Bose Corp spies on its wireless headphone customers by using an app that tracks the music, podcasts and other audio they listen to, and violates their privacy rights by selling the information without permission, a lawsuit charged.

The complaint filed on Tuesday by Kyle Zak in federal court in Chicago seeks an injunction to stop Bose’s “wholesale disregard” for the privacy of customers who download its free Bose Connect app from Apple Inc or Google Play stores to their smartphones.

[…]

After paying $350 for his QuietComfort 35 headphones, Zak said he took Bose’s suggestion to “get the most out of your headphones” by downloading its app, and providing his name, email address and headphone serial number in the process.

But the Illinois resident said he was surprised to learn that Bose sent “all available media information” from his smartphone to third parties such as Segment.io, whose website promises to collect customer data and “send it anywhere.”

Audio choices offer “an incredible amount of insight” into customers’ personalities, behavior, politics and religious views, citing as an example that a person who listens to Muslim prayers might “very likely” be a Muslim, the complaint said.

“Defendants’ conduct demonstrates a wholesale disregard for consumer privacy rights,” the complaint said.

Zak is seeking millions of dollars of damages for buyers of headphones and speakers, including QuietComfort 35, QuietControl 30, SoundLink Around-Ear Wireless Headphones II, SoundLink Color II, SoundSport Wireless and SoundSport Pulse Wireless.

He also wants a halt to the data collection, which he said violates the federal Wiretap Act and Illinois laws against eavesdropping and consumer fraud.

Dore, a partner at Edelson PC, said customers do not see the Bose app’s user service and privacy agreements when signing up, and the privacy agreement says nothing about data collection.

Edelson specializes in suing technology companies over alleged privacy violations.

The case is Zak v Bose Corp, U.S. District Court, Northern District of Illinois, No. 17-02928.

Source: Bose headphones spy on listeners: lawsuit | Article [AMP] | Reuters

A confidential Facebook document reviewed by The Intercept shows that the social network courts carriers, along with phone makers — some 100 different companies in 50 countries — by offering the use of even more surveillance data, pulled straight from your smartphone by Facebook itself.

Offered to select Facebook partners, the data includes not just technical information about Facebook members’ devices and use of Wi-Fi and cellular networks, but also their past locations, interests, and even their social groups. This data is sourced not just from the company’s main iOS and Android apps, but from Instagram and Messenger as well. The data has been used by Facebook partners to assess their standing against competitors, including customers lost to and won from them, but also for more controversial uses like racially targeted ads.

[…]

Facebook’s cellphone partnerships are particularly worrisome because of the extensive surveillance powers already enjoyed by carriers like AT&T and T-Mobile: Just as your internet service provider is capable of watching the data that bounces between your home and the wider world, telecommunications companies have a privileged vantage point from which they can glean a great deal of information about how, when, and where you’re using your phone. AT&T, for example, states plainly in its privacy policy that it collects and stores information “about the websites you visit and the mobile applications you use on our networks.” Paired with carriers’ calling and texting oversight, that accounts for just about everything you’d do on your smartphone.

[…]

the Facebook mobile app harvests and packages eight different categories of information […] These categories include use of video, demographics, location, use of Wi-Fi and cellular networks, personal interests, device information, and friend homophily, an academic term of art. A 2017 article on social media friendship from the Journal of the Society of Multivariate Experimental Psychology defined “homophily” in this context as “the tendency of nodes to form relations with those who are similar to themselves.” In other words, Facebook is using your phone to not only provide behavioral data about you to cellphone carriers, but about your friends as well.

Source: Facebook’s Work With Phone Carriers Alarms Legal Experts

During RTB, personal data such as what you read online, what you watch, your location, your sexual orientation, etc is sent to a whole slew of advertisers so they can select you as an object to show their adverts do. This, together with other profiling information sent, can be used to build up a long term profile of you and to identify you. There is no control about what happens to this data once it has been sent. This is clearly contrary to the spirit of the AVG / GDPR. The two standard RTB frameworks – Google’s Authorized Buyers and IAB’s OpenRTB both refuse to accept any responsibility about personal information, whilst both are encouraging and facilitating the trade of it.

Source: Bits of Freedom: stop met grootschalig lekken van persoonsgegevens bij real time bidding – Emerce

Google tracks a lot of what you buy, even if you purchased it elsewhere, like in a store or from Amazon.

Last week, CEO Sundar Pichai wrote a New York Times op-ed that said “privacy cannot be a luxury good.” But behind the scenes, Google is still collecting a lot of personal information from the services you use, such as Gmail, and some of it can’t be easily deleted.

A page called “Purchases ” shows an accurate list of many — though not all — of the things I’ve bought dating back to at least 2012. I made these purchases using online services or apps such as Amazon, DoorDash or Seamless, or in stores such as Macy’s, but never directly through Google.

But because the digital receipts went to my Gmail account, Google has a list of info about my buying habits.

[…]

But there isn’t an easy way to remove all of this. You can delete all the receipts in your Gmail inbox and archived messages. But, if you’re like me, you might save receipts in Gmail in case you need them later for returns. There is no way to delete them from Purchases without also deleting them from Gmail — when you click on the “Delete” option in Purchases, it simply guides you back to the Gmail message.

[…]

Google’s privacy page says that only you can view your purchases. But it says “Information about your orders may also be saved with your activity in other Google services ” and that you can see and delete this information on a separate “My Activity” page.

Except you can’t. Google’s activity controls page doesn’t give you any ability to manage the data it stores on Purchases.

Google told CNBC you can turn off the tracking entirely, but you have to go to another page for search setting preferences. However, when CNBC tried this, it didn’t work — there was no such option to fully turn off the tracking. It’s weird this isn’t front and center on Google’s new privacy pages or even in Google’s privacy checkup feature.

Google says it doesn’t use your Gmail to show you ads and promises it “does not sell your personal information, which includes your Gmail and Google Account information,” and does “not share your personal information with advertisers, unless you have asked us to.”

But, for reasons that still aren’t clear, it’s pulling that information out of your Gmail and dumping it into a “Purchases” page most people don’t seem to know exists.

Source: Google Gmail tracks purchase history — how to delete it