HiTechEdge

Category: Privacy

All news related to privacy.

  • DuckDuckGo Debuts App Tracking Protection for Android

    DuckDuckGo Debuts App Tracking Protection for Android

    DuckDuckGo (DDG) is taking a page from Apple’s book, introducing App Tracking Protection for Android.

    Apple introduced App Tracking Transparency (ATT) in iOS/iPadOS 14.5, giving users the ability to ask that apps not track their activity across platforms and services. While Google has been working to introduce its own version of ATT, its version is not as comprehensive as Apple’s.

    DDG is looking to provide a more comprehensive solution with its App Tracking Protection for Android, an app designed to monitor other apps’ activity and prevent them from tracking users. 

    DuckDuck App Tracking Protection – Credit DuckDuckGo

    “App Tracking Protection for Android is free and blocks trackers it identifies in other apps from third-party companies (those different from the company that owns each app),” the company writes in a blog post. “It is now built right into the DuckDuckGo Android app.

    “After enabling App Tracking Protection, the DuckDuckGo app will detect when your Android apps are about to send data to third-party tracking companies found in our app tracker dataset, and block those requests. You can enjoy your apps as you normally would and App Tracking Protection will run in the background and continue to block the detected trackers throughout your apps, even while you sleep. We are continually working to identify and protect against new trackers, so you can rest easy knowing you’re getting the most up-to-date protection.”

    Given that 96% of popular, free Android apps tested track users — with 87% sending data to Google and 68% sending to Facebook — DDG’s solution looks to fill a major need.

    The feature is currently in beta. To join the private wait list open DuckDuckGo for Android, open Settings > App Tracking Protection under Privacy, click “Join the Private Waitlist.”

  • Meta Delaying Rollout of End-to-End Messaging Encryption Until 2023

    Meta Delaying Rollout of End-to-End Messaging Encryption Until 2023

    Meta has said it is delaying the rollout of end-to-end encryption (E2EE) across its messaging services until 2023 over child safety concerns.

    Meta, formerly Facebook, has been working for some time to provide unified E2EE across its various messaging services, including WhatsApp and Facebook Messenger. The move has been criticized by some legislators over concerns about child safety and the ability to solve, or even prevent, crimes.

    WhatsApp already has E2EE, and Meta CEO Mark Zuckerberg announced in early November the company was rolling out E2EE across Messenger. This plans appear to be paused, according to an article in The Telegraph, by Antigone Davis, Meta Global Head of Safety.

    “We’ll continue engaging with outside experts and developing effective solutions to combat abuse because our work in this area is never done,” says Davis. “We’re taking our time to get this right and we don’t plan to finish the global rollout of end-to-end encryption by default across all our messaging services until sometime in 2023. As a company that connects billions of people around the world and has built industry-leading technology, we’re determined to protect people’s private communications and keep people safe online.”

    The move is sure to disappoint customers and privacy proponents.

  • ProtonMail Scores Big Win Against Swiss Data Retention Laws

    ProtonMail Scores Big Win Against Swiss Data Retention Laws

    ProtonMail has scored a major legal victory against the Swiss government’s data retention laws, significantly increasing user privacy.

    ProtonMail is one of the most secure and private email platforms in existence. The company is used by individuals around the world who value their privacy and want encrypted communication.

    The company is based in Switzerland due to the country’s strong privacy laws, but that hasn’t stopped the government from forcing the company to turn over a user’s IP address to the authorities.

    ProtonMail launched a legal challenge in May, in an effort to get email providers reclassified so they’re not subject to the same requirements as telecommunications firms.

    As part of these efforts, in May 2020, we launched a legal challenge against the Swiss government over what we believe to be an improper attempt to use telecommunications laws to undermine privacy. In a ruling this week, the Swiss Federal Administrative Court confirmed that email services cannot be considered telecommunications providers, and consequently are not subject to the data retention requirements imposed on telecommunications providers.

    The victory follows another legal challenge in April by Threema.

    This comes on the heels of a Swiss Supreme Court ruling in April 2021 in a case brought by Threema (2C_544/2020) that ruled that instant messaging services are also not telecommunications providers. Together, these two rulings are a victory for privacy in Switzerland as many Swiss companies are now exempted from handing over certain user information in response to Swiss legal orders.

    The legal victories are good news for ProtonMail users and privacy advocates, and will likely result in Switzerland attracting even more privacy-focused companies.

  • WhatsApp Began Rolling Out E2EE Chat Backups Thursday

    WhatsApp Began Rolling Out E2EE Chat Backups Thursday

    WhatsApp started rolling out end-to-end encrypted (E2EE) chat backups on Thursday, fulfilling a promise CEO Mark Zuckerberg made a month ago.

    WhatsApp has offered E2EE for its chats for some time, but cloud backups have not enjoyed the same level of encryption and security. A month ago, Zuckerberg announced the company was adding the feature, and it began rolling out Thursday.

    Zuckerberg announced the rolled in a Facebook post.

    End-to-end encrypted backups for WhatsApp starting to roll out today. Proud of the team for continuing to lead on security for your private conversations.

    According to Engadget, the feature will roll out gradually to ensure reliability for all users.

  • Signal and Telegram Big Winners Amid Facebook’s Outage

    Signal and Telegram Big Winners Amid Facebook’s Outage

    Signal and Telegram saw millions of people flock to their platforms, thanks to Facebook’s hours-long outage Monday.

    Facebook, Messenger, Instagram and WhatsApp went down late Monday morning, in what is one of the biggest outages the company has ever experienced. Given how much people rely on Messenger and WhatsApp for daily communication — both personal and business — people started looking for alternatives during the outage.

    Telegram saw such an influx of users that it experienced some issues of its own. Meanwhile, Signal said it gained millions of new users in a tweet.

  • ProtonMail Logs User’s IP at Behest of Authorities

    ProtonMail Logs User’s IP at Behest of Authorities

    ProtonMail is having a PR crisis as a result the revelation that the company logged a user’s IP address at the behest of authorities.

    ProtonMail has built its reputation as one of the most private and secure email services, providing end-to-end encryption. Despite that, French authorities wanted information on an activist being monitored.

    According to TechCrunch, ProtonMail did not initially cooperate with the French authorities. In response, the French enlisted the aid of authorities in Switzerland, where ProtonMail is based. While the company doesn’t log IP addresses by default, it will do so if local authorities require it to.

    With Swiss authorities aiding their French counterparts, ProtonMail was compelled to log the user’s IP and turn it over. In doing so, the company showed the privacy it provides has its limits — that limit being whatever the Swiss government says it is.

  • T-Mobile Users File Class Action Lawsuits Over Data Breach

    T-Mobile Users File Class Action Lawsuits Over Data Breach

    T-Mobile’s issues are going from bad to worse, as customers have filed two class action lawsuits over the company’s data breach.

    T-Mobile acknowledged it was the victim of a data breach, impacting tens of millions of users. The hacker responsible has been trying to sell the data, including very sensitive data, online.

    According to Business Insider, T-Mobile’s customers have filed two class action lawsuits. One claims a violation of California’s Consumer Privacy Act, while the other claims a violation of the Washington State Consumer Protection Act.

    The lawsuit show the high stakes for companies responsible for consumer data.

  • Samsung Pay Now Supports Digital COVID Vaccine Card

    Samsung Pay Now Supports Digital COVID Vaccine Card

    Samsung has announced Samsung Pay now supports SMART Health Cards, including digital COVID-19 vaccine cards.

    Governments and organizations around the world are working to develop vaccine passports and digital vaccine cards. With the Delta variant surging around the world, many companies are requiring vaccines, and some jurisdictions are requiring them for travel.

    Samsung is working with the Commons Project Foundation to bring SMART Health Cards, and COVID-19 vaccination status, to Samsung Pay.

    “Samsung Pay simplifies transactions for millions of mobile device users. As more and more consumers use their Samsung devices as a digital wallet it is a natural extension to make Covid-19 vaccination records more easily accessible,” said Rob White, Sr. Director of Product for Samsung Pay, Samsung Electronics America. “We are proud to partner with The Commons Project Foundation on this important initiative and to help make life easier.” 

    “CommonHealth’s collaboration with Samsung marks another important milestone as the availability and acceptance of SMART Health Cards as the standard for digital vaccination records continues to expand,” said JP Pollak, cofounder and chief architect of The Commons Project. “As a leading mobile device manufacturer and digital wallet, Samsung offers a secure and easily accessible place for consumers to store this vital health information. The Commons Project is committed to the continued expansion of our network of partners, empowering users with their own health data to use in enhanced and secure ways.”

  • Google’s Privacy Labels Will Be Required By April 2022

    Google’s Privacy Labels Will Be Required By April 2022

    Android developers will be required to provide a privacy label for their apps by April 2022, bringing a new level of transparency to the platform.

    Apple rocked the mobile development world when it required app developers to disclose what information they gathered and tracked from their users. Meanwhile, Android users have had no comparable feature, leaving them in the dark about what and how much of their data is being collected by apps.

    Google is taking steps to address that, signaling in May it intended to bring its own version of privacy labels to the Play Store. According to CNET, those labels will be required by April 2022.

    The announcement is good news for Android users who are interested in protecting their privacy.

  • Ring Rolls Out Video End-to-End Encryption

    Ring Rolls Out Video End-to-End Encryption

    Ring has announced end-to-end encryption is now available to customers internationally.

    Ring made headlines in late 2019 with a string of security issues, including devices being hacked and giving outsiders the ability to watch and communicate with a home’s occupants. VICE reviewed Ring’s security and found it was abysmal, not doing nearly enough to protect user privacy. Ultimately, the issues led to a lawsuit over Amazon and Ring’s failure to protect users.

    Ring has now announced end-to-end encryption for its products, with a goal to protecting user privacy.

    “We believe that our customers should control who sees their videos,” writes Ring’s Josh Roth. “By default, Ring already encrypts customer videos when they are uploaded to the cloud (in transit) and stored on Ring’s servers (at rest). Now, customers around the world, with eligible Ring devices, can opt into video End-to-End Encryption, to add an extra layer of security that only allows their videos to be viewed on their enrolled mobile device. This advanced security option is simple to set up via the Control Center in the Ring App, and offers additional peace of mind and protection.”

    While Ring is to be commended for finally adding end-to-end encryption, it’s puzzling why the company has made it opt-in instead of opt-out. Given the issues Ring has already experienced, one would think the company would take every measure possible to protect users, while giving them the ability to opt-out.