted 3-2, along party lines, to approve a $5 billion settlement with Facebook.

Amazon Alexa Calls Police On Man Who Was Allegedly Beating His Girlfriend.  A New Mexico man was arrested after police received a 911 call from an Amazon Alexa smart speaker.  Police say that 28-year-old Eduardo Barros was house-sitting with his girlfriend when they started to argue.  Barros reportedly pulled out a gun and threatened to kill the woman, who authorities have not identified.  At one point, he asked her:  "Did you call the sheriffs?"  The smart speaker and the voice-powered virtual assistant heard his question and believed it was a command, so it dialed 911 on the home's landline.

Report: Google Android Lets Apps Track You Regardless of Permissions.  According to a recent study, Google's Android operating system is allowing more than 1,300 apps to bypass system permissions controlling access to user data to track users without their knowledge.  ZDNet reports that a recent study by the International Computer Science Institute (ICSI) claims that as many as 1,325 Android apps installed across 500 million Android devices have found methods to bypass the Android operating systems permissions system to continue to track users without their knowledge or consent.

Beware of the Cloud.  As obvious as it sounds, the following needs to be said:  Any time you store data on the internet, you open yourself up to a cyberattack.  Cybersecurity issues are becoming a daily struggle for businesses around the globe.  Recent research suggests that most companies have unprotected data and poor cybersecurity practices, making them vulnerable to data loss.  This is particularly problematic in the cloud, where colossal amounts of data are stored by millions of users on the same system.  In May of this year, hackers accessed emails and file-sharing systems of some customers of cloud provider PCM, Inc.  Hackers stole administrative credentials that granted them access to customer accounts in Microsoft Office 365.

Facebook usage falling after privacy scandals, data suggests.  Facebook usage has plummeted over the last year, according to data seen by the Guardian, though the company says usage by other measures continues to grow.  Since April 2018, the first full month after news of the Cambridge Analytica scandal broke in the Observer, actions on Facebook such as likes, shares and posts have dropped by almost 20%, according to the business analytics firm Mixpanel.

They are Watching Us — All the Time.  During the Obama presidency, Americans discovered that his administration's intelligence agencies were spying on us.  In fact, Director of National Intelligence James Clapper lied to Congress about it, for which he was never charged — but then, he's a Democrat, the laws don't apply to them.  Eventually, he came clean, admitting that all Americans were being spied on, all the time, with spy agencies keeping a record of all phone conversations, texts, and emails made by every American.  This was merely a precaution in case they ever needed to prosecute any of those who disagreed with Barry.  Yet, I believe that the tech industry not only does the same thing (spying) but does it better.

Facebook unveils 'its most invasive and dangerous form of surveillance yet' with launch of Libra cryptocurrency.  Facebook is launching cryptocurrency next year that will allow people to move money from their smartphone into a digital "wallet".  The currency is known as Libra, which the social network says it has "no special role" in governing and will manage equally with a group of big companies.

The future will be recorded, on your smart speaker.  Amazon's patent application for an always-on feature for Alexa, its popular voice-activated personal assistant, has raised a lot of concern.  "If you're already freaked out by the privacy implications of smart speakers like Amazon's Echo," says Gizmodo, "we have some bad news."  A headline in ScienceAlert is even more direct:  "Newly Released Amazon Patent Shows Just How Much Creepier Alexa Can Get."  You get the idea.  But the anxiety is much ado about nothing.  An Alexa that's always listening will likely prove more useful than an Alexa that isn't; and, in any case, always-on devices are certainly our future.

Amazon sued for recording children's voices via Alexa.  Amazon was slapped with a pair of class-action lawsuits this week over its Alexa voice assistant, which is getting accused of recording and storing the voices of children without their or their parents' consent.  Both cases portray kids as vulnerable to Alexa's voice recording and transcription technology, which allows Amazon to amass "a vast level of detail about the child's life, ranging from private questions they have asked Alexa to the products they have used in their home."  The suits also claim the technology violates laws in eight states that prohibit the recording of oral communications without the consent of all participating parties.

Facebook attorneys admit in court there's NO privacy on its platform.  Although it has only been around for 15 years, Facebook has certainly made its mark on the world and how it functions.  For many of its 2.27 billion users, life before Facebook is nothing but a distant memory.  An entire generation of people looks to the social media giant to find friends and connect with family, and millions of people rely on its news feed to remain up to date in an ever-changing world.  When more than a quarter of the world's population is entrusting you with their information there is a huge level of responsibility to protect their privacy.  But, while Facebook has been happy to rack up billions in profits, its CEO Mark Zuckerberg has been oblivious to this massive responsibility.

Amazon Installing Alexa in Apartments and Hotel Rooms.  They Say 24/7 Data Collection Will Help Property Managers.  More creepy "Surveillance Capitalism" courtesy of Amazon who isn't hiding that it is putting millions of smart speakers in homes and hotels by "offering discounted hardware, customized software and new ways for property managers to harvest and use data."  Are there actually people willing to pay for this type of arrangement?

Amazon's Plan to Move In to Your Next Apartment Before You Do.  When tenants first walk into their new apartment at the Brandon Place complex in Oklahoma City, they aren't likely to notice anything out of the ordinary for 2019 — there are smart locks on the door with keycode entry, and contemporary thermostats with LCD touch screens. [...]

Newly Released Amazon Patent Shows Just How Much Creepier Alexa Can Get.  A newly revealed patent application filed by Amazon is raising privacy concerns over an envisaged upgrade to the company's smart speaker systems.  This change would mean that, by default, the devices end up listening to and recording everything you say in their presence.

UN report:  Female AI voices like 'Alexa' perpetuate harmful gender stereotypes.  Female default voices for artificial intelligence personal assistants may inadvertently reinforce gender stereotypes, according to a study published by United Nations Educational, Scientific, and Cultural Organization (UNESCO).  Default female voices for the devices, as well as names like Alexa and Siri, may precondition users toward antiquated views of women, according to the study.  UNESCO also found assistants rarely have safeguards against abuse and gendered language.  For example, Siri will respond to being told to make the user a sandwich with "I can't.  I don't have any condiments," according to the study.  Insulting Siri prompts only the response "I'd blush if I could," which is the title of the report.

The Editor says...
I wouldn't have one of those voice-activated "assistants" in my house if you gave it to me.  If you have one, it's obviously listening to everything you say, waiting for the trigger word that supposedly wakes it up.  If you personify such a gadget and start saying nasty things to it, you've got a few screws loose; however, you can bet that somewhere at Amazon or Google, they're keeping track of every vulgar thing you've said, just in case you run for office someday.


"Therefore whatsoever ye have spoken in darkness shall be heard in the light; and that which ye have spoken in the ear in closets shall be proclaimed upon the housetops."
Luke 12:3    


WhatsApp was hacked and attackers installed spyware on people's phones.  WhatsApp was hacked, and attackers installed sophisticated spyware on an unknown number of people's smartphones.  The Facebook subsidiary, which has 1.5 billion users, said it discovered in early May that "an advanced cyber actor" infected an unknown number of devices with the malware.  The Financial Times, which first reported on the issue on Monday [5/13/2019], said bad actors exploited a vulnerability to install the surveillance technology by calling the target through WhatsApp, giving them access to information including location data and private messages.  Even if the target didn't pick up, the malware was able to infect the phone.

Alexa has been eavesdropping on you this whole time.  Would you let a stranger eavesdrop in your home and keep the recordings?  For most people, the answer is, "Are you crazy?"  Yet that's essentially what Amazon has been doing to millions of us with its assistant Alexa in microphone-equipped Echo speakers.  And it's hardly alone:  Bugging our homes is Silicon Valley's next frontier.

23 reasons not to reveal your DNA.  DNA testing is a booming global business enabled by the internet.  Millions of people have sent samples of their saliva to commercial labs in hopes of learning something new about their personal health or heritage, primarily in the United States and Europe.  In some places, commercial tests are banned.  In France, you could face a fine of around $4,000 USD for taking one.  Industry giants Ancestry.com, 23andMe, MyHeritage and FamilyTreeDNA market their services online, share test results on websites, and even offer tutorials on how to search for relatives in phone directories, or share results in social media.  They often also claim rights to your genetic data and sell access to their databases to big pharmaceutical and medtech companies.

Facebook Anticipates Fine of Up To $5 Billion.  Facebook is anticipating a multi-billion dollar fine from the Federal Trade Commission (FTC) over their handling of the Cambridge Analytica scandal, according to The Hill.  The company disclosed to investors in its quarterly earnings report that they have already put $3 billion aside for this on Wednesday [4/24/2019], adding that they haven't reached a settlement with the FTC, and are unsure when this will be resolved.  The fine could be as high as $5 billion, according to The New York Times.

Alexa Is Listening All The Time:  Here's How To Stop It.  Recent news reports in the last week revealed that Amazon has thousands of workers listening to Amazon Echo aka Alexa voice assistant recordings.  That is a bit unnerving, however, this post will share several ways, including a serious DIY project, to increase your privacy.

Your car is watching you.  Who owns the data.  If you're driving a late model car or truck, chances are that the vehicle is mostly computers on wheels, collecting and wirelessly transmitting vast quantities of data to the car manufacturer not just on vehicle performance but personal information, too, such as your weight, the restaurants you visit, your music tastes and places you go.  A car can generate about 25 gigabytes of data every hour and as much as 4,000 gigabytes a day, according to some estimates.

Amazon Workers Are Listening to What You Tell Alexa.  Tens of millions of people use smart speakers and their voice software to play games, find music or trawl for trivia.  Millions more are reluctant to invite the devices and their powerful microphones into their homes out of concern that someone might be listening.  Sometimes, someone is.  Amazon.com Inc. employs thousands of people around the world to help improve the Alexa digital assistant powering its line of Echo speakers.  The team listens to voice recordings captured in Echo owners' homes and offices.  The recordings are transcribed, annotated and then fed back into the software as part of an effort to eliminate gaps in Alexa's understanding of human speech and help it better respond to commands.

The Editor says...
What you tell Alexa is not the problem.  The problem is that Alexa listens to everything in the house (or office), long after you have forgotten that Alexa is around.  I wouldn't have one of those devices in my house if you gave it to me, and every time I'm around one of them, I say so.

How to Check Your Hotel Room for Hidden Cameras.  [Scroll down]  As for physical inspections, hotel guests should look for anything in the room that appears abnormal.  Small holes in the walls or other objects; random wires in unexpected places; and any blinking or flashing lights are all good indicators a camera might be hidden somewhere in your room.  However, [Mike] O'Rourke said there are no "typical" spots in which people hide illegal recorders.  "Light fixtures, smoke detectors, clock radios, coffee pots and electric sockets have all been used to hide cameras.  I've seen cameras in the air conditioner vents in hotel rooms.

Facebook admits to inadvertently storing 'hundreds of millions' of user passwords in plain text on company servers.  Facebook officials admitted on Thursday [3/21/2019] that the tech giant stored hundreds of millions of user passwords in plain text — able to be read by employees.

WhatsApp co-founder accuses Mark Zuckerberg of trading privacy for revenue after allowing ads on the platform.  WhatsApp co-founder Brian Acton urged people to 'delete' their Facebook accounts now, during an address made to students.  Mr Acton, now the head of non-profit WhatsApp rival Signal, blasted Facebook CEO Mark Zuckerberg for trading privacy for revenue by allowing ads on his platform.  He has now called for people to 'reject' Facebook by deleting its family of apps from their smartphones and other devices.  It comes after the world's largest social network has been beset by a string of privacy scandals.

Zuckerberg wants Facebook to build a mind-reading machine.  If you're concerned about Facebook's privacy scandals or worried that it's listening in on your phone calls, you'll likely be disturbed by CEO Mark Zuckerberg's recent comments at Harvard.  Despite the fact that Facebook is under fire from Sen. Elizabeth Warren (D-Mass.) and facing more skepticism from the public about its business practices, the tech giant's chief executive officer discussed the company's research into a brain-computer interface that would allow people to use their mind to navigate through augmented reality.  Even though this might sound creepy, don't worry, Zuckerberg said they have no current plans to develop surgically implanted chips.  The idea would be to produce some type of external device, perhaps glasses, that allows users to control digital additions to the landscape without speaking or typing anything.

Cryptocurrency wallet caught sending user passwords to Google's spellchecker.  The Coinomi wallet app sends user passwords to Google's spellchecking service in clear text, exposing users' accounts and their funds to man-in-the-middle (MitM) attacks during which attackers can log passwords and later empty accounts.  The issue came to light yesterday after an angry write-up by Oman-based programmer Warith Al Maawali who discovered it while investigating the mysterious theft of 90 percent of his funds.

Who's making money from your DNA?  If you've ever sent off your DNA to an ancestry or health-screening company for analysis, chances are your DNA data will be shared with third parties for medical research or even for solving crime, unless you've specifically asked the company not to do so.

Your iPhone Has a Hidden List of Every Location You've Been.  Sure, many of us know that our iPhone generally tracks us when we use certain apps to enable it to share personalized information like the local weather, coffee shop recommendations, and more.  But in a quick survey I ran with some friends, not one person (out of dozens of people that I surveyed) knew where or how to navigate to this specific screen that I'm talking about here.  It's called the Significant Locations list.

Alternative viewpoint:
iOS's Significant Locations list tracks every location visited.  This is very old news.  Apple has explained why they collate this data, how it is used and the tight security surrounding it.  And they make it simple to switch off.  The article stupidly implied that the setting is buried — no, not having any interface at all is burying it.  Apple was under no obligation to surface this data in the UI, let alone with the clarity and detail in which they did.  If you're a privacy paranoid — well you shouldn't have a smartphone at all — but if you have an iPhone, at the very least I'd expect you to comprehensively circumnavigate the privacy section in Settings.

Google says the built-in microphone it never told Nest users about was 'never supposed to be a secret'.  In early February, Google announced that its home security and alarm system Nest Secure would be getting an update.  Users, the company said, could now enable its virtual-assistant technology, Google Assistant.  The problem:  Nest users didn't know a microphone existed on their security device to begin with.  The existence of a microphone on the Nest Guard, which is the alarm, keypad, and motion-sensor component in the Nest Secure offering, was never disclosed in any of the product material for the device.

Airlines found to have cameras in entertainment sets.  Newer seat-back entertainment systems on some airplanes operated by American Airlines and Singapore Airlines have cameras and it is likely they are also on planes used by other carriers.  American and Singapore both said on Friday [2/22/2019] that they have never activated the cameras and have no plans to use them.

The Editor says...
Ri-i-i-i-ight.  The cameras were designed into the seats.  Somebody had to write a contract for seats that included cameras, and somebody else had to justify the additional expense.  It is therefore very difficult to believe that the airlines had "no plans to use them."

You Give Apps Sensitive Personal Information.  Then They Tell Facebook.  Millions of smartphone users confess their most intimate secrets to apps, including when they want to work on their belly fat or the price of the house they checked out last weekend.  Other apps know users' body weight, blood pressure, menstrual cycles or pregnancy status.  Unbeknown to most people, in many cases that data is being shared with someone else:  Facebook Inc.  The social-media giant collects intensely personal information from many popular smartphone apps just seconds after users enter it, even if the user has no connection to Facebook, according to testing done by The Wall Street Journal.  The apps often send the data without any prominent or specific disclosure, the testing showed.

From Echo to Ring doorbell and Fire TV, are you comfortable Amazon controlling your smart home?  [Scroll down]  Amazon and Eero downplayed the privacy issues, saying the mesh router doesn't share Wi-Fi information.  But Amazon, as Eero does now, will soon know how you use your Wi-Fi, whether that's on computer or a mobile, just by being in your home network.  Techies loved Eero because it solved an important problem:  helping to wipe out spotty Wi-Fi service across the home.  In his 2016 review, USA TODAY's Edward Baig said, "my dead zones appear to be a dead issue."  The Eero was the first such product in a category soon emulated by Google, Netgear, Linksys and others.  A three-pack of the Eero (for multiple rooms) sells for $500; Google undercut it in its version to $250.  Now, with Amazon taking on Eero, "you can't really escape Amazon in the home," said Carolina Milanesi, an analyst with Creative Strategies.  "One big company is delivering too many devices."

Customer loyalty rewards programs used to convince the public to accept 9,000 private license plate readers.  The die has been cast, whether it is digital drivers licenses, digital license plates, license plate readers or facial recognition cameras.  Everyone from private corporations to law enforcement follows the same script; offer Americans customer loyalty rewards programs in exchange for the loss of their privacy.  Surveillance politics and law enforcement regularly tout license plate readers as a necessary extension of public safety at the expense of our privacy.  But now things have gotten out of control as a recent Quartz headline warned "In just two years, 9,000 of these cameras (ALPR) were installed to spy on your car."  A Massachusetts company called Novume which recently acquired Open ALPR Technology Inc. boasts that their free software is being used by private corporations and governments in more than 9,000 private license plate readers worldwide.

If you don't own a mirror or a scale...
Google may be developing 'smart shoes' that warn when you're getting fat.  Google is reportedly taking another giant step in its mission to take over people's lives — by developing "smart" shoes that can warn the wearer if they are getting fat.  The search engine's health division Verily is said to be designing footwear embedded with sensors that can tell how much the user weighs and monitor their activity.  Parent company Alphabet has been showing off prototypes of the "lace-age" shoes as developers search for a partner to build and market them, according to CNBC.

Jeff Bezos Protests the Invasion of His Privacy, as Amazon Builds a Sprawling Surveillance State for Everyone Else.  The National Enquirer has engaged in behavior so lowly and unscrupulous that it created a seemingly impossible storyline: the world's richest billionaire and a notorious labor abuser, Amazon CEO Jeff Bezos, as a sympathetic victim.  On Thursday, Bezos published emails in which the Enquirer's parent company explicitly threatened to publish intimate photographs of Bezos and his mistress, which were apparently exchanged between the two through their iPhones, unless Bezos agreed to a series of demands involving silence about the company's conduct.

Are You a Woman Traveling Alone?  Marriott Might Be Watching You.  When a tweet accused Marriott Hotels of "working with the feds and keeping [an] eye on any women who are traveling alone," training staff to "spot an escort," and "not allowing some women [to] drink at the bar alone," Marriott's official account proudly confirmed the observation:  "You are correct.  Marriott employees all over the world are being trained to help spot sex trafficking at our hotels."  The brief Twitter exchange, which occurred in January, revealed some of the hidden presumptions behind Marriott's efforts to stop sexual exploitation.  Not only did it suggest that the company conflates all sex work with forced or underage prostitution, but it also hinted the world's largest hotel chain considers all unaccompanied women to be worth monitoring — or, at the very least, that there's confusion about this among staff.

One of the largest at-home DNA testing companies is giving the FBI access to its records.  DNA home testing kits that can trace ancestry and find missing relatives are a dream come true for genealogists.  But as conspiracy theorists have long suspected, the tests are being used for other purposes, too.  BuzzFeed News reported that Family Tree DNA, one of the largest home DNA testing companies, is allowing FBI agents to search its databases in their quest to "solve violent crime cases."  The company's database has about 1,021,774 records, Jezebel.com reported.  Public genealogy databases are often used by police to solve cold cases.  One of the most notable ones that used DNA from a public database was the Golden State Killer case.

Perfect for the hypochondriac on your gift list.  Not so great if you value your privacy.
Toilet seat sensor tracks blood pressure, stroke volume, blood oxygenation.  Newly published data from a team of Rochester, New York researchers give credence to a cardiovascular health monitoring system built into a home toilet seat. Examined over an eight-week period, the system demonstrated clinical grade accuracy for measurements of blood pressure, stroke volume and blood oxygenation when compared with their respective gold standards.

Apple busts Facebook for distributing data-sucking app.  Apple says Facebook can no longer distribute an app that paid users, including teenagers, to extensively track their phone and web use.  In doing so, Apple closed off Facebook's efforts to sidestep Apple's app store and its tighter rules on privacy.  The tech blog TechCrunch reported late Tuesday [1/29/2019] that Facebook paid people about $20 a month to install and use the Facebook Research app.  While Facebook says this was done with permission, the company has a history of defining "permission" loosely and obscuring what data it collects.

Facebook COO Sheryl Sandberg tries to claim teens 'consented' to creepy app that snooped on their phones.  Facebook COO Sheryl Sandberg has been slammed for 'lying' after she defended the social media giant's controversial research app that was 'preying' on teenagers as young as 13 by paying them to supply data and have all their phone activity monitored.  In an interview Sandberg said the teens who took part in the 'research project' had 'consented' to share the information and therefore knew what they were getting into.  Facebook has come under fire from all sides for the latest in a series of privacy disasters, with pundits describing their actions as 'shameful' and comparing the firm to a 'criminal enterprise' in light of the latest revelations.

Apple's FaceTime could be spying on you.  Here's how to turn it off.  Apple is scrambling to fix a significant privacy bug in FaceTime that allows callers to hear — and sometimes see — the other person, even before they've accepted or rejected the incoming call.  As of Tuesday [1/29/2019], the iPhone maker disabled group FaceTime until it can offer a more permanent fix to the glitch, which was first revealed on Monday by 9to5Mac after going viral on social media.

Disable FaceTime Right Now.  A jaw-dropping flaw in Apple's FaceTime software allows for users to eavesdrop on others while a call is still ringing, according to 9to5Mac.  The bug works by simply dialing another user, then swiping up and inserting the originating number via the "Add Person" screen before it is answered.  FaceTime apparently is thus tricked into believing that a Group FaceTime conference call is occurring, transmitting audio from the recipient's device whether or not they have accepted or rejected the call.

This Is The Reason Smart TVs Are So Cheap.  A significant reason why a smart TV, or perhaps a new 65-inch 4K smart TV with HDR capability, can be purchased for about $500, is because some manufacturers are harvesting data from users. [...] Vizio TVs, have the ability, with user opt-in, track anything that is on the TV, what the company calls "automatic content recognition."  That data used to be sold off to third-party data aggregators, but after the Federal Trade Commission and New Jersey slapped the company with a multi-million dollar fine in 2017.  Legal documents from the case reportedly show that Vizio installed software on 11 million smart TVs to track viewing habits without consumers' knowledge.  Now, Vizio keeps the data but sells targeted advertising in a platform model like Google and Facebook.

Amazon sent Alexa recordings of man and girlfriend to stranger.  A German man was very confused when he received, at his request, all the information that Amazon possessed on him.  He had requested the data dump through Europe's GDPR privacy law, and among the records of his Amazon searches and purchases, he was surprised to find no less than 1,700 recordings of him using Amazon's Alexa-powered Echo digital assistant.  Surprised because he doesn't own an Echo.  And the voice on the recordings wasn't his.  That's right:  Amazon had sent him the entire recording set of a complete stranger.

Home Items Are Getting Smarter and Creepier, Like It or Not.  One day, finding an oven that only cooks food may be as tough as buying a TV that lets people change the channel.

Printer spy
Stealth Cell Tower:  Rogue Cellular Infrastructure Disguised as Office PrinterStealth Cell Tower is an antagonistic GSM base station in the form of an innocuous office printer.  It brings the covert design practice of disguising cellular infrastructure as other things — like trees and lamp-posts — indoors, while mimicking technology used by police and intelligence agencies to surveil mobile phone users.


Weather Channel App Sued, Accused of Selling Users' Data.  People relied on the most popular mobile weather app to track forecasts that determined whether they chose jeans over shorts and packed a parka or umbrella, but its owners used it to track their every step and profit off that information, Los Angeles prosecutors said Friday [1/4/2019].  The operator of The Weather Channel mobile app misled users who agreed to share their location information in exchange for personalized forecasts and alerts, and they instead unwittingly surrendered personal privacy when the company sold their data to third parties, City Attorney Michael Feuer said.

Amazon busted for 'immoral, almost voyeuristic' Alexa eavesdropping 'error'.  An Amazon user in Germany was just able to gain access to an estimated 1,700 voice recordings of an Alexa user — because, get this, of a glitch at the Amazon company.  That's some glitch.  It came by way of a "human error," Amazon reported.  But here's the bigger glitch.  In the end, these erroneously shared files gave eavesdroppers the access to enough snippets of private in-home conversations that they were soon able to piece together the Alexa user's identity.  Wonder how many more human errors of this type have been made?

Facebook's Deepest, Dirtiest Secret.  Facebook is a for-profit surveillance company disguised as a social media company.  Once you invite it into your life, it will suck as much data as it can from you.  If you're on Facebook — or if you use Facebook-owned WhatsApp or Instagram — you're sharing the most intimate details of your private life with advertisers and political campaign strategists.  If that doesn't alarm you, consider that Facebook is also an unofficial arm of the Deep State's surveillance apparatus.  Leaked documents from the National Security Agency (NSA) revealed this back in 2013.  As the result of secret court orders, Facebook — along with Google, Microsoft, and Yahoo — routinely hands over users' account details to the U.S. government spooks.

Facebook tries to explain why it gave Netflix and Spotify access to users' private messages.  Facebook has published a blog post explaining the exact ways other companies have used customers' data, after it was revealed 150 firms had accessed user's information.  In its blog, Facebook said it gave companies like Amazon, Spotify and Netflix the ability to read, write and delete access to private messages.  But the blog post also claimed that:  'No third party was reading your private messages, or writing messages to your friends without your permission.'  'Many news stories imply we were shipping over private messages to partners, which is not correct,' the Facebook blog added.

Your Apps Know Where You Were Last Night, and They're Not Keeping It Secret.  The millions of dots on the map trace highways, side streets and bike trails — each one following the path of an anonymous cellphone user.  One path tracks someone from a home outside Newark to a nearby Planned Parenthood, remaining there for more than an hour.  Another represents a person who travels with the mayor of New York during the day and returns to Long Island at night.  Yet another leaves a house in upstate New York at 7 a.m. and travels to a middle school 14 miles away, staying until late afternoon each school day.  Only one person makes that trip:  Lisa Magrin, a 46-year-old math teacher.  Her smartphone goes with her.  An app on the device gathered her location information, which was then sold without her knowledge.  It recorded her whereabouts as often as every two seconds, according to a database of more than a million phones in the New York area that was reviewed by The New York Times.  While Ms. Magrin's identity was not disclosed in those records, The Times was able to easily connect her to that dot.

Is Alexa Listening?  Amazon Echo Sent Out Recording of Couple's Conversation.  They're always listening.  They're on the internet.  But what happens when digital assistants like Alexa go rogue?  Could they share our private conversations without our consent?  Privacy advocates have long warned this could happen, and now it has.  A woman in Portland, Ore., told KIRO7, a television news station in Washington, that her Amazon Echo device had recorded a conversation then shared it with one of her husband's employees in Seattle.  Skeptics were quick to say we told you so, as the news rocketed through the connected world.

Amazon Alexa shares man's recordings with stranger.  Amazon's voice assistant, Alexa, is under fire once again for failing to protect user privacy.  About 1,700 voice recordings from one person were shared with another user in Germany after the company made a "human error," Reuters reported on Thursday [12/20/2018].  The second user asked to access his own recordings from his voice assistant, but was also granted access to thousands of files from a stranger — which included a man and woman talking in their home.

Facebook has filed patents to predict our future locations.  Facebook filed a patent, titled "Offline Trajectories," last week in which it proposes predicting users' "location trajectories" — in other words, where we're likely headed.  Knowing when we're about to hurtle into a no-WiFi-connection limbo means Facebook can "prefill" our phones with content and ads.  As Facebook described in the patent application, it would use machine learning to analyze metadata associated with users who already found themselves in whatever geographic location that you're heading toward.  Of course, Facebook's mobile app is one of hundreds that constantly track our location, so it's already got a good basis to predict all those little circuits that we circle in our daily lives.

How Taylor Swift Really Knew You Were Trouble When You Walked In.  Taylor Swift, one of the more-stalked celebrities in the world, recently used advanced facial recognition technology on fans who spent their hard-earned money on tickets to attend her show.  The Verge reports that it was done in the name of keeping the star safe: [...] There was no notice or warning that such technology would be used, let alone concealed in such a way.  But it's hard to blame Swift, who has been subjected to unstable stalkers for years.

Your Phone Is Tracking Your Every Movement.  Here's What You Can Do About It.  In a revealing New York Times expose, an investigation revealed that hundreds of apps are tracking our every move, many without asking permission or explaining what they are doing with the information.  They know exactly where we are and where we have been at almost any moment in time.  It's a broad surveillance effort, affecting over 200 million Americans, designed to gather more personal data and sell it to corporations, including advertisers, banks, insurance companies, health providers, and retailers.  IBM, for example, is one of the key players in this industry.  Examples in the article include apps tracking people into hospital operating rooms, school classrooms, and doctor's offices, with each individual being tracked thousands of times per day.  While many in the industry claim the information is anonymous, it doesn't take much effort to connect a residence or office to its occupants.

Drop Dead.  I've had a Dropcam for the last six months or so, mostly to keep an eye on my house and pets when we're gone.  It has a couple monitoring features where it records video loops when it detects motion and takes photos when it detects motion as well.  You have to pay a monthly fee to get access to both, but you still get periodic emails when the camera senses activity and it'll send a medium sized low-res picture several times a day embedded in the message.  I never thought much of this until I opened an email to see a photo of me completely naked walking by the camera, on my way to grab from a pile of recently folded clean clothes after I took a shower.  Obviously, that's a bit of a shock, but I was home alone and I'm the only one that opens my email, so I wasn't too disturbed by it.  But then I realized that image is on Dropcam's system.  And Google bought Dropcam so my photo is somewhere in Google's cloud.

The House That Spied on me.  After Congress voted last year to allow ISPs to spy on and sell their customers' internet usage data, we were all warned that the ISPs could now sell our browsing activity, or records of what we do on our computers and smartphones.  But in fact, they have access to more than that.  If you have any smart devices in your home — a TV that connects to the internet, an Echo, a Withings scale — your ISP can see and sell information about that activity too.  With my "iotea" router I was seeing the information about Kashmir and her family that Comcast, her ISP, could monitor and sell.

Google Reveals Plans to Monitor Our Moods, Our Movements, and Our Children's Behavior at Home.  Patents recently issued to Google provide a window into their development activities.  While it's no guarantee of a future product, it is a sure indication of what's of interest to them.  What we've given up in privacy to Google, Facebook, and others thus far is minuscule compared to what is coming if these companies get their way.  These patents tell us that Google is developing smart-home products that are capable of eavesdropping on us throughout our home in order to learn more about us and better target us with advertising.  It goes much further than the current Google Home speaker that's promoted to answer our questions and provide useful information, and the Google-owned Nest thermostat that measures environmental conditions in our home.  What the patents describe are sensors and cameras mounted in every room to follow us and analyze what we're doing throughout our home.

Google Wants To Data Mine Your Home And Kids' Bedroom.  New patents show Google is quietly developing a smart-home automated system that will routinely eavesdrop on your daily life.  The patents describe how cameras and sensors will be mounted in almost every room of the house, scanning and analyzing every movement a human makes.  According to the patent description, the smart cameras could recognize Will Smith's face on a T-shirt.  After cross-referencing this data against the human's browser history, the smart-home might announce or send them a message, "You seem to like Will Smith.  His new movie is playing in a theater near you."

What You're Giving Away With Those Home DNA Tests.  "Obviously, there is a lot of fine print," said Mary Freivogel, president of the National Society of Genetic Counselors.  "Any time you do anything and you have a big, long agreement in front of you, I think so many of us are accustomed to just clicking 'agree'."  Even if you do read the whole agreement, which can go on for pages, you may not understand what you're giving the company permission to do, said Hank Greely, director of the Center for Law and the Biosciences at Stanford School of Medicine.  "There is no legal limit on what they could do other than the agreement that you enter into with them which they may or may not choose to follow," Greely added.  "If they don't follow it, the chance you would ever find out is very, very low."

They record everything you say?
Amazon must give up Echo recordings in double murder case, judge rules.  On Friday [11/9/2018], a local judge in New Hampshire ordered Amazon to hand over Echo recordings made the day a Farmington couple was murdered at its home.  According to local media accounts, Strafford County Superior Court Presiding Justice Steven M. Houran compelled Amazon to disclose not only the audio files but any associated data — such as what phones were paired to the smart speaker — that may be connected to the January 2017 murder of Christine Sullivan and Jenna Pellegrini.

Almost all Android apps send personal data to other companies like Facebook, Google and Amazon, study reveals.  Data from the vast majority of apps is harvested and shared with Google, a comprehensive study of the Android ecosystem has revealed.  Researchers from Oxford university analysed 959,000 apps from the UK and US Google Play stores, finding that almost 90 per cent of Android apps share data with Google.  The study also revealed that around half of the apps transfer data to at least 10 third parties, such as Facebook and Twitter.  The study's authors attribute the mass-data harvesting to the rise of "freemium" apps that rely on advertising and data sharing for revenue.

Now Apps Can Track You Even After You Uninstall Them.  If it seems as though the app you deleted last week is suddenly popping up everywhere, it may not be mere coincidence.  Companies that cater to app makers have found ways to game both iOS and Android, enabling them to figure out which users have uninstalled a given piece of software lately — and making it easy to pelt the departed with ads aimed at winning them back.  Adjust, AppsFlyer, MoEngage, Localytics, and CleverTap are among the companies that offer uninstall trackers, usually as part of a broader set of developer tools.  Their customers include T-Mobile US, Spotify Technology, and Yelp.  Critics say they're a fresh reason to reassess online privacy rights and limit what companies can do with user data.

Google sued for tracking you, even when 'location history' is off.  Google now faces a potential class action lawsuit over the revelation that it continues to store users' location data even if they turn off Location History.  The lawsuit was filed on Friday [8/17/2018], the day Google updated its help page to clarify that with Location History off it still stores some location data in other services such as Google Search and Maps.  Until then, Google's help page on Location History stated that "with Location History off, the places you go are no longer stored".  However a report by the Associated Press found this statement wasn't true.

When it's hotel staff, not the hackers, invading folks' privacy.  [Scroll down]  It appears DEF CON had run slap bang into a policy change by Caesars hotel properties.  Worried about the prospect of someone stockpiling weapons in their suites just like the Mandalay Bay killer, and thus using their hotels for another bout of senseless slayings, the hotel giant decided that if someone has a do-not-disturb tag on their door for more than a couple of days, a search has to be made.  In other words, if the maids can't be allowed in to clean up and clock any assault rifles and grenades, security guards will do the latter for them — whether guests are present or not.  There were a number of problems with this.  Firstly, the hotel promotes skipping maid service as an eco-friendly option during check-in: people are thus encouraged to limit housekeeping to save on resources, and earn credits.  Secondly, many people — myself included — prefer privacy, and frequently turn down maid service.  Thirdly, hacker event attendees are among the most security-minded on the planet, and thus try to minimize opportunities for strangers to be in rooms with belongings unattended.  And finally, bursting into rooms with no identification is not how this policy should be executed.

What Your Car Knows About You.  Car makers are collecting massive amounts of data from the latest cars on the road.  Now, they're figuring out how to make money off it.  With millions of cars rolling off dealer lots with built-in connectivity, auto companies are gaining access to unprecedented amounts of real-time data that allow them to track everything from where a car is located to how hard it is braking and whether or not the windshield wipers are on.  The data is generated by the car's onboard sensors and computers, and then stored by the auto maker in cloud-based servers.  Some new cars have as many as 100 built-in processors that generate data.

St. Louis University Is Installing Amazon Alexa-Enabled Echo Dots Campus-Wide.  The first college or university in the nation is installing Alexa-enabled Amazon Echo Dots in every single dorm room across campus.  St. Louis University, a private four-year university in Missouri, unveiled a plan to install 2,300 intelligent assistant-enabled Echo Dots in residence halls and student apartments before classes begin later this month.  The Alexa-enabled Echo Dots will be programmed to answer over 100 specific questions about the campus and student activities, such as the hours for the library or a list of upcoming public lectures.

Alphabet, Amazon, IBM, and Microsoft Want Hospitals' Data.  Google parent Alphabet, Amazon, IBM, Microsoft, and Salesforce.com have launched a campaign for restrictions on data sharing between hospitals to be dropped.  At the Blue Button 2.0 Developer Conference in Washington, D.C., the companies issued a joint statement against patient data sharing restrictions.

Google might be tracking your location.  Here's how you can turn it off.  Google may be tracking your location, even if have some location tracking turned off on your account.  An investigation by the Associated Press found that simply turning off location history on an account does not completely prevent the tech giant from tracking your movements.  Google accounts also have a "Web & App Activity" section which also tracks a user's location when Google apps and other services are used.  That option is turned on by default and must be manually paused by the user.

Pentagon restricts use of fitness trackers, other electronic devices that reveal locations.  U.S. military troops and other defense personnel at sensitive bases or certain high-risk war zone areas won't be allowed to use features on fitness trackers or cellphone applications that can reveal their location, according to a new Pentagon order.  The memo stops short of banning the devices, which are often linked to cellphone apps or smart watches and can share users' GPS locations and exercise details to social media.  But it says the "geolocation capabilities" can present a "significant risk" to military personnel, so those functions must be turned off in certain operational areas.

Facebook quietly lobbying big banks to share customer data.  Mark Zuckerberg wants to know how much is in your bank account.  The tech mogul's Facebook has been quietly lobbying some of the biggest US banks to sign partnerships that would have the financial institutions share customer data — including account balances and recent purchases.  The request, which has also been made by other tech giants, is part of a larger race to keep users on their platform.  For Zuckerberg, it is an attempt to have users increase the time they spend on Facebook Messenger.

Uber driver is livestreaming riders without their knowledge or consent.  The driver, a bearded man in his 30s, was friendly.  The women asked where he went to high school.  They joked about friends they were going to meet at a bar across town.  But there was something the women didn't know:  Their driver was streaming a live video of them to the internet, and comments from viewers were pouring in.  The blonde is a 7, the brunette a 5, someone with the username "DrunkenEric" commented.  "She doesn't sit like a lady though," another viewer added.

Venmo's terrible idea.  I'm a regular Venmo user.  I used the service a month ago to receive $30 from my sister-in-law.  I used it again two weeks ago to reimburse my brother after we threw our father a surprise birthday party.  It's a perfectly useful service.  But unlike most Venmo users, I have my transactions set to "private" — and I've never understood why the default setting was "public."  Why would I want the world, even my Internet friends, to know when I settle bar bills?  I know of no mainstream payment system that makes its transactions public.

How Smart TVs in Millions of U.S. Homes Track More Than What's On Tonight.  The growing concern over online data and user privacy has been focused on tech giants like Facebook and devices like smartphones.  But people's data is also increasingly being vacuumed right out of their living rooms via their televisions, sometimes without their knowledge.  In recent years, data companies have harnessed new technology to immediately identify what people are watching on internet-connected TVs, then using that information to send targeted advertisements to other devices in their homes.  Marketers, forever hungry to get their products in front of the people most likely to buy them, have eagerly embraced such practices.  But the companies watching what people watch have also faced scrutiny from regulators and privacy advocates over how transparent they are being with users.

Tesla Powerwall2 home battery hacking?  I'm not the only one who's noticed that the Tesla "Powerwall2" home battery system uses the same ubiquitous "CAN bus" found in automobiles.  (Duh!  It appears that the Powerwall2 is basically 1/4 of a standard base Tesla Model 3 battery.)  Many home battery systems utilize several Powerwall2's, and hence approximate 1/4-3/4 of the energy storage capacity of a Tesla base Model 3.  After a number of notorious car hacks using this same CAN bus over the past several years, what could possibly go wrong with a Powerwall2 system — having the equivalent of several gallons of gasoline stored within its batteries — in/on your home? [...] Unlike the Tesla automobile, which is connected only sporadically with the Internet, your home Powerwall2 is presumably capable of being attacked 24x7.

Facebook As The Ultimate Government Surveillance Tool?  Earlier this month it came out that among Facebook's myriad algorithmically induced advertising categories was an entry for users whom the platform's data mining systems believed might be interested in treason against their government.  The label had been applied to more than 65,000 Russian citizens, placing them at grave risk should their government discover the label.  Similarly, the platform's algorithms silently observe its two billion users' actions and words, estimating which users it believes may be homosexual and quietly placing a label on their account recording that estimate.  What happens when governments begin using these labels to surveil, harass, detain and even execute their citizens based on the labels produced by an American company's black box algorithms?  One of the challenges with the vast automated machine that is Facebook's advertising engine is that its sheer scale and scope means it could never possibly be completely subject to human oversight.  Instead, it hums along in silence, quietly watching the platform's two billion users as Big Brother, silently assigning labels to them indicating its estimates of everything from their routine commercial interests to the most sensitive and intimate elements of their personality, beliefs and medical conditions that could be used by their governments to manipulate, arrest or execute them.

No more tickets?  MLB fans will soon use fingerprints, facial recognition instead.  A tap of the finger will soon replace traditional tickets at baseball stadiums across the country.  Major League Baseball and CLEAR are teaming up to launch biometric ticketing, allowing fans to use their fingerprints — and eventually facial recognition — to enter the ballpark.  A pilot program will arrive at select venues later this season.  In 2019, MLB and CLEAR plan to roll out biometric ticketing to ballparks that utilize CLEAR and Tickets.com technology.  "We'll be able to immediately link [fans'] CLEAR accounts to their MLB.com account.  Your biometrics — your face and fingerprint — become your ticket," CLEAR co-founder and CEO Caryn Seidman-Becker told FOX Business.

Privacy conversation turns to enabling smart TV tracking services.  Remember when tech topics had such happy focal points as bendable displays and a new stylus for tablets?  Unfortunately, the accent in this year's headlines is on how much we might be getting tracked.  Facebook, move over.  This time the glare is on smart TVs.

When your TV starts watching you, it's time to demand greater privacy.  As reported in the New York Times on Thursday [7/5/2018], new companies have sprung up to keep tabs on what people watch on their smart TVs and connected devices, including whether they watch conservative or liberal programming and which political party debates they view.  Advertisers then can pay to place ads on those TVs and devices.  One company, Samba, says it has collected viewing records from 13.5 million smart TVs in America.  When people are first setting up their TVs, Samba offers to recommend programs and provide special offers, the Times reported.  Only those people who go online or click through to another message screen — if they read more than 10,000 words of privacy policy and terms of service — learn that Samba will track nearly everything on that TV, second by second.

Samsung Galaxy texting bug sends random pics.  The upshot is, random messages are reportedly being sent via Samsung's default texting app.  "If you've got a Samsung phone and use the default Samsung Messages app for all your texting needs, you may want to check your gallery to make sure you don't have any embarrassing photos in it," Android Central reports.  Users have been complaining about the problem on Reddit and Samsung user forums, among other places.  The issue was first reported by Android Central.

Thermostats, Locks and Lights:  Digital Tools of Domestic Abuse.  The people who called into the help hotlines and domestic violence shelters said they felt as if they were going crazy.  One woman had turned on her air-conditioner, but said it then switched off without her touching it.  Another said the code numbers of the digital lock at her front door changed every day and she could not figure out why.  Still another told an abuse help line that she kept hearing the doorbell ring, but no one was there.  Their stories are part of a new pattern of behavior in domestic abuse cases tied to the rise of smart home technology.  Internet-connected locks, speakers, thermostats, lights and cameras that have been marketed as the newest conveniences are now also being used as a means for harassment, monitoring, revenge and control.

Hacks turn Amazon Alexa, Google Home into secret eavesdroppers.  Oh, goody, Amazon Alexa and/or Google Home could be hit with remote, large-scale "voice squatting" and "voice masquerading" attacks to steal sensitive user information or eavesdrop on conversations.  Third-party skills are what make virtual personal assistants like Alexa so handy; by enabling skills, your interactions with Alexa can be more relevant to your life and what you like.  Skills are also what the group of researchers exploited to come up with voice squatting attacks.  It's doubtful that you'd even notice if you were hit with such an attack; unlike the researchers, adversaries are unlikely to have the skill tell you about the hack.

US cell carriers are selling access to your real-time phone location data.  Four of the largest cell giants in the US are selling your real-time location data to a company that you've probably never heard about before.  In case you missed it, a senator last week sent a letter demanding the Federal Communications Commission (FCC) investigate why Securus, a prison technology company, can track any phone "within seconds" by using data obtained from the country's largest cell giants, including AT&T, Verizon, T-Mobile, and Sprint, through an intermediary, LocationSmart.  The story blew up because a former police sheriff snooped on phone location data without a warrant, according The New York Times. The sheriff has pleaded not guilty to charges of unlawful surveillance.

The Spanish Liga uses the phone microphone of millions of fans to spy on bars.
La Liga de Fútbol usa el micrófono del teléfono de millones de aficionados para espiar a los bares.  [Automated translation]  The Liga de Fútbol Profesional, the body that runs the most important sports competition in Spain, is using mobile phones of football fans to spy on bars and other public establishments that put matches for their clients.  Millions of people in Spain have this application on their phone, which accumulates more than 10 million downloads, according to data from Google and Apple.

Stop Using Common Email Encryption Tools Immediately, Researchers Warn.  Throughout the many arguments over encrypted communications, there has been at least one constant: the venerable tools for strong email encryption are trustworthy.  That may no longer be true.  On Tuesday [5/15/2018], well-credentialed cybersecurity researchers will detail what they call critical vulnerabilities in widely-used tools for applying PGP/GPG and S/MIME encryption.  According to Sebastian Schinzel, a professor at the Münster University of Applied Sciences in Germany, the flaws could reveal the "plaintext" that email encryption is supposed to cover up — in both current and old emails.

The Best and Worst Encrypted Messaging Apps.  There's never been a better time to start encrypting your texts and phone calls.  Hackers are breaking into more personal devices than ever before, and massive government surveillance dragnets are indiscriminately sweeping up people's digital communications.  Encryption can protect you.  By encrypting your messages, you can make sure only you and the intended recipient are able to read any messages you send.  More specifically, end-to-end encryption uses complex mathematical algorithms to scramble your data so only your intended recipient can unscramble your message.  Your service provider can't access them, and the developer of the app you're using can't see them.  This prevents would-be hackers or government surveillance tools from collecting your communications.  So, with that in mind, here are the best mobile apps for sending encrypted messages.

Facebook bug made up to 14 million users' posts public for days.  Facebook has found itself the subject of another privacy scandal, this time involving users' privacy settings.  A glitch caused up to 14 million Facebook users to have their new posts inadvertently set to public, the company revealed Thursday [6/7/2018].  The bug, which reportedly occurred while Facebook was testing a new feature, went live on May 18. Facebook told CNN, which first reported the issue, that it began rolling out a fix on May 22.  The bug was fully corrected by May 27.  If some of your posts have been affected by the bug, Facebook says they should now have been reverted back to your normal sharing settings.

Hotels are installing Amazon listening devices in every room.  Hotels like the Wynn Las Vegas and the Marriott are installing Amazon listening devices in every room.  Two years ago, Geek Wire revealed that the Wynn Las Vegas hotel installed Amazon Echo devices in all their rooms. [...] According to Amazon, hotel customers love being spied on.

Facebook gave firms broad access to data on users, friends: report.  Facebook reportedly formed data-sharing partnerships with dozens of device makers, including Apple and Samsung, giving them access to information on users, as well as on users' friends.  The New York Times revealed the extent of the partnerships on Sunday, shedding new light on the social media giant's behavior related to customer data in the wake of a scandal involving the political consulting firm Cambridge Analytica.  The Times found that the company had at least 60 such deals over the past decade, many of which are still in effect, allowing the other companies access to personal data of Facebook users and their friends.

Will Amazon's facial-recognition tech enable mass surveillance?  Amazon has been selling a facial-recognition system to police, sparking fears that the technology will one day power mass surveillance.  On Tuesday [5/22/2018], the American Civil Liberties Union and 35 other advocacy group sent a letter to the company's CEO Jeff Bezos, demanding that he stop providing the technology to law enforcement.  The technology, called Amazon Rekognition, can identify people's faces in digital images and video.  Police in Oregon and Florida have been using the system to help them solve crimes, but the ACLU argues that it's ripe for abuse.

Woman says her Amazon device recorded private conversation, sent it out to random contact.  A Portland family contacted Amazon to investigate after they say a private conversation in their home was recorded by Amazon's Alexa — the voice-controlled smart speaker — and that the recorded audio was sent to the phone of a random person in Seattle, who was in the family's contact list.

Police use spying doorbells to create digital neighborhood watch networks.  It seems like all I have been writing about lately, is how police are using cam-share programs to create city-wide surveillance networks.  When I first heard about 'Ring' a smart doorbell with a video camera, I didn't think much of it.  I mean how could the police state turn what appeared to be an innocuous smart device into another surveillance tool?  Enter Amazon, who recently purchased Ring for $1 billion dollars.  Fast forward a few months and Amazon announces that Ring is on a mission to work with law enforcement across the country.

Cambridge Analytica files for bankruptcy following Facebook data scandal.  Cambridge Analytica LLC, the American branch of the embattled British-based data broker and political consultancy firm hired by President Trump's 2016 election campaign, has filed for bankruptcy in the United States after coming under fire for collecting the personal information of millions of Facebook users without their knowledge.  Along with a related company, SCL USA, Cambridge Analytica filed for Chapter 7 bankruptcy in federal court late Thursday [5/17/2018], two months after news reports first revealed that the firm had quietly obtained the personal data of about 87 million Facebook users through a purported online personality quiz.

Alexa and Siri Can Hear This Hidden Command.  You Can't.  A group of students from University of California, Berkeley, and Georgetown University showed in 2016 that they could hide commands in white noise played over loudspeakers and through YouTube videos to get smart devices to turn on airplane mode or open a website.  This month, some of those Berkeley researchers published a research paper that went further, saying they could embed commands directly into recordings of music or spoken text.  So while a human listener hears someone talking or an orchestra playing, Amazon's Echo speaker might hear an instruction to add something to your shopping list.

DNA of every baby born in California is stored.  Who has access to it?  You probably know where your Social Security card, birth certificate and other sensitive information is being stored, but what about your genetic material?  If you or your child was born in California after 1983, your DNA is likely being stored by the government, may be available to law enforcement and may even be in the hands of outside researchers, CBS San Francisco's Julie Watts reports.  Like many states, California collects bio-samples from every child born in the state.  The material is then stored indefinitely in a state-run biobank, where it may be purchased for outside research.

A One-Minute Attack Let Hackers Spoof Hotel Master Keys.  In 2003, Finnish security researcher Tomi Tuominen was attending a security conference in Berlin when a friend's laptop, containing sensitive data, was stolen from his hotel room.  The theft was a mystery:  The staff of the upscale Alexanderplatz Radisson had no clues to offer, the door showed no signs of forced entry, and the electronic log of the door's keycard lock — a common RFID card reader sold by Vingcard — had recorded no entries other than the hotel staff.  The disappearing laptop was never explained.  But Tuominen and his colleague at F-Secure, Timo Hirvonen, couldn't let go of the possibility that Vingcard's locks contained a vulnerability that would let someone slip past a hotel room's electronically secured bolt.  And they'd spend roughly the next decade and a half proving it.

Malicious Amazon Alexa Skills Can Record Everything a User Says.  On April 25, security firm Checkmarx publicly disclosed that it has found that a malicious developer can trick Amazon's Alexa voice assistant technology to record everything a user says.  At this time, it's not clear if any hackers have ever exploited the flaw, which is not in the Amazon Echo hardware, but rather is an abuse of functionality in the Alexa Skills feature set.  Developers can extend Alexa's technology by building skills that provide new functionality for end users.  Checkmarx found that there were several unbounded parameters that were available to Alexa skills developers that could have enabled a malicious developer to record and even transcribe what a user says, even after the user had finished communicating with the device.

Don't blame academics like me for Facebook's privacy crisis.  Mark Zuckerberg has tried to deflect blame for Facebook's privacy crisis by pointing the finger at my university.  "We do need to understand whether there was something bad going on in Cambridge University overall, that will require a stronger action from us," he told the US Senate this week.  There is a short answer to that, and a deeper one.  The short answer is that when Aleksandr Kogan, the researcher whose "This Is Your Digital Life" app is at the heart of the current row, applied to use the data collected by his company in university research, our ethics committees turned him down flat.  The reason?  While the people who installed his app had consented to their data being used in research, their Facebook "friends" had not.

Nobody is a victim of Facebook.  All of the media need to finally understand one thing:  Facebook and its founder Mark Zuckerberg don't owe them anything.  Both Zuckerberg and his data-mining company drew scrutiny in recent weeks after it was reported that it had sold information on users to Cambridge Analytica, which in turn used it to aid the Trump campaign.  It was an apparent shock to some that when Facebook asks, "Would you like to share your location?" it's not so that they can send the user a bag of money.

Facebook to put 1.5 billion users beyond the reach of new EU privacy law, report says.  Reuters reports that Facebook is looking to limit its exposure to the EU's new General Data Protection Regulation (GDPR).  Passed in 2016, the law regulates how firms protect the data of EU citizens.  On May 25, the EU will start enforcing the new regulation, which explicitly applies to any company that uses the data of EU residents, no matter where it is based.  Organizations in breach of GDPR can be fined up to 4 percent of their annual global turnover or 20 million Euros ($24.6 million), whichever is greater.  For Facebook, which reported over $40 billion in revenue during its fiscal year 2017, the implications of the new regulation is significant.

Facebook Calls Out Google And Twitter By Name:  They Take Your Private Info Too.  Facebook specifically named fellow tech giants Twitter, Google and Amazon in a blog post discussing how and why it uses people's personal information — an apparent attempt to pull the ostensible competitors into the arena of cacophonous public backlash.

Facebook facial recognition faces class-action suit.  Facebook must face a class action lawsuit over its use of facial recognition technology, a California judge has ruled.  The lawsuit alleges that Facebook gathered biometric information without users' explicit consent.  It involves the "tag suggestions" technology, which spots users' friends in uploaded photos.  The lawsuit says this breaches Illinois state law.  Facebook said the case had no merit and it would fight it vigorously.

Zuckerberg admits Facebook collects data on non-users.  We've already learned quite a bit from Mark Zuckerberg's grilling by a joint session of the Senate Commerce and Judiciary Committees.  But Zuckerberg has now revealed another fact that is sure to worry anyone who doesn't use Facebook.  As many already suspected, Facebook collects data about non-users, too.  As Bloomberg reports, Representative Ben Lujan asked Zuckerberg whether or not Facebook collected data on users who did not have an account.  Zuckerberg admitted they do, stating "In general we collect data on people who are not signed up for Facebook for security purposes."  He doesn't recognize the term "shadow profiles," though.

Nearly one in 10 Americans surveyed say they deleted their Facebook account over privacy concerns.  Nine percent of Americans in a new survey said they had deleted their Facebook account over privacy concerns.  Thirty-five percent said they were using Facebook less than they used to.

Obama Harvested Data from Facebook and Bragged About It.  Why Are We Only Freaking Out About This Now?  Facebook's idiosyncratic approach toward safeguarding the personal information of its users has attracted more political outrage than the company has ever experienced.  The American and British legislatures have invited Mark Zuckerberg to visit and be complained at in person, the Federal Trade Commission has let leak an investigation, and German officials are officially vexed.  What irks them is the revelation that a third-party Facebook app masquerading as a personality quiz extracted information that was sold to the political consulting firm Cambridge Analytica, which in turn provided services to Republicans.

Amazon's Alexa could soon be eavesdropping on your conversations.  Soon, your Amazon Echo device could be listening in on your conversations in a bid to personalise advertising to your needs.  Amazon are currently chasing a patent that will allow them to bank the things you say even when you're not speaking directly to your device.  These so-called "sniffer algorithms" could learn all of your likes and dislikes, and use them to target adverts with products Amazon thinks you would like.

The Editor says...
If I had a conversation this afternoon with someone who knows everything about Amazon, I would be very surprised to hear him or her deny that such algorithms are not in use already.

Facebook has always been one big swindle.  Once again, Mark Zuckerberg is sorry.  The founder of Facebook, who has apologized for privacy breaches throughout much of his company's existence, is back at it, on a much larger stage than ever before.  The proximate cause is the Cambridge Analytica controversy.  In violation of Facebook's rules, the Trump-linked political consultancy schemed to get access to the data of 87 million users.  This has made Facebook a scapegoat for Trump's victory on par with the Russians and James Comey (at least before the FBI director got fired and became a Trump adversary).  In 2012, Barack Obama's re-election campaign did a less-underhanded version of the same thing as Cambridge.  The great chronicler of the Obama digital operation, Sasha Issenberg, wrote of how its "'targeted sharing' protocols mined an Obama backer's Facebook network in search of friends the campaign wanted to register, mobilize, or persuade."  No scandal ensued — rather, the Obama digital mavens were hailed as geniuses who changed campaigning forever.

Facebook Still Hasn't Owned Up To One Huge Privacy Breach.  Every day, it seems, Facebook faces new troubles on the privacy front.  But there's one breach that Facebook executives still have not accounted for.  Namely, the wholesale transfer of user data to the Obama campaign in 2012.

Facebook suspends another data analytics firm after CNBC discovers it was using tactics like Cambridge Analytica.  Facebook is suspending a data analytics firm called CubeYou from the platform after CNBC notified the company that CubeYou was collecting information about users through quizzes.  CubeYou misleadingly labeled its quizzes "for non-profit academic research," then shared user information with marketers.  The scenario is eerily similar to how Cambridge Analytica received unauthorized access to data from as many as 87 million Facebook user accounts to target political marketing.

Your Data May Be Safer on Facebook Than With the Feds.  Rep. Joseph Kennedy III has announced that he plans to exploit the Facebook privacy scandal in a thinly veiled attempt to establish government control over the internet:  "When you see lapses like that, it opens the door for Congress to get involved... and make sure people's information is safeguarded."  You can bet that, once Kennedy and his Democratic accomplices are permitted to "get involved," they won't limit their meddling to social media.  So, before putting federal apparatchiks in charge of protecting our internet information, it's worth taking a look at their own cybersecurity record.  It is predictably abysmal.

This Is So Much Bigger Than Facebook.  [Scroll down]  The Cambridge Analytica breach is a known bug in two senses.  Aleksandr Kogan, the Cambridge University researcher who built a quiz to collect data on tens of millions of people, didn't break into Facebook's servers and steal data.  He used the Facebook Graph API, which until April 2015 allowed people to build apps that harvested data both from people who chose to use the app, and from their Facebook friends.  As the media scholar Jonathan Albright put it, "The ability to obtain unusually rich info about users' friends — is due to the design and functionality of Facebook's Graph API. Importantly, the vast majority of problems that have arisen as a result of this integration were meant to be 'features, not bugs.'"

Facebook Is Tracking You Even If You're Not on Facebook.  Facebook's problems just keep accumulating, drip by drip — or more like splash by splash.  It's now been discovered that Facebook not only collects and uses the personal data of its members but also collects the data of those who never signed up for Facebook.  So if you're one of those who blames Facebook users for allowing their personal data to be compromised, don't be so smug.  Facebook may be sharing your personal data as well.  Daniel Kahn Gillmor, senior staff technologist at the ACLU, discovered that, although he never joined Facebook or any other social network, Facebook has a detailed profile on him.

10 things Congress should do, but won't.  [#7]  Facebook/Twitter hearings:  Facebook's Mark Zuckerberg and Twitter's Jack Dorsey should be called to testify in person before Congress about their speech suppression practices.  Having made the American people their product rather than their customer, they should be required to answer for the commercial and political use of personally identifiable information.

Facebook now mining patient info from hospitals?  Personal data regarding patient illnesses and prescription information is being pursued by Facebook.  "Facebook sent a doctor on a secret mission to ask hospitals to share patient data," CNBC.com reported.  "Facebook was in talks with top hospitals and other medical groups as recently as last month about a proposal to share data about the social networks of their most vulnerable patients."  The medical data-mining project was devised to work in unison with information Facebook had already extracted from its users.

Facebook sent a doctor on a secret mission to ask hospitals to share patient data.  Facebook has asked several major U.S. hospitals to share anonymized data about their patients, such as illnesses and prescription info, for a proposed research project.  Facebook was intending to match it up with user data it had collected, and help the hospitals figure out which patients might need special care or treatment.  The proposal never went past the planning phases and has been put on pause after the Cambridge Analytica data leak scandal raised public concerns over how Facebook and others collect and use detailed information about Facebook users.  "This work has not progressed past the planning phase, and we have not received, shared, or analyzed anyone's data," a Facebook spokesperson told CNBC.

Report:  Facebook And 'Top-Secret' Doctor Were Working With Hospitals To Collect Patient Information.  Facebook reportedly asked multiple hospitals around the country somewhat recently if they wanted to share patient information in an apparent attempt to help the healthcare institutions with certain processes.  While the initiative, which CNBC first reported, hasn't made it past the initial planning stage, it will likely intensify already clamorous concerns over how the tech giant values people's data privacy.  After all, Facebook allegedly tabled the proposed project when public backlash ensued, stemming from the disclosure it was suspending a data analytics firm for misusing information related to users' traits and online tendencies.  Facebook has "not received, shared, or analyzed anyone's data," the company clarified, according to CNBC.

What is Mark Zuckerberg hiding?  Facebook uses secret tool to delete founder's private messages from other people's inboxes.  Facebook has deleted some of Mark Zuckerberg's private messages over fears sensitive data could be leaked.  Three sources claim old Facebook messages from Zuckerberg have disappeared from their inbox.  The recipients were not notified — raising concerns about what the Facebook CEO could be hiding.  Facebook claims the change was made after the 2014 Sony Pictures hack, when a mass data breach at the movie studio resulted in embarrassing email histories being leaked.  However, the lack of disclosure has angered some users, along with the absence of a similar tool to recall messages for normal users.

Facebook drops a bombshell and says most of its 2 billion users may have had their personal data scraped.  Facebook made a bombshell admission about the security of its users' personal information on Wednesday, in a startling revelation that's almost certain to worsen the privacy crisis currently hanging over the world's largest social network.  "Most" of Facebook's 2 billion users may have had their personal data skimmed from the site by "malicious actors," the company said in a blog post by Chief Technology Officer Mike Schroepfer.  Facebook said it has disabled the feature in its site's search function that enabled the data scraping, but the fact that so much user data may have been vulnerable was another setback to the company's efforts to restore confidence with users.  "It is reasonable to expect that if you've had that setting on in the last several years that someone has accessed your information," company CEO Mark Zuckerberg said on a conference call with journalists.

Will Social Media Be the Death of Us — Literally?  These days many are justifiably alarmed at the overwhelming data-mining capabilities of our internet behemoths.  It was one thing that the NSA and other intelligence agencies knew everything about us — they had a national security excuse, misplaced as that apparently has become — but private concerns from Alphabet to Facebook and back to Amazon now have more information about us than we even know ourselves.

Instagram clamps down on apps amid Facebook data scandal.  Instagram is cracking down on third-party apps by restricting their access to user data amid the fallout following claims that Cambridge Analytica inappropriately gained access to the Facebook data of 50 million users.  The popular photo-sharing platform, which boasts over 800 million monthly users and was purchased by Facebook in 2012 for $1 billion, is limiting access to user data in a surprise change to its API, according to TechCrunch.

Facebook Crisis Deepens As Public Turns Against Social Network:  IBD/TIPP Poll.  People can't agree on much in these highly charged partisan times.  But one thing they do agree on in the wake of Facebook's privacy scandal:  The social network is having a negative impact on society.  That startling finding comes from the latest IBD/TIPP poll, which asked about Facebook in light of the scandal involving improper use of data on millions of the social network's users.

Leaked memo from Facebook boss Andrew Bosworth justifies the firm's growth at all costs.  A leaked memo by a top Facebook executive justifying the firm's controversial data practices has caused outrage at the company's headquarters.  More than 3,000 Facebook employees have reacted to an internal post about the memo by vice president of consumer hardware, Andrew Bosworth.  In the memo, Bosworth gives a candid look into how far the technology giant is willing to go in order to become the world's most popular social media platform.  He admits that the firm engages in 'questionable contact importing practices' but claims it is worth it even if it 'costs someone a life.'

Facebook traffics in personal data:  Scott McNealy.  A co-founder of Sun Microsystems has advice for Facebook users who are unhappy with the social media giant in light of the privacy scandal that exposed the personal data of more than 50 million people:  Stop using free products if you want to protect your personal information.  "The important thing about Facebook to remember is that if the product is free, and there's a lot of free services out there on the network, you're not the customer, you're the product," Scott McNealy told FOX Business' Charles Payne during an interview on Thursday [3/29/2018].  "Your data, your information, your profile is the product."

Facebook privacy:  Easy must-do changes to protect your data.  Mark Zuckerberg, Facebook's founder and CEO, is trying to make good with the company's users following the Cambridge Analytica data privacy scandal.  But what the social media giant really needs is an adult, according to technology expert Kurt Knutsson. [...] The company on Thursday [3/29/2018] announced changes to its data and privacy posture, saying that it would no longer allow third-party data for targeting ads and made it easier for users to find privacy tools.

Clinton campaign app may have harvested Facebook data of millions.  Hillary Clinton's 2016 presidential campaign may have harvested the Facebook data of millions of people using an app that asked them to pair their Facebook friends list with their smartphone's contacts list — in a bid to reach those people and persuade them to vote for Clinton.  In the midst of the election, the Clinton campaign launched a mobile application called "Hillary 2016" that worked its way around the banned practice of gathering information from users' friends without their consent.

Hillary Clinton Campaign App Harvested Facebook Data Of Millions.  You've undoubtedly heard none-stop cover about Cambridge Analytica.  But what about Hillary Clinton.  Seems Clinton's mobile campaign apps harvested the Facebook data of millions of people.  That's ok, move along, nothing to see here.

Your Facebook data is creepy [...] and why you should really have a look at it.  Since 2010, Facebook allows you to download an archive file of all your interactions with the network.  It's a 5-click easy process that your grandmother can do.  Inside the .zip, lies an 'index.html' page that acts as a portal to your personal data.  Visually, it looks like an ad-free stripped down version of Facebook that's actually quite relaxing.  As I'm trying to reduce my exposure to social networks, I decided to take a look at this info.  By extrapolating the data of a single individual (me), I might be able to better apprehend the capabilities of the beast.  In the end, it all comes down to what is tracked and what can be deduced from that.

Facebook thinks it knows whether you're liberal or conservative:  Here's how to find out.  Facebook is facing a backlash on two continents from users, advertisers and lawmakers for having allowed Cambridge Analytica to allegedly amass information on 50 million of its users.  The company's core business that powers around $4 billion in monthly revenue is monetizing everything you do on Facebook to serve its advertisers.  However, users may not know that the powerful social network already has an opinion about your political leanings — and it's fairly easy to find out what Mark Zuckerberg's company thinks of your political preferences.

Facebook has lost $80 billion in market value since its data scandal.  Facebook shares fell 5% Tuesday [3/27/2018] on reports that CEO Mark Zuckerberg agreed to testify in front of Congress about the company's data scandal.  The crisis began on March 16 after Facebook said it was suspending data analysis company Cambridge Analytica for allegedly harvesting data from more than 50 million Facebook users.  Cambridge Analytica worked on Donald Trump's presidential campaign.  Since then, Facebook's stock has plunged 18%, wiping out nearly $80 billion from the social networking giant's market value in the process.  Zuckerberg's net worth has fallen by about $14 billion.  (He is still worth $61 billion, though).

Did Facebook Break The Law To Help Obama Win In 2012?  Facebook now faces myriad legal actions for its apparent misuse of private data on its members.  But one possible legal problem that isn't getting any attention involves whether Facebook made, and the Obama campaign accepted, illegal "in-kind" contributions to Obama's 2012 re-election effort.

Cambridge Analytica Whistleblower:  Facebook Able to Listen to You at Home and Work.  Cambridge Analytica whistleblower Christoper Wylie, appearing before a committee of British MPs on Tuesday [3/27/2018], said that Facebook has the ability to spy on users in their homes and offices.  The British parliament is investigating Cambridge Analytica's involvement in the Brexit election.  MP Damian Collins, who chaired the committee, asked Wylie whether Facebook has the ability to listen to what people are talking about in order to better target them with ads.  "There's been various speculation about the fact that Facebook can, through the Facebook app on your smartphone, listen in to what people are talking about and discussing and using that to prioritize the advertising as well," Collins said.

Just Log Off.  Facebook's latest public-relations nightmare increasingly looks likely (and finally) to be the proximate cause of regulation or, at least, interrogation of the company for its business practices.  Already, the Federal Trade Commission has signaled that it plans to investigate the company over the Cambridge Analytica scandal, and Congress appears to be growing restive.  Even if nothing else happens, the company's stock has tanked and Facebook CEO Mark Zuckerberg personally has lost billions of dollars.  On the one hand, this is good news.  Facebook has become a dangerous Panopticon, easily exploited by advertisers, intelligence services, and Facebook staff themselves.  It richly deserves the scrutiny it is receiving, and likely will receive for some time to come.

How to download the mountains of data Facebook has on you.  Facebook knows a lot about you.  But it's only recently that its two billion-plus users have become interested in knowing just exactly how much data Facebook has collected on them.  It's difficult to uncover every piece of piece of your personal data that's trickled out to the internet and into the hands of advertisers.  However, the good news is that Facebook gives users the option to see most of the information that's been collected so far.

Did Facebook's 'favors' for the Obama campaign constitute a violation of federal law?  Controversy continues to swirl around how the consulting firm Cambridge Analytica obtained personal data from over 50 million Facebook users without their knowledge and used it to target ads to individuals in an effort to help Donald Trump be elected president in 2016.  But a more serious case of apparent misconduct involves Facebook data going to a different presidential campaign — this time in 2012.  In this case, which is getting far less attention, Facebook reportedly voluntarily provided data on millions of its users to the re-election campaign of President Obama.

Facebook Privacy Scandal:  Why Regulation Is Not The Answer.  Let's leave aside for a moment the government's spectacularly bad track record when it comes to regulations, which include most recently the financial crisis in the heavily regulated banking industry.  The first question to ask is why should a company like Facebook be regulated?  Here's Tim Cook's answer:  "The ability of anyone to know what you've been browsing about for years, who your contacts are, who their contacts are, things you like and dislike and every intimate detail of your life — from my own point of view it shouldn't exist."  But what Cook leaves out is that every bit of information Facebook has on its users — just as every bit of information Apple has on its own customers — has been volunteered by them, after they've agreed to the company's privacy provisions.

Facebook scrutinized for pulling Android data.  On the same day Facebook bought ads in U.S. and British newspapers to apologize for the Cambridge Analytica scandal, the social media site faced new questions about collecting phone numbers and text messages from Android devices.  The website Ars Technica reported that users who checked data gathered by Facebook on them found that it had years of contact names, telephone numbers, call lengths and text messages.  Facebook said Sunday the information is uploaded to secure servers and comes only from Android users who opt-in to allow it.  Spokeswomen say the data is not sold or shared with users' friends or outside apps.  They say the data is used "to improve people's experience across Facebook" by helping to connect with others.

Poll: Majority of Facebook Users 'Likely to Quit' Over Privacy Concerns.  A Rasmussen poll shows that 51 percent of Facebook users are "very" or "somewhat" likely to quit Facebook over privacy concerns.  Rasmussen, one of the most accurate pollsters in the 2016 presidential election, polled 639 Facebook users and found that the recent scandal currently embroiling the social media giant appears to be taking a toll on users' trust.

Friends.  Fifty million Facebook users, after having been assured that "their data" was safe, found it had been siphoned away and used by the British firm Cambridge Analytica presumably for American political purposes.  The unauthorized data retention was revealed by a Canadian whistleblower, Christopher Wylie, who worked for "a company called Strategic Communication Laboratories Group (SCL), one of whose subsidiaries, SCL Elections, would go on to create data analytics firm Cambridge Analytica". [...] The feat was accomplished by paying users to take a personality test through an app whose real purpose was to trick participants into granting permission to access their Facebook accounts and through it, the data of their friends.  Facebook CEO Mark Zuckerberg, who may be called to testify before legislative committees, portrayed himself as a victim of deceit.  What Cambridge Analytica had done was a violation of policy and an abuse of the firm's trusting nature.

The Existential Case for Ditching Alexa.  Alexa's creepy laugh is far from the most worrying thing about her.  This is despite the fact that Amazon's digital assistant — which allows users to access the internet and control personal organisation tools simply by speaking to the device — has been reported to spontaneously chuckle to herself.  We shouldn't be too concerned about her going rogue and turning on us either — a Terminator-style takeover by artificial intelligence doesn't seem imminent.  But Alexa does pose one immediate threat.  Rather than worrying about AI becoming more human, we should fear ourselves becoming more artificial by outsourcing important actions and decisions to devices like her.

Sorry:  Facebook was never 'free'.  Did you really not know that your agreement with Facebook was that Mark Zuckerberg would provide you with hours a day of enjoyment in exchange for your personal information?  There isn't an adult in this country who shouldn't know better than to screech in anguish at the supposed horrifying discovery that his or her "personal data" have been gathered by social media networks and others to earn the dough necessary to run these networks and make massive profits besides.  Guess how long we've lived in a world in which media have been provided to us without charge because networks earned their keep selling the fact of our presence to advertisers?

Ex-Obama Campaign Official:  Here's How We Were Able To Mine So Much Facebook Data.  Amid the media blitz over an exposé by The Guardian revealing that Cambridge Analytica hired an analytics team back in 2014 to provide profile data on around 50 million Facebook users that the Guardian suggests was used to benefit the Trump campaign (which Cambridge maintains is simply untrue), past reports and new revelations about the Obama campaign similarly mining social media data have come to light.  On Monday [3/19/2018], the Independent Journal Review, one of the websites hardest hit by Facebook's recent newsfeed algorithm changes, highlighted a series of tweets by Carol Davidsen, former director of integration and media analytics for Obama for America, in which she explained how the campaign was able to mine Facebook's data in a way that employees for the company suggested they "wouldn't have allowed someone else to do because they were on our side."

Former Obama Staffer:  Facebook Allowed Us To Break User Data Rules Because They Were On Our Side.  Yesterday [3/19/2018], Facebook's stock tanked after it was revealed that they gave user data to a firm, Global Science Research (GSR), via an app.  This data was then given to Cambridge Analytica, a firm that was working for Donald J. Trump's 2016 presidential campaign.  The app not only gave GSR the data of the user who filled out the survey, but also that of all of the user's friends without them knowing it.  Some have noted a similar mining tool used by the Obama team, but they gathered information through their website (with permission from those who engaged) and the armies of volunteers, which was then matched with voter profiles.  Yes, still a bit creepy, especially since the campaign boasted that they probably knew every single one of the 67+ million voters who supported President Obama in 2012. [...] Facebook certainly knew that something was up concerning user data given the sheer volume GSR was mining from the app MyPersonality.  But we're not going to discuss Cambridge.  We're discussing what many of you have noted on various social media platforms about the inherent left wing bias ingrained in the services.

The Media Praised or Ignored Obama's Harvesting of Facebook Data.  The political and media establishment have whipped themselves into an almighty frenzy over allegations — yet to be confirmed — that Cambridge Analytica may have used improperly-obtained Facebook data during the 2016 election campaign, a charge they strenuously deny.  Online political advertising is now a "dark art," according to The Guardian.  "Data And The Threat to Democracy" is the blunt headline at the BBC.  Facebook likes helped Trump "steal the election," according to a columnist at the Philadelphia Inquirer.  In the U.S., lawmakers are calling for an investigation into Facebook, and in the U.K., the authorities are seeking a warrant to raid the offices of Cambridge Analytica.

Mark Zuckerberg Has No Way Out of Facebook's Quagmire.  I think I understand why Facebook Chief Executive Officer Mark Zuckerberg hasn't publicly responded to the Cambridge Analytica scandal.  He's stuck in a catch-22.  Any fix for Facebook's previous big problem — fake news — would make the current big problem with data harvesting worse.  As a media company and one of Americans' top sources of information, Facebook's de facto anonymity and general lack of responsibility for user-generated content make it easy for propagandists to exploit.  Making matters worse, it isn't willing to impose tighter identification rules for fear of losing too many users, and it doesn't want to be held responsible in any way for content, preferring to present itself as a neutral platform.  So Zuckerberg has been trying to fix the problem by showing people more material from friends and family and by prioritizing "trusted publishers" and local news sources over purveyors of fake news.

The disturbing acceptance of Google's new 'smart' camera.  The pitch for the Google Clips is it's a camera that sits off to the side in a room and automatically captures the kinds of candid shots that one never really plans for — the most common examples cited being some random happening involving one's kids or pets.  Instead of mere serendipity, however, the camera uses artificial intelligence and machine learning to try and guess when to best take a shot.

Amazon drivers are now taking photos of your front door when delivering packages.  Drivers for Amazon have started taking pictures of people's front doors as part of a creepy new delivery service.  The service, which is quietly being rolled out in the UK and US, is designed to help people find packages left by Amazon employees.  But it also raises privacy concerns as many customers may be not be aware that pictures of their home are being stored on company servers.  The unnerving project extends Amazon's already substantial reach into customer homes.

The Car of the Future Will Sell Your Data.  Picture this:  You're driving home from work, contemplating what to make for dinner, and as you idle at a red light near your neighborhood pizzeria, an ad offering $5 off a pepperoni pie pops up on your dashboard screen.  Are you annoyed that your car's trying to sell you something, or pleasantly persuaded?  Telenav Inc., a company developing in-car advertising software, is betting you won't mind much.  Car companies — looking to earn some extra money — hope so, too.

Amazon Employee Wristband Patents Light Fire Under Privacy Advocates.  Amazon was granted two patents in January for the wristbands that are intended to show an employee how to use his hands most efficiently.  The company never mentioned any intention to use the wristbands to keep track of its workers on bathroom breaks, for instance, on or off the job.  But that didn't stop some privacy advocates and industry observers from warning of the creation of a dystopian time-management tool.  According to the Amazon patents, the idea is the wristbands would buzz and vibrate to nudge workers' arms into a better position or even stop the worker from, let's say, putting something in the wrong place or grabbing the wrong wrench.

Silicon Valley's surveillance capitalism has resulted in Big Tech killing off human privacy.  The case against Big Tech seems to be building by the week.  And interestingly, some of the most powerful evidence is being provided by those who really know what they're talking about:  tech insiders.  Full disclosure:  I am a tech insider myself.  I run a tech company in Silicon Valley.  My wife is a senior executive at Facebook and many of our closest friends have senior roles in companies like Google.  Chamath Palihapitiya, a former Facebook executive responsible for growing the social network's user base, recently argued that Silicon Valley had "created tools that are ripping apart the social fabric of how society works."

Tucker Reveals How Google Spies On You Constantly Through Your Phone.  Fox News' Tucker Carlson revealed another exclusive report on Google's surveillance Wednesday [2/7/2018], and the new details are seriously creepy.  In the investigation, Fox News' Brett Larson travels around Washington, D.C., with two cellphones in his pocket, one of them on airplane mode.  Neither of the phones have SIM cards or Wifi connections.  The phones tracked Larson's locations as he traveled, getting such information as when he got out of the car thanks to a time log that records your movements down to the second.

Facebook's Expanding Insanity.  I am used to technically obtuse platforms.  However, Facebook's recent behavior has taken it from the merely difficult to the arena of totalitarian and irrational.  A few years ago, one could set up a Facebook account rather easily:  just provide an email.  Later on, Facebook wanted phone verification.  That was easily handled, and if one wanted to use a third-party phone number, to protect one's anonymity, there were ways to get around that phone requirement.  After that, Facebook sometimes asked for a photograph of the account-user's face.  The official explanation was that Facebook wanted to be sure that the user was really who he claimed to be.  Supposedly, the picture would be analyzed by a computer or a human inspector and then erased.  Yeah, right!

Facebook can track who you know using the DUST on your camera.  Facebook has designed a way to track you and your friends using the dust and scratches on your camera lens.  The social networking giant outlines how it would connect users by matching similarities in their uploaded photos in a newly found patent.  If two people have used the same digital camera, Facebook could link them by detecting similar dust or scratch marks in their uploaded photos.  The company says it has 'never implemented' the technology described in the patent, but has not ruled out using it in future.

Facebook wants to look around your home.  Social media giant Facebook is making its first venture into consumer electronics with a device straight out of George Orwell's 1984.  The device, called Portal, will serve basically as a $500 self wiretap for millions of Americans, potentially providing corporate, government and hacking snoops a direct audio visual feed into their homes.

That Game on Your Phone May Be Tracking What You're Watching on TV.  At first glance, the gaming apps — with names like "Pool 3D," "Beer Pong: Trickshot" and "Real Bowling Strike 10 Pin" — seem innocuous.  One called "Honey Quest" features Jumbo, an animated bear.  Yet these apps, once downloaded onto a smartphone, have the ability to keep tabs on the viewing habits of their users — some of whom may be children — even when the games aren't being played.  It is yet another example of how companies, using devices that many people feel they can't do without, are documenting how audiences in a rapidly changing entertainment landscape are viewing television and commercials.

The Bright-Eyed Talking Doll That Just Might Be a Spy.  Cayla is a blond, bright-eyed doll that chatters about horses and hobbies.  She plays games and accurately answers questions about the world at large.  She could also be eavesdropping on your child.  That's the stark warning parents in Germany received on Friday from the country's telecommunications watchdog, the Federal Network Agency, which said hackers could use the doll to steal personal data by recording private conversations over an insecure Bluetooth connection.  The watchdog said it was pulling the doll off store shelves and banning them in Germany.

A Cute Toy Just Brought a Hacker Into Your Home.  As the holiday shopping season enters its frantic last days, many manufacturers are promoting "connected" toys to keep children engaged.  There's also a smart watch for kids, a droid from the recent "Star Wars" movies and a furry little Furby.  These gadgets can all connect with the internet to interact — a Cayla doll can whisper to children in several languages that she's great at keeping secrets, while a plush Furby Connect doll can smile back and laugh when tickled.  But once anything is online, it is potentially exposed to hackers, who look for weaknesses to gain access to digitally connected devices.  Then once hackers are in, they can use the toys' cameras and microphones to potentially see and hear whatever the toy sees and hears.  As a result, according to cybersecurity experts, the toys can be turned to spy on little ones or to track their location.

Watch What Happens When Amazon's 'Alexa' Is Asked Political Questions.  We are being tracked in everything we do now, from browsing the web, to your cellphone, to FitBit, to your tablet... your every move is being recorded.  Mostly to market to you, but there are always those other reasons that involve intelligence agencies and Big Brother.  And it will get ever more invasive.

No, you're not being paranoid.  Sites really are watching your every move.  If you have the uncomfortable sense someone is looking over your shoulder as you surf the Web, you're not being paranoid.  A new study finds hundreds of sites — including microsoft.com, adobe.com, and godaddy.com — employ scripts that record visitors' keystrokes, mouse movements, and scrolling behavior in real time, even before the input is submitted or is later deleted.  Session replay scripts are provided by third-party analytics services that are designed to help site operators better understand how visitors interact with their Web properties and identify specific pages that are confusing or broken.  As their name implies, the scripts allow the operators to re-enact individual browsing sessions.  Each click, input, and scroll can be recorded and later played back.

Regulators question Google over location data.  Google is facing scrutiny for reportedly collecting data about the location of smartphone users without their knowledge.  Regulators in South Korea summoned Google representatives this week to question them about a report that claimed the company was collecting data from Android devices even when location services were disabled.

iPhone Apps Can Secretly Turn On Your Camera And Take Pictures At Any Time.  A new warning has been issued to iPhone users.  Apps downloaded to the smartphones can turn on the phone's camera and take pictures at any time, and it's doing it secretly.  Felix Krause, an Austrian developer who works for Google, built an app that was able to take pictures of its user every second and upload them, without the app or the phone ever notifying the user.

Amazon wants the keys to your front door.  Amazon has plans to drop off packages directly into shoppers' homes.  The world's largest online retailer on Wednesday [10/25/2017] announced Amazon Key, a lock and camera system that users control remotely to let delivery associates slip goods into their houses.  Customers can create temporary passcodes for friends and other service professionals to enter as well.  The move, in the works for more than a year, may help Amazon capture sales from shoppers who can't make it home to receive an order in person, and do not want the package stolen from their doorstep.  It also signals Amazon's ambitions in the growing market for home security devices, where Alphabet Inc.'s Nest Labs competes.

Alexa, what are you doing in my room?  Alexa is always there waiting to "help."  She's an unobtrusive addition to any setting, available in a variety of designer fabric coverings.  With a soothing, maternal voice, she is Big Brother reimagined as a benevolent family member. [...] These devices are a modern-day version of illegal search and seizure.  Combined with the leftist-driven breakdown of societal values, we face a future where we all become cattle to powerful elites.  The only question is how willingly we do so.

6 Dangerous Electronics & Apps Secretly Spying On You In Your Home.  [#2] Smart TVs:  While smart TVs allow you to connect to the Internet directly, they can also be used to collect your data.  For example, a new technology called TVision Insights allows companies to monitor TV watchers' viewing habits.  This means that they can literally watch you as you watch TV. They even record data on where your eyes are looking, when you're distracted, and what emotions you're conveying.  In early 2015, Samsung warned its customers:  "Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party."

To see your gestures, the TV will have to watch you continuously.  Do you really want that?
End of the TV remote could be nigh as scientists invent technology to change channel using gestures.  The television remote could become a thing of the past according to scientists who have developed a new technology that allows the device to be controlled through gestures instead.  Computer scientists at Lancaster University have come up with a system that makes it possible interact with screens simply by using body movements, or waving objects.  Requiring only a simple webcam, the "Matchpoint" works by displaying moving targets that orbit a small circular "widget" in the corner of the screen.

Facial recognition being used at conferences and events.  Zenus a startup company based in Texas, claims their facial recognition software can speed up check-ins at conferences and events. [...] Zenus CEO Panos Moutafis, claims people love their product and claims that they don't identify anyone.  "People loved the system," Moutafis says.  "The organizer told us that it was five times faster than typical scanning methods."  "There is no personal information transferred from the platform, just the 'face geometry' that distinguishes individuals Moutafis said."  But is he telling the truth?

Houston's Zenus Brings Facial Recognition Software to Event Check-Ins.  For all the technological innovation on display at the annual South By Southwest Interactive festival, registration and check-in is still largely done the old-fashioned way.  Similar to other large conventions, an attendee waits in line, hands over an ID to a registrar, gets a picture taken for a badge, and then receives the usual conference swag bag.  Now, a Houston startup called Zenus says it can use imaging technology to automate steps in the process, reducing the time and effort required to check in.  "The check-in process is the first thing attendees experience at the venue; it's very important to get it right," says Panos Moutafis, co-founder and CEO of Zenus.

Hackers can spy on you through Amazon Echo.  Smart home speakers equipped with microphones programmed to listen for everything you say may be turned into devices that would spy on everything you say.  Gadgets like Amazon Echo and Google Home are programmed to record your commands, but they're also programmed to ignore everything you say unless you use a hot word to activate the assistants.  But as it turns out, someone with physical access to an Amazon Echo device could hack it to send everything it hears to a remote server.

AT&T is reinstating their plan to spy on you unless you pay extra.  AT&T plans to reinstate their GigaPower pay-for-privacy scheme, as revealed by AT&T VP Robert Quinn in a recent interview with C-SPAN.  In 2014, AT&T started offering GigaPower 300 Mbps fiber internet in cities around the United States.  Users signing up had the option of paying $29 more per month to guarantee that AT&T doesn't snoop on your internet traffic and serve you advertisements and offers from their MITM position on your internet.

These Forms Collect Your Data Even If You Don't Hit "Submit".  If you fill in a web form and hit "submit," you expect your data to get whisked off into the great ether, and probably from there to be shared with third parties.  But you probably don't expect your keystrokes — and form auto-fill fields — to be captured and sent away as-entered, before you hit submit.  And yet, a new report claims, that may be exactly what's happening.  Gizmodo recently delved into a startup you've never heard of that may be sharing data — even sensitive medical data — that you never even knew you were giving up, just based on how you fill in fields on the web.

Facebook wants to spy on people through their smartphone camera and analyse the emotions on their face.  Facebook has been secretly developing creepy technology which spies on people and automatically analyses their facial expressions.  The social network applied for a patent to capture pictures of a user through their smartphone.

You Already Bugged Your Own House Years Ago.  Yesterday, Apple announced the HomePod, a smart speaker in the style of the Google Home and Amazon Echo.  Like those competing devices, it is voice-activated.  Shout out "Hey Siri" and it will respond.  This is a cool bit of modern convenience.  But, unavoidably, it also means that these machines are listening.  All the time.  Apple insists its device is not transmitting any data unless you've said those magic words.  Google and Amazon promise pre-wake-word privacy as well.  Even so, there's a certain reaction that bubbles up every time a new one of these listening machines appears — you'd have to be crazy to put one in your home.

Facial recognition tech makes it official:  There is no privacy anymore.  Recent weeks have brought controversy over electronic billboards in restaurants and shopping precincts that utilize advanced facial recognition techniques to not only provide personalized advertisements but also measure and record the consumer and their response, ostensibly to enable retailers to provide more targeted marketing and services.  In Oslo, the restaurant Peppe's Pizza had its usage of such billboards exposed due to a crashed digital advertisement that revealed the coding behind its facial recognition system.  The billboard includes a camera and facial recognition software that can register gender, whether the watcher is young or an adult, facial expression, whether they wear glasses[,] and duration of time spent at the billboard.

The Editor says...
Hey, that's great news!  This may be slightly off-topic, but if someone has "facial recognition software that can register gender," that would settle a lot of "gender confusion" issues.  Chromosomes can also help sort confused individuals into male or female — for indeed those are the only two categories reflected in one's chromosomes.  There is no such thing as "gender confusion" at that level.

Google, Facebook angry they may no longer be able to sell your internet data without permission.  Social media giants Google and Facebook are actively trying to stop a proposed law that would force them to acquire consent from users before collecting their personal information.  The "Browser Act," introduced May 18 by Republican Rep. Marsha Blackburn of Tennessee, mandates that people must explicitly give permission to internet service providers (ISPs) and websites wanting to use their browsing history and other data for business purposes.

Salim Virani:  Top 9 Reasons to Stop Using Facebook... Now.  [Scroll down]  It sounds nuts when you put it all together!  [#1] Facebooks [sic] creates false endorsements for products from you to your friends — and they never reveal this to you.  [#2] When you see a like button on the web, Facebook is tracking that you're reading that page.  It scans the keywords on that page and associates them to you.  It knows much time you spend on different sites and topics.  [#3] They read your private messages and the contents of the links you send privately.  [#4] They've introduced features that turn your phone's mic on without telling you.  Based on their track-record changing privacy settings back without telling you, audio surveillance is likely to start happening without your knowledge. [... #9] Facebook is demanding to track what you buy, and your financial information like bank account and credit card numbers.  You've already agreed to it in the new Terms Of Service.  It's already started sharing data with Mastercard.

The Cloud Panopticon:  Google, Cloud Computing and the Surveillance-Industrial-Complex.  In June 2007, Privacy International, a U.K.-based privacy rights watchdog, cited Google as the worst privacy offender among 23 online companies, ranking the "Don't Be Evil" people below Microsoft, Apple, Amazon, eBay, LinkedIn, Facebook and AOL.  According to the report, no other company was "coming close to achieving [Google's] status as an endemic threat to privacy."  What most disturbed the authors was Google's "increasing ability to deep-drill into the minutiae of a user's life and lifestyle choices."  The result:  "the most onerous privacy environment on the Internet."  Indeed, Google now controls an estimated 70 percent of the online search engine market, but its deep-drilling of user information — where we surf, whom we e-mail, what blogs we post, what pictures we share, what maps we look at, what news we read — extends far beyond the search feature to encompass the kind of "total information awareness" that privacy activists feared at the hands of the Bush Jr. administration's much-maligned Total Information Awareness program.

You're All Idiots.  Amazon has introduced a "new" Echo device.  Having convinced a number of people to allow them to stick an always on speaker and microphone in their house with the data going to Amazon and whoever else they wish they have now upped the game with both a camera and screen. [...] If I see one of these in your house I know for a fact that you're stupid — and I'm immediately leaving, never to return.

Workplace Surveillance Is the New Office "Perk".  Whether through "voluntary" corporate wellness programs, smart badges that record voices and GPS locations, or surveillance apps in their mobile phones and personal computers, Americans are offering up more and more personal data at work.  Most of them don't have much idea of where that data goes, or how it will be used — and there aren't that many limits on what employers can find out about their employees, or what they can do with the data.  The more people who opt in now, the harder it will be to opt out in the future.  And it's about to get much worse.

A Microwave Can't Spy on You — But Plenty of Other Appliances Can.  We are all constantly surrounded by stuff that can spy on us.  Microwaves are not on the list (yet), but televisions, as Conway mentions, certainly are.  As detailed in CIA documents recently released by Wikileaks, certain Samsung televisions were compromised by the CIA such that they could remain on while appearing off, eavesdropping all the while.  Smart TVs may need to be hacked before they can listen to you, but other models have been known to spy on your watching habits right out of the box.

The Editor says...
If someone is bent on detecting activity in your house, the microwave oven would yield clues:  The operation of your microwave oven shows that you are awake and you're most likely in the kitchen, which someone outside the house may not have known.

Vizio Caught Spying on Customers Through Their TVs.  We've been warned about bringing devices into our home that have cameras, microphones or WiFi that are connected to the outside world.  Why?  Because any one of the devices has the capability to collect data about us.  And with advertisers and other organizations willing to pay for personal information, it's tempting for device makers to try to earn extra profits.  The consumer electronics hardware business has become highly competitive with so many similar products that do much the same, so the manufacturers are trying to find ways to increase their revenue through software subscriptions or by collecting data that they can sell to others.

These Toys Don't Just Listen To Your Kid; They Send What They Hear To A Defense Contractor.  Kids say a lot of random, unsolicited, or just plain personal things to their toys while playing.  When that toy is stuffed with just fluff and beans, it doesn't matter what the kid says: their toy is a safe sounding board.  When their playtime companion is an internet-connected recording device that ships off audio files to a remote server without even notifying parents — that's a whole other kind of problem.  According to a coalition of consumer-interest organizations, the makers of two "smart" kids toys — the My Friend Cayla doll and the i-Que Intelligent Robot — are allegedly violating laws in the U.S. and overseas by collecting this sort of voice data without obtaining consent.

Facebook's New "Fun & Creative" Filter: a Frighteningly Powerful Facial Recognition Tool.  Facebook recently purchased a facial recognition software company that promises to "bring more fun effects to photos and videos" posted on the social media behemoth.  The origins of the technology — named "FacioMetrics" — is much more sinister, however, and is likely to be used in much less lighthearted ways.  In its announcement of the acquisition, Facebook highlights FacioMetrics' ability to "allow people to express themselves in fun and creative ways" and to "build even more engaging sharing experiences on Facebook." There isn't, however, any mention of how, and more importantly why, FacioMetrics was created.

How to block the ultrasonic signals you didn't know were tracking you.  Dystopian corporate surveillance threats today come at us from all directions.  Companies offer always-on devices that listen for our voice commands, and marketers follow us around the web to create personalized user profiles so they can (maybe) show us ads we'll actually click.  Now marketers have been experimenting with combining those web-based and audio approaches to track consumers in another disturbingly science fictional way: with audio signals your phone can hear, but you can't.  And though you probably have no idea that dog whistle marketing is going on, researchers are already offering ways to protect yourself.  The technology, called ultrasonic cross-device tracking, embeds high-frequency tones that are inaudible to humans in advertisements, web pages, and even physical locations like retail stores.

Yahoo admits it knew about huge data breach in 2014, two years before it became public.  After months of speculation, Yahoo has finally admitted it knew about a massive data breach as far back as 2014. The tech company had previously claimed it only "recently" found out about the leak of 500 million users accounts.  Independent experts are now investigating exactly how much was known and by whom, Yahoo said.  They are looking at evidence that indicates a "state-sponsored actor" breached Yahoo's system and could have gained user data by creating "cookies" that bypassed password protection, the company said in a regulatory filing.  Yahoo said it doesn't believe it is currently possible for the attackers to forge valid Yahoo Mail cookies.

The Editor says...
One can create artificial, deceptive, functional cookies, but if they are forgeries, they are not valid.

Was "Google Home" designed to spy inside our homes?  Google Home (GH) is always listening to everything that goes on inside your home.  It's like paying the NSA, sorry I meant Google, $129.00 to bug your home.  Click [elsewhere] to find out about Google's close relationship with the NSA.  GH does more than listen to music, it can control your lights, thermostats, radios, TV's, refrigerators, smart plugs and more.  GH has partnered with Nest, Phillips, IFTTT and Samsung who also make the 'family hub refrigerator'.

This employee badge knows not only where you are, who you are talking to.  Do you hog office conversations?  Or not talk enough?  Does your voice squeal?  Do you sit very still at your desk all day?  Or do you fidget under stress?  Where do you go in the office?  How much time do you spend there?  To whom do you talk?  An employee badge can now measure all this and more all with the goal of giving employers better information to evaluate performance.  Think of it as biometrics meets the boss.

Bryant Park mines data about you from your phone.  While hundreds of aspiring yogis strike their best tree-poses on the Bryant Park grass Thursday evening, the Bryant Park Corporation employs new technology to raid their cell phones for information about this crowd that travels to the park for a group stretch.  "It's just like what we do every day in the park," park brand relations manager Matt Castellan said.  "We take visitor counts every day with clickers."  Except instead of the informal numbers and maybe truthful answers to casual questions that Castellan and other employees gather from guests, the PlaceIQ system provides a far more detailed snapshot of the 8 million annual visitors to the park.

98 personal data points that Facebook uses to target ads to you.  The social network just revamped its ad preference settings to make them significantly easier for users to understand.  They've also launched a new ad education portal, which explains, in general terms, how Facebook targets ads.  "We want the ads people see on Facebook to be interesting, useful and relevant," a Facebook spokesperson said.  But it remains to be seen whether users are pleased or frightened by the new information they suddenly have.

Snapchat, Big Brother, credit card companies etc., are using facial recognition.  Everywhere you turn someone is using facial recognition to identify you.  Facial recognition is out of control and soon will be in use everywhere.

Windows 10 upgrade:  Don't use Express settings if you value your privacy.  When you're setting up a new or existing PC with Windows 10, Microsoft will offer to install the operating system with "Express settings."  Although Windows 10 Express settings will get you up and running quickly, that convenience comes at a cost:  By skipping over custom settings, you're agreeing to all kinds of data collection and behavior tracking, much of which didn't apply in earlier versions of Windows.  Here's our advice:  Instead of blindly enabling Express settings in Windows 10, take some time to understand what you're agreeing to.

Somewhat related:
More forced advertising creeps into Windows 10 Pro.  If you were wondering whether Microsoft could inflict even more damage to Windows' reputation, the answer is yes.  When the Anniversary Update rolls out on Aug. 2, Windows 10 Pro users will no longer be able to turn off certain kinds of advertising.  That presents a real concern for admins, who will not be able to keep Microsoft from pushing the likes of Candy Crush Soda Saga onto their domain-joined Pro machines.  It's also a frightening concern for anyone who paid for Pro's GPEdit feature.

Comcast Wants To Charge You Less For Broadband At The Expense Of Your Privacy.  Would you be willing to pay less for broadband if it means giving up more of your personal data? [...] Comcast wants to present lower tiered broadband options to customers who have no problem with their data being mined and exposed to advertisers.  This would create a luxury level of broadband with more privacy options.  At least, that's how Comcast is spinning it to the FCC.  The FCC doesn't appear to be having any of this nonsense.

This Company Has Built a Profile on Every American Adult.  For more than a decade, professional snoops have been able to search troves of public and nonpublic records — known addresses, DMV records, photographs of a person's car — and condense them into comprehensive reports costing as little as $10. [...] IDI, a year-old company in the so-called data-fusion business, is the first to centralize and weaponize all that information for its customers.  The Boca Raton, Fla., company's database service, idiCORE, combines public records with purchasing, demographic, and behavioral data.

Tale of the tape: Why Mark Zuckerberg is smart to cover his webcam.  Webcam security was thrust into the spotlight this week when a photo of Mark Zuckerberg appeared to show the camera and microphone on his MacBook covered with tape.  The photo, which was posted on Facebook to celebrate Instagram hitting 500 million followers, sparked plenty of interest.  While some worried about the broader effectiveness of Facebook's security, many see the tape as a shrewd defense against potential hackers.

Facebook is using smartphones to listen to what people say, professor suggests.  Facebook could be listening in on people's conversations all of the time, an expert has claimed.  The app might be using people's phones to gather data on what they are talking about, it has been claimed.  Facebook says that its app does listen to what's happening around it, but only as a way of seeing what people are listening to or watching and suggesting that they post about it.  The feature has been available for a couple of years, but recent warnings from Kelli Burns, mass communication professor at the University of South Florida, have drawn attention to it.

Did you know that your Facebook mobile app has complete access to your phone's microphone?  Recently, an expert has come out to claim that Facebook may be listening in on your conversations.  Kelli Burns, a mass communication professor at the University of South Florida, believes the app might be using people's microphones to gather data on the content of people's conversations.  Facebook admits that the app is capable of listening to what's happening around it — but claims the feature simply identifies what people are listening to or watching as means of conveniently posting about it.  Currently, the feature is only available in the U.S. and has been available for a couple of years according to Facebook, although recent warnings from Burns have drawn renewed interest.

Facebook will now track you even if you're not a Facebook user.  Facebook announced on Thursday evening [5/26/2016] that it is changing the way its advertising works across the web.  Facebook doesn't just serve ads on facebook.com and in its mobile apps, the company also has a network of third-party websites and apps that it partners with to display ads.  It's called the Audience Network, and there has always been one big difference between the way Facebook's off-site ads work as compared to Google:  They were only shown to Facebook users.  Now, that will no longer be the case.  As The Wall Street Journal noted on Friday morning, Facebook's off-site ads will now be shown to people who are not registered Facebook users.

Here's Why You Shouldn't Use Facebook's Reactions Buttons.  Belgian police are warning users not to use the Facebook Reactions feature to respond to posts if they want to protect their privacy.  In February, the series of six emoticons, allowing users to express a range of emotions from anger to love, were added to the original thumbs-up option.  They came in response to calls for a 'Dislike' button.  However, the new expressions are another big 'like' for Facebook and a 'dislike' for its users — according to Belgian police who claim the site is using them as a way to collect information on people to target advertising toward them.

Report: Apple Music Now Finding and Removing Your Personal MP3s.  Seriously, that really happens today, and there's nothing you'll do about it.  You signed away your right to sue, and what's worse you still buy products and services from firm that do this sort of thing.  Apple Music is a new "subscription" music service.  But it has a twist — when you sign up it will root around your hard drive (and, presumably, any network-attached drives) and any music it "thinks" it has in the "cloud" that it deems to be the "same" was what you own it will remove from your computer entirely.  This [...] literally destroys your personal, private property.

Power shaming
Your Local Energy Companies Now Engaged in "Power-Shaming".  How much you wanna bet that the following is the result of a federally-funded program initiated by the rogue, lawless, and completely out-of-control Obama EPA?  To wit:  here is a snip from my latest online energy bill.


The Market For Secrets.  Alex Preston, writing in The Guardian, rhetorically asked if privacy was dead.  "Google knows what you're looking for.  Facebook knows what you like," he writes.  The NSA may know what you've written too, which could be very important in a world where value increasingly consists of human intellect integrated over time.  The 21st century is a time when people are rewarded for what they know or, alternatively, punished for what they allow to be known, as General Petraeus and Hillary Clinton have found.  Yet in a "world without curtains" a person may not even have much custody over these things and find it all leaking away no sooner than set down.  A modern individual's life history may be digitally preserved more imperishably than the pyramids, but the paradox is that this history is not really his, and is not even in his beneficial possession.

Your Phone Is Listening — Literally Listening — to Your TV.  The TV is on in the background, and you're replying to a quick email on your phone nearby.  You don't know it, but the devices are communicating.  During a commercial, the TV emits an inaudible tone and your phone, which was listening for it, picks it up.  Somewhere far away, a server makes a note:  Both devices probably belong to you.  This information about which devices belong to whom is immensely valuable to advertisers hoping to target ads specifically to you.

Feds rule in favor of snooping by tech giants.  Google, Facebook and other tech giants should remain free to spy on you, regulators ruled on Friday [11/6/2015].  A petition filed with the Federal Communications Commission by the privacy group Consumer Watchdog asked that such websites be forced to respect consumer requests not to have their online activity tracked.  The FCC dismissed the petition, stating that it has been "unequivocal in declaring that it has no intent to regulate edge providers."

3 gadgets that are always listening and how to stop them.  Personal digital assistants, such as Apple's Siri, Amazon's Alexa, Google's Google Now and Microsoft's Cortana, are like something out of science fiction.  A comparison is often made to the helpful-turned-homicidal computer Hal 9000 from the movie "2001: A Space Odyssey."  Of course, while today's personal digital assistants aren't going to try to kill you (hopefully), they do have this in common with Hal:  They're always listening.  Fortunately, also unlike Hal, stopping them from listening is simple.

AT&T Helped N.S.A. Spy on an Array of Internet Traffic.  The National Security Agency's ability to spy on vast quantities of Internet traffic passing through the United States has relied on its extraordinary, decades-long partnership with a single company:  the telecom giant AT&T.  While it has been long known that American telecommunications companies worked closely with the spy agency, newly disclosed N.S.A. documents show that the relationship with AT&T has been considered unique and especially productive. One document described it as "highly collaborative," while another lauded the company's "extreme willingness to help."

VW Has Spent Two Years Trying to Hide a Big Security Flaw.  Thousands of cars from a host of manufacturers have spent years at risk of electronic car-hacking, according to expert research that Volkswagen has spent two years trying to suppress in the courts.  "Keyless" car theft, which sees hackers target vulnerabilities in electronic locks and immobilizers, now accounts for 42 percent of stolen vehicles in London.  BMWs and Range Rovers are particularly at-risk, police say, and can be in the hands of a technically minded criminal within 60 seconds.  Security researchers have now discovered a similar vulnerability in keyless vehicles made by several carmakers.

Hacker's RollJam device can steal your car keys, open your garage.  [Scroll down]  It's a proven system that's secured tens of millions of cars and remote garage door openers for years.  And now it may be useless.  White-hat hacker Samy Kamkar, who last week cracked GM's OnStar smartphone app security and demonstrated his ability to illicitly unlock and start a car over a cellular network, has developed a device made from $20 worth of parts that he calls the RollJam, which does exactly what its name implies.

Facebook Monitors Your Private Messages and Photos For Criminal Activity, Reports them to Police.  Facebook has a new little known software that monitors your profile chat and pictures for criminal activity.  The software will proceed to alert an employee at the company who will then decide whether to call authorities or not.  The software will monitor individuals who have a 'loose' relationship on social media networks, according to an interview with Facebook Chief Security Officer Joe Sullivan.

'Tape Your Webcam': Horrifying Malware Broadcasts You to the World.  The Internet is flush with webcam videos of people who clicked unwittingly on a malware link and opened their computer to anonymous miscreants intent on mocking, blackmailing or simply spying on them, according to a report being published Thursday [7/30/2015].  There's not enough being done about such little-known but alarming invasions of privacy, the Digital Citizens Alliance says in its report on computer "slaving" by programs known as Remote Access Trojans, or RATs.  However, the organization says both corporations and individuals can take steps to address the problem.  "Tape your webcam," advises Adam Benson, deputy executive director of the Digital Citizens Alliance.  "I have tape on both my work computer and home computer."  He also suggests not clicking on links with uncertain destinations, and keeping anti-virus software and device operating systems up to date.

Will the Internet Listen to Your Private Conversations?  The Echo, a $180 cylindrical device that began general shipping in July after months of public testing, is the latest advance in voice-recognition technology that's enabling machines to record snippets of conversation that are analyzed and stored by companies promising to make their customers' lives better.

Hillview man arrested for shooting down drone; cites right to privacy.  Hillview Police say they were called [7/26/2015] to the home of 47-year-old William H. Merideth after someone complained about a firearm.  When they arrived, police say Merideth told them he had shot down a drone that was flying over his house.  The drone was hit in mid-air and crashed in a field near Merideth's home.  Police say the owner of the drone claimed he was flying it to get pictures of a friend's house — and that the cost of the drone was over $1,800.

$300 gadget steals encryption keys out of the air, and it's nearly unstoppable.  Just when you thought you were safe, a new hacking toy comes along and rocks your world.  Imagine a tool exists that lets hackers pluck encryption keys from your laptop right out of the air.  You can't stop it by connecting to protected Wi-Fi networks or even disabling Wi-Fi completely.  Turning off Bluetooth also won't help you protect yourself.  Why?  Because the tiny device that can easily be hidden in an object or taped to the underside of a table doesn't use conventional communications to pull off capers.  Instead it reads radio waves emitted by your computer's processor, and there's really nothing you can do to stop it.

Is facial recognition a threat on Facebook and Google?  Facebook is one of the leading organizations in the world developing facial-recognition algorithms.  Facebook software can now identify people in photographs as well as people can.  Facebook's DeepFace (no, I'm not kidding — it's called DeepFace) can tell whether the subjects in two different photographs are the same person with 97% accuracy.  That's even better than the FBI's own Next Generation Identification system.  DeepFace achieves this amazing feat by analyzing faces, turning them into 3D models, then making it possible to recognize the faces from angles and under lighting conditions that are different from those in other photos of the same person.  The technology uses more than 120 million parameters, and a page on Facebook's research website explains that the company "trained it on the largest facial dataset to-date, an identity labeled dataset of four million facial images belonging to more than 4,000 identities."

Google eavesdropping tool installed on computers without permission.  Privacy campaigners and open source developers are up in arms over the secret installing of Google software which is capable of listening in on conversations held in front of a computer.  First spotted by open source developers, the Chromium browser — the open source basis for Google's Chrome — began remotely installing audio-snooping code that was capable of listening to users.

Fired worker sues company over 24-7 tracking app.  Myrna Arias didn't like the GPS app on her phone that constantly tracked her, so she uninstalled it.  The problem:  Arias' iPhone was issued by her employer, which required her to run the app constantly, and after she removed it, the California woman was fired.  Now she's suing her former employer, money transfer service Intermex, for invasion of privacy, unfair business practices, and retaliation, among other things, Ars Technica reports.

Worker fired for disabling GPS app that tracked her 24 hours a day.  A Central California woman claims she was fired after uninstalling an app that her employer required her to run constantly on her company issued iPhone — an app that tracked her every move 24 hours a day, seven days a week.  Plaintiff Myrna Arias, a former Bakersfield sales executive for money transfer service Intermex, claims in a state court lawsuit that her boss, John Stubits, fired her shortly after she uninstalled the job-management Xora app that she and her colleagues were required to use.

The Editor says...
The way I understand it, if the company owns the phone, you have to leave it configured the way the company set it up.  The big question in this case is whether the company can compel you to lug the phone with you wherever you go.  If you don't want the company tracking your movements, all you have to do is wrap the phone in aluminum foil.  The GPS won't work, the cell phone sites won't see the phone, and the tracking apps will immediately stop working.  The phone won't be able to receive calls (of course) until you unwrap it, but if you're not "on call" 24/7, that's not an issue.

Lost in the clouds: 7 examples of compromised personal information.  Each day millions of people across the globe create backups of their files.  These backups are supposed to offer a measure of assurance that their files are safe, but that's not entirely true.  In fact, depending on how you've configured the device, your backups are freely available online to anyone who knows what they're looking for.

What the Progressive Snapshot is to your car, this device is to your body.

Insurance co. wants to track you 24/7 for a discount.  It's increasingly popular to wear a fitness tracker that measures your footsteps, heart rate or body movements.  Now, the life insurance company John Hancock is offering deal if you'll wear one:  15% off in some cases.  The company unveiled its optional, new program Wednesday morning [4/8/2015].  John Hancock is partnering with Vitality, which many people probably know as one of those work-related wellness programs.  The program is available in 30 states.

The Editor says...
The problem with this sort of idea is that if a high enough percentage of adults voluntarily participate, the program will become mandatory for everyone else, because obviously the holdouts don't know what's good for them.

Ask.com can hijack your computer using Java updates.  We learned this week that more than 317 million computer viruses or other malicious programs were unleashed by hackers last year, according to the Internet security firm Symantec.  That's nearly a million new cyberthreats daily.  But not all attempts at messing with your computer are from sneaky, illegitimate sources.  Some are from big-name tech companies that don't seem to care what you think of them.  Anyone whose computer has been hijacked by the Ask.com toolbar knows exactly what I mean.

Twitter puts trillions of tweets up for sale to data miners.  You are travelling by plane to see your newborn grandchild.  As you board the aircraft, the cabin crew address you by name and congratulate you on the arrival of a bouncing baby boy.  On your seat, you find a gift-wrapped blue rattle with a note from the airline.  In Twitter data strategy chief Chris Moody's vision of the future, companies surprising their customers like this could become an everyday occurrence — made possible because Twitter is listening.

The Editor says...
If someone read your mail and then congratulated you on an unpublicized event, you'd call them a busybody.  Companies who pretend to be helpful by reading your social media pages are really just nosy.

Visa wants to track your smartphone to combat fraud.  Visa will introduce a feature this spring that will allow its cardholders to inform their banks where they are automatically, using the location function found in nearly every smartphone.  Having your bank and Visa know where you are at all times may sound a little like Big Brother.  But privacy experts are applauding the feature, saying that, if used correctly, it could protect cardholders and cut down on credit card fraud.

Hang on, this Wi-Fi doll records your child's voice? What could possibly go wrong?  Mattel has unveiled a high-tech Barbie that will listen to your child, record its words, send them over the internet for processing, and talk back to your kid.  It will email you, as a parent, highlights of your youngster's conversations with the toy.  If Samsung's spying smart TVs creeped you out, this doll may be setting off alarm bells too — so we drilled into what's going on.

Microsoft, Lenovo scramble to protect users from Superfish security flaw.  Superfish, a little-known Silicon Valley startup, is defending itself amid a firestorm of criticism for making software that exposed Lenovo laptop users to hackers bent on stealing personal information.  Researchers revealed Thursday that a vulnerability in Superfish software, which came pre-loaded on many Lenovo laptops, could let hackers impersonate shopping, banking and other websites and steal users' credit card numbers and other personal data.

How Lenovo's Superfish 'Malware' Works And What You Can Do To Kill It.  Lenovo might have made one of the biggest mistakes in its history.  By pre-installing software called 'Superfish' to get ads on screens it's peeved the entire privacy community, which has been aghast this morning on Twitter.  There are serious security concerns about Lenovo's move too as attackers could take Superfish and use it to ensnare some unwitting web users.  Here's what you need to know about Superfish and what you can do to stop it chucking irksome ads on your browser and leaving you open to hackers.

Lenovo caught installing adware on new computers.  It looks like Lenovo has been installing adware onto new consumer computers from the company that activates when taken out of the box for the first time.  The adware, named Superfish, is reportedly installed on a number of Lenovo's consumer laptops out of the box.  The software injects third-party ads on Google searches and websites without the user's permission.

Your Samsung TV Is Snooping on You.  Your Samsung smart TV is capturing your conversations.  Samsung's privacy policy for an internet-connected smart tv with voice commands reads, "Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party."

Samsung's Smart TVs Are Collecting And Storing Your Private Conversations.  Compare Samsung's wording...  ["]Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.["] with Orwell's:  ["]The telescreen received and transmitted simultaneously.  Any sound that Winston made, above the level of a very low whisper, would be picked up by it, moreover, so long as he remained within the field of vision which the metal plaque commanded, he could be seen as well as heard.  There was of course no way of knowing whether you were being watched at any given moment...["]
[Emphasis in original.]

Facebook Will Tag You in Photos with Creepy Recognition Software.  Facebook is getting "aggressive" about tagging people in photos posted on the social networking site.  Its facial-recognition software, with the creepy name DeepFace, is going through the massive archive of photos and identifying people.  And the software is good at it.

Not in front of the telly: Warning over 'listening' TV.  Samsung is warning customers about discussing personal information in front of their smart television set.  The warning applies to TV viewers who control their Samsung Smart TV using its voice activation feature.  Such TV sets "listen" to some of what is said in front of them and may share details they hear with Samsung or third parties, it said.  Privacy campaigners said the technology smacked of the telescreens, in George Orwell's 1984, which spied on citizens.

Is your TV eavesdropping on private conversations? Samsung reveals its smart sets can capture every word.  Smart TVs and high-end games consoles that 'listen' to voice commands are becoming increasingly popular.  But Samsung is today under fire for what it does with this audio information after it is collected.  In its privacy policy, the South Korean firm has revealed that if their conversations contain 'personal or other sensitive information', this will be captured and transmitted to an unidentified third party.

Report Sees Weak Security in Cars' Wireless Systems.  Serious gaps in security and customer privacy affect nearly every vehicle that uses wireless technology, according to a report set to be released on Monday [2/9/2015] by a senator's office. [...] The report found that large amounts of data on driving histories are harvested, frequently without consumers being explicitly aware that the information is being collected or how it will be used.  At least nine automakers use third-party companies to collect vehicle data, which can make consumers even more vulnerable, and some transmit that data to third-party data centers too.

Mass. Retailers Ask For ZIP Code, And Lawsuits Follow.  In the past two years, at least 25 retailers have been sued for more than $100 million for requesting ZIP code information from Massachusetts customers.  Most of the lawsuits have been settled or withdrawn, but the practice of asking customers for their postal codes — bits of information with a marketing value of perhaps 5 cents each — has cost retailers millions of dollars in settlements and attorneys' fees.

Report: Uber Tracks Users' Sexual Liaisons.  An Uber executive's suggestion that the company should investigate the private lives of journalists has sparked a backlash against the popular car service, offering a potent reminder that tech companies are amassing detailed — and potentially embarrassing — records of users' communications, Internet traffic and even physical movements.

Everything Google knows about you (and how it knows it).  According to Google, I am a woman between the ages of 25 and 34 who speaks English as her primary language and has accumulated an unwieldy 74,486 e-mails in her life.  I like cooking, dictionaries and Washington, D.C. I own a Mac computer that I last accessed at 10:04 p.m. last night, at which time I had 46 open Chrome tabs.  And of the thousands and thousands of YouTube videos I have watched in my lifetime, a truly embarrassing number of them concern (a) funny pets or (b) Taylor Swift.  I didn't tell Google any of these things intentionally, of course — I didn't fill out a profile or enter a form.  But even as you search Google, it turns out, Google is also searching you.

Critics chafe as Macs send sensitive docs to iCloud without warning.  [Scroll down]  But it nonetheless came as a surprise to researcher Jeffrey Paul, who said he was alarmed to recently discover a cache of in-progress files he intended to serve as "temporary Post-It notes" that had been silently uploaded to his iCloud account even though he never intended or wished them to be.  "Apple has taken local files on my computer not stored in iCloud and silently and without my permission uploaded them to their servers," Paul wrote in a recent blog post.

Verizon, AT&T tracking their users with 'super-cookies'.  Verizon and AT&T have been quietly tracking the Internet activity of more than 100 million cellular customers with what critics have dubbed "supercookies" — markers so powerful that it's difficult for even savvy users to escape them.  The technology has allowed the companies to monitor which sites their customers visit, cataloging their tastes and interests. Consumers cannot erase these supercookies or evade them by using browser settings, such as the "private" or "incognito" modes that are popular among users wary of corporate or government surveillance.

They can probably see a lot more than your face right now, but the pictures are intentionally fuzzied up.
Google's Satellites Could Soon See Your Face from Space.  Skybox's satellites cannot capture details as small as license plate numbers or someone's face — yet.  But DigitalGlobe's might.  At 25 centimeters, the images will be detailed enough to classify the make of a car.  If the restrictions relax further, the plate number or owner's face could come into clear view.

Every iPad and iPhone on the planet has a secret back-door allowing unknown parties to take control.  I wonder who could be behind this?

Growing Backlash to Facebook's Ambient Sound Recording Feature.  Seems not everybody is happy with Facebook's gift of a built-in ambient sound recorder.  An Australian news site reports that "the feature has sparked an online backlash, with users mobilising [sic] in an effort to get the social media giant to kill off the development."  The petition has over half a million signatures as of press time.

Why the young need to read 1984.  Young people too willingly surrender their privacy to Google and Facebook, a leading scientist warned yesterday [6/5/2014].  Noel Sharkey, a professor of artificial intelligence and robotics at Sheffield University, said that older people were more cautious with their personal data.

Another privacy threat: DNS logging and how to avoid it.  With AT&T now turning your DNS logs into a money-making proposition, it's time to look at alternatives.

'Do not track'? : The browser privacy system is in tatters.  In 2009, a few Internet privacy advocates developed an idea that was supposed to give people a way to tell websites they don't want to be monitored as they move from website to website.  The mechanism, which would eventually be built into all the major browsers, was called Do Not Track.  With a single browser setting, these advocates thought, users would be able to communicate a preference for their privacy.  It would be easier than downloading add-on software or creating a blacklist of specific companies to block.  Do Not Track, or DNT, would be the Web's version of the telemarketer Do Not Call list.  But today, DNT hangs by a thread, neutered by a failure among stakeholders to reach agreement.

Researchers develop formula that reveals home location based on tweets.  IBM researches announced Friday [3/21/2014] they successfully developed an algorithm to track down any Twitter user's home city based on metadata contained in their last 200 tweets.  The formula, which researchers said could benefit targeted advertising for marketers or locating major news events for journalists, has an almost 70 percent rate of accuracy according to MIT Technology Review, and is the latest research finding to highlight the possible danger to privacy and security presented by metadata collection and analysis.

Capital One says it can show up at cardholders' homes, workplaces.  Credit card issuer Capital One isn't shy about getting into customers' faces.  The company recently sent a contract update to cardholders that makes clear it can drop by any time it pleases.  The update specifies that "we may contact you in any manner we choose" and that such contacts can include calls, emails, texts, faxes or a "personal visit."  As if that weren't creepy enough, Cap One says these visits can be "at your home and at your place of employment."  The police need a court order to pull off something like that.

It will soon be technically impossible to be anonymous.  Whether we like it or not (and often we do), we are getting ever more astonishingly accurate authentication links between people and machines.  It soon will be technically impossible to stay "anonymous".  Data we emit as people as we do anything other than sit alone starving in a cave will be collected and stored and processed as part of things working normally.  That data will throw up patterns of behaviour that can be used for both good and malign purposes, by both government agencies and private organisations.

Somewhat related:
Ford: 'We have GPS in your car, so we know what you're doing'.  A top Ford executive made a startling admission about the amount of data the auto maker tracks from its customers at the 2014 Consumer Electronics Show this week.  "We know everyone who breaks the law, we know when you're doing it," Ford Vice-President Jim Farley told a crowd in Las Vegas during the show.  "We have GPS in your car, so we know what you're doing."  The global marketing and sales division chief was trying to make a larger point about the amount of real-time data Ford has on drivers that could be used in the future to alleviate problems like traffic congestion.

Update:

Exec Backpedals After Saying Ford Tracks Drivers.  A Ford Motor executive who said the company tracks and collects data on how Ford customers drive their vehicles said Thursday [1/9/2014] that he regrets making the comments.  Jim Farley, executive vice president of marketing and sales at Ford, said that he was wrong to suggest to customers that the automaker uses GPS devices in vehicles to collect data on how people drive.

Facebook 'snoops on your private inbox': Site sued over claim it is scanning and selling details.  Facebook is being sued over claims it has been scanning users' private messages for personal information to sell to advertisers.  The social networking site, is accused of monitoring messages and website links sent between users so they can profile what people read online.

Google wants to move into your Home: Giant plans to fit microphones in ceilings.  Google is already heavily criticised for trying to know almost everything about us, and now the firm wants to get inside our homes, literally.  Engineering director Scott Huffman told The Independent that in his vision of the future Google users would have microphones fitted inside their homes.

2 million Facebook, Gmail and Twitter passwords stolen in massive hack.  Hackers have stolen usernames and passwords for nearly two million accounts at Facebook, Google, Twitter, Yahoo and others, according to a report released this week.  The massive data breach was a result of keylogging software maliciously installed on an untold number of computers around the world, researchers at cybersecurity firm Trustwave said.

Memo to Workers: The Boss Is Watching.  Blue-collar workers have always been kept on a tight leash, but there is a new level of surveillance available to bosses these days.  Thanks to mobile devices and inexpensive monitoring software, managers can now know where workers are, eavesdrop on their phone calls, tell if a truck driver is wearing his seat belt and intervene if he is tailgating.

Big brother is watching you in Vegas, except in hotel hallways.  Closed circuit cameras hidden behind plastic ceiling domes are omnipresent in pop culture portrayals of Sin City. [...] Yet the Associated Press found that 23 of the 27 major Strip casinos have no surveillance in hotel hallways or elevator landings.

Phone companies remain silent over legality of NSA data collection.  America's top telecommunications companies are refusing to say whether they accept that the bulk collection of their customers' phone records by the National Security Agency is lawful.  The phone companies are continuing to guard their silence over the controversial gathering of metadata by the NSA, despite the increasingly open approach by those at the center of the bulk surveillance programme.  On Tuesday [9/17/2013] the secretive foreign intelligence surveillance (Fisa) court declassified its legal reasoning for approving the NSA telephone metadata program periodically over the past six years.

Google knows nearly every Wi-Fi password in the world.  If an Android device (phone or tablet) has ever logged on to a particular Wi-Fi network, then Google probably knows the Wi-Fi password.  Considering how many Android devices there are, it is likely that Google can access most Wi-Fi passwords worldwide.

CFPB's data-mining on consumer credit cards challenged in heated House hearing.  Consumer Financial Protection Bureau officials are seeking to monitor four out of every five U.S. consumer credit card transactions this year — up to 42 billion transactions — through a controversial data-mining program, according to documents obtained by the Washington Examiner.

Attention, Shoppers: Store Is Tracking Your Cell.  Like dozens of other brick-and-mortar retailers, Nordstrom wanted to learn more about its customers — how many came through the doors, how many were repeat visitors — the kind of information that e-commerce sites like Amazon have in spades.  So last fall the company started testing new technology that allowed it to track customers' movements by following the Wi-Fi signals from their smartphones.

The Web Cookie Is Dying. Here's The Creepier Technology That Comes Next.  Many Internet advertisers rely on cookies, digital code stored on your browser. [...] The problem for marketers is that some users set their browsers to reject cookies or quickly extinguish them.  And mobile phones, which are taking an increasing chunk of the Web usage, do not use cookies.  To combat the cookie's flaws, advertisers and publishers are increasingly turning to something called fingerprinting.

Big Brother alert: Cameras in the cable box to monitor TV viewers.  New technology would allow cable companies to peer directly into television watchers' homes and monitor viewing habits and reactions to product advertisements.  The technology would come via the cable box, and at least one lawmaker on Capitol Hill is standing in opposition.  Massachusetts Democratic Rep. Michael Capuano has introduced a bill, the We Are Watching You Act, to prohibit the technology on boxes and collection of information absent consumer permission.

You Thought You Had Privacy Before the NSA Leak? What About Facebook?  Your privacy has already been invaded by Facebook and the other tech giants that collected the data in the first place.  If the government is turning to Big Brother in an effort to safeguard the homeland, then the tech companies are Rich Uncles, intent on getting ever richer.

NSA Built Back Door In All Windows Software by 1999.  In researching the stunning pervasiveness of spying by the government (it's much more wide spread than you've heard even now), we ran across the fact that the FBI wants software programmers to install a backdoor in all software.  Digging a little further, we found a 1999 article by leading European computer publication Heise which noted that the NSA had already built a backdoor into all Windows software.

New Xbox by NSA partner Microsoft will watch you 24/7.  One of the console's key features is the full integration of the Kinect, a motion sensing camera that allows users to play games, scroll through menus, and generally operate the Xbox just using hand gestures.  Microsoft has touted the camera as the hallmark of a new era of interactivity in gaming.  What Microsoft has not promoted, however, is the fact that you will not be able to power on the console without first enabling the Kinect, designed to detect both heartbeats and eye movement[,] and positioning yourself in front of it.

Is Big Data Turning Government Into 'Big Brother'?  With every phone call they make and every Web excursion they take, people are leaving a digital trail of revealing data that can be tracked by profit-seeking companies and terrorist-hunting government officials.

Your Computer is Bugging Your House.  The computer you are sitting at right now probably has a microphone.  It probably also has a camera looking at you this moment.  Is it sending sound and pictures from inside your house to the PRISM program at NSA?  Who knows?  But one thing is for sure — the technology is sitting there, on your desk.  Welcome to Winston's world.

Bloomberg Admits Terminal Snooping.  Reporters at Bloomberg News were trained to use a function on the company's financial data terminals that allowed them to view subscribers' contact information and, in some cases, monitor login activity in order to advance news coverage, more than half a dozen former employees said.

Bloomberg Terminal Scandal Makes Bunga Bunga Parties Seem Quaint.  When a billionaire mayor's news company uses his financial company's products to spy on the nation's top bankers and officials, no line is left uncrossed.

The Internet is a surveillance state.  Whether we admit it to ourselves or not, and whether we like it or not, we're being tracked all the time.  Google tracks us, both on its pages and on other pages it has access to.  Facebook does the same; it even tracks non-Facebook users.  Apple tracks us on our iPhones and iPads.  One reporter used a tool called Collusion to track who was tracking him; 105 companies tracked his Internet use during one 36-hour period.  Increasingly, what we do on the Internet is being combined with other data about us.

New Malware Attacks Smartphone, Computer to Eavesdrop.  A recently discovered new form of Android malware called DroidCleaner can not only infect your smartphone, but also targets your PC to spy on you.

Online ad firm agrees to stop 'history sniffing' in Web browsers.  A digital advertising company agreed Wednesday [12/5/2012] to end its practice of "history sniffing," the practice of secretly tracking Internet users' activity through their Web browsers.  Epic Marketplace Inc. and a subsidiary were able to place a code in user's Web browsers allowing them to instantly see whether the unwitting users had visited any of the more than 50,000 websites that they were monitoring, including pages related to impotence, fertility issues and personal bankruptcy.

Facebook accused of massive 'data grab' with new service that automatically uploads your phone pictures.  Facebook has been accused of a massive 'data grab' after encouraging users to allow it to automatically synchronise photos from their mobile devices to the social networks servers.  The social network from Friday began asking users of its mobile apps to activate its new Photo Sync, which will automatically upload each picture to a private album.  Whether or not users decide share the photos on their public newsfeed, Facebook itself will still have access.

Bionic Mannequins Spy on Shoppers to Boost Luxury Sales.  The EyeSee looks ordinary enough on the outside, with its slender polystyrene frame, blank face and improbable pose.  Inside, it's no dummy.  A camera embedded in one eye feeds data into facial-recognition software like that used by police.  It logs the age, gender, and race of passers-by.

Microsoft wants to know how many friends you've got in your living room.  One of Microsoft's latest patent applications is a humdinger.  It proposes to turn the Kinect camera into a snitch for movie studios, reporting back just how many friends you've got in your living room and what they're watching.  Think that sounds alarmist?  Here's what it actually says:  "The users consuming the content on a display device are monitored so that if the number of user-views licensed is exceeded, remedial action may be taken."  It's that blatant — a system to spy on private viewing habits.

Vast F.D.A. Effort Tracked E-Mails of Its Scientists.  [Scroll down]  The software used to track the F.D.A. scientists, sold by SpectorSoft of Vero Beach, Fla., costs as little as $99.95 for individual use, or $2,875 to place the program on 25 computers.  It is marketed mainly to employers to monitor their workers and to parents to keep tabs on their children's computer activities.  "Monitor everything they do," says SpectorSoft's Web site.  "Catch them red-handed by receiving instant alerts when keywords or phrases are typed or are contained in an e-mail, chat, instant message or Web site."

Facebook Camera app really, really wants to know your location.  Facebook's slick new camera app goes on strike if you don't give it access to your location.

Is your TV watching you? Latest models raise concerns.  Samsung's 2012 top-of-the-line plasmas and LED HDTVs offer new features never before available within a television including a built-in, internally wired HD camera, twin microphones, face tracking and speech recognition.  While these features give you unprecedented control over an HDTV, the devices themselves, more similar than ever to a personal computer, may allow hackers or even Samsung to see and hear you and your family, and collect extremely personal data.

Street View cars grabbed locations of phones, PCs.  Google's Street View cars collected the locations of millions of laptops, cell phones, and other Wi-Fi devices around the world, a practice that raises novel privacy concerns, CNET has confirmed.  The cars were supposed to collect the locations of Wi-Fi access points.  But Google also recorded the street addresses and unique identifiers of computers and other devices using those wireless networks and then made the data publicly available through Google.com until a few weeks ago.

Why is Sprint installing junk apps on my Android phone?  A few days ago I noticed a strange app on my HTC Evo Android smartphone.  It's a demo version of a sci-fi shooter game called N.O.V.A.  It wasn't preinstalled, I didn't download it, and I can't uninstall it.  I checked to see what it does on my phone and was shocked to see the long list of permissions it has.

On the Web, Children Face Intensive Tracking.  A Wall Street Journal investigation into online privacy has found that popular children's websites install more tracking technologies on personal computers than do the top websites aimed at adults.  The Journal examined 50 sites popular with U.S. teens and children to see what tracking tools they installed on a test computer.  As a group, the sites placed 4,123 "cookies," "beacons" and other pieces of tracking technology.

More information about cookies.

Is Your Detergent Stalking You?  Unilever's Omo detergent is adding an unusual ingredient to its two-pound detergent box in Brazil:  a GPS device that allows its promotions agency Bullet to track shoppers and follow them to their front doors.

Backdoor found in Energizer Duo USB battery charger.  Software that can be downloaded for use with the Energizer Duo USB battery charger contains a backdoor that could allow an attacker to remotely take control of a Windows-based PC, Energizer and US-CERT is warning.

GM backs mandatory vehicle 'black boxes'.  General Motors Co. supports legislation to require so-called "black boxes" in vehicles, to collect crash data, and it is willing to support additional "reasonable" auto safety legislation.  In a roundtable interview with reporters today, GM's new vice president for government relations, Robert E. Ferguson, said the company backs legislation in the works from Rep. Gene Green, D-Texas, to mandate event data recorders.

Software Turns Your Cell Phone Against You.  Malicious software for cell phones could pose a greater risk for consumer's personal and financial well-being than computer viruses, say scientists from Rutgers University.  The scientists have made a particularly resilient malware, known as a rootkit, that can turn a cell phone's microphone, GPS and battery against the phone's owner.

The Editor says...
That's odd.  Up until now, anyone who developed a rootkit was called a hacker by the mainstream news media.  Why, in this case, are they being called scientists?

Windows 7 Update "Phones Home" to Microsoft Every 90 Days.  The release of Windows 7 "Update for Microsoft Windows (KB971033)" will change the current activation and anti-piracy behavior of Windows 7 by triggering automatic "phone home" operations over the Internet to Microsoft servers, typically for now at intervals of around 90 days.  The purpose?  To verify that you're not running a pirated copy of Windows...

What the data miners are digging up about you:  Databases know more about you than you realise.  A Carnegie Mellon University study recently showed that simply by knowing gender, birth date and postal zip code, 87% of people in the United States could be pinpointed by name.  Websites can collect huge amounts of data from users.  Retailers, for example, can track our every click, what we buy, how much we spend, which advertisements we see — even which ones we linger over with our mouse.

The Coolest (or Creepiest) Thing on Facebook.  Facebook likes to talk about privacy, but, let's be honest:  If you've spent any time on the social networking behemoth, you know the site is all about revealing yourself.  A new app, however, may take Facebook's hey-look-at-me culture one step too far.

Photocopiers with disk drives could be used for ID theft.  Consumers are bombarded with warnings about identity theft.  Publicized threats range from mailbox thieves and lost laptops to the higher-tech methods of e-mail scams and corporate data invasions.  Now, experts are warning that photocopiers could be a culprit as well.

Neighbor's data shows up in my browser.  There seems to be some way that my next-door-neighbor's information got into my PC.  They always have their wireless internet on, but my wireless reception is usually disabled.  I really don't know how this could have happened.  Of course, since the problem showed up while I was doing my taxes, I am even more paranoid about what information of mine might have been swapped between households.

Personal data found hidden in iTunes tracks.  Fresh privacy fears have been sparked after it emerged that Apple has embedded personal information into music files bought from its iTunes online music store.  Technology websites examining iTunes products discovered that personal data, including the name and e-mail addresses of purchasers, are embedded into the AAC files that Apple uses to distribute music tracks.

Adi Shamir's bug attack:  One (possibly hidden and intentional) bug in any high-level microprocessor as used in any modern configuration can possibly leak secret keys used by Public-Key Infrastructures. … How easy is it to verify that such a single multiplication bug does not exist in a modern microprocessor, when its exact design is kept as a trade secret?

McCain loan could violate donor privacy.  When John McCain's presidential campaign all but went broke, it borrowed money from its bank using its fundraising list as collateral.  Problem:  McCain's own privacy policy promises donors he won't sell their information.  That seems to put the Republican senator's campaign in a pickle; either it pledged to its bank proceeds from something it can't sell, or it offered to violate its own promise to donors.

AT&T's Internet Monitoring Plans:  News stories are now appearing widely about an AT&T plan to try block pirated content at the network level. … To actually pick out particular content from those streams would imply the need to actually examine and characterize the payload of files to locate and block potentially offending music and/or video content.

AT&T rewrites the rules:  Your data isn't yours.  AT&T has issued an updated privacy policy that takes effect Friday [6/23/2006].  The changes are significant because they appear to give the telecom giant more latitude when it comes to sharing customers' personal data with government officials.  The new policy says that AT&T — not customers — owns customers' confidential info and can use it "to protect its legitimate business interests, safeguard others, or respond to legal process."

This is apparently related to the issue of Domestic spying.

This is an original compilation, Copyright © 2015 by Andrew K. Dart

RIAA Still Feels Entitled To Scour Everyone's Hard Drives.  Ever since the RIAA started taking on file sharing, it's always acted as if it were entitled to all sorts of things it isn't: access to the names associated with IP addresses without filing lawsuits, private info on the people they're suing and even the aid of the FBI in what's clearly a civil, not criminal, dispute.

Lawsuits mounting over massive customer data breach at TJX.  The TJX Cos. Inc. faces federal lawsuits in five additional states over a data theft that exposed at least 45 million credit and debit cards to potential fraud, according to a regulatory filing Thursday [6/7/2007] by the owner of stores including T.J. Maxx and Marshalls.

Printer steganography:  Many color printers (Xerox, HP, etc.) add barely visible yellow dots that encode printer serial numbers and time stamps, down to the minute.  Intended primarily to combat counterfeiters, the purportedly "secret" steganographic code in color printer copies has now been decoded by four people at the Electronic Frontier Foundation. There are of course various slippery-slope privacy issues.

Sleuths Crack Tracking Code Discovered in Color Printers.  It sounds like a conspiracy theory, but it isn't.  The pages coming out of your color printer may contain hidden information that could be used to track you down if you ever cross the U.S. government.

Caution:  Your Printer is a Government Spy.  The government conspired with manufacturers to hide a secret code on every page generated by a color printer or copier.

Printer dots raise privacy concerns.  The affordability and growing popularity of color laser printers is raising concerns among civil liberties advocates that your privacy may not be worth the paper you're printing on.  More manufacturers are outfitting greater numbers of laser printers with technology that leaves microscopic yellow dots on each printed page to identify the printer's serial number — and ultimately, you, says the San Francisco-based Electronic Frontier Foundation, one of the leading watchdogs of electronic privacy.

EFF's "Yellow Dots of Mystery" on Instructables.  Since late 2004, EFF has been warning the public about "printer dots" — tiny yellow dots that appear on documents produced by many color laser printers and copiers.  These yellow dots form a coded pattern on every page the printer produces and can be used to identify specific details about a document; for example, the brand, model, and serial number of the device that printed it and when it was printed.  In short, the printer dots are a surveillance tool that can link each printed page to the printer that printed it.

Keep Your Grubby Mitts Off My Hard Drive.  Amazon's new UnBox video service turns out to have some traits that are even more annoying than the impenetrable cellophane stickers they put on DVD cases. … To be allowed the privilege of purchasing a video that I can't burn to DVD and can't watch on my iPod, I have to allow a program to hijack my start-up and force me to login to uninstall it?  No way."

Big Brother Is Tracking You.  Many new cell phones come equipped with tracking devices that can pinpoint the location of the phone to within 30 feet.  The feature offers lots of possibilities both to users and law enforcement. … Even the simplest phones now have enhanced 911 capability mandated by federal law, which can detect a caller's location within a broad area through triangulated radio signals sent to cell towers.

20 inspectors suspended over GPS.  The Massachusetts public safety commissioner yesterday [7/10/2006] suspended 20 state building and engineering inspectors for refusing to accept cellphones equipped with global positioning systems.

Camera With Pitt-Jolie Photos Is Seized.  Local police, accompanied by state police and Secret Service officers, went to the Westfield home of William Keys on Tuesday to recover a digital camera's memory stick after three photos that appeared on the Internet were tracked to Keys.

The Editor says...
[How did they track the photos to a specific camera?  Sounds like I need to do some research.]

Cell Service Lets Parents Track Kids by GPS.  Up until now, parents had to deal with a separate company or buy special equipment to track their children through their cell phones.  Sprint Nextel Corp. becomes the first U.S. wireless provider to sell its own product when the Family Locator Service rolls out Thursday [4/13/2006].

The Editor says...
The expression "Track Kids by GPS" is misleading.  GPS is a one-way (receive only) service using weak signals that are unreliable inside houses and cars, and completely useless in tunnels and underground parking garages.  Nextel is most likely comparing the arrival time of PCS signals at several different sites, and using simple calculations to figure out where the phone is.  (That would be possible without GPS technology, but you'd need an atomic clock at every cell phone site, so it wouldn't be economically feasible.)  What it boils down to is simply this:  Cell phone signals travel about one foot in one nanosecond.  If every cell phone site has a clock that is accurate to 10 nanoseconds, you can figure out where a PCS phone is within 10 feet by comparing the arrival time of its signals at various (precisely known) locations around town.

The Choice Point Syndrome.  An extensive list of breaches of sensitive personal information, disclosed just since January 2005.

A bank you might not want to have Wachovia.  More than 48,000 customers of Wachovia Corp. and 600,000 of Bank of America Corp. have been notified that their financial records may have been stolen by bank employees and sold to collection agencies.

Texas loan company's personal data 'lost'.  Texas Guaranteed Student Loan Corp. has announced the loss of the names and Social Security numbers of 1.3 million customers.

Security Breach Could Expose 40 Million to Fraud.  A computer hacker may have accessed more than 40 million credit card accounts in what could be the largest in a series of recent security breaches involving consumer data, officials said.

MasterCard says 68,000 Customers are at High Risk.  Credit card users, don't fret.  Only a small fraction of the 13.9 million credit cards accounts at MasterCard exposed to possible fraud were considered at high risk, the company said Saturday [6/18/2005].

LexisNexis May Have Had Earlier Breach.  A LexisNexis executive said Wednesday [4/13/2005] there may have been an earlier breach of consumers' personal data that was never reported to the public.  The disclosure at a Senate hearing came a day after London-based Reed Elsevier, which owns LexisNexis, revealed that criminals may have breached computer files containing the personal information of 310,000 people since January 2003.

Evidence From Black Boxes in Cars Turns Up in Courts.  An estimated 25 million automobiles in the United States now have so-called event data recorders, a scaled-down version of the devices that monitor cockpit activity in airplanes.  Like aviation recorders, automobile black boxes mainly receive attention after an accident.  What the devices record increasingly finds its way into courtrooms as evidence in criminal and civil cases, leading some privacy advocates to question how the recorders came to be installed so widely with so little public notice or debate.

Privacy Experts Shun Black Boxes.  Some safety and privacy experts are reacting with apprehension, others with all out condemnation over a recent ruling by the National Transportation Safety Board to require electronic data recorders or "black boxes" in all new cars manufactured in the United States.  "I take offense that this personal property of individuals is now being designed by the federal government," said Jim Harper, privacy attorney and editor of Privacilla.org.

Software that knows your every move:  Worklenz tracks workers — what they do, when they do it, and how long it takes.

Online job listing an ID theft scam:  "Background check" was used to steal full slate of personal info.

The ugly truth about privacy:  Issues involving our personal privacy affect our day-to-day lives much more than you might think.

Privacy Survival Guide:  How to Take Control of Your Personal Information.

EPIC's Caller ID Page:  Privacy aspects of Caller ID

EPIC's Cookie Page:  Privacy aspects of browser cookies

Big Brother rides shotgun:  Rental-car company uses GPS to track customer, fines him $450 for speeding.

Drivers let Big Brother in to get a break.  In two new tests, car owners will be able to let insurance companies monitor their driving via new technology in exchange for lower rates.  The technology will track some combination of when, where, how far and how fast they drive, giving insurers a way to reward low-risk driving.  Now just experiments, the technology might be a glimpse of the future of car insurance.  [Or the future of law enforcement.  Or tax collection.]

How to Build Privacy Into Customer Authentication.  Reports of worsening identity theft are pressuring companies to adopt stronger methods of making sure they know the identity of their customers.  Most customers will find this additional layer of security comforting.  But the more invasive authentication methods — biometrics, especially — have people worried that they'll lose their privacy in the process.  How can businesses authenticate their customers without scaring them away?  By putting the consumer in control throughout the authentication process.

Residential Internet Security:  Two types of bad things can happen to an Internet-connected home computer:  The first involves a miscreant duping a user into running harmful software-a worm, virus, Trojan Horse, or some form of spyware that reports back some aspect of the user's activities or configuration.  The second bad thing involves a miscreant taking direct control of the computer and running arbitrary software-either the user's own or the miscreant's.  Of course, many type-1 Trojan Horses give attackers type-2 control, but the type-1 exploit isn't the only path to type-2 control.

Car-tracking system:  Promises and potholes.  General Motors plans to begin installing new sensors and communications systems into vehicles next year in a move that could save lives but that also raises privacy concerns.

Smile, You're on In-Store Camera:  If you can't shop anonymously at your local retail giant, then privacy as we know it is dead.

It's Raining Privacy NoticesAmerican consumers are being leafleted this spring with privacy notices from financial institutions that invite them to say "no thanks" to having their personal information shared with third parties.  But some privacy advocates say the notices fail to communicate to consumers, in clear English, their right under federal law to opt out of data sharing.

TiVo Technology Erodes PrivacyA group that is an advocate for our right to privacy, The Privacy Foundation, has discovered that TiVo, a system that allows us to record TV shows onto a hard drive, has been routinely selling information about viewers' habits to advertisers and the television networks.  In other words, TiVo has been sharing its customers' viewing practices via the phone lines hooked to their recording devices without viewers' consent or even knowledge.

Netscape Navigator Browser Snoops On Web Searches:  AOL Time Warner's Netscape unit is snooping on searches performed by users of its latest Navigator browser at Google and other search sites.  According to a network traffic analysis performed by Newsbytes, Netscape is capturing Navigator 6 users' search terms, along with their Internet protocol (IP) address, the date Navigator was installed and a unique identification number.

The World's Most Privacy-Conscious Browser.  Most browsers offer the option of removing potentially privacy-shattering content saved on the user's PC, such as searches performed and visited websites.  Enter Browzar — the browser which specialises in doing so to the extent that all of the user's browsing activity is automatically removed once the application has been closed.

Anonymous No More On AOL:  Warning to anonymous critics on Internet chat boards trying to sink stocks:  We may soon know who you are.

A Setback for Online Privacy:  The ruling against the world's largest ISP goes to the heart of the question of anonymity on the Internet, and marks a new stage in the evolution of privacy laws as they pertain to the Internet and identities of Web surfers, privacy experts said.

One-Third of U.S. Online Workforce under Internet/E-Mail Surveillance:  This study is the first attempt to estimate the extent of workplace monitoring based on self-reported user-base ("seats") and revenue figures from publicly-traded companies that sell e-mail and Internet monitoring software. The report focuses strictly on continuous, systematic monitoring of employees, rather than random spot-checks.

Privacy groups take aim at Microsoft Passport:  Thirteen organizations, headed by the Electronic Privacy Information Center, supported an updated complaint with the Federal Trade Commission, alleging that Microsoft is in violation of Section 5 of the FTC Act because of its data collection, sharing and security practices with Passport.

Who's Watching You in Your Hotel Room?:  Next time you check into a hotel, you may want to consider asking if there are any hidden cameras in your assigned room. There could be cameras hidden in mirrors, television sets, lamps and even the radio alarm clock on your nightstand.

Dissecting the Cue Cat:  It is now obsolete, but the Cue Cat was a trojan horse.

All That Data, All That Secrecy.

Comcast tracks Web browsing of its 1 million Internet subscribers:  The nation's third-largest cable company has begun tracking the Web browsing activities of its 1 million high-speed Internet subscribers without notifying them.

Privacy Laws: Not Gonna HappenPrivacy legislation may not be going public anytime soon.  Conventional wisdom in the nation's capital says that the prospect of Congress enacting Internet privacy laws is extraordinarily likely, and perhaps even inevitable.

Privacy at Work?  Be SeriousIf you feel your privacy at work has been eroding lately, it's probably more than just your imagination. Experts say companies are under increasing pressure to monitor employees electronically, and workers should assume they are being watched.

Email Privacy:  If you want privacy, don't count on email.  Here's why.

Insurer's patent targets driver's every move.

Microsoft denies secret accord with NSA, but doubts persist.



Back to The Privacy Page


Document location http://akdart.com/priv2.html
Updated September 4, 2024.

©2024 by Andrew K. Dart