Google has accidentally collected childrens’ voice data, leaked the trips and home addresses of car pool users, and made YouTube recommendations based on users’ deleted watch history, among thousands of other employee-reported privacy incidents, according to a copy of an internal Google database which tracks six years worth of potential privacy and security issues obtained by 404 Media. From the report: Individually the incidents, most of which have not been previously publicly reported, may only each impact a relatively small number of people, or were fixed quickly. Taken as a whole, though, the internal database shows how one of the most powerful and important companies in the world manages, and often mismanages, a staggering amount of personal, sensitive data on people’s lives.

The data obtained by 404 Media includes privacy and security issues that Google’s own employees reported internally. These include issues with Google’s own products or data collection practices; vulnerabilities in third party vendors that Google uses; or mistakes made by Google staff, contractors, or other people that have impacted Google systems or data. The incidents include everything from a single errant email containing some PII, through to substantial leaks of data, right up to impending raids on Google offices. When reporting an incident, employees give the incident a priority rating, P0 being the highest, P1 being a step below that. The database contains thousands of reports over the course of six years, from 2013 to 2018. In one 2016 case, a Google employee reported that Google Street View’s systems were transcribing and storing license plate numbers from photos. They explained that Google uses an algorithm to detect text in Street View imagery.

Source: https://tech.slashdot.org/story/24/06/03/1655212/google-leak-reveals-thousands-of-privacy-incidents?utm_source=rss1.0mainlinkanon&utm_medium=feed

In a joint declaration of European police chiefs published over the weekend, Europol said it needs lawful access to private messages, and said tech companies need to be able to scan them (ostensibly impossible with E2EE implemented) to protect users. Without such access, cops fear they won’t be able to prevent “the most heinous of crimes” like terrorism, human trafficking, child sexual abuse material (CSAM), murder, drug smuggling and other crimes.

“Our societies have not previously tolerated spaces that are beyond the reach of law enforcement, where criminals can communicate safely and child abuse can flourish,” the declaration said. “They should not now.”

Not exactly true – most EU countries do not tolerate anyone opening your private (snail) mail without a warrant.

The joint statement, which was agreed to in cooperation with the UK’s National Crime Agency, isn’t exactly making a novel claim. It’s nearly the same line of reasoning that the Virtual Global Taskforce, an international law enforcement group founded in 2003 to combat CSAM online, made last year when Meta first first started talking about implementing E2EE on Messenger and Instagram.

While not named in this latest declaration itself [PDF], Europol said that its opposition to E2EE “comes as end-to-end encryption has started to be rolled out across Meta’s messenger platform.” The UK NCA made a similar statement in its comments on the Europol missive released over the weekend.

The declaration urges the tech industry not to see user privacy as a binary choice, but rather as something that can be assured without depriving law enforcement of access to private communications.

Not really though. And if law enforcement can get at it, then so can everyone else.

[…] Gail Kent, Meta’s global policy director for Messenger, said in December the E2EE debate is far more complicated than the child safety issue that law enforcement makes it out to be, and leaving an encryption back door in products for police to take advantage of would only hamper trust in its messaging products.

Kent said Meta’s E2EE implementation prevents client-side scanning of content, which has been one of the biggest complaints from law enforcement. Kent said even that technology would violate user trust, as it serves as a workaround to intrude on user privacy without compromising encryption – an approach Meta is unwilling to take, according to Kent’s blog post.

As was pointed out during previous attempts to undermine E2EE, not only would an encryption back door (client-side scanning or otherwise) provide an inroad for criminals to access secured information, it wouldn’t stop criminals from finding some other way to send illicit content without the prying eyes of law enforcement able to take a look.

[…]

“We don’t think people want us reading their private messages, so have developed safety measures that prevent, detect and allow us to take action against this heinous abuse, while maintaining online privacy and security,” a Meta spokesperson told us last year. “It’s misleading and inaccurate to say that encryption would have prevented us from identifying and reporting accounts … to the authorities.”

In other words, don’t expect Meta to cave on this one when it can develop a fancy new detection algorithm instead.

Source: Europol asks tech firms, governments to get rid of E2EE • The Register

And every time they come for your freedom whilst quoting child safety – look out.

This week, during the presentation of the 2023 annual review ( pdf ) , the European privacy supervisor EDPS again warned about European plans to monitor chat messages from European citizens. According to the watchdog, this leads to ‘irreversible surveillance’.

At the beginning of 2022, the European Commission came up with a proposal to inspect all chat messages and other communications from citizens for child abuse. In the case of end-to-end encrypted chat services, this should be done via client-side scanning.

The European Parliament voted against the proposal, but came up with its own proposal.

However, the European member states have not yet taken a joint position.

Already in 2022, the EDPS raised the alarm about the European Commission’s proposal to monitor citizens’ communications. It is seen as a serious risk to the fundamental rights of 450 million Europeans.

Source: EDPS warns of European plans to monitor chat messages – Emerce

Sure, so the EU is not much of a democracy with the European Council (which is where the actual power is) not being elected at all, but that doesn’t mean it has to be a surveillance police state.

The Mass Damage & Consumer Foundation today announced that it has initiated a class action lawsuit against Google over its Android operating system. The reason is a new study that shows how Dutch Android smartphones systematically transfer large amounts of information about device use to Google. Even with the most privacy-friendly options enabled, user data cannot be prevented from ending up on Google’s servers. According to the foundation, this is not clear to Android users, let alone whether they have given permission for this.

For the research, a team of scientists purchased several Android phones between 2022 and 2024 and captured, decrypted and analyzed the outgoing traffic on a Dutch server. This shows that a bundle of processes called ‘Google Play Services’ runs silently in the background and cannot be disabled or deleted. These processes continuously record what happens on and around the phone. For example, Google shares which apps someone uses, products they order and even whether users are sleeping.

More than nine million Dutch people

The Mass Damage & Consumer Foundation states that Google’s conduct violates a large number of Dutch and European rules that must protect consumers. The foundation wants to use a lawsuit to force Google to implement fundamental (privacy) changes to the Android platform and to offer an opt-out option for every form of data it collects, not just a few.

[…]

Identity can be easily traced

The research paid specific attention to the use of unique identifiers (UIDs). These are characteristics that Google can link to the collected data, such as an e-mail address or Android ID, a unique serial number with which someone is known to Google. The use of these features is sensitive. For example, Google advises against the use of unique features in its own guidelines for app developers: users could unintentionally be tracked across multiple apps. However, one or more of these unique features were found in the data transmissions examined – without exception. The researchers point out that this makes it easy to trace someone’s identity to virtually everything that happens on and around an Android device.

[…]

Source: Dutch investigation into Android smartphones leads to new lawsuit against Google – Mass Damage & Consumer Foundation

A study has concluded that Apple’s privacy practices aren’t particularly effective, because default apps on the iPhone and Mac have limited privacy settings and confusing configuration options.

The research was conducted by Amel Bourdoucen and Janne Lindqvist of Aalto University in Finland. The pair noted that while many studies had examined privacy issues with third-party apps for Apple devices, very little literature investigates the issue in first-party apps – like Safari and Siri.

The aims of the study [PDF] were to investigate how much data Apple’s own apps collect and where it’s sent, and to see if users could figure out how to navigate the landscape of Apple’s privacy settings.

[…]

“Our work shows that users may disable default apps, only to discover later that the settings do not match their initial preference,” the paper states.

“Our results demonstrate users are not correctly able to configure the desired privacy settings of default apps. In addition, we discovered that some default app configurations can even reduce trust in family relationships.”

The researchers criticize data collection by Apple apps like Safari and Siri, where that data is sent, how users can (and can’t) disable that data tracking, and how Apple presents privacy options to users.

The paper illustrates these issues in a discussion of Apple’s Siri voice assistant. While users can ostensibly choose not to enable Siri in the initial setup on macOS-powered devices, it still collects data from other apps to provide suggestions. To fully disable Siri, Apple users must find privacy-related options across five different submenus in the Settings app.

Apple’s own documentation for how its privacy settings work isn’t good either. It doesn’t mention every privacy option, explain what is done with user data, or highlight whether settings are enabled or disabled. Also, it’s written in legalese, which almost guarantees no normal user will ever read it.

[…]

The authors also conducted a survey of Apple users and quizzed them on whether they really understood how privacy options worked on iOS and macOS, and what apps were doing with their data.

While the survey was very small – it covered just 15 respondents – the results indicated that Apple’s privacy settings could be hard to navigate.

Eleven of the surveyed users were well aware about data tracking and that it was mostly on by default. However, when informed about how privacy options work in iOS and macOS, nine of the surveyed users were surprised about the scope of data collection.

[…]

Users were also tested on their knowledge of privacy settings for eight default apps – including Siri, Family Sharing, Safari, and iMessage. According to the study, none could confidently figure out how to work their way around the Settings menu to completely disable default apps. When confused, users relied on searching the internet for answers, rather than Apple’s privacy documentation.

[…]

Assuming Apple has any interest in fixing these shortcomings, the team made a few suggestions. Since many users first went to operating system settings instead of app-specific settings when attempting to disable data tracking, a change could assist users. Centralizing these options would also prevent users from getting frustrated and giving up on finding the settings they’re looking for.

Informing users what specific settings do would also be an improvement – many settings are labelled with just a name, but no further details. The researchers suggest replacing Apple’s jargon-filled privacy policy with descriptions that are in the settings menu itself, and maybe even providing some infographic illustrations as well. Anything would be better than legalese.

While this study probably won’t convince Apple to change its ways, lawsuits might have better luck. Apple has been sued multiple times for not transparently disclosing its data tracking. One of the latest suits calls out Apple’s broken promises about privacy, claiming that “Apple does not honor users’ requests to restrict data sharing.”

[…]

Reminder: Apple has a multi-billion-dollar online ads business that it built while strongly criticizing Facebook and others for their privacy practices.

Source: Academics reckon Apple’s default apps have privacy pitfalls • The Register

[…]

Roku describes its idea in a patent application, which largely flew under the radar when it was filed in November, and was recently spotted by the streaming newsletter Lowpass. In the application, Roku describes a system that’s able to detect when users pause third-party hardware and software and show them ads during that time.

According to the company, its new system works via an HDMI connection. This suggests that it’s designed to target users who play video games or watch content from other streaming services on their Roku TVs. Lowpass described Roku’s conundrum perfectly:

“Roku’s ability to monetize moments when the TV is on but not actively being used goes away when consumers switch to an external device, be it a game console or an attached streaming adapter from a competing manufacturer,” Janko Roettgers, the newsletter’s author, wrote. “Effectively, HDMI inputs have been a bit of a black box for Roku.”

In addition, Roku wouldn’t just show you any old ads. The company states that its innovation can recognize the content that users have paused and deliver customized related ads. Roku’s system would do this by using audio or video-recognition technologies to analyze what the user is watching or analyze the content’s metadata, among other methods.

[…]

In the case of gaming, there’s also the danger of Roku mistaking a long moment of pondering for a pause and sticking an ad right when you’re getting ready to face the final boss. The company is aware of this potential failure and points out that its system will monitor the frames of the content being watched to ensure there was a phase. It also plans on using other methods, such as analyzing the audio feed on the TV for extended moments of silence, to confirm there has been a pause.

[…]

Source: Roku’s New Idea to Show You Ads When You Pause Your Video Game Is Horrifying