Posts Tagged “privacy”

The Equifax breach is a disaster »

Mike Masnick, Techdirt:

At some point, we need to rethink why we’ve given Equifax, Experian and TransUnion so much power over so much of our everyday lives. You can’t opt-out. They collect most of their data without us knowing and in secret. You can’t avoid them. And now we know that at least one of them doesn’t know how to secure that data.

Data is a toxic asset »

Bruce Schneier:

We can be smarter than this. We need to regulate what corporations can do with our data at every stage: collection, storage, use, resale and disposal. We can make corporate executives personally liable so they know there’s a downside to taking chances. We can make the business models that involve massively surveilling people the less compelling ones, simply by making certain business practices illegal.

Data is a toxic asset. We need to start thinking about it as such, and treat it as we would any other source of toxicity. To do anything else is to risk our security and privacy.

This piece by Bruce Schneier is worth revisiting in light of yesterday’s Equifax breach. We’re in the middle of a fresh wave of outrage over it but, as that fades, we should remember that we can do better than this. Companies and organizations that hold and collect our personal information can do better than this1.

There will be more breaches and we’ll have to deal with the fallout, but we shouldn’t be apathetic about it. Any company that collects that much data about the public should be held to higher standards when storing it (or, better yet, shouldn’t store it at all). An insincere apology and a free year of some service provided by the company that failed to protect our data in the first place isn’t good enough.

  1. They might consider starting by patching nine year old vulnerabilities before they’re exploited

Sarahah uploads your contacts without permission »

Yael Grauer, writing for The Intercept:

Sarahah bills itself as a way to “receive honest feedback” from friends and employees. But the app is collecting more than feedback messages. When launched for the first time, it immediately harvests and uploads all phone numbers and email addresses in your address book.

This behavior seems to be all too common lately and, while most apps ask for permission to access contacts, it’s worth bearing in mind that they may not need that access. Additionally, once that access is granted, it isn’t always clear what’s actually done with the data.1 If an app asks for access to sensitive data, it’s worth considering what they intend to use it for and how securely it might be stored should they copy it off of your device.

Update: apparently the app is going to be updated to discontinue this behavior. Better late than never, I suppose.

  1. This all assumes the app actually adheres to the platform rules requiring that they ask for permission to access this (or any other) device data. 

EFF argues border agents need warrants to search digital devices »

“Our cell phones and laptops provide access to an unprecedented amount of detailed, private information, often going back many months or years, from emails to our coworkers to photos of our loved ones and lists of our closest contacts. This is light years beyond the minimal information generally contained in other kinds of personal items we might carry in our suitcases. It’s time for courts and the government to acknowledge that examining the contents of a digital device is highly intrusive, and Fourth Amendment protections should be strong, even at the border,” said EFF Staff Attorney Sophia Cope.

It’s ludicrous that a warrant is not currently required for these searches. If a search is truly necessary, the authorities in question should be able to obtain a warrant with ease.

Lawsuit seeks records of FCC net neutrality discussions

Via Ars Technica:

“The FCC has made it clear that they’re ignoring feedback from the general public, so we’re going to court to find out who they’re actually listening to about net neutrality,” American Oversight Executive Director Austin Evers said in the group’s announcement of its lawsuit.

They’re listening to ISPs and their lobbyists — they could care less about the public.

Lawmakers blast FCC net neutrality rollback

Via Motherboard:

“To date, most of the FCC’s actions have ignored the needs of consumers,” said Rep. Frank Pallone, the New Jersey Democrat. “Too often, when given the choice, this FCC has sided with large corporations to the detriment of hardworking Americans.”

“Chairman Pai, in the time you have been the head of this agency, we have seen an agenda that is anti-consumer, anti-small business, anti-competition, anti-innovation, and anti-opportunity,” said Rep. Mike Doyle, the Pennsylvania Democrat. “I am deeply concerned that the FCC is on the wrong a path, a path that will hurt small businesses, regular people, and some of the most innovative sectors of our economy.”

The current incarnation of the FCC is entirely pro-industry and anti-consumer in its approach to regulating the market it oversees.

Chairman Pai’s argument is misleading at best, particularly given the admission of ISPs that the current net neutrality rules have not harmed investment. Should the current rules be repealed, ISPs likely won’t materially increase their infrastructure investments. Instead they’ll use the lack of oversight and regulations to line their pockets at the expense of competitors that require access to their networks and consumers that have no other choice but to pay for their service when selecting an internet service provider.

Via Ars Technica:

“Although you stated the [September 7] hearing was an inquiry into the ‘Internet ecosystem,’ you once again failed to recognize how important the Internet is for consumers, small businesses, entrepreneurs, political organizers, public interest groups, and people looking for work,” Doyle and Frank Pallone, Jr. (D-N.J.) said

Verizon argues throttling isn't throttling

Via The Verge:

“Video optimization is a non-discriminatory network management practice designed to ensure a high quality customer experience for all customers accessing the shared resources of our wireless network,” a spokesperson said.

Throttling is throttling. The justification on Verizon’s part doesn’t matter — they should be passing through traffic without filtering it.

Senator attacks ISP and FCC argument for net neutrality repeal

Senator Edward Markey, via Ars Technica:

ISPs are quick to tell the FCC and the public that Title II is harming network investment, but they have presented a much rosier view when talking to investors.

ISPs are already investing in infrastructure with existing regulations in place. They want net neutrality restrictions repealed so that they can more freely continue their existing abusing and anti-competitive behavior1.

A better fix for this problem would be to encourage more competition in the market, rather than shred regulations covering existing companies with near-monopoly positions and an extensive track record of anti-competitive and customer-hostile behavior.

  1. If ISPs are threatened by Netflix, they should try competing by creating a service that doesn’t suck. 

Misleading Arguments Against Net Neutrality Abound

Via Techdirt:

… anybody that actually cares about net neutrality should support the simplest and easiest way to protect consumers, startups and small businesses moving forward: keep the existing rules intact.

Comcast’s argument that gutting existing net neutrality rules will help members of protected classes is totally disingenuous. The best way to protect consumers and the open internet across the board is to leave the existing rules intact. Comcast has only its best interests in mind, not those of their customers or any other consumers.

Comcast continues to whine about net neutrality

Via Ars Technica:

Comcast’s claims about network investment clash with what ISPs have told their own investors; even Comcast’s chief financial officer downplayed Title II’s effect on investment in December 2016.

This is, of course, nonsense as the article goes on to explain. Comcast and so many of the other players in the net neutrality argument appear to either miss or intentionally bury the point: in the absence of competition, consumers and the open internet need net neutrality protections. Failing that, customers need dramatically more choice in selecting an ISP.

Comcast would love to gut those protections, double dip by charging competitors for access to its network before then passing those costs on to its reluctant customers. If Comcast is frustrated at losing revenue to new competitors it should make products people actually want to use and that compete rather than focusing on strong arming regulatory bodies intended to protect consumers from exactly this kind of behavior.

Google's new obsession with your photos »

The Ringer:

Sergey Brin says that Google wants to be the third half of your brain,” [Pedro] Domingos says. “But now think about it: Do you really want the third half of your brain to make a living by showing you ads? I don’t.

GOP advances plan for ring-free voicemail spam »

Recode:

The GOP’s leading campaign and fundraising arm, the Republican National Committee, has quietly thrown its support behind a proposal at the Federal Communications Commission that would pave the way for marketers to auto-dial consumers’ cellphones and leave them prerecorded voicemail messages — all without ever causing their devices to ring.

It’s like a U2 album release — but for annoying political crap.

Protecting your privacy

Via Unroll.me:

I can’t stress enough the importance of your privacy. We never, ever release personal data about you. All data is completely anonymous and related to purchases only.

Nonsense. If you’re not paying for the service your data is being monetized in a way that benefits the interests of the company providing the service, not you.

DHS Boss Calls For More Fear, Less Encryption »

Techdirt:

This is wonderful stuff if you’re a fan of authoritarianism. Shut up and show your support. It’s a message that’s been sent several times by the new president. Now, it’s being echoed by his top officials.

Yet another ill-considered power grab in the name of safety.

Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety.

Don't like systematic privacy violations? Stop using the internet

Via Ars Technica:

That’s when Sensenbrenner said, “Nobody’s got to use the Internet.” He praised ISPs for “invest[ing] an awful lot of money in having almost universal service now.” He then said, “I don’t think it’s my job to tell you that you cannot get advertising for your information being sold. My job, I think, is to tell you that you have the opportunity to do it, and then you take it upon yourself to make the choice.”

We desperately need to stop electing officials that have no understanding of the impact of the legislation they help pass.

Lawmakers want to require border agents to obtain a warrant for smartphone searches

Via Recode:

“By requiring a warrant to search Americans’ devices and prohibiting unreasonable delay, this bill makes sure that border agents are focused on criminals and terrorists instead of wasting their time thumbing through innocent Americans’ personal photos and other data,” [Sen. Ron] Wyden said in a statement.

I’d love to see this implemented, but I just can’t see it happening.

Internet privacy rules repealed

Bob Quinn (an SVP at AT&T):

“If the government believes that location data is sensitive and requires more explicit consumer disclosures and permissions,” he continued, “then those protections should apply to all players that have access to location data, whether an ISP or edge player or search engine.”

No, customers should be able to expect that their data remain private and, the fact of the matter is, customers typically have a choice who they provide their data to (whether that be Facebook, Google — you name it). Where most people in the U.S. live, there’s often only one ISP for customers to get a connection from — they shouldn’t be forced to have sensitive data exposed to that company purely for the benefit of that company.

If ISPs are upset about perceived competitors having access to different data sets than they do, they should come up with a competitive service that people actually want to use that can actually compete. Or maybe they’ll keep buying failed tech companies and mashing them together in a hilarious rebranding effort.

Senate chooses ISPs over customer privacy

Via The EFF

ISPs act as gatekeepers to the Internet, giving them incredible access to records of what you do online. They shouldn’t be able to profit off of the information about what you search for, read about, purchase, and more without your consent.

I truly wish I could be shocked or surprised by a move like this coming out of the senate but, lately, congress appears to be dedicated to making decisions that actively harm their constituencies in order to benefit entrenched business interests.

This action needs to fail in the house. ISPs occupy a privileged position that gives them detailed access to customer data and they should not be able to freely exploit that data for financial gain.

The Internet belongs to the people, not powerful corporate interests »

Chuck Schumer, via Ars Technica:

The Internet is an invaluable platform on which we depend to spur innovation and job creation. Our economy works best when innovators, entrepreneurs, and businesses of all sizes compete on a level playing field. Ensuring that the playing field would be level was the basis for the FCC’s decision to protect net neutrality by properly classifying broadband as a telecommunications service.

FCC chair offers poor excuses as he seeks to strip consumer protections

TechDirt:

Eliminate functional regulatory oversight and refuse to address limited competition? The end result is… Comcast Corporation and its record-shatteringly-bad customer service, high prices, and usage caps.

The Verge:

… net neutrality opponents are sticking with the same arguments they used two years ago: the rules rely on law that’s too old, they’ll hurt investment, and they’ll leave internet providers uncertain of their fate.

The Verge:

[Ajit] Pai has been chairman of the commission for just over a month now, and in that time, he’s already begun chipping away at net neutrality in a few different ways: approving zero rating, scaling back transparency rules, proposing to halt major new privacy requirements. After this speech today, it’s evident that Pai is just getting started.

Net neutrality was nice while it lasted, but it looks like it’ll be gone soon. More and more this issue seems like something congress should settle definitively but, given the current political makeup of both houses, any decision made likely would not be at all consumer friendly.

The EFF:

Republicans in Congress are planning a much bigger assault on the Internet, by making it illegal for the FCC to protect consumer privacy online.

Internet Privacy Rules in Part Face a Halt at the FCC

Via NPR:

Consumer advocacy groups have argued that the ISPs have a broader capacity to collect data on people than websites and digital services, given that ISPs connect users to all those websites and services in the first place. ISPs might use the collected data for their own promotions or sell it to data brokers for marketing or other uses.

Rolling back privacy protections for consumers is only good for ISPs. This move reflects the current FCC chair’s willingness to work for the interests of the businesses his agency should be regulating over those of consumers.

All this amounts to is a violation of customer privacy in order to allow ISPs to better market subpar products that exist only due to their existing, near-monopoly positions in the marketplace.

The sooner ISPs become dumb pipes, the better.

Securing your personal devices and accounts »

Jonathan Zdziarski has a detailed write up on personal, technical security that you should read and consider implementing (particularly given recent events).

With the current US administration pondering the possibility of forcing foreign travelers to give up their social media passwords at the border, a lot of recent and justifiable concern has been raised about data privacy. The first mistake you could make is presuming that such a policy won’t affect US citizens.

The year encryption won »

Via Wired:

It’s not a firm guarantee, and who knows what a Trump administration will bring. For now, though, it’s enough to appreciate the gains encryption made in 2016, and be hopeful that 2017 will only build on them.