privacypolicy
Latest
Microsoft says humans will still transcribe Cortana and Skype audio
Just like seemingly every other major tech company with a voice assistant or voice chat service, it emerged that Microsoft contractors were listening to Skype and Cortana recordings. Apple, Google and Facebook have temporarily halted similar efforts, and Amazon lets users opt out of having Alexa conversations reviewed by humans. But Microsoft will continue the practice for the time being despite possible privacy concerns.
An early test of the GDPR: taking on data brokers
Major data brokers Acxiom and Oracle are among seven companies accused of violating GDPR laws on personal information privacy. Advocates hope the complaints will shed light on the opaque ways that personal data is traded through third parties online both in the EU and the US. The General Data Protection Regulation is a sweeping personal data privacy law that came into force in late May in the EU. For the rest of the world, it's viewed as a bellwether for whether Big Tech can be held in check when immense data leaks seem to happen with painful regularity.
Who controls your data?
The average American, one study tell us, touches their phone 2,600 times per day. By the end of a given year, that's nearly a million touches, rising to two million if you're a power user. Each one of those taps, swipes and pulls is a potential proxy for our most intimate behaviors. Our phones are not only tools that help us organize our day but also sophisticated monitoring devices that we voluntarily feed with interactions we think are private. The questions we ask Google, for instance, can be more honest than the ones we ask our loved ones -- a "digital truth serum," as ex-Googler and author Seth Stephens-Davidowitz writes in Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are. Hoover up these data points and combine them with all of our other devices -- smart TVs, fitness trackers, cookies that stalk us across the web -- and there exists an ambient, ongoing accumulation of our habits to the tune of about 2.5 quintillion (that's a million trillion) bytes of data per day.
Google updates privacy policy so you can actually understand it
Europe's new General Data Protection Regulation (GDPR) privacy laws are about to go into effect, and one of the key rules is that companies must provide "clear and transparent" notice about how your data will be used. Google has done just that, releasing its upcoming privacy policy that explains exactly how it will use your data in surprisingly easy-to-understand terms.
Some Google Docs users are being locked out of their files (updated)
A number of Google Docs users have reported being locked out of their documents today for, according to the message that pops up when they try to access the affected document, violating Google's terms of service. Users that have tweeted about the issue have said their locked-out pieces were about a range of topics including wildfire crimes, post-socialist eastern Europe and a response to reviewers of an academic journal submission.
Facebook fined in Spain for allegedly misusing personal data
Facebook has been fined €1.2 million (roughly $1.4 million) for several instances where the social network may have collected Spanish user data without fully informing people how it would be used. Retuers reports that Spain's Agencia Española de Protección de Datos (AEPD; Spanish Data Protection Agency) found three instances of Facebook not "sufficiently" informing users how their gender, religious beliefs, personal tastes and browsing history would be used.
Trump's website wanted to collect your location data
A redesigned version of Donald Trump's 2020 campaign website debuted on Tuesday morning, and with it came a new and problematic set of Terms & Conditions. According to CBS News, part of the new terms stated that the website "may... collect other information based on your location and your Device's proximity to 'beacons' and other similar proximity systems." That means the people who visited the website upon launch unknowingly agreed to have their info collected. Thankfully, its developer killed that part of the T&C after CBS News questioned its purpose.
Evernote will no longer change its privacy policy in January
Evernote's explanation failed to assuage users' fears that employees would be able to read their data come January 23rd. So, the company has decided not to implement its new Privacy Policy anymore. Evernote's policy change, which would have taken effect in January 2017, states that employees will be able to access your data in an effort to improve its machine learning system. The backlash was instantaneous -- the company tried to quell it by explaining that any note read by its employees will be anonymous and that nobody will ever read yours unless you opt in.
WhatsApp won't comply with India's order to delete user data (updated)
WhatsApp's decision to share user data with Facebook has provoked the ire of yet another foreign government. Last week, India's Delhi High Court ordered WhatsApp to delete any data collected from users who opted out of the company's new privacy policy before September 25th. According to Mashable, however, WhatsApp has no plan to comply with the court order and it will have "no impact on the planned policy and terms of service updates." (Note: see update below.)
Snapchat tells everyone to chill out over its new privacy policy
A few days ago, Snapchat updated its terms of use and privacy policy with some broadly-worded clauses that sent the internet into a tailspin. If you read it one way, you'd think that the firm would begin stockpiling your genital selfies, share them with the world and not even delete the pic on request. Of course, the company has now gone into damage-control mode, asking everyone to relax and clarifying that shots of your downstairs region remain your own business -- unless some cheeky individual screenshots something that they shouldn't.
AVG says it can sell your browsing data in updated privacy policy
AVG has updated its privacy policy's language, and in the amended document, the security firm admits that it can "make money from [its] free offerings with non-personal data." These "non-personal" info include your device's brand, language and apps in use, among other things. The company is adamant that it doesn't sell anything with identifying information, and the data that it does collect is anonymized and stored without anything that can link it back to you. According to the updated policy, AVG can collect data you yourself provide -- plus, it can use cookies to track your searchers and your activities on websites, apps and other products. It can then use those details to "build anonymous data profiles" or create statistical information, which it can then sell.
Spotify updates its controversial privacy policy
Spotify has released a new privacy policy after the internet whipped itself into a furor over the last one. The streaming company got itself into trouble last month with an update that some onlookers labeled "eerie" and "atrocious." Of course, it wasn't really anything worth worrying about, as those that took the time to look through it properly quickly deduced. Nonetheless, Spotify pledged to update the policy to better clarify what it is and isn't collecting from users, and now it's done just that. The new version is virtually identical to the last, but includes a section at the beginning in plain language explaining things.
Spotify's new privacy policy shouldn't freak you out
The internet is awash with reports that Spotify, the music streaming service, is adopting The Big Book of Dystopian Futures as its new corporate policy. The furor is over the company's updated privacy policy, which includes new statements about what it will and won't do with your data. A brief reading of the changes raises a few questions about the company's need to access things like your contacts and photos. "You Can't Do Squat About Spotify's Eerie New Privacy Policy," says Wired. That's true, but you also can't do much about any company's privacy policy, apart from stop using its services. Besides, if you actually take a look, Spotify's really isn't that egregious.
Samsung swears its smart TVs aren't eavesdropping on you
Over the weekend, quite a few people panicked at the phrasing of Samsung's smart TV privacy policy. Its warning that third parties would get your sensitive spoken info conjured up images of Orwellian telescreens spying on their viewers. The reaction was largely paranoia (this was just a description of standard cloud-based voice recognition), but the company isn't leaving anything to chance -- it posted a retort that denies any eavesdropping and clarifies what its screens are really doing. As Samsung explains, neither the TV's mic nor the one in your remote are monitoring everything you say. The TV only listens for a predetermined set of commands, while the controller won't handle more sophisticated requests (such as asking for movie advice) until you hit a button.
UK government issues ultimatum on Google's troublesome privacy policy
A year and a half after Google introduced its new, "simpler" privacy policy, UK regulators have come to a verdict: Mountain View must now change that policy by September 20th or face the possibility of "formal enforcement action." In a statement, the Information Commissioner's Office said: "We believe that the updated policy does not provide sufficient information to enable UK users of Google's services to understand how their data will be used across all the company's products." German and Italian governments have reached much the same conclusion, while France and Spain also wrote strongly-worded letters to Google last month. For its part, Google has the following response: "Our privacy policy respects European law and allows us to create simpler, more effective services. We have engaged fully with the authorities involved throughout this process, and we'll continue to do so going forward." As The Guardian points out however, Google's statement doesn't really explain how its privacy policy can "respect" EU law and yet be considered objectionable by five major EU governments.
AT&T updates privacy policy, may begin sharing anonymous user data
In an update on its Public Policy Blog, AT&T disclosed that it may begin selling anonymous user data to retailers and marketers, with the end goal being "to deliver more relevant advertising to... customers." The carrier is far from the first to sell aggregate information -- here's looking at you, Verizon -- but the provider is unique in combining data on TV, WiFi and wireless usage. The company said it could also provide aggregate info about users' app usage and U-Verse info. Also notable in the new privacy policy: AT&T notes that it could sell information about individual users, with the stipulation that the data would still be kept anonymous, and media research companies would only be able to use that info in aggregate reports. While this is hardly a case of AT&T pushing new privacy boundaries, users can opt out of the program (see the second source link below).
Reddit's reworked privacy policy clarifies data handling, comes into effect May 15th
The online Aladdin's cave and AMA forum Reddit has revealed a revamped privacy policy intended to make clear exactly how it deals with users' data. Legalese is notably absent, with credit for that going to Lauren Gelman, a legal consultant who's previously worked with the likes of the EFF -- a member, like Reddit, of the Internet Defense League. Essentially, the new policy is geared towards allowing "your participation to remain as anonymous as you choose," with the website stating that any of your data won't be shared without consent, unless the law requires it. Even then, you will be notified, with the only exception being a court order that prevents it. Reddit also notes that deleting your account will remove your username from posts and comments, but they will remain on the site. As only the last edit performed stays on the servers, however, you could trek back through your history and strip everything out to finalize your departure. There's much more in the announcement post and full policy document over at the source links, in case you wanna have a read before it all kicks in on May 15th.
EU regulators unsatisfied with Google's response to privacy policy concerns
European Union regulators weren't exactly content with Google after it rolled up most of its privacy policies into a monolithic document early last year, and it doesn't seem like that's about to change. After giving Page and Co. four months to respond to 12 recommendations regarding its new policy, French regulator CNIL has come to the conclusion that "Google did not provide any precise and effective answers." Though EU officials aren't happy with Mountain View's responses, Google says its policies respect European law and that it replied with steps to address the concerns by the January 8th deadline. Still, data protection regulators are committed to their investigation and are aiming to form a group before the summertime that would respond to the search titan.
Foursquare to display full user names, share more data with local businesses
Fond of your family name? Good -- it's about to get a bit more visible. Foursquare is planning to display full user names on profile pages, explaining in a recent community email that the old policy has become confusing. "If you search for a friend on Foursquare, we show their full name in the results, but when you click through to their profile page you don't see their last name." The team says these abbreviations made sense in Foursquare's early days, but recently users have been asking for change. "We get emails every day saying that it's now confusing." The social network hopes that displaying users' full surnames will help mitigate confusion between the John Smiths and John Smythes of the world. The company's tweaked privacy policy promises to share more data with businesses, too, giving store owners greater visibility of customers who have recently checked in. Users who want their quests for coffee to remain anonymous still can, of course -- Foursquare was careful to remind users that they can change their "full name" whenever they want, and can opt out of sharing their location information with businesses. We wouldn't want to step on any toes, would we? Head past the break to see the email for yourself, or check out the adjacent source link to read Foursquare's "Privacy 101" summary.
EU regulators urge Google to modify privacy policy, offers 12 recommendations (update: statement from Google)
It wasn't all that long after Google consolidated most of its privacy policies before people wanted clarification on what this meant to users. Even then, EU regulators weren't satisfied, asking the search giant to hold up a little while it took a proper look at the implications for European citizens. The result of that investigation? Well, Justice Commissioner Viviane Reding previously declared it to be in breach of European law, and now the EU is commanding that it be reexamined. The assertion comes in a letter to Mountain View from the EU's data protection regulators, who feel that consolidating so much personal data into one place creates untenable risks to privacy, and was signed by 24 member states (plus Liechtenstein and Croatia). The regulators also outlined 12 recommendations for Google to follow to bring its policy back to the favorable side of the fence. No official word from Google at this time, but we've reached out for comment. Update: Peter Fleischer, Google's global privacy counsel issued the following statement: "We have received the report and are reviewing it now. Our new privacy policy demonstrates our long-standing commitment to protecting our users' information and creating great products. We are confident that our privacy notices respect European law."
