PrivacyIssues
Latest
Sound Off! Do ridesharing privacy issues make you nervous?
Uber is not having a good week. Between surreptitiously tracking journalists' trips inside 'God View' and an executive implying the company should dig up dirt on reporters critical of the service, the company has been on a pretty bumpy road. However, they're still one of the most popular ride sharing services. Does the company's seemingly callous disregard for customer privacy change whether you still use its app? Head over to the Engadget forums and share your thoughts on ridesharing. [Image credit: Victor J. Blue/Bloomberg via Getty Images]
Google ends Street View litigation in the US, agrees to destroy collected data and pay $7 million fine
Google's long found itself in hot water where its Street View mapping practices are concerned, running afoul of authorities both in the US and abroad since 2010. But as of today, the search giant's putting an end to its domestic legal woes, agreeing to dole out $7 million to the 37 states and District of Columbia involved in the litigation. In addition, the company's pledged to destroy all of the user information (passwords, emails, etc.) it's thus far collected from unsecured networks -- unlawful snooping it claims was carried out by a "rogue engineer." Google admits to fumbling its dedication to user privacy in this one area and, as part of the settlement, has committed to not only educating its employees on best privacy practices, but to also launch a consumer outreach program addressing these same issues. So, for now, consider this case closed... in the US. Its troubles across the pond are another matter.
EU regulators urge Google to modify privacy policy, offers 12 recommendations (update: statement from Google)
It wasn't all that long after Google consolidated most of its privacy policies before people wanted clarification on what this meant to users. Even then, EU regulators weren't satisfied, asking the search giant to hold up a little while it took a proper look at the implications for European citizens. The result of that investigation? Well, Justice Commissioner Viviane Reding previously declared it to be in breach of European law, and now the EU is commanding that it be reexamined. The assertion comes in a letter to Mountain View from the EU's data protection regulators, who feel that consolidating so much personal data into one place creates untenable risks to privacy, and was signed by 24 member states (plus Liechtenstein and Croatia). The regulators also outlined 12 recommendations for Google to follow to bring its policy back to the favorable side of the fence. No official word from Google at this time, but we've reached out for comment. Update: Peter Fleischer, Google's global privacy counsel issued the following statement: "We have received the report and are reviewing it now. Our new privacy policy demonstrates our long-standing commitment to protecting our users' information and creating great products. We are confident that our privacy notices respect European law."
Editorial: We, the digitally naked
The iPhone 5. It is taller, and has incremental improvements under the hood, and is shiny. (I'm staying away. Typing on glass is wrong.) Of more import, the smartphone you carry is more than a communication device; it is potentially a government surveillance enabler. To whatever extent that is the case (depending on whose public pronouncements you believe), latent digital snooping was reinforced on the same day as the iPhone event. Two days after that, Google announced its intention to build a "Do Not Track" option into the Chrome browser, giving users some shielding from a different type of rampant surveillance -- the type that creepily delivers knowingly targeted ads. The two issues differ in seriousness, but are related as privacy concerns. As our mobile and desktop devices get sexier, we become increasingly naked.
Spotify users in Germany no longer need Facebook account to register
Spotify users in Germany no longer need a Facebook account to register for the music service, Digital Music News reports. Since Spotify buddied up with the social network last year, users across the globe have had to hand over their Facebook info to create an account and start streaming. Now Germans will have the option to create a Spotify account by providing their email address and creating a username, though the Facebook requirement holds true for all other countries. As TNW points out, that change in policy may have something to do with the fact that less than 30 percent of Germans are on Facebook, compared to more than 50 percent for Americans and Brits -- but we suspect Germany's notoriously heavy emphasis on privacy had something to do with it as well.
Microsoft takes Bing Streetside offline in Germany, privacy complaints to blame
Germany is notoriously privacy-minded, and services like Facebook's Friend Finder and Google's Street View have come under scrutiny in the country's courts. The latest offender to raise Germany's ire is Bing Streetside, a Street View-style photo service. Microsoft took the feature offline in the country following complaints about how Streetside displays private homes. By default, houses are visible, though Microsoft conceals the images if users submit a complaint. Still, citizens were apparently unhappy with this process, which prompted the company to axe the service while it addresses those privacy concerns. There's always Street View if you need your fix of blurred-out Berlin buildings in the meantime.
FBI reportedly pressing for backdoor access to Facebook, Google
Investigators at the FBI supposedly aren't happy that social networks like Facebook or Google+ don't have the same kind of facility for wiretaps that phones have had for decades. If claimed industry contacts for CNET are right, senior staff at the bureau have floated a proposed amendment to the 1994-era Communications Assistance for Law Enforcement Act (CALEA) that would require that communication-based websites with large user bases include a backdoor for federal agents to snoop on suspects. It would still include the same requirement for a court order as for phone calls, even if US carriers currently enjoy immunity for cooperating with any warrantless wiretapping. As might be expected, technology firms and civil liberties advocates like the Electronic Frontier Foundation object to deepening CALEA's reach any further, and Apple is thought to be preemptively lobbying against another definition of the law that might require a government back channel for audiovisual chat services like FaceTime or Skype. The FBI didn't explicitly confirm the proposal when asked, but it did say it was worried it might be "going dark" and couldn't enforce wiretaps. [Image credit: David Drexler, Flickr]
EU: Google's new privacy policy breaches European law
Remember how proud Google was when it unified all of its services under a single privacy policy? Well, Big G's excitement was tempered when the EU asked it to hold off on the policy's implementation while it investigated the changes. And its enthusiasm is likely all but extinguished now that EU Justice Commissioner Viviane Reding has declared the policy to be in breach of European law. She found fault with the fact that the EU wasn't consulted in the policy's formation, the policy doesn't meet transparency requirements, and it allows Google to give people's private data to third parties. No word on what Europa's governing body will do with such findings in hand, but it seems certain that the crew in Mountain View's got some policy revisions to make. Guess simplifying those privacy policies wasn't so simple, was it?
China wants microbloggers to register with the government, hand over real identity
Thought that Facebook's and Google+'s requirements that you use your real name were draconian? Just be thankful you're not a weibo addict in China. The government is planning to expand a program that demands users register their real names and disclose their identity. Wang Chen, China's top internet regulation official, said the eventual goal would be to get all 250 million microbloggers registered, starting first with any new users signing up. The obvious privacy and free speech issues that could arise from such a move shouldn't need to be explained -- especially considering the country's track record of censorship and politically motivated arrests. Sadly, unlike SOPA, putting an end to this troubling law isn't as simple as putting up a black banner or emailing your congressman.
Telecoms win immunity in wiretapping case, US court approves separate suit against the government
Looks like a case of good news-bad news for the Electronic Frontier Foundation in its fight against warrantless wiretapping. A US appeals court upheld a 2008 ruling, granting telecoms such as AT&T, Verizon and Sprint immunity for cooperating with the government in its surveillance activities. Still, Judge Margaret McKeown of the 9th US Circuit Court of Appeals insists that immunity only applies to telecoms, not the government, and that "the federal courts remain a forum to consider the constitutionality of the wiretapping scheme and other claims." Indeed, while the 9th Circuit upheld immunity for telecoms, it also gave the go-ahead for a separate suit against the NSA, former president George W. Bush, senior members of the Bush administration and President Obama for using AT&T's network to conduct "an unprecedented suspicionless general search," according to the filing. The court's decision to allow this suit to proceed marks a reversal of an earlier ruling, in which a lower court said the plaintiffs did not have legal standing to pursue the case. [Image courtesy PBS]
Carnegie Mellon researchers use photo-tagging to violate privacy, prove nothing social is sacred
Some people never forget a face and the same, it seems, can be said for the internet. With some off-the-shelf facial recognition software, a connection to the cloud and access to social networking data, Carnegie Mellon University researchers have proved tagging can be the everyman's gateway to privacy violation. Using a specially-designed, AR-capable mobile app, Prof. Alessandro Acquisti and his team conducted three real-world trials of the personal info mining tech, successfully identifying pseudonymed online daters and campus strolling college students via Facebook. In some cases, the application was even able to dredge up the students' social security digits and personal interests -- from their MySpace pages, we assume. Sure, the study's findings could have you running for the off-the-grid hills (not to mention the plastic surgeon), but it's probably best you just pay careful attention to that digital second life. Full PR after the break.
App developers could face US privacy investigation
Hey app, did you just send my personal data or my phone's unique electronic identification number over the internet without my permission? Federal prosecutors in New Jersey are trying to answer this question in an ongoing investigation, the Wall Street Journal reports. The federal probe aims to discover if any apps built for iOS, Android or other smartphones are illegally collecting or transmitting personally identifying information, such as the phone's unique device identifier (UDID), to app makers or third parties without consent from end users. Gathering information that can be used to personally identify an individual without adequately disclosing what data will be collected and how it will be used could violate the Computer Fraud and Abuse Act designed to prosecute hackers. The investigation, which could continue for months, appears to be in a preliminary phase. In a document filed with the Securities and Exchange Commission on Monday, the online music service Pandora revealed it had been "served with a subpoena to produce documents in connection with a federal grand jury, which we believe was convened to investigate the information sharing processes of certain popular applications that run on the Apple and Android mobile platforms." The Oakland, CA, company added that it's "not a specific target of the investigation" and believes the subpoenas were issued "on an industry-wide basis to the publishers of numerous other smartphone applications."
WSJ: Google teams with MasterCard and Citigroup for NFC payments, also files patent app
Ever since the Nexus S and its nifty little NFC chip hit the market, there's been speculation that El Goog was planning a foray into the mobile payment arena currently occupied by the likes of Charge Anywhere. Now, it looks like that plan may be in high gear, as the Wall Street Journal reports that Google's secretly partnered with MasterCard and Citigroup to test out just such a system. According to the publication, the early demo pairs "one current model and many coming models of Android phones" with existing Citigroup-sponsored credit and debit cards, and is using the phones' NFC chips with those VeriFone readers we recently heard about. What's more, a newly-published patent application from the crew in Mountain View may hint at the software behind such things. The application describes a service that sets up Google as a third-party broker who receives the shopping cart info of customers placing orders via a device (including those of the mobile variety), allows them to select shipping and other options, and provides the total order cost. It then collects payment, coordinates shipment, and forwards order information to the seller to complete the transaction. So companies can have Google handle all their payment-taking needs in return for getting a sneak peek at what folks are buying -- something that the WSJ's sources say might be a component of the setup Google's testing right now -- as opposed to other third-party services, like Paypal, that only obtain and exchange payment info with merchants. Looks like Alma Whitten (Google's Director of Privacy) has her work cut out assuaging the concerns such a system will inevitably create in an increasingly privacy-minded populace. Sean Hollister contributed to this report.
Real ID and Battle.net get expanded privacy settings
Blizzard has come through with its promise of updated and more expansive options for its controversial Real ID feature, connecting Blizzard's games through use of real names as identifiers. The new options allow you to opt out of being listed in the "Friends of Friends" of other users, to deactivate the ability to be seen in Starcraft II's Facebook feature, or to turn off Real ID altogether. To change your Battle.net privacy options, log in to your account's Battle.net management page and select Settings, then Communication Preferences. Now all we need is an "go invisible" feature on Real ID, like most instant message clients have, and I'll be a happy Real ID user. The full announcement by Nethaera is below: Nethaera -- New Battle.net Privacy Settings We'd like to make you aware of the new Real ID-related privacy options we've introduced to Battle.net. These options provide Real ID users with additional tools for customizing the service based on their preferences, enabling the ability to opt in or out of the Real ID "Friends of Friends" and "Add Facebook Friends" features or to turn off Real ID altogether. Real ID offers an optional, convenient way for keeping in touch with real-world friends you know and trust, whether they're playing World of Warcraft, StarCraft II, or one of our future games. The "Friends of Friends" and "Add Facebook Friends" features provide you with even more options to stay connected while you play by making it easier for real-life friends to locate each other on Battle.net. You can easily enable or disable these features through your Battle.net privacy settings by logging in to your Battle.net account at http://www.battle.net/. source
Pennsylvania spycam case heating up
A student who says he was spied on by school officials on his Mac laptop has filed new claims in the case. Harriton High School sophomore Blake Robbins claims pictures were taken of him while he was asleep and only partially dressed, and instant messages that he sent to friends were captured. The Lower Merion school district is now conceding that the effort it was making to keep track of school owned laptops was misguided, and today the district said it would release the results of its own internal investigation "good and bad." In a court filing, Robbins says the school captured more than 400 webcam images and screen shots using his computer. Robbins lawyer says that thousands of pictures were obtained from laptops issued to students by the school tech staff. Lawyers involved in the case met Friday for a status check and to discuss pending issues. According to an attorney for the Robbins family, school technology coordinator Carol Cafiero refused to answer questions during a recent deposition, citing her 5th Amendment rights against self-incrimination. The suburban Philadelphia school has issued Mac laptops to 2,300 students at two high schools. The FBI joined the case in February. [via the Philadelphia Inquirer]
