Mozilla hires former Google executive as its new policy and security chief

Mozilla has hired Alan Davidson, a former Commerce Dept. digital director, as its new global policy chief. The Firefox browser maker said Tuesday that the former civil servant, who oversaw internet policy and cybersecurity towards the end of Obama’s presidential tenure, will return Mozilla in the new role after last year serving as its tech policy fellow. Davidson also served as Google’s policy chief amid an uproar in 2011 about the search giant’s location tracking, and later as director of New America’s Open Technology Institute. In his new role, Davidson will be responsible for Mozilla’s policy, trust and security work, including compliance, security and investigations. Mozilla said that will include the company’s ongoing efforts to defend the open web, such as web standards, net neutrality and pushing for user privacy. Davidson, who said he was “thrilled” to join the browser giant, will report to Mozilla’s chief operating officer, Denelle
Continue reading "Mozilla hires former Google executive as its new policy and security chief"

Apple will require all apps to have a privacy policy as of October 3

Apple is cracking down on apps that don’t communicate to users how their personal data is used, secured or shared. In an announcement posted to developers through the App Store Connect portal, Apple says that all apps, including those still in testing, will be required to have a privacy policy as of October 3, 2018. Allowing apps without privacy policies is something of an obvious hole that Apple should have already plugged, given its generally protective nature over user data. But the change is even more critical now that Europe’s GDPR regulations have gone into effect. Though the app makers themselves would be ultimately responsible for their customers’ data, Apple, as the platform where those apps are hosted, has some responsibility here, too. Platforms today are being held accountable for the behavior of their apps, and the data misuse that may occur as a result of their own policies around
Continue reading "Apple will require all apps to have a privacy policy as of October 3"

Google and Mastercard reportedly partner to track offline purchases

According to a report from Bloomberg, Google and Mastercard have signed a secret deal so that Google could track retail sales using Mastercard transaction data. This is yet another proof that Google’s true customers are its advertising partners. Online advertising have now overtaken all other advertising methods. Companies spend more on online ads than TV ads, newspaper ads and more. And the reason why online ads have become so popular is that it’s much easier to track the effectiveness of your ad campaign. If you spend money on Google or Facebook ads, you can directly track the number of customers who end up on your online store because of your campaign. You can even see what they end up buying. And yet, what if you see an online ad for a TV and then you buy a TV in store? Tech companies have tried for years to bridge the
Continue reading "Google and Mastercard reportedly partner to track offline purchases"

Firefox will soon start blocking trackers by default

Mozilla today announced that its Firefox browser will soon by default automatically block all attempts at cross-site tracking. There are three parts to this strategy. Starting with version 63, which is currently in testing in the browser’s nightly release channel, Firefox will block all slow-loading trackers (with ads being the biggest offender here). Those are trackers that take more than five seconds to load. Starting with Firefox 65, the browser will also strip all cookies and block all storage access from third-party trackers. In addition, Mozilla is also working on blocking cryptomining scripts and trackers that fingerprint users. As usual, the timeline could still change, depending on how these first tests work out. “In the physical world, users wouldn’t expect hundreds of vendors to follow them from store to store, spying on the products they look at or purchase,” Mozilla’s Nick Nguyen writes today. “Users have the same expectations of
Continue reading "Firefox will soon start blocking trackers by default"

This is Google’s Titan security key

Google isn’t one to shy away from bold claims. “We have had no reported or confirmed account takeovers since implementing security keys at Google,” a spokesperson told TechCrunch. And it’s probably true. Think of a security key as like a two-factor authentication code that’s sent to your phone — but instead a USB stick in your pocket. Two-factor authentication is stronger than just a username and password, but text message codes can be intercepted and many sites and services don’t yet support the stronger authenticator codes. Security keys are one of the strongest lines of defense against account breaches. That’s because a hacker on the other side of the world trying to break into your account needs not only your password but also your physical key — and that’s not something a hacker can easily or covertly steal. Although there are a handful of security key brands out there — Yubikey and
Continue reading "This is Google’s Titan security key"

DuckDuckGo gets $10M from Omers for global privacy push

Pro-privacy search engine DuckDuckGo, which offers an alternative to surveillance engines like Google, has quietly picked up $10M in fresh funding from Canadian pension fund Omers’ VC arm. The Globe and Mail reported the news earlier this month. It’s only the second funding round for the ten year old company — which last picked up $3M in VC all the way back in 2011, according to Crunchbase. In a blog post announcing the investment, Omers Ventures argues that privacy and security concerns have “risen to the forefront of public consciousness” over the past five years — noting how governments are responding to public demand and data breaches and “starting to take real action”, citing the European Union’s updated privacy framework, GDPR, as one example. With that conviction in mind, the fund actively pursued an investment in DDG, which has been profitable (via non-tracking advertising) since 2014 so was not
Continue reading "DuckDuckGo gets $10M from Omers for global privacy push"

Privacy groups ask senators to confirm US surveillance oversight nominees

A coalition of privacy groups are calling on lawmakers to fill the vacant positions on the government’s surveillance oversight board, which hasn’t fully functioned in almost two years. The Privacy and Civil Liberties Oversight Board, known as PCLOB, is a little-known but important group that helps to ensure that intelligence agencies and executive branch policies are falling within the law. The board’s work allows them to have access to classified programs run by the dozen-plus intelligence agencies and determine if they’re legal and effective, while balancing Americans’ privacy and civil liberties rights. In its most recent unclassified major report in 2015, PCLOB called for an end of the NSA’s collection of Americans’ phone records. But the board fell out of quorum when four members left the board last year, leaving just the chairperson. President Obama did not fill the vacancies before he left office, putting PCLOB’s work largely on ice.
Continue reading "Privacy groups ask senators to confirm US surveillance oversight nominees"

George Church’s genetics on the blockchain startup just raised $4.3 million from Khosla

Nebula Genomics, the startup that wants to put your whole genome on the blockchain, has announced the raise of $4.3 million in Series A from Khosla Ventures and other leading tech VC’s such as Arch Venture Partners, Fenbushi Capital, Mayfield, F-Prime Capital Partners, Great Point Ventures, Windham Venture Partners, Hemi Ventures, Mirae Asset, Hikma Ventures and Heartbeat Labs. Nebula has also has forged a partnership with genome sequencing company Veritas Genetics. Veritas was one of the first companies to sequence the entire human genome for less than $1,000 in 2015, later adding all that info to the touch of a button on your smartphone. Both Nebula and Veritas were cofounded by MIT professor and “godfather” of the Human Genome Project, George Church. The partnership between the two companies will allow the Nebula marketplace, or the place where those consenting to share their genetic data can earn Nebula’s cryptocurrency called “Nebula
Continue reading "George Church’s genetics on the blockchain startup just raised $4.3 million from Khosla"

Yahoo still scans your emails for ads — even if its rivals won’t

You’re not the only one reading your emails. A deep dive in The Wall Street Journal on Tuesday dug out new details on a massive email scanning operation by Oath, the Verizon-owned subsidiary that’s the combined business of AOL and Yahoo. The email scanning program analyzes over 200 million AOL and Yahoo inboxes for data that can be sold to advertisers. (Disclosure: TechCrunch is owned by Verizon by way of Oath.) The logic goes that by learning about its users, the internet giant can hone its ad targeting effort to display the most relevant ads. But where other major email providers have bailed from email scanning amid privacy scandals and security issues, Oath remains the outlier. Google ended its ad-targeting email scanning operation across its consumer Gmail service last year — a decision lauded after facing criticism for years over the practice — though the company still uses machine
Continue reading "Yahoo still scans your emails for ads — even if its rivals won’t"

UK data protection complaints more than double under new GDPR rules

The number of complaints filed with the UK data protection watchdog has more than doubled since the introduction of new European regulations. There were 6,281 complaints filed with the Information Commissioner’s Office between May 25 when the new GDPR rules went into effect and July 3, a rise of more than double from the 2,417 complaints during the same period a year earlier. The ICO, which enforces the new rules in the UK, did not say if the bulk of the new cases are GDPR related as the watchdog doesn’t separate out its complaints by type, but said that the agency expects the figures will continue to climb. “Generally, as anticipated, we have seen a rise in personal data breach reports from organizations,” said an ICO spokesperson. “Complaints relating to data protection issues are also up and, as more people become aware of their individual rights, we are expecting the
Continue reading "UK data protection complaints more than double under new GDPR rules"

Facebook bans first app since Cambridge Analytica, myPersonality, and suspends hundreds more

Facebook announced today that it had banned the app myPersonality for improper data controls and suspended hundreds more. So far this is only the second app to be banned as a result of the company’s large-scale audit begun in March; but as myPersonality hasn’t been active since 2012, and was to all appearances a legitimate academic operation, it’s a bit of a mystery why they bothered. The total number of app suspensions has reached 400, twice the number we last heard Facebook announce publicly. Suspensions aren’t listed publicly, however, and apps may be suspended and reinstated without any user notification. The only other app to be banned via this process is Cambridge Analytica. myPersonality was created by researchers at the Cambridge Psychometrics Centre (no relation to Cambridge Analytica — this is an actual academic institution) to source data from Facebook users via personality quizzes. It operated from 2007 to 2012,
Continue reading "Facebook bans first app since Cambridge Analytica, myPersonality, and suspends hundreds more"

Apple removed Facebook’s Onavo from the App Store for gathering app data

If you were on the edge of your seat wondering what Facebook’s next major consumer privacy headache would be, the wait is over! The Wall Street Journal reports that Apple has deemed Facebook-owned app Onavo in violation of its App Store policies and will be giving it the boot shortly. In a statement to TechCrunch, an Apple spokesperson explained the reasoning behind its decision to pull the app:
“We work hard to protect user privacy and data security throughout the Apple ecosystem. With the latest update to our guidelines, we made it explicitly clear that apps should not collect information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing and must make it clear what user data will be collected and how it will be used.”
In some ways, it’s a wonder that Onavo has lasted this long. Onavo, which Facebook
Continue reading "Apple removed Facebook’s Onavo from the App Store for gathering app data"

Court rules warrants are needed for cops to access smart electrical meter data

You can tell a lot about what’s going on in a home from how much electricity it’s using — especially when that information is collected every few minutes and recorded centrally. It’s revealing enough that a federal judge has ruled that people with smart meters have a reasonable expectation of privacy and as such law enforcement will require a warrant to acquire that data. It may sound like a niche win in the fight for digital privacy, and in a way it is, but it’s still important. One of the risks we’ve assumed as consumers in adopting ubiquitous technology in forms like the so-called Internet of Things is that we are generating an immense amount of data we weren’t before, and that data is not always protected as it should be.

This case is a great example. Traditional spinning meters are

Continue reading "Court rules warrants are needed for cops to access smart electrical meter data"

Google updates Location History language after tracking backlash

Four days after admitting that it continues to track users even after the Location History tracking has been disabled, Google has updated its website to more accurately reflect the nature of its location policy. 

“This setting does not affect other location services on your device, like Google Location Services and Find My Device,” the updated Google Account Help page now reads. “Some location data may be saved as part of your activity on other services, like Search and Maps. When you turn off Location History for your Google Account, it’s off for all devices associated with that Google Account.”

The update was noted by the Associated Press, which first brought the tracking issue to light earlier this week in a report. Google initially denied its own inaccurate reporting, but later backtracked, adding that it had added clarifying language.

The company told TechCrunch earlier this week,

Location History

Continue reading "Google updates Location History language after tracking backlash"

Google keeps a history of your locations even when Location History is off

In a wonderfully clear example of “dark patterns” designed to mislead users and retain control over their data, Google continues tracking your location even when you turn off Location History and are told that “the places you go are no longer stored.” Google says it tells users, but its disclosure is the bare minimum and users are discouraged from further interference with data collection. A report from the AP lays out the details, but the information will come as no surprise to anyone who has tried to fully expunge their location data, or who read the “dark patterns” report from June. The problem is quite simple. When you turn off (technically “pause,” a choice of words in itself troubling) “Location History,” a major Google account-level setting, you are told: “With Location History off, the places you go are no longer stored.” Yet many apps and services Google provides
Continue reading "Google keeps a history of your locations even when Location History is off"

Security researchers found a way to hack into the Amazon Echo

Hackers at DefCon have exposed new security concerns around smart speakers. Tencent’s Wu HuiYu and Qian Wenxiang spoke at the security conference with a presentation called Breaking Smart Speakers: We are Listening to You, explaining how they hacked into an Amazon Echo speaker and turned it into a spy bug. The hack involved a modified Amazon Echo, which had parts swapped out, including some that had been soldered on. The modified Echo was then used to hack into other, non-modified Echos by connecting both the hackers’ Echo and a regular Echo to the same LAN. This allowed the hackers to turn their own, modified Echo into a listening bug, relaying audio from the other Echo speakers without those speakers indicating that they were transmitting. This method was very difficult to execute, but represents an early step in exploiting Amazon’s increasingly popular smart speaker. The researchers notified Amazon of the
Continue reading "Security researchers found a way to hack into the Amazon Echo"

Openbook is the latest dream of a digital life beyond Facebook

As tech’s social giants wrestle with antisocial demons that appear to be both an emergent property of their platform power, and a consequence of specific leadership and values failures (evident as they publicly fail to enforce even the standards they claim to have), there are still people dreaming of a better way. Of social networking beyond outrage-fuelled adtech giants like Facebook and Twitter. There have been many such attempts to build a ‘better’ social network of course. Most have ended in the deadpool. A few are still around with varying degrees of success/usage (Snapchat, Ello and Mastodon are three that spring to mine). None has usurped Zuckerberg’s throne of course. This is principally because Facebook acquired Instagram and WhatsApp. It has also bought and closed down smaller potential future rivals (tbh). So by hogging network power, and the resources that flow from that, Facebook the company continues to
Continue reading "Openbook is the latest dream of a digital life beyond Facebook"

What Does Google Know About You?

Data is what fuels the information economy. And while there are many varieties of data clogging up the internet’s bandwidth, there is one specific type of data that is known to be particularly lucrative: personal data. Like many other enterprising tech giants, Google must accumulate massive amounts of personal data to monetize its services – and in the process, the company develops an astonishingly robust picture of what you’re all about.

What Google Knows

Today’s infographic comes to us from TheBestVPN and it shows what Google knows about you, how the tech giant gathers that information, and a few solutions to stop Google from tracking you. What Does Google Know About You? Through its various apps and services, Google can craft a robust profile on you and your activity on the internet. Google, like Facebook, uses this personal information to target customized advertisements to you, however you decide to use the internet. This can be via
Subscribe to Visual Capitalist
Follow Visual Capitalist on Twitter
Like Visual Capitalist on Facebook
Follow Visual Capitalist on LinkedIn
Continue reading "What Does Google Know About You?"