HiTechEdge

Category: Privacy

All news related to privacy.

  • BEUC File Complaint Against WhatsApp Over Privacy Update

    BEUC File Complaint Against WhatsApp Over Privacy Update

    The European Consumer Organisation (BEUC) has filed a complaint over WhatsApp’s privacy update.

    Facebook and WhatsApp sparked a furor over a proposed privacy update, in which Facebook would share data from WhatsApp with other Facebook-owned companies. Initially, Facebook said users would be locked out of their accounts if they did not accept the new terms by a certain date.

    The backlash was swift and severe, with many WhatsApp users (including yours truly) closing their accounts. Signal and Telegram, in particular, saw huge increases in their user bases as a result of Facebook’s plans. Facebook postponed the cutoff deadline in response, before finally saying they would not close accounts that did not accept the new terms.

    Despite Facebook walking back its position, the BEUC has filed a complaint, according to SFGate. The BEUC has accused WhatsApp of bombarding users with prompts to accept the new terms, and says the service has not been clear or transparent regarding the terms of the new agreement.

    “WhatsApp has been bombarding users for months with aggressive and persistent pop-up messages to force them to accept its new terms of use and privacy policy,” BEUC Director General Monique Goyens said. “They’ve been telling users that their access to their app will be cut off if they do not accept the new terms. Yet consumers don’t know what they’re actually accepting.”

    The complaint is the latest setback Facebook has faced, and is further demonstration of the increasing importance of privacy to consumers.

  • Mozilla Launches Rally, a Privacy-First Data Sharing Platform

    Mozilla Launches Rally, a Privacy-First Data Sharing Platform

    Mozilla has launched Rally, a privacy-first data sharing platform, to tackle the growing challenges related to privacy and user data.

    Mozilla has a long history of championing privacy. It’s web browser, Firefox, is one of the most privacy-focused, secure browsers available. The company also offers a VPN service that has garnered positive reviews for its approach to privacy and security.

    The company is adding Rally to its portfolio of software and services in an effort to help people take back control over their own data.

    Your data is valuable. But for too long, online services have pilfered, swapped, and exploited your data without your awareness. Privacy violations and filter bubbles are all consequences of a surveillance data economy. But what if, instead of companies taking your data without giving you a say, you could select who gets access to your data and put it to work for public good?

    Rather than advertisers benefiting from user data, Rally will give users the option to donate their data to help crowdfund research projects.

    Computer scientists, social scientists and other researchers will be able to launch groundbreaking studies about the web and invite you to participate. A core focus of the initiative is enabling unprecedented studies that hold major online services accountable.

    Mozilla is working with Professor Jonathan Mayer’s research group at Princeton University to help launch the Rally research initiative.

    “Online services constantly experiment on users, to maximize engagement and profit,” says Mayer. “But for too long, academic researchers have been stymied when trying to experiment on online services. Rally flips the script and enables a new ecosystem of technology policy research.”

    Rally sounds like an interesting concept and will hopefully help more users take control over their data.

  • Colorado Lawmakers Pass Colorado Privacy Act

    Colorado Lawmakers Pass Colorado Privacy Act

    Colorado has become the third state to pass sweeping privacy legislations, as lawmakers passed the Colorado Privacy Act.

    Privacy has become an increasingly important element to consumers and regulators alike, with Colorado the latest state to pass legislation protecting consumer privacy. The state joins California and Virginia as the only states in the country to take such measures.

    The new bill stipulates that “consumers have the right to opt out of the processing of their personal data; access, correct, or delete the data; or obtain a portable copy of the data.”

    While good for Colorado residents concerned with their privacy, the Colorado Privacy Act illustrates the challenges companies are beginning to face. The EU has the GDPR, while California, Virginia and Colorado will all have their own privacy legislation.

    As individual states continue to adopt their own legislation, it will become increasingly complicated for companies to ensure compliance with the patchwork of applicable requirements. It’s little wonder that, in early 2020, then Salesforce co-CEO Keith Block called on the US to pass comprehensive privacy legislation.

    In the meantime, the Colorado bill is headed to the governor’s office to be signed into law.

  • TikTok Updates Terms to Collect Biometric Data

    TikTok Updates Terms to Collect Biometric Data

    TikTok is at it again, threatening user privacy as it updates its terms to collect biometric data.

    TikTok is one of the most controversial social media platforms, in large part due to its repeated, flagrant disregard for privacy. The company has been sued over accusations it collected and uploaded videos to servers in China without consent, without the user even having an account. The company has been accused of repeatedly violating child privacy, censoring individuals it didn’t consider beautiful enough to be showcased and has been warned by the EU over its handling of data. Even the CEO of Reddit called the platform “fundamentally parasitic.”

    The latest controversy involves a change to the company’s privacy policy, allowing it to collect biometric data.

    We may collect biometric identifiers and biometric information as defined under US laws, such as faceprints and voiceprints, from your User Content. Where required by law, we will seek any required permissions from you prior to any such collection.

    In many ways, the change is not particularly surprising. The company recently settled a lawsuit in Illinois for $92 million over its handling of biometric data. Notably, the company never admitted to the accusations in the aforementioned lawsuit. The change to the company’s privacy policy, however, gives it the ability to do what it was accused of doing, while committing to following applicable laws.

    All of which does little to change the validity of Reddit’s CEO that the platform is “fundamentally parasitic,” and not one anybody concerned about privacy should have on their phone.

  • EU Commission Working on Digital ID Framework

    EU Commission Working on Digital ID Framework

    The EU Commission has proposed a digital identification framework for its citizens, one that will help further post-pandemic life.

    In the wake of the pandemic, there has been increased emphasis on digital identification systems as a means for people to provide their age, citizenship, licenses, vaccination state and more. The EU has been working on a way to achieve this goal, while still providing the security and privacy necessary.

    The Commission has proposed a digital framework that would allow EU citizens to rely on their phone for necessary documentation and paperwork, a system that would be accepted by all member states. The EU has emphasized that, while large platforms would be required to support it, adoption would be completely voluntary for individuals. Such a stance is in keeping with the EU’s strong privacy protections.

    “The European digital identity will enable us to do in any Member State as we do at home without any extra cost and fewer hurdles,” said Margrethe Vestager, Executive Vice-President for a Europe Fit for the Digital Age. “Be that renting a flat or opening a bank account outside of our home country. And do this in a way that is secure and transparent. So that we will decide how much information we wish to share about ourselves, with whom and for what purpose. This is a unique opportunity to take us all further into experiencing what it means to live in Europe, and to be European.”

    “EU citizens not only expect a high level of security but also convenience whether they are dealing with national administrations such as to submit a tax return or to enroll at a European university where they need official identification,” said Commissioner for Internal Market Thierry Breton. “The European Digital Identity wallets offer a new possibility for them to store and use data for all sorts of services, from checking in at the airport to renting a car. It is about giving a choice to consumers, a European choice. Our European companies, large and small, will also benefit from this digital identity, they will be able to offer a wide range of new services since the proposal offers a solution for secure and trusted identification services.”

    The Commission will continue to work with member states and tech companies to work out the details as the process continues forward.

  • Facebook and WhatsApp Do About-Face on Privacy Update

    Facebook and WhatsApp Do About-Face on Privacy Update

    Facebook and WhatsApp appear to be doing an about-face on a controversial privacy update.

    Facebook sparked a furor when it announced it would start sharing WhatsApp data with other Facebook-owned companies. Users who failed to agree to the new terms would be locked out of the app until they did agree. Many users deleted their account and switched to competing platforms, and several countries came out in opposition to the move.

    In response to the backlash, Facebook initially postponed the rollout date, and then partially reversed course, saying people would not get locked out of the app. Instead, users would be persistently reminded to accept the terms, and be subjected to limited functionality until they did so.

    The company now appears to be doing a complete about-face, sayingit will not keep reminding individuals or limit their functionality.

    Considering the majority of users who have seen the update have accepted, we’ll continue to display a notification in WhatsApp providing more information about the update and reminding those who haven’t had a chance to do so to review and accept. We currently have no plans for these reminders to become persistent and to limit the functionality of the app.

    If WhatsApp does indeed abide by this statement, score one for privacy advocates who kept pushing back.

  • FBI Working With Have I Been Pwned to Disclose Compromised Passwords

    FBI Working With Have I Been Pwned to Disclose Compromised Passwords

    The FBI will start contributing data to Have I Been Pwned, the website that allows people to see if their passwords have been compromised in a data breach.

    As data breaches become a regular occurrence, it’s important to periodically check to see if a password has been compromised by a breach. Have I Been Pwned offers that service, and the FBI wants to contribute.

    According to Troy Hunt, Have I Been Pwned’s creator, the FBI reached out to him to see if there was a way to provide the site with comprised passwords they become aware of in the course of their investigations.

    And so, the FBI reached out and we began a discussion about what it might look like to provide them with an avenue to feed compromised passwords into HIBP and surface them via the Pwned Passwords feature. Their goal here is perfectly aligned with mine and, I dare say, with the goals of most people reading this: to protect people from account takeovers by proactively warning them when their password has been compromised. Feeding these passwords into HIBP gives the FBI the opportunity to do this almost 1 billion times every month. It’s good leverage ?

    As Hunt points out, the FBI’s goals are aligned with his in this instance, and they have the ability to make a significant contribution to the database of comprised passwords. This is a big win all around, and should help keep people safe.

  • Amazon Bans Facial Recognition for Police Use Indefinitely

    Amazon Bans Facial Recognition for Police Use Indefinitely

    Amazon has extended a ban on the use of its facial recognition tech by police until further notice amid ongoing privacy concerns.

    Last year, amid a wider backlash against police use of facial recognition, Amazon, Microsoft and IBM announced they would no longer sell their technology to police departments. Clearview AI had already been drawing scrutiny for its shady privacy practices, scraping social media platforms and websites to amass a database of billions of photos it used in its facial recognition platform. The death of George Floyd was the final straw, forcing tech companies to evaluate how their technology was being used.

    Facial recognition, in particular, has struggled to ensure fairness and equality. Studies have shown that facial recognition software often has racial biases that unfairly impact people of color. There have been published examples of Black individuals wrongly accused of a crime after being misidentified by facial recognition.

    Amazon had initially put a one-year hold on sales of its tech, but is now extending that ban until further notice, according to Reuters. Amazon did not comment on the reasons for the move, but its decision has already been met with support.

    “Face recognition technology fuels the over-policing of Black and Brown communities, and has already led to the false arrests and wrongful incarcerations of multiple Black men,” said Nathan Freed Wessler, a deputy project director at the American Civil Liberties Union.

  • WhatsApp Delays Privacy Changes in Brazil

    WhatsApp Delays Privacy Changes in Brazil

    WhatsApp is delaying rollout of its new privacy policy in Brazil amid pushback from the government.

    Facebook caused a firestorm of controversy when it announced it would share WhatsApp data with other Facebook-owned companies. The announcement sparked a mass exodus of users to more privacy-conscious apps, such as Signal and Telegram. While users initially would lose access if they failed to agree to the new policy, Facebook later altered course, saying users would experience limited functionality if they failed to agree.

    Governments have joined in the pushback as well, with Germany and India opposed to the move. Brazil joins the list of companies with concerns over the changes. The country’s National Data Protection Authority (ANPD), national consumer body Senacon, competition watchdog Cade and the Federal Prosecution Service have been in talks with WhatsApp, according to ZDNet.

    Under the agreement, users will retain full functionality for three more months, while the Brazilian agencies continue to scrutinize the new privacy policy.

    “WhatsApp has informed that it will not close any account, and that no user in Brazil will lose access to the application’s features in the 90-day period after May 15 as a result of the enforcement of the new privacy policy and the new terms of service,” said Brazilian authorities in a statement.