Skip to main content
All Stories Tagged:

Privacy

As gadgets and services get smarter, they need more data, and face the hard problem of keeping it safe. Data privacy has become a huge problem for Google, Facebook, Amazon, and any company using artificial intelligence to power its services — and a major sticking point for lawmakers looking to regulate. Here's all the news on data privacy and how it's changing tech.

M
External Link
The child influencers making other people rich.

Kids are big business for brands looking to partner with influencers — and yet, Illinois is the only state in the US where kids appearing in sponcon are entitled to a cut of earnings.

This Cosmopolitan piece illustrates the longterm psychological effects of being a child working on online content. It also shows that our legal system has a lot of catching up to do with influencer culture.


Is your car snitching on your driving habits?

A driver’s insurance rate went up based on a 130-page report detailing his Chevy Bolt’s drives over six months, shared by GM with data broker LexisNexis through the OnStar Smart Driver program, reports The New York Times.

According to the Times, Kia, Subaru, and Mitsubishi also contribute to the LexisNexis data portal, while another company, Verisk partners with Ford, Honda, and Hyundai. Subaru says it only shares odometer data when authorized, while Ford says it will share data for usage-based programs based on a customer’s in-car menu confirmation.

Update March 12th, 2024, 2:42PM ET: Added details on the partnerships and what data is shared.


WhatsApp is testing identifying when chats are end-to-end encrypted on Android.

That’s according to WABetaInfo, which spotted that a new “end-to-end encrypted” indicator that appears briefly at the top of chat threads was under development in late January. Yesterday, the outlet reported that the test is now rolling out to beta testers.

The change is being tested as Meta rolls out third-party chat interoperability in the EU.


A picture of a WABetaInfo screenshot showing the new badge.
What the new “end-to-end encrypted” status message will look like.
Screenshot: WABetaInfo
R
Youtube
Brave brings its AI browser assistant to Android.

The privacy-focused Brave browser launched its AI assistant, Leo, last year on the desktop, and now it’s available for Android, following other mobile AI-connected browsers like Edge and Arc (only on iOS).

Leo promises summaries, transcriptions, translations, coding, and more (while acknowledging that LLMs may “hallucinate” erroneous info). As for privacy, Brave claims, “Inputs are always submitted anonymously through a reverse-proxy and are not retained or used for training.”


L
External Link
The FBI has been using push alerts to track down predators.

The Washington Post describes how law enforcers have gotten companies like Google to hand over data associated with push notifications. Investigators use the code to track down child predators, even through encrypted apps, per the Post, but law enforcement around the world could use the tactic to track down activists and others too.

It also sheds light on why Apple might have chosen to update its law enforcement guidelines late last year to require a court order to provide customers’ push notification data.


W
External Link
Meta is defending its end-to-end encryption in a Nevada federal court.

State Attorney General Aaron Darnell Ford filed last week to stop Meta from offering end-to-end encryption to children as a matter of “extreme urgency,” claiming E2EE keeps police from protecting kids from predators.

This is just one of a slew of lawsuits filed against social media companies lately. Legal expert Riana Pfefferkorn, who discussed the case in Kim Zetter’s Zero Day blog and on Mastodon, calls it a particularly “bonkers assault on encryption.”

We’ve reached out to Meta and Nevada’s AG for more information.


Instagram is preparing a “Friend Map” feature.

Alessandro Paluzzi, who discovers a lot of Instagram features before they’re announced, posted an update on something he’d spotted in the app months ago: the ability to see where your friends are on a map. Snap’s Snap Map is similar, as are features built into Android and iOS.

According to the images Paluzzi posted, Friend Map would be opt-in, and location data end-to-end encrypted.


“Why do the stupid M&M machines have facial recognition?”

A student at the University of Waterloo in Canada asked that in a post showing a vending machine error message that revealed a facial recognition app had failed.

Student publication mathNEWS found that the machine’s maker, Invenda, advertises that it gathers “estimated ages and genders of every client.” But don’t worry, Invenda told Ars Technica the machines are “fully GDPR compliant.”

The school is reportedly removing the machines.


A picture of an out-of-order vending machine message showing the error pop-up.
Oops, you weren’t supposed to see this.
Image: SquidKid47
“Machines don’t get tired.”

So said TSA executive director of checkpoint tech Melissa Conley of airports’ use of facial recognition, in a New York Times story today.

70 percent of worldwide airlines may use biometric security by 2026 according to a report cited in the article. Yet the ACLU told the Times the tech still presents surveillance and discrimination concerns. That’s not to mention it could fail to work for tens of thousands of travelers every day.


J
External Link
WhatsApp works to close a linked devices loophole for locked chats.

Although you can currently “Chat Lock” sensitive WhatsApp conversations to put them in a password- or biometrics-protected folder, the same protection doesn’t carry across to other devices you’ve got linked to your account.

But code spotted in the WhatsApp’s Android app suggests that could soon change. “We also locked this chat on your linked device,” reads a screenshot of the in-development feature posted by WABetaInfo.


Fake LastPass phishing app nabs a five-star rating on Apple’s App Store.

The slyly named “LassPass” has earned five stars on Apple’s App Store with just five reviews in total, noted Bleeping Computer — more evidence on how easily ratings can be manipulated. Apple has since removed the app.

As Sean Hollister wrote back in 2021, fraudulent ratings have poisoned Apple’s app review system.


Screenshot of “LassPass” app on Apple’s App Store.
Screenshot of “LassPass” app on Apple’s App Store.
Amrita Khalid/The Verge
Q
External Link
The FTC gets to keep fighting a company that quietly sells your location data.

Ars Technica reports that a federal judge won’t dismiss the case against Kochava. The lawsuit alleges that the app analytics firm lets advertisers track customers’ names, addresses, and specific geolocation information.

Kochava says its sales are legally compliant and it can’t be held responsible for bad-faith actors, even after the FTC used examples from similar cases to demonstrate how easily someone could trace your steps to sensitive venues like abortion clinics or religious halls.


A
External Link
US plans visa bans for people connected to spyware that targets journalists and activists.

The State Department can restrict visas to individuals linked to the illegal use of commercial spyware, Secretary of State Antony Blinken announced. The new policy covers investors and heads of companies, as well as those acting on behalf of governments that carry out illegal surveillance.

The policy will be applied using the information in an individual’s visa application, a senior official told reporters.

The US has already placed export limits on spyware firms like Pegasus maker NSO, and Candiru.


W
External Link
What could go wrong if police run facial recognition on an AI-generated face based on old DNA?

Wired tells the story of California detectives who tried to use facial recognition to identify a face made with machine learning and crime scene DNA by phenotyping company Parabon NanoLabs. That’s not a good idea, said Parabon’s director of bioinformatics, Ellen Greytak:

“What we are predicting is more like — given this person’s sex and ancestry, will they have wider-set eyes than average,” she says. “There’s no way you can get individual identifications from that.”

On a related note, a Senate Judiciary Committee hearing on AI in criminal investigations is set for Wednesday.


A
External Link
The FTC bans another data broker from selling your location data.

Not only did InMarket Media sell precise location data without asking users for their consent, the data broker didn’t inform the third-party apps using its SDK, the FTC found.

The company’s shopping apps CheckPoints and ListEase requested user location to dole out things like rewards points or reminders — but also secretly used the data for targeted ads.

The regulator recently issued a similar ban on Outlogic.


E
External Link
The FCC wants to know what automakers are doing to protect domestic violence survivors.

Chairwoman Jessica Rosenworcel wrote letters to nine major automakers, including GM, Toyota, Ford, and Tesla, to ask what kind of data they collect about their drivers and how they protect their privacy. Rosenworcel sent similar letters to Verizon, AT&T, and T-Mobile, too.

The letters came in response to a report from The New York Times last month, which detailed how a domestic violence survivor was harassed by her abuser using her car’s connected services. “We must do everything we can to help survivors stay safe,” Rosenworcel said. “We need to work with auto and wireless industry leaders to find solutions.”


E
External Link
23andMe blames security breach on users who “negligently” recycled passwords.

The company has issued a response to the customers who are now suing it over last year’s breach. In a letter obtained by TechCrunch, the company says the hack “was not a result of 23andMe’s alleged failure to maintain reasonable security measures” and instead had to do with users’ failure to reset their passwords.

23andMe admitted that hackers accessed the information belonging to 6.9 million users last December, but it claims the information obtained “cannot be used for any harm.”


R
External Link
Google has agreed to settle a lawsuit over Chrome’s incognito mode.

In August, Judge Yvonne Gonzalez Rogers denied Google’s attempt to end a class-action lawsuit filed in 2020 that claims it illegally invaded the privacy of millions by tracking browsing activity even with “incognito mode” activated in Chrome and other browsers.

Now, the February 5th trial date is off, as the parties say they have agreed to a settlement and will present a formal agreement for court approval within the next 60 days.


W
External Link
NordVPN now has an Apple TV app.

The company says in its announcement that the app, which uses Nord’s WireGuard-based NordLynx VPN protocol, will let users watch shows they’re following while abroad and prevent ISPs from identifying and throttling streaming content.

NordVPN was initially skeptical that Apple would place limitations on Apple TV’s native VPN support, but later said it was working on an app.


W
External Link
The scam behind wrong number and romance scams.

The New York Times published an investigative piece on the slave labor behind some of those innocuous-seeming crypto scam texts and calls.

The story focuses on one person who escaped from a compound where he was where he was forced to carry out intricate online romance scams involving crypto. The money earned from these scams is then laundered through other countries, including the US.

A word of warning: This story has descriptions of torture and captivity.