A viral photo showing a camera in a Singapore Airlines in-flight TV display recently caused an uproar online. The image was retweeted hundreds of times, with many people expressing concern about the privacy implications. As it turns out, some seat-back screens in American Airlines’ premium economy class have them, too.

Sri Ray was aboard an American Airlines Boeing 777-200 flight to Tokyo in September 2018 when he noticed something strange: a camera embedded in the seat back of his entertainment system.

Courtesy of Sri Ray

“I am what one would call security paranoid,” said Ray, who was formerly a site reliability engineer at BuzzFeed. “I observe tech in day-to-day life and wonder how a malicious person can use it in bad ways. When I looked at the shiny new screens in the new premium economy cabin of AA, I noticed a small circle at the bottom. Upon closer inspection, it was definitely a camera.”

The cameras are also visible in this June 2017 review of the airline’s premium economy offering by the Points Guy, as well as this YouTube video by Business Traveller magazine.

American Airlines spokesperson Ross Feinstein confirmed to BuzzFeed News that cameras are present on some of the airlines’ in-flight entertainment systems, but said “they have never been activated, and American is not considering using them.” Feinstein added, “Cameras are a standard feature on many in-flight entertainment systems used by multiple airlines. Manufacturers of those systems have included cameras for possible future uses, such as hand gestures to control in-flight entertainment.”

Source: Some American Airlines In-Flight TVs Have Cameras In Them

Given Singapore’s reputation for being an unabashed surveillance state, a passenger on a Singapore Airlines (SIA) flight could be forgiven for being a little paranoid.

Vitaly Kamluk, an information security expert and a high-ranking executive of cybersecurity company Kaspersky Lab, went on Twitter with concerns about an embedded camera in SIA’s inflight entertainment systems. He tagged SIA in his post on Sunday, asking the airline to clarify how the camera is being used.

SIA quickly responded, telling Kamluk that the cameras have been disabled, with no plans to use them in the future. While not all of their devices sport the camera, SIA said that some of its newer inflight entertainment systems come with cameras embedded in the hardware. Left unexplained was how the camera-equipped entertainment systems had come to be purchased in the first place.

In another tweet, SIA affirmed that the cameras were already built in by the original equipment manufacturers in newer inflight entertainment systems.

Kamluk recommended that it’s best to disable the cameras physically — with stickers, for example — to provide better peace of mind.

Could cameras built into inflight entertainment systems actually be used as a feature though? It’s possible, according to Panasonic Avionics. Back in 2017, the inflight entertainment device developer mentioned that it was studying how eye tracking can be used for a better passenger experience. Cameras can be used for identity recognition on planes, which in turn, would allow for in-flight biometric payment (much like Face ID on Apple devices) and personalized services.

It’s a long shot, but SIA could actually utilize such systems in the future. The camera’s already there, anyway.

Source: Cybersecurity expert questions existence of embedded camera on SIA’s inflight entertainment systems

Many major companies, like Air Canada, Hollister and Expedia, are recording every tap and swipe you make on their iPhone apps. In most cases you won’t even realize it. And they don’t need to ask for permission.

You can assume that most apps are collecting data on you. Some even monetize your data without your knowledge. But TechCrunch has found several popular iPhone apps, from hoteliers, travel sites, airlines, cell phone carriers, banks and financiers, that don’t ask or make it clear — if at all — that they know exactly how you’re using their apps.

Worse, even though these apps are meant to mask certain fields, some inadvertently expose sensitive data.

Apps like Abercrombie & Fitch, Hotels.com and Singapore Airlines also use Glassbox, a customer experience analytics firm, one of a handful of companies that allows developers to embed “session replay” technology into their apps. These session replays let app developers record the screen and play them back to see how its users interacted with the app to figure out if something didn’t work or if there was an error. Every tap, button push and keyboard entry is recorded — effectively screenshotted — and sent back to the app developers.

Or, as Glassbox said in a recent tweet: “Imagine if your website or mobile app could see exactly what your customers do in real time, and why they did it?”

Source: Many popular iPhone apps secretly record your screen without asking | TechCrunch

Most browsers have a “Do Not Track” (DNT) setting that sends “a special signal to websites, analytics companies, ad networks, plug in providers, and other web services you encounter while browsing, to stop tracking your activity.” Sounds good, right? Sadly, it’s not effective. That’s because this Do Not Track setting is only a voluntary signal sent to websites, which websites don’t have to respect 😧.

Nevertheless, a hefty portion of users across many browsers use the Do Not Track setting. While DNT is disabled by default in most major web browsers, in a survey we conducted of 503 U.S. adults in Nov 2018, 23.1% (±3.7) of respondents have consciously enabled the DNT setting on their desktop browsers. (Note: Apple is in the process of removing the DNT setting from Safari.)

We also looked at DNT usage on DuckDuckGo (across desktop and mobile browsers), finding that 24.4% of DuckDuckGo requests during a one day period came from browsers with the Do Not Track setting enabled. This is within the margin of error from the survey, thus lending more credibility to its results.

[…]

It can be alarming to realize that Do Not Track is about as foolproof as putting a sign on your front lawn that says “Please, don’t look into my house” while all of your blinds remain open. In fact, most major tech companies, including Google, Facebook, and Twitter, do not respect the Do Not Track setting when you visit and use their sites – a fact of which 77.3% (±3.6) of U.S. adults overall weren’t aware.

There is simply a huge discrepancy between the name of the setting and what it actually does. It’s inherently misleading. When educated about the true function and limitation of the DNT setting, 75.5% (±3.8) of U.S. adults say it’s “important” or “very important” that these companies “respect the Do Not Track signal when it is enabled.” So, in shocking news, when people say they don’t want to be tracked, they really don’t want to be tracked.

As a matter of fact, 71.9% (±3.9) of U.S. adults “somewhat favor” or “strongly favor” a federal regulation requiring companies to respect the Do Not Track signal.

We agree and hope that governments will focus this year on efforts to enforce adherence to the Do Not Track setting when users enable it. As we’ve seen here and in our private browsing research, many people seek the most readily available (though often, unfortunately, ineffective) methods to protect their privacy.

Source: The “Do Not Track” Setting Doesn’t Stop You from Being Tracked

Some would argue he has broken every ethical and moral rule of his in his profession, but genealogist Bennett Greenspan prefers to see himself as a crime-fighter.

“I spent many, many nights and many, many weekends thinking of what privacy and confidentiality would mean to a genealogist such as me,” the founder and president of FamilyTreeDNA says in a video that appeared online yesterday.

He continues: “I would never do anything to betray the trust of my customers and at the same time I felt it important to enable my customers to crowd source the catching of criminals.”

The video and surrounding press release went out at 10.30pm on Thursday. Funnily enough, just a couple of hours earlier, BuzzFeed offered a very different take on Greenspan’s philanthropy. “One Of The Biggest At-Home DNA Testing Companies Is Working With The FBI,” reads the headline.

Here’s how FamilyTreeDNA works, if you don’t know: among other features, you submit a sample of your DNA to the biz, and it will tell you if you’re related to someone else who has also submitted their genetic blueprint. It’s supposed to find previously unknown relatives, check parentage, and so on.

And so, by crowd sourcing, what Greenspan means is that he has reached an agreement with the FBI to allow the agency to create new profiles on his system using DNA collected from, say, corpses, crime scenes, and suspects. These can then be compared with genetic profiles in the company’s database to locate and track down relatives of suspects and victims, if not the suspects and victims themselves.

[…]

Those profiles have been built by customers who have paid between $79 and $199 to have their generic material analyzed, in large part to understand their personal history and sometimes find connections to unknown family members. The service and others like it have become popular with adopted children who wish to locate birth parents but are prevented from being given by the information by law.

However, there is a strong expectation that any company storing your most personal generic information will apply strict confidentiality rules around it. You could argue that handing it over to the Feds doesn’t meet that standard. Greenspan would disagree.

“Greenspan created FamilyTreeDNA to help other family researchers solve problems and break down walls to connect the dots of their family trees,” reads a press release rushed out to head off, in vain, any terrible headlines.

“Without realizing it, he had inadvertently created a platform that, nearly two decades later, would help law enforcement agencies solve violent crimes faster than ever.”

Crime fighting, it seems, overrides all other ethical considerations.

Unfortunately for Greenspan, the rest of his industry doesn’t agree. The Future of Privacy Forum, an organization that maintains a list of consumer DNA testing companies that have signed up to its privacy guidelines struck FamilyTreeDNA off its list today.

Its VP of policy, John Verdi, told Bloomberg that the deal between FamilyTreeDNA and the FBI was “deeply flawed.” He went on: “It’s out of line with industry best practices, it’s out of line with what leaders in the space do, and it’s out of line with consumer expectations.”

Source: I’m a crime-fighter, says FamilyTreeDNA boss after being caught giving folks’ DNA data to FBI • The Register

A former long-serving police officer has been jailed for six months for illegally accessing the personal details of almost 100 women to determine if they were “suitable” dates.

Adrian Trevor Moore was a 28-year veteran of WA Police and was nominated as police officer of the year in 2011.

The former senior constable pleaded guilty to 180 charges of using a secure police database to access the information of 92 women he had met, or interacted with, on dating websites including Tinder and Plenty of Fish.

A third of the women were checked by Moore multiple times over several years.

Source: Officer jailed for using police database to access personal details of dozens of Tinder dates – ABC News (Australian Broadcasting Corporation)

Well, that’s what you get when you collect loads of personal data in a database.

We received a statement from Google regarding the implication that the Nest Secure alarm system has had an unlisted microphone this whole time. It turns out that yes, the Nest Guard base system (the circular device with a keypad above) does have a built-in microphone that is not listed on the official spec sheet at Nest’s site. The microphone has been in an inactive state since the release of the Nest Secure, according to Google.

This unlisted mic is how the Nest Guard will be able to operate as a pseudo-Google Home with just a software update, as detailed below.

[…]

Once the Google Assistant is enabled, the mic is always on but only listening for the hotwords “Ok Google” or “Hey Google”. Google only stores voice-based queries after it recognizes those hotwords. Voice data and query contents are sent to Google servers for analysis and storage in My Activity.

[…]

Original Article, February 4, 2019 (02:20 PM ET): Owners of the Nest Secure alarm system have been able to use voice commands to control their home security through Google Assistant for a while now. However, to issue those commands, they needed a separate Google Assistant-powered device, like a smartphone or a Google Home smart speaker.

The reason for this limitation has always seemed straightforward: according to the official tech specs, there’s no onboard microphone in the Nest Secure system.

Source: Nest Secure has an unlisted disabled microphone (Edit: Google statement)

That’s pretty damn creepy

Desperate for data on its competitors, Facebook has been secretly paying people to install a “Facebook Research” VPN that lets the company suck in all of a user’s phone and web activity, similar to Facebook’s Onavo Protect app that Apple banned in June and that was removed in August. Facebook sidesteps the App Store and rewards teenagers and adults to download the Research app and give it root access to network traffic in what may be a violation of Apple policy so the social network can decrypt and analyze their phone activity, a TechCrunch investigation confirms. Facebook admitted to TechCrunch it was running the Research program to gather data on usage habits.

Since 2016, Facebook has been paying users ages 13 to 35 up to $20 per month plus referral fees to sell their privacy by installing the iOS or Android “Facebook Research” app. Facebook even asked users to screenshot their Amazon order history page. The program is administered through beta testing services Applause, BetaBound and uTest to cloak Facebook’s involvement, and is referred to in some documentation as “Project Atlas” — a fitting name for Facebook’s effort to map new trends and rivals around the globe.

Source: Facebook pays teens to install VPN that spies on them | TechCrunch

Most of the data collected by urban planners is messy, complex, and difficult to represent. It looks nothing like the smooth graphs and clean charts of city life in urban simulator games like “SimCity.” A new initiative from Sidewalk Labs, the city-building subsidiary of Google’s parent company Alphabet, has set out to change that.

The program, known as Replica, offers planning agencies the ability to model an entire city’s patterns of movement. Like “SimCity,” Replica’s “user-friendly” tool deploys statistical simulations to give a comprehensive view of how, when, and where people travel in urban areas. It’s an appealing prospect for planners making critical decisions about transportation and land use. In recent months, transportation authorities in Kansas City, Portland, and the Chicago area have signed up to glean its insights. The only catch: They’re not completely sure where the data is coming from.

Typical urban planners rely on processes like surveys and trip counters that are often time-consuming, labor-intensive, and outdated. Replica, instead, uses real-time mobile location data. As Nick Bowden of Sidewalk Labs has explained, “Replica provides a full set of baseline travel measures that are very difficult to gather and maintain today, including the total number of people on a highway or local street network, what mode they’re using (car, transit, bike, or foot), and their trip purpose (commuting to work, going shopping, heading to school).”

To make these measurements, the program gathers and de-identifies the location of cellphone users, which it obtains from unspecified third-party vendors. It then models this anonymized data in simulations — creating a synthetic population that faithfully replicates a city’s real-world patterns but that “obscures the real-world travel habits of individual people,” as Bowden told The Intercept.

The program comes at a time of growing unease with how tech companies use and share our personal data — and raises new questions about Google’s encroachment on the physical world.

If Sidewalk Labs has access to people’s unique paths of movement prior to making its synthetic models, wouldn’t it be possible to figure out who they are, based on where they go to sleep or work?

Last month, the New York Times revealed how sensitive location data is harvested by third parties from our smartphones — often with weak or nonexistent consent provisions. A Motherboard investigation in early January further demonstrated how cell companies sell our locations to stalkers and bounty hunters willing to pay the price.

For some, the Google sibling’s plans to gather and commodify real-time location data from millions of cellphones adds to these concerns. “The privacy concerns are pretty extreme,” Ben Green, an urban technology expert and author of “The Smart Enough City,” wrote in an email to The Intercept. “Mobile phone location data is extremely sensitive.” These privacy concerns have been far from theoretical. An Associated Press investigation showed that Google’s apps and website track people even after they have disabled the location history on their phones. Quartz found that Google was tracking Android users by collecting the addresses of nearby cellphone towers even if all location services were turned off. The company has also been caught using its Street View vehicles to collect the Wi-Fi location data from phones and computers.

This is why Sidewalk Labs has instituted significant protections to safeguard privacy, before it even begins creating a synthetic population. Any location data that Sidewalk Labs receives is already de-identified (using methods such as aggregation, differential privacy techniques, or outright removal of unique behaviors). Bowden explained that the data obtained by Replica does not include a device’s unique identifiers, which can be used to uncover someone’s unique identity.

However, some urban planners and technologists, while emphasizing the elegance and novelty of the program’s concept, remain skeptical about these privacy protections, asking how Sidewalk Labs defines personally identifiable information. Tamir Israel, a staff lawyer at the Canadian Internet Policy & Public Interest Clinic, warns that re-identification is a rapidly moving target. If Sidewalk Labs has access to people’s unique paths of movement prior to making its synthetic models, wouldn’t it be possible to figure out who they are, based on where they go to sleep or work? “We see a lot of companies erring on the side of collecting it and doing coarse de-identifications, even though, more than any other type of data, location data has been shown to be highly re-identifiable,” he added. “It’s obvious what home people leave and return to every night and what office they stop at every day from 9 to 5 p.m.” A landmark study uncovered the extent to which people could be re-identified from seemingly-anonymous data using just four time-stamped data points of where they’ve previously been.

Source: Google’s Sidewalk Labs Plans to Package and Sell Location Data on Millions of Cellphones

The Mozilla Foundation has announced its intent to reduce the ability of websites and other online services to track users of its Firefox browser around the internet.

At this stage, Moz’s actions are baby steps. In support of its decision in late 2018 to reduce the amount of tracking it permits, the organisation has now published a tracking policy to tell people what it will block.

Moz said the focus of the policy is to bring the curtain down on tracking techniques that “cannot be meaningfully understood or controlled by users”.

Notoriously intrusive tracking techniques allow users to be followed and profiled around the web. Facebook planting trackers wherever a site has a “Like” button is a good example. A user without a Facebook account can still be tracked as a unique individual as they visit different news sites.

Mozilla’s policy said these “stateful identifiers are often used by third parties to associate browsing across multiple websites with the same user and to build profiles of those users, in violation of the user’s expectation”. So, out they go.

Source: Mozilla security policy cracks down on creepy web trackers, holds supercookies over fire • The Register

I’m pretty sure which browser you should be using

Bescherming van de privacy is een breed gedeelde zorg. Maar liefst 94 procent van de Nederlands maakt zich zorgen over de bescherming van zijn persoonsgegevens. Een op drie mensen maakt zich zelfs veel of zeer veel zorgen. Dat blijkt uit onderzoek dat de Autoriteit Persoonsgegevens (AP) liet doen in het kader van de Dag van de Privacy.

Er zijn vooral zorgen over misbruik van (een kopie van) het identiteitsbewijs, organisaties die hun online zoekgedrag volgen en hen volgen via het wifi-signaal van hun mobiele telefoon.

Slechts 12 procent zegt wel eens gebruik te hebben gemaakt van een privacyrecht. Mensen weten volgens de toezichthouder niet hoe ze dat moeten doen, vinden het gedoe of niet belangrijk genoeg. Het recht op dataportabiliteit en het recht op een menselijke blik bij geautomatiseerde besluiten zijn de minst bekende rechten.

Gevraagd wat mensen doen als hun rechten worden geschonden, zegt 62 procent eerst contact op te nemen met de organisaties, 59 procent van de ondervraagden zegt een klacht in te dienen bij de AP.

Source: ‘Nederland maakt zich zorgen over privacy’ – Emerce

HMRC’s database of Brits’ voiceprints has grown by 2 million since June – but campaign group Big Brother Watch has claimed success as 160,000 people turned the taxman’s requests down.

The Voice ID scheme, which requires taxpayers to say a key phrase that is recorded to create a digital signature, was introduced in January 2017. In the 18 months that followed, HMRC scooped up some 5.1 million people’s voiceprints this way.

Since then, another 2 million records have been collected, according to a Freedom of Information request from Big Brother Watch.

That is despite the group having challenged the lawfulness of the system in June 2018, arguing that users hadn’t been given enough information on the scheme, how to opt in or out, or details on when or how their data would be deleted.

Under the GDPR, there are certain demands on organisations that process biometric data. These require a person to give “explicit consent” that is “freely given, specific, informed and unambiguous”.

Off the back of the complaint, the Information Commissioner’s Office launched an investigation, and Big Brother Watch said the body would soon announce what action it will take.

Meanwhile, HMRC has rejigged the recording so it offers callers a clear way to opt out of the scheme – previously, as perm sec Jon Thompson admitted in September, it was not clear how users could do this.

Big Brother Watch said that this, and the publicity around the VoiceID scheme, has led to a “backlash” as people call on HMRC to delete their Voice IDs. FoI responses show 162,185 people have done so to date.

“It is a great success for us that HMRC has finally allowed taxpayers to delete their voiceprints and that so many thousands of people are reclaiming their rights by getting their Voice IDs deleted,” said the group’s director, Silkie Carlo.

Source: Just keep slurping: HMRC adds two million taxpayers’ voices to biometric database • The Register

Google has been hit by a €50 million ($57 million) fine by French data privacy body CNIL (National Data Protection Commission) for failure to comply with the EU’s General Data Protection Regulation (GDPR) regulations.

The CNIL said that it was fining Google for “lack of transparency, inadequate information and lack of valid consent regarding the ads personalization,” according to a press release issued by the organization. The news was first reported by the AFP.

[…]

The crux of the complaints leveled at Google is that it acted illegally by forcing users to accept intrusive terms or lose access to the service. This “forced consent,” it’s argued, runs contrary to the principles set out by the GDPR that users should be allowed to choose whether to allow companies to use their data. In other words, technology companies shouldn’t be allowed to adopt a “take it or leave it” approach to getting users to agree to privacy-intruding terms and conditions.

[…]

The watchdog found two core privacy violations. First, it observed that the visibility of information relating to how Google processes data, for how long it stores it, and the kinds of information it uses to personalize advertisements, is not easy to access. It found that this information was “excessively disseminated across several documents, with buttons and links on which it is required to click to access complementary information.”

So in effect, the CNIL said there was too much friction for users to find the information they need, requiring up to six separate actions to get to the information. And even when they find the information, it was “not always clear nor comprehensive.” The CNIL stated:

Users are not able to fully understand the extent of the processing operations carried out by Google. But the processing operations are particularly massive and intrusive because of the number of services offered (about twenty), the amount and the nature of the data processed and combined. The restricted committee observes in particular that the purposes of processing are described in a too generic and vague manner, and so are the categories of data processed for these various purposes.

Secondly, the CNIL said that it found that Google does not “validly” gain user consent for processing their data to use in ads personalization. Part of the problem, it said, is that the consent it collects is not done so through specific or unambiguous means — the options involve users having to click additional buttons to configure their consent, while too many boxes are pre-selected and require the user to opt out rather than opt in. Moreover, Google, the CNIL said, doesn’t provide enough granular controls for each data-processing operation.

As provided by the GDPR, consent is ‘unambiguous’ only with a clear affirmative action from the user (by ticking a non-pre-ticked box for instance).

What the CNIL is effectively referencing here is dark pattern design, which attempts to encourage users into accepting terms by guiding their choices through the design and layout of the interface. This is something that Facebook has often done too, as it has sought to garner user consent for new features or T&Cs.

Source: Google fined $57 million by French data privacy body | VentureBeat

An official warning by the Dutch Doctors guild to a serving doctor needs to be removed from Google’s search result, as the judge says that the privacy of the doctor is more important than the public good that arises from people being warned that this doctor has in some way misbehaved.

As a result of this landmark case, there’s a whole line of doctors requesting to be removed from Google.

Link is in Dutch.

Source: Google moet berispte arts verwijderen uit zoekmachine | TROUW

Alias is a teachable “parasite” that is designed to give users more control over their smart assistants, both when it comes to customisation and privacy. Through a simple app the user can train Alias to react on a custom wake-word/sound, and once trained, Alias can take control over your home assistant by activating it for you.

When you don’t use it, Alias will make sure the assistant is paralysed and unable to listen by interrupting its microphones.

Follow the build guide on Instructables
or get the source code on GitHub

Alias acts as a middle-man device that is designed to appropriate any voice activated device. Equipped with speakers and a microphone, Alias is able to communicate and manipulate the home assistant when placed on top of it. The speakers of Alias are used to interrupt the assistance with a constant low noise/sound that feeds directly into the microphone of the assistant. First when Alias recognises the user created wake-word, it stops the noise and quietly activates the assistant with a sound recording of the original wake-word. From here the assistant can be used as normally.

The wake word detection is made with a small neural network that runs locally on Alias, which can be trained and modified through live examples. The app acts as a controller to reset, train and turn on/off Alias.

The way Alias manipulates the home assistance allows to create new custom functionalities and commands that the products were not originally intended for. Alias can be programmed to send any speech commands to the assistant’s speakers, which leaves us with a lot of new possibilities.

Source: Bjørn Karmann › project_alias

Nervously, I gave a bounty hunter a phone number. He had offered to geolocate a phone for me, using a shady, overlooked service intended not for the cops, but for private individuals and businesses. Armed with just the number and a few hundred dollars, he said he could find the current location of most phones in the United States.

The bounty hunter sent the number to his own contact, who would track the phone. The contact responded with a screenshot of Google Maps, containing a blue circle indicating the phone’s current location, approximate to a few hundred metres.

Queens, New York. More specifically, the screenshot showed a location in a particular neighborhood—just a couple of blocks from where the target was. The hunter had found the phone (the target gave their consent to Motherboard to be tracked via their T-Mobile phone.)

The bounty hunter did this all without deploying a hacking tool or having any previous knowledge of the phone’s whereabouts. Instead, the tracking tool relies on real-time location data sold to bounty hunters that ultimately originated from the telcos themselves, including T-Mobile, AT&T, and Sprint, a Motherboard investigation has found. These surveillance capabilities are sometimes sold through word-of-mouth networks.

Whereas it’s common knowledge that law enforcement agencies can track phones with a warrant to service providers, IMSI catchers, or until recently via other companies that sell location data such as one called Securus, at least one company, called Microbilt, is selling phone geolocation services with little oversight to a spread of different private industries, ranging from car salesmen and property managers to bail bondsmen and bounty hunters, according to sources familiar with the company’s products and company documents obtained by Motherboard. Compounding that already highly questionable business practice, this spying capability is also being resold to others on the black market who are not licensed by the company to use it, including me, seemingly without Microbilt’s knowledge.

Source: T-Mobile, Sprint, and AT&T Are Selling Customers’ Real-Time Location Data, And It’s Falling Into the Wrong Hands

On Thursday, authorities in Germany were made aware of an enormous leak of personal information belonging to artists, media figures, and politicians—including Chancellor Angela Merkel. The hack is being called the “biggest data dump” in German history and appears to contain a treasure trove of information that could be used for identity theft.

Early reports and tweets identified the source of the leak as a now-suspended Twitter account with the handle “@_0rbit” and username “G0d.” According to multiple reports, the account began posting the data in December, Advent-calender-style. The astounding collection of stolen information reportedly includes email addresses, documents, private correspondence, credit card information, passwords, family information, and even photocopies of personal ID cards. The victims included the members of virtually every political party in German Parliament, TV journalists, musicians, and YouTube stars.

While the Twitter account and an associated Blogspot have been removed, the information was still relatively easy to track down. One security researcher on Twitter noted that this dump was incredibly labor intensive with hundreds of mirror links ensuring the information would be difficult to take down. At least one link that Gizmodo viewed on Imgur disappeared a few minutes later.

[…]

One good thing that could come out of this mess is, politicians have begun to call for stronger data protection and security measures in Germany. Britta Haßelmann, the parliamentary executive director of the Greens, released a statement asking for proactive measures that include “a renunciation of state-run security with vulnerabilities, end-to-end encryption and the strengthening of independent supervisory structures.”

Source: German Politicians Hit With Unprecedented Leak of Private Information

And suddenly they sit up and notice when it affects them personally

More than a couple weather apps have recently come under fire for their handling of user data, either by collecting too much or allegedly tracking users without their permission. Now, the maker of yet another popular weather app is being accused by the city attorney of Los Angeles of deceiving millions of users and profiting from their location data.

The lawsuit was filed Thursday, according to the New York Times, which has been reporting on the app’s alleged misdeeds. As part of a larger investigation last month into the practice of companies tracking user location data for profit, the Times reported that the Weather Channel app—part of the Weather Company, which was acquired by IBM in 2015—didn’t “explicitly disclose that the company had also analyzed the data for hedge funds.” While the app did disclose how some user data would be used in its privacy policy and privacy settings, it did not alert users in a prompt used to gain access to their location data.

“For years, TWC has deceptively used its Weather Channel App to amass its users’ private, personal geolocation data—tracking minute details about its users’ locations throughout the day and night, all the while leading users to believe that their data will only be used to provide them with ‘personalized local weather data, alerts and forecasts,’” the lawsuit states. “TWC has then profited from that data, using it and monetizing it for purposes entirely unrelated to weather or the Weather Channel App.”

Source: Lawsuit Accuses Weather Channel App of Misleading Users and Profiting From Their Location Data

An Amazon user in Germany recently requested data about his personal activities and inadvertently gained access to 1,700 audio recordings of someone he didn’t know.

Germany’s c’t magazine reports that in August the Amazon user—exercising his rights under the EU’s General Data Protection Regulation—requested his own data that Amazon has stored. Two months later, Amazon sent him a downloadable 100Mb zip file.

Some of the files reportedly related to his Amazon searches. But according to the report there were also hundreds of Wav files and a PDF cataloging transcripts of Alexa’s interpretations of voice commands. According to c’t magazine, this was peculiar to this user because he doesn’t own any Alexa devices and had never used the service. He also didn’t recognize the voices in the files.

The user reported the matter to Amazon and asked for information. He reportedly didn’t receive a response, but soon found that the link to the data was dead. However, he had already saved the files, and he shared his experience with c’t magazine out of concern that the person whose privacy had been compromised was not told about the mistake.

C’t magazine listened to many of the files and was able “to piece together a detailed picture of the customer concerned and his personal habits.” It found that he used Alexa in various places, has an Echo at home, and has a Fire device on his TV. They noticed that a woman was around at times. They listened to him in the shower.

We were able to navigate around a complete stranger’s private life without his knowledge, and the immoral, almost voyeuristic nature of what we were doing got our hair standing on end. The alarms, Spotify commands, and public transport inquiries included in the data revealed a lot about the victims’ personal habits, their jobs, and their taste in music. Using these files, it was fairly easy to identify the person involved and his female companion. Weather queries, first names, and even someone’s last name enabled us to quickly zero in on his circle of friends. Public data from Facebook and Twitter rounded out the picture.

Using the information they gathered from the recordings, the magazine contacted the victim of the data leak. He “was audibly shocked,” and confirmed it was him in the recordings and that the outlet had figured out the identity of his girlfriend. He said Amazon did not contact him.

Days later, both the victim and the receiver of the files were called by Amazon to discuss the incident. Both were reportedly called three days after c’t magazine contacted Amazon about the matter. An Amazon representative reportedly told them that one of their staff members had made a one-time error.

When asked for comment on the matter, Amazon sent Gizmodo the same statement it had shared with Reuters. “This was an unfortunate case of human error and an isolated incident. We have resolved the issue with the two customers involved and have taken steps to further improve our processes. We were also in touch on a precautionary basis with the relevant regulatory authorities.”

Amazon did not answer Gizmodo’s questions about how a human error led to this privacy infringement, or whether the company had initially contacted the victim to inform them their sensitive information was shared with a stranger.

Source: The Amazon Alexa Eavesdropping Nightmare Came True

Aleksandra Korolova has turned off Facebook’s access to her location in every way that she can. She has turned off location history in the Facebook app and told her iPhone that she “Never” wants the app to get her location. She doesn’t “check-in” to places and doesn’t list her current city on her profile.

Despite all this, she constantly sees location-based ads on Facebook. She sees ads targeted at “people who live near Santa Monica” (where she lives) and at “people who live or were recently near Los Angeles” (where she works as an assistant professor at the University of Southern California). When she traveled to Glacier National Park, she saw an ad for activities in Montana, and when she went on a work trip to Cambridge, Massachusetts, she saw an ad for a ceramics school there.

Facebook was continuing to track Korolova’s location for ads despite her signaling in all the ways that she could that she didn’t want Facebook doing that.

This was especially perturbing for Korolova, as she recounts on Medium, because she has studied the privacy harms that come from Facebook advertising, including how it could be previously used to gather data about an individual’s likes, estimated income and interests (for which she and her co-author Irfan Faizullabhoy got a $2,000 bug bounty from Facebook), and how it can currently be used to target ads at a single house or building, if, say, an anti-choice group wanted to target women at a Planned Parenthood with an ad for baby clothes.

Korolova thought Facebook must be getting her location information from the IP addresses she used to log in from, which Facebook says it collects for security purposes. (It wouldn’t be the first time Facebook used information gathered for security purposes for advertising ones; advertisers can target Facebook users with the phone number they provided for two-factor protection of their account.) As the New York Times recently reported, lots of apps are tracking users’ movements with surprising granularity. The Times suggested turning off location services in your phone’s privacy settings to stop the tracking, but even then the apps can still get location information, by looking at the wifi network you use or your IP address.

When asked about this, Facebook said that’s exactly what it’s doing and that it considers this a completely normal thing to do and that users should know this will happen if they closely read various Facebook websites.

“Facebook does not use WiFi data to determine your location for ads if you have Location Services turned off,” said a Facebook spokesperson by email. “We do use IP and other information such as check-ins and current city from your profile. We explain this to people, including in our Privacy Basics site and on the About Facebook Ads site.”

On Privacy Basics, Facebook gives advice for “how to manage your privacy” with regards to location but says that regardless of what you do, Facebook can still “understand your location using things like… information about your Internet connection.” This is reiterated on the “About Facebook Ads” site that says that ads might be based on your location which is garnered from “where you connect to the Internet” among other things.

Strangely, back in 2014, Facebook told businesses in a blog post that “people have control over the recent location information they share with Facebook and will only see ads based on their recent location if location services are enabled on their phone.” Apparently, that policy has changed. (Facebook said it would update this old post.)

Hey, maybe this is to be expected. You need an IP address to use the internet and, by the nature of how the internet works, you reveal it to an app or a website when you use them (though you can hide your IP address by using one provided by the Tor browser or a VPN). There are various companies that specialize in mapping the locations of IP addresses, and while it can sometimes be wildly inaccurate, an IP address will give you a rough approximation of your whereabouts, such as the state, city or zip code you are currently in. Many websites use IP address-derived location to personalize their offerings, and many advertisers use it to show targeted online ads. It means showing you ads for restaurants in San Francisco if you live there instead of ads for restaurants in New York. In that context, Facebook using this information to do the same thing is not terribly unusual.

“There is no way for people to opt out of using location for ads entirely,” said a Facebook spokesperson by email. “We use city and zip level location which we collect from IP addresses and other information such as check-ins and current city from your profile to ensure we are providing people with a good service—from ensuring they see Facebook in the right language, to making sure that they are shown nearby events and ads for businesses that are local to them.”

Source: Turning Off Facebook Location Services Doesn’t Stop Tracking

Back in 2015, a woman named Imy Santiago wrote an Amazon review of a novel that she had read and liked. Amazon immediately took the review down and told Santiago she had “violated its policies.” Santiago re-read her review, didn’t see anything objectionable about it, so she tried to post it again. “You’re not eligible to review this product,” an Amazon prompt informed her.

When she wrote to Amazon about it, the company told her that her “account activity indicates you know the author personally.” Santiago did not know the author, so she wrote an angry email to Amazon and blogged about Amazon’s “big brother” surveillance.

I reached out to both Santiago and Amazon at the time to try to figure out what the hell happened here. Santiago, who is an indie book writer herself, told me that she’d been in the same ballroom with the author in New York a few months before at a book signing event, but had not talked to her, and that she had followed the author on Twitter and Facebook after reading her books. Santiago had never connected her Facebook account to Amazon, she said.

Amazon wouldn’t tell me much back in 2015. Spokesperson Julie Law told me by email at the time that the company “didn’t comment on individual accounts” but said, “when we detect that elements of a reviewer’s Amazon account match elements of an author’s Amazon account, we conclude that there is too much risk of review bias. This can erode customer trust, and thus we remove the review. I can assure you that we investigate each case.”

“We have built mechanisms, both manual and automated over the years that detect, remove or prevent reviews which violate guidelines,” Law added.

A new report in the New York Times about Facebook’s surprising level of data-sharing with other technology companies may shed light on those mechanisms:

Facebook allowed Microsoft’s Bing search engine to see the names of virtually all Facebook users’ friends without consent, the records show, and gave Netflix and Spotify the ability to read Facebook users’ private messages.

The social network permitted Amazon to obtain users’ names and contact information through their friends, and it let Yahoo view streams of friends’ posts as recently as this summer, despite public statements that it had stopped that type of sharing years earlier.

If Amazon was sucking up data from Facebook about who knew whom, it may explain why Santiago’s review was blocked. Because Santiago had followed the author on Facebook, Amazon or its algorithms would see her name and contact information as being connected to the author there, according to the Times. Facebook reportedly didn’t let users know this data-sharing was happening nor get their consent, so Santiago, as well as the author presumably, wouldn’t have known this had happened.

Amazon declined to tell the New York Times about its data-sharing deal with Facebook but “said it used the information appropriately.” I asked Amazon how it was using the data obtained from Facebook, and whether it used it to make connections like the one described by Santiago. The answer was underwhelming.

“Amazon uses APIs provided by Facebook in order to enable Facebook experiences for our products,” said an Amazon spokesperson in a statement that didn’t quite answer the question. “For example, giving customers the option to sync Facebook contacts on an Amazon Tablet. We use information only in accordance with our privacy policy.”

Amazon declined our request to comment further.

Why was Facebook giving out this data about its users to other tech giants? The Times report is frustratingly vague, but it says Facebook “got more users” by partnering with the companies (though it’s unclear how), but also that it got data in return, specifically data that helped power its People You May Know recommendations. Via the Times:

The Times reviewed more than 270 pages of reports generated by the system — records that reflect just a portion of Facebook’s wide-ranging deals. Among the revelations was that Facebook obtained data from multiple partners for a controversial friend-suggestion tool called “People You May Know.”

The feature, introduced in 2008, continues even though some Facebook users have objected to it, unsettled by its knowledge of their real-world relationships. Gizmodo and other news outlets have reported cases of the tool’s recommending friend connections between patients of the same psychiatrist, estranged family members, and a harasser and his victim.

Facebook, in turn, used contact lists from the partners, including Amazon, Yahoo and the Chinese company Huawei — which has been flagged as a security threat by American intelligence officials — to gain deeper insight into people’s relationships and suggest more connections, the records show.

‘You scratch my algorithm’s back. I’ll scratch your algorithm’s back,’ or so the arrangement apparently went.

Back in 2017, I asked Facebook whether it was getting information from “third parties such as data brokers” to help power its creepily accurate friend recommendations. A spokesperson told me by email, “Facebook does not use information from data brokers for People You May Know,” in what now seems to be a purposefully evasive answer.

Facebook doesn’t want to tell us how its systems work. Amazon doesn’t want to tell us how its systems work. These companies are data mining us, sometimes in concert, to make uncomfortably accurate connections but also erroneous assumptions. They don’t want to tell us how they do it, suggesting they know it’s become too invasive to reveal. Thank god for leakers and lawsuits.

Source: Amazon and Facebook Reportedly Had a Secret Data-Sharing Agreement, and It Explains So Much