Apple Vs Facebook Who Will Win The Data Privacy War?

Apple Vs. Facebook – Who Will Win The Data Privacy War?

Did you know the average app includes six third-party trackers that collect and share your online data?

The war over data privacy continues to heat up in the tech world. Two of the world’s biggest technology companies, Apple and Facebook, are taking very different approaches to user privacy, and their decisions are having ripple effects throughout the tech community.

Apple’s New Transparency Requirement

Apple’s new App Tracking Transparency feature, which will automatically be enabled on iOS in early spring, forces app developers to explicitly ask for permission from users to track and share information for cross-platform ad targeting.

With App Tracking Transparency, Apple requires every iOS app to ask you upfront if they’re allowed to share your information with data brokers and other networks, so they can serve mobile ads to you and measure your response to those ads.

After this change is in place, you’ll see a notification the first time you launch any new app on your phone, explaining what the proposed third-party tracker is used for, and whether you want to approve or reject the tracking and sharing of your data.

Facebook CEO Mark Zuckerberg criticized Apple’s new changes publicly, saying they were specifically put in place to put Facebook at a disadvantage. Zuckerberg says Apple is Facebook’s biggest competitor.

But while Apple is adding more privacy features to give its users more control, Facebook is moving in the other direction.

The Thin Line Between WhatsApp and Facebook

Facebook recently announced changes to the WhatsApp Privacy Policy that have some users outraged.

Right now, WhatsApp has some features that allow users to communicate with businesses through WhatsApp chat—and some of those businesses are hosted by Facebook. According to the new policy, messages between the prospect or customer and the business they’re communicating with could be collected and shared with the larger Facebook ecosystem.

That means Facebook and its advertisers could potentially use customer service chats or transaction receipts for marketing and advertising purposes.

The content of users’ individual chats will continue to be encrypted, so they cannot be seen by the company. The data within those chats will not be harvested or shared with third parties. Nonetheless, Facebook faced a huge backlash against the new rules after the announcement, prompting them to publish an FAQ page to clarify the policy and reassure upset WhatsApp users.

The pushback was big enough that Facebook decided to delay the rollout of the new rules (originally slated for February) to May 15th. In mid-May, WhatsApp users will need to accept the new Privacy Policy terms, or lose access to their accounts.

For many WhatsApp users, this announcement was a distinct reminder that WhatsApp users are now Facebook customers, and over time, Facebook will be moving information between the two platforms more often, in the name of “interoperability.”

Transparency: Winning Hearts and Minds in the Tech World

Apple and Facebook often take different approaches to user privacy. More and more, Apple seems to be taking steps to be more transparent and to protect user data, including regulating app developers in their ecosystem.

Meanwhile, Facebook has trouble gaining the trust of many of its users, and the common assumption is that the company prioritizes the needs of its advertisers over the privacy of its users.

Clearly, the market is sensitive to privacy issues, and they want companies to be more transparent – as evidenced by the backlash to Facebook’s recent WhatsApp announcement.

In the long run, I believe the companies that are more transparent with their users and take a stand to protect data privacy will be the ones who succeed – but only time will tell.

Follow me on Twitter or LinkedIn. Check out my website.

Bernard Marr is an internationally best-selling author, popular keynote speaker, futurist, and a strategic business & technology advisor to governments and companies. He helps organisations improve their business performance, use data more intelligently, and understand the implications of new technologies such as artificial intelligence, big data, blockchains, and the Internet of Things. Why don’t you connect with Bernard on Twitter (@bernardmarr), LinkedIn (https://uk.linkedin.com/in/bernardmarr) or instagram (bernard.marr)?

Source: Apple Vs. Facebook – Who Will Win The Data Privacy War?

.

.

Only on “CBS This Morning,” Facebook CEO Mark Zuckerberg and his wife, philanthropist Priscilla Chan, invited us into their home. They have never allowed a TV camera crew inside before. Gayle King was able to see first-hand who this couple is outside their Facebook lives. They discussed raising their two young daughters and how family inspires the work they do. Watch “CBS This Morning” HERE: http://bit.ly/1T88yAR Download the CBS News app on iOS HERE: https://apple.co/1tRNnUy Download the CBS News app on Android HERE: https://bit.ly/1IcphuX Like “CBS This Morning” on Facebook HERE: http://on.fb.me/1LhtdvI Follow “CBS This Morning” on Twitter HERE: http://bit.ly/1Xj5W3p Follow “CBS This Morning” on Instagram HERE: http://bit.ly/1Q7NGnY
.
.
More Contents on Data Privacy:
Technology for Change Week Asia
events.economist.com – Today
[…] The fallout from the Cambridge Analytica data scandal raised important questions about data privacy and how companies use social media data for political and commercial gain […]
45
MySecurity TV – MySecurity Marketplace %
mysecuritymarketplace.com – Today
[…] Taskforce Recommendations and Dr Sushmita Ruj, Senior Research Scientist, Data61 discussing a new data privacy preserving tool fuelled by AI, called Personal Information Factor (PIF) […]
N/A
Senior Information Technology Cyber Security Analyst – London – Technojobs
[…] vendor risk, examining vendor contracts for terms of service, understanding third-party risk, and data privacy issues […] such as COBIT, NIST (800-53, cybersecurity), ISO, ITIL, PCI, GLBA, GDPR, HIPAA, and other data privacy and security standards and regulations […]
0
Marketing Communications Engineer – Java at JP Morgan, London, £Market Rate
contracts.contractspy.co.uk – Today
[…] ensures data quality, enforces governance and measurement, and complies with GDPR and other strict data privacy requirements […]
0
NetApp : Accelerate your storage—first the cloud, then to infinity and beyond | MarketScreener
[…] NetApp Cloud Compliance service provides automated controls for data privacy regulations such as the General Data Protection Regulation (GDPR) and California Consumer Privac […]
0
Remote Work Policy Template For Improved Productivity
[…] in the employee handbook, including attendance, code of conduct, confidentiality, PTO, and data privacy and security […]
1
Forensic Services and Integrity Services | EY – India
[…] handling of company data and are supported by dedicated resources from EY General Counsel’s Global Data Privacy team […]
0
odoo12-addon-privacy ·
pypi.org – Today
[…] 0) Released: Feb 19, 2021 Provides data privacy and protection features to comply to regulations, such as GDPR […]
N/A
AI, Blockchain & IoT- A Tech Consortium of the Future
[…] The blockchain identity system often has to comply with data privacy rules, as with traditional centralized systems […] Data privacy is particularly advantageous in the IoT sense […]
6
Crwe World | ING to leave Czech retail banking market by end-2021
crweworld.com – Today
[…] the effects of cyber-attacks and changes in legislation and regulation related to cybersecurity and data privacy, (18) changes in general competitive factors, (19) the inability to protect our intellectua […]
0
Virginia Senate Passes Consumer Privacy Law
[…] bills to watch in 2021: Florida HB 969 (HB569) – On February 15, Governor Ron DeSantis announced a data privacy bill similar to the CCPA […] Takeaway States across the country are contemplating ways to enhance their data privacy and security protections […]
N/A
Creating a Privacy-Aware Data Culture with Alation Data Catalog and BigID | Alation
The technological and regulatory environments are changing rapidly, making governance and data privacy a priority […] Yet, despite the urgency, enterprises struggle to get a handle on data privacy — lacking organizational alignment, the ability to scale from policy to usage, and visibility an […] cataloging and privacy classification, have partnered to bring automation and scale to governing data privacy […]
N/A
Parler Interim CEO Mark Meckler Talks Relaunch, Data Privacy & Building A New Independent Tech Stack | American Thought Leaders
rumble.com – Today
Parler Interim CEO Mark Meckler Talks Relaunch, Data Privacy & Building A New Independent Tech Stack | American Thought Leaders American Thought Leader […]
15
Global Data Alliance Applauds Strong Focus on Data Flows in New EU Trade Strategy | BSA | The Software Alliance
[…] RELATED CONTENT Virtual Event: APEC Data Privacy Subgroup Meeting BSA’s Jared Ragland presents to the delegates of the Asia-Pacific Economi […] Jared Ragland presents to the delegates of the Asia-Pacific Economic Cooperation (APEC) forum’s Data Privacy Subgroup (DPS) during their virtual meeting […]
0
Telecom News | Latest Telecom Industry News, Information and Update: ET Telecom
telecom.economictimes.indiatimes.com – Today
[…] India’s data policy should help export of services, software to grow: IBM Chairman The future of Data Privacy Officers in India Reviews Vivo V20 review: Good mid-range camera smartphone with premium look […]
599
Best VPN for watching the NFL in 2021: How to watch the NFL in the UK
mashable.com – Today
[…] 99/month See Details Data privacy can be an issue with VPNs, especially when they aren’t clear on what they’re doing with you […]
3
Comprehensive State Privacy Laws On The Move, How Should Organizations Evaluate Them? | Jackson Lewis P.C. – JDSupra
[…] Finally, data privacy and security laws increasingly reach third-party service providers to covered organizations eithe […]
0
Virginia Passes Consumer Privacy Law; Other States May Follow | Jackson Lewis P.C. – JDSupra
[…] bills to watch in 2021: Florida HB 969 (HB569) – On February 15, Governor Ron DeSantis announced a data privacy bill similar to the CCPA […] Takeaway States across the country are contemplating ways to enhance their data privacy and security protections […]
N/A
Samsung One UI 3.1 Features: These new changes come to your smartphone »
[…] Remove location data: Privacy of the user is an important factor for the company and with One UI 3 […]
0
Corporate Counsel – Shelton, CT Job at Hubbell in Shelton, Connecticut
[…] corporate compliance issues and regulatory matters, including, without limitation, antitrust, data privacy and sales; Participating in the design and development of corporate policies, procedures, an […]
0
From CSR to ESG: How to Kickstart Your ESG Program in 2021 | NAVEX Global – JDSupra
[…] Social benchmarks address how companies respond to the complex and evolving issues like data privacy, pay equity, health and safety, diversity and inclusion, social justice positions, and employe […]
0
Contact
Thank you for your interest in Teleperformance’s services. An Interaction Expert will contact you shortly. To complete the form, please start by filling out the reason for your contact. Data Privacy Information Please provide your contact information to enable us to send you further information about our services and research.  All information is processed in accordance with our Privacy Policy.
N/A
Global Big Data Conference
[…] This approach is a new take on data privacy and a growing megatrend […]
3
State data privacy laws
An overview of state policies on data privacy, including highlights on landmark privacy laws and recent action on data breach notifications.
1
Cybersecurity in Medical: Cybersecurity Trends
[…] All healthcare organisations should seek ongoing training programmes for data privacy, protection, and cybersecurity […]
N/A
Privitar
To celebrate Data Privacy Day we are delighted to invite you to this in-depth fireside chat featuring renowned privacy leader Michelle Dennedy, co-author of the Privacy Engineer’s Manifesto and former senior data privacy leader at Cisco, McAfee/Intel Security, Oracle and Sun Microsystems. Michelle will draw on her experiences working on complex global data and privacy…
N/A
11th Circuit Says Standing in Data Breach Case Requires Actual Harm | Robinson+Cole Data Privacy + Security Insider – JDSupra
Last week, in Tsao v. Captiva MVP Restaurant Partners, LLC (Captiva), the U.S. Court of Appeals for the 11th Circuit held that data breach claims arising from increased risk of future…
N/A
HOT JOBS & COOL JOBS: ENTRY LEVEL PARALEGAL / LEGAL ASSISTANT / ADMINISTRATIVE ASSISTANT ENGLEWOOD CO USA
[…] The firm has been consistently on the cutting edge of legal developments, and is a leader in the data privacy and cyber security space […]
0
ESOMAR Council Candidates – ESOMAR, the global insights community
[…] GDPR and data privacy is one topic, but another threat is that the GAFA get into an oligopolistic situation i […] 000 clients, brands, MR agencies and 300 Scientific Research Institutions, I know about data privacy and standards in operations […]
N/A
Paytm Money opens F&O trading for all at Rs 10, receives over 1 lakh early access requests
opinionexpress.in – Today
[…] All this and a lot more would be available with absolute data privacy to keep investors’ personal data safe with bank-level security […]
1
Measurementality Series | IEEE SA
standards.ieee.org – Today
[…] goal of our series, “defining what counts in the algorithmic age,” guests will discuss issues like data privacy for children, data agency for all, and how metrics like the United Nations Sustainable Developmen […]
N/A
MyDigital to transform Malaysia digitally by 2030
[…] Muhyiddin also stressed that cybersecurity and data privacy are among the government’s primary focus in realising the country’s vision of digital technology […]
0
Criminal Information Analyst/Investigator | Government Jobs
[…] Maintain confidential data and comply with data privacy requirements […]
0
Whatsapp says new privacy policies not going anywhere
[…] To the extent that users started switching to alternatives that offered data privacy […]
N/A
Covid-19 pandemic gives rise to telehealth services across Gulf
[…] new concept to the local market and, initially, there were some concerns over reliability and data privacy,” said Dr Mohamed AlGassab, operation director at Cura Healthcare, a telemedicine startup in Saud […]
0
Data Privacy Software Market Size, Segmentation, Growth Challenges by Manufacturers – Egnyte, DPOrganizer, Salesforce, CrashPlan, SAI Global, Aptible, Teramind DLP, OneTrust, HPE, Alteryx, DtaGrail, Box Zones, Netwrix Auditor – Atlantic Financial Management
[…] of the current market size, drivers, trends, opportunities, challenges, and key segments of the Data Privacy Software market. Further, the report explains various definitions and classifications of Data Privacy Software industry, applications, and chain structure. Continuing with the data above, the Data Privacy Software report gives different marketing strategies by distributors and major players […]
N/A
HOT JOBS & COOL JOBS: COMPUTER NETWORK ENGINEER OXNARD CA USA
[…] Apply Now>> 2 Staff Data Privacy & Security Engineer Carpinteria, CA, USA D […]
N/A
Our credentials — Corporate
mydex.org – Today
[…] Mydex has worked hard to gain certification and recognition based on stringent data privacy procedures, and continue to work with leading organisations in the field of personal data and ope […]
0
ESG as a Consideration in Vendor Procurement » Citco
citco.com – Today
[…] a history of good governance and experience in maintaining good governance standards data and data privacy practices corporate accountability safeguards such as KYC and AML policies and oversight committees […]
N/A
McGuireWoods Expands Digital Health Team With Partners in Houston and Chicago | McGuireWoods
[…]   Linna represents healthcare providers and healthcare technology companies on M&A, data privacy and security, and regulatory matters […]
N/A
Your Office Is Now Everywhere. Give Your Team The Tools To Succeed – Soliton Systems, Inc.
[…] implementation, and low maintenance guarantees secure data access complies to internal and external data privacy policies […]
N/A
Connected Car Technology: Five Keys for Acceleration | Jabil
[…] Much of this resistance is due to concerns about security and data privacy […]   Automakers Must Respect Data Privacy There are two types of data being gleaned […] While the growing data is an unusual issue for automakers to wrestle with, the industry recognizes data privacy concerns and the need to anonymize all data […]
N/A
Quick guide on radiology image pre-processing for deep learning applications in prostate cancer research
[…] amounts of data, which can be limited in medical imaging applications due to the concerns over data privacy as well as the paucity of annotation (labels) in supervised learning […]
0
Machine Learning & Training Data: Sources, Methods, Things to Keep in Mind
labelyourdata.com – Today
[…] arise: it’s important to ensure that treatment and management of your training data comply with the data privacy regulations and standards […]
0
The Digital Download – Alston & Bird’s Privacy, Cyber & Data Strategy Newsletter – February 2021 | Alston & Bird – JDSupra
[…] begins detailing its regulatory and enforcement priorities, it faces a new challenge on the health data privacy and security front […] Department of Health and Human Services’ (HHS) interpretation of two key data privacy and security regulations, and required the agency to consider penalties assessed against othe […]
N/A
Customers unify hybrid and multicloud IT operations with Azure Arc | Azure Blog and Updates | Microsoft Azure
azure.microsoft.com – Today
[…] However, organizations still need to maintain customer data privacy and in compliance with their data sovereignty regulations […]
22
Expiration Date Tracking Software | Contisoft Technologies LLP
contisofttechno.com – Today
[…] ● RenewalHelp’s robust security feature maintains data privacy and security of the data […]
N/A
The 3 Compliance Aspects For Passive Predictive Monitoring Device Success
[…] Address All Relevant Privacy Requirements Data privacy is top of mind for many consumers […] Regulatory, data privacy, and safety aspects can easily be overlooked during development, but they are key to a successfu […]
N/A
WhatsApp isn’t giving up on new privacy policy, will launch fresh drive to convince users
theprint.in – Today
[…] However, the updates were met with intense backlash by users, who raised concerns about data privacy […]

Exclusive: Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use

“It’s a backdoor with phone functionality,” quips Gabi Cirlig about his new Xiaomi phone. He’s only half-joking.

Cirlig is speaking with Forbes after discovering that his Redmi Note 8 smartphone was watching much of what he was doing on the phone. That data was then being sent to remote servers hosted by another Chinese tech giant, Alibaba, which were ostensibly rented by Xiaomi.

The seasoned cybersecurity researcher found a worrying amount of his behavior was being tracked, whilst various kinds of device data were also being harvested, leaving Cirlig spooked that his identity and his private life was being exposed to the Chinese company.

When he looked around the Web on the device’s default Xiaomi browser, it recorded all the websites he visited, including search engine queries whether with Google or the privacy-focused DuckDuckGo, and every item viewed on a news feed feature of the Xiaomi software. That tracking appeared to be happening even if he used the supposedly private “incognito” mode.

The device was also recording what folders he opened and to which screens he swiped, including the status bar and the settings page. All of the data was being packaged up and sent to remote servers in Singapore and Russia, though the Web domains they hosted were registered in Beijing.

Meanwhile, at Forbes’ request, cybersecurity researcher Andrew Tierney investigated further. He also found browsers shipped by Xiaomi on Google Play—Mi Browser Pro and the Mint Browser—were collecting the same data. Together, they have more than 15 million downloads, according to Google Play statistics.

Many more millions are likely to be affected by what Cirlig described as a serious privacy issue, though Xiaomi denied there was a problem. Valued at $50 billion, Xiaomi is one of the top four smartphone makers in the world by market share, behind Apple, Samsung and Huawei. Xiaomi’s big sell is cheap devices that have many of the same qualities as higher-end smartphones. But for customers, that low cost could come with a hefty price: their privacy.

Cirlig thinks that the problems affect many more models than the one he tested. He downloaded firmware for other Xiaomi phones—including the Xiaomi MI 10, Xiaomi Redmi K20 and Xiaomi Mi MIX 3 devices. He then confirmed they had the same browser code, leading him to suspect they had the same privacy issues.

And there appear to be issues with how Xiaomi is transferring the data to its servers. Though the Chinese company claimed the data was being encrypted when transferred in an attempt to protect user privacy, Cirlig found he was able to quickly see just what was being taken from his device by decoding a chunk of information that was hidden with a form of easily crackable encoding, known as base64. It took Cirlig just a few seconds to change the garbled data into readable chunks of information.

“My main concern for privacy is that the data sent to their servers can be very easily correlated with a specific user,” warned Cirlig.

Xiaomi’s response

In response to the findings, Xiaomi said, “The research claims are untrue,” and “Privacy and security is of top concern,” adding that it “strictly follows and is fully compliant with local laws and regulations on user data privacy matters.” But a spokesperson confirmed it was collecting browsing data, claiming the information was anonymized so wasn’t tied to any identity. They said that users had consented to such tracking.

But, as pointed out by Cirlig and Tierney, it wasn’t just the website or Web search that was sent to the server. Xiaomi was also collecting data about the phone, including unique numbers for identifying the specific device and Android version. Cirlig said such “metadata” could “easily be correlated with an actual human behind the screen.”

Xiaomi’s spokesperson also denied that browsing data was being recorded under incognito mode. Both Cirlig and Tierney, however, found in their independent tests that their web habits were sent off to remote servers regardless of what mode the browser was set to, providing both photos and videos as proof.

When Forbes provided Xiaomi with a video made by Cirlig showing how his Google search for “porn” and a visit to the site PornHub were sent to remote servers, even when in incognito mode, the company spokesperson continued to deny that the information was being recorded. “This video shows the collection of anonymous browsing data, which is one of the most common solutions adopted by internet companies to improve the overall browser product experience through analyzing non-personally identifiable information,” they added.

Both Cirlig and Tierney said Xiaomi’s behavior was more invasive than other browsers like Google Chrome or Apple Safari. “It’s a lot worse than any of the mainstream browsers I have seen,” Tierney said. “Many of them take analytics, but it’s about usage and crashing. Taking browser behavior, including URLs, without explicit consent and in private browsing mode, is about as bad as it gets.”

Cirlig also suspected that his app use was being monitored by Xiaomi, as every time he opened an app, a chunk of information would be sent to a remote server. Another researcher who’d tested Xiaomi devices, though was under an NDA to discuss the matter openly, said he’d seen the manufacturer’s phone collect such data. Xiaomi didn’t respond to questions on that issue.

‘Behavioral Analytics’

Xiaomi appears to have another reason for collecting the data: to better understand its users’ behavior. It’s using the services of a behavioral analytics company called Sensors Analytics. The Chinese startup, also known as Sensors Data, has raised $60 million since its founding in 2015, most recently taking $44 million in a round led by New York private equity firm Warburg Pincus, which also featured funding from Sequoia Capital China. As described in Pitchbook, a tracker of company funding, Sensors Analytics is a “provider of an in-depth user behavior analysis platform and professional consulting services.” Its tools help its clients in “exploring the hidden stories behind the indicators in exploring the key behaviors of different businesses.”

Both Cirlig and Tierney found their Xiaomi apps were sending data to domains that appeared to reference Sensors Analytics, including the repeated use of SA. When clicking on one of the domains, the page contained one sentence: “Sensors Analytics is ready to receive your data!”  There was an API called SensorDataAPI—an API (application programming interface) being the software that allows third parties access to app data. Xiaomi is also listed as a customer on Sensors Data’s website.

The founder and CEO of Sensors Data, Sang Wenfeng, has a long history in tracking users. At Chinese internet giant Baidu he built a big data platform for Baidu user logs, according to his company bio.

Xiaomi’s spokesperson confirmed the relationship with the startup: “While Sensors Analytics provides a data analysis solution for Xiaomi, the collected anonymous data are stored on Xiaomi’s own servers and will not be shared with Sensors Analytics, or any other third-party companies.”

It’s the second time in two months that a huge Chinese tech company has been seen watching over users’ phone habits. A security app with a “private” browser made by Cheetah Mobile, a public company listed on the New York Stock Exchange, was seen collecting information on Web use, Wi-Fi access point names and more granular data like how a user scrolled on visited Web pages. Cheetah argued it needed to collect the information to protect users and improve their experience.

Late in his research, Cirlig also discovered that Xiaomi’s music player app on his phone was collecting information on his listening habits: what songs were played and when.

One message was clear to the researcher: when you’re listening, Xiaomi is listening, too.

UPDATE: Xiaomi posted a blog in which it delineated how and when it collects visited URLs visited by its users. Read it in full here.

The company reiterated that the data transferred from Xiaomi devices and browsers was anonymized and not attached to any identity.

Follow me on Twitter. Check out my website. Send me a secure tip.

I’m associate editor for Forbes, covering security, surveillance and privacy. I’ve been breaking news and writing features on these topics for major publications since 2010. As a freelancer, I worked for The Guardian, Vice Motherboard, Wired and BBC.com, amongst many others. I was named BT Security Journalist of the year in 2012 and 2013 for a range of exclusive articles, and in 2014 was handed Best News Story for a feature on US government harassment of security professionals. I like to hear from hackers who are breaking things for either fun or profit and researchers who’ve uncovered nasty things on the web. Tip me on Signal at 447837496820. I use WhatsApp and Treema too. Or you can email me at TBrewster@forbes.com, or tbthomasbrewster@gmail.com.

Source: Exclusive: Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use

Please follow my Instagram: http://instagram.com/arminhamidian67

China’s tech giant Xiaomi, the world’s fourth-largest smartphone manufacturer, launched a new 5G-capable smartphone at the ongoing 2019 World Mobile Congress in the Spanish city of Barcelona on Tuesday. The new product will be able to take advantage of new and faster 5G mobile networks. Subscribe to us on YouTube: https://goo.gl/lP12gA Download our APP on Apple Store (iOS): https://itunes.apple.com/us/app/cctvn… Download our APP on Google Play (Android): https://play.google.com/store/apps/de… Follow us on: Website: https://www.cgtn.com/ Facebook: https://www.facebook.com/ChinaGlobalT… Instagram: https://www.instagram.com/cgtn/?hl=zh-cn Twitter: https://twitter.com/CGTNOfficial Pinterest: https://www.pinterest.com/CGTNOfficial/ Tumblr: http://cctvnews.tumblr.com/ Weibo: http://weibo.com/cctvnewsbeijing Tiktok: https://m.tiktok.com/h5/share/usr/659… Douyin: https://www.youtube.com/redirect?q=ht…

Zoom’s A Lifeline During COVID-19: This Is Why It’s Also A Privacy Risk

I admit it, I’ve been using Zoom during the COVID-19 crisis to carry on with my yoga classes without having to leave my home. It’s been a lifeline using the video conferencing app to take an exercise class, and Zoom’s so functional it allows multiple people to be in the same “virtual” room at once.

Other friends are using it for virtual parties, and of course, business meetings and conferences. Even UK Prime Minister Boris Johnson was seen using Zoom for his recent cabinet meeting.

As someone who works in the security industry, I hear a lot about the privacy risks associated with the big tech firms Facebook and Google.

But now the COVID-19 crisis is increasing the frequency people use the video chat service Zoom, it’s important we are aware of the implications for our privacy. And Zoom might not be the best choice for privacy-conscious users, it seems.

Facebook COVID-19 Fallout: Why Is The Social Network Taking Down Legitimate Posts?

 

How private and secure are your Zoom calls? So, what’s the problem? For a start, Zoom’s privacy policy outlines some rather concerning data collection practices, according to research by consumer advocacy organization Consumer Reports.

On the surface of it, Zoom’s privacy policy is similar to the likes of Facebook and Google–it collects and stores personal data and shares it with third parties such as advertisers.

But Zoom’s policy also covers what it labels “customer content,” or “the content contained in cloud recordings, and instant messages, files, whiteboards … shared while using the service.”

This includes videos, transcripts that can be generated automatically, documents shared on screen, and the names of everyone on a call.

Consumer Reports points out that your instant messages and videos can be used to target advertising campaigns or develop a facial recognition algorithm, like videos collected by other tech companies. “That’s probably not what people are expecting when they contact a therapist, hold a business meeting, or have a job interview using Zoom.”

Consumer Reports reached out to the company for comment on its privacy practices. A Zoom spokesperson told me via email that the firm “does not sell user data of any kind to anyone.”

Zoom isn’t necessarily doing anything users would object to with the data, says Bill Fitzgerald, a Consumer Reports privacy researcher who analyzed the company’s policies. However, the firm’s terms of use provide “a whole lot of leeway to collect information and share it, both now and in the future.”

Data that can be collected and shared by your meeting host

The information that Zoom itself can share and collect is a worry, but what about the data handled by your host? Another big concern about Zoom, which you might not be aware of, is that the video app offers hosts “rights that might not be immediately apparent to other participants—or, in some cases, to the hosts themselves,” Consumer Reports states.

You might be using Zoom for work, so your boss could be the host, or you might be buying a service such as a class. Perhaps even more concerningly during this COVID-19 crisis, you may be using Zoom to talk to a health professional about your symptoms.

“Zoom puts a lot of power in the hands of the meeting hosts,” says Justin Brookman, director of privacy and technology policy at Consumer Reports. “The host has more power to record and monitor the call than you might realize if you’re just a participant, especially if he or she has a corporate account.”

Another particularly intrusive Zoom feature offers hosts the ability to turn on “attention tracking” to check whether you are paying attention during the call. This allows the hosts–who could be your boss or client–to monitor whether you click away from the Zoom window for more than 30 seconds while a screen is being shared.

Meet Lockdown, The App That Reveals Who’s Tracking You On Your iPhone

 

Zoom privacy: “A bucket of red flags” 

I asked Rowenna Fielding, a privacy expert and head of individual rights and ethics at Protecture, what she thought. She says Zoom’s privacy policy “is a bucket of red flags.”

“They collect a potentially huge amount of personal data from accounts, calls made through the service and from scraping social profiles, but there’s no way to opt out of specific use purposes while continuing to use the service.”

In addition, she says, although the policy is careful to state that no data is “sold”, it is still used for targeting and marketing purposes. “This in many cases is the harmful use that individuals most object to, especially if programmatic advertising, such as real-time-bidding, is involved.”

Fielding warns: “For an employee or contractor whose boss or clients require them to use Zoom, this is bad news because they are required to expose, or accept the passive collection of, personal data which is not strictly necessary for the operation of the call, and which is then used for a variety of vaguely-described purposes by Zoom.”

She says that while the policy might meet U.S. privacy standards, she’d give it a C- for transparency and accountability according to the more stringent EU data protection regulation’s (GDPR) standards.

Can you use Zoom while protecting your privacy?

Given these concerning privacy flaws, it almost seems impossible to see Zoom as a privacy conscious option. However, sometimes it’s your only choice, especially when the decision is made by a boss or provider of a service.

Consumer Reports experts advise you to keep your camera and mic turned off unless you’re actually speaking. If you feel that you need to have the camera turned on, the experts advise you use a background image so the host can’t see inside your home.

If you care about your privacy, Fielding advises using a unique email address specifically for Zoom, clearing cookies and blocking trackers after every call, opting out of all secondary data uses where possible, and leaving feedback that explains the problems with the service’s privacy.

And if you don’t have to use Zoom, why not choose something else? Many of us are stuck inside for a while during COVID-19, and Houseparty might be a good idea for social chats, while Signal provides a much more secure video service. Jitsi, an open source app that supports multiple chats, is also a good option.

Whatever you choose, check the privacy policy: When you’re on video, it matters even more.

 

Zoom has now sent me a longer statement in response to this story. “Zoom takes its users’ privacy extremely seriously,” a spokesperson told me via email. “Zoom only collects data from individuals using the Zoom platform as needed to provide the service and ensure it is delivered as effectively as possible. Zoom must collect basic technical information like users’ IP address, OS details and device details in order for the service to function properly. 

“Zoom has layered safeguards in place to protect our users’ privacy, which includes preventing anyone, including Zoom employees, from directly accessing any data that users share during meetings, including – but not limited to – the video, audio and chat content of those meetings. Importantly, Zoom does not mine user data or sell user data of any kind to anyone.”

Meanwhile, Zoom says its attention tracking feature is “built for training purposes.”

This is “so hosts can tell if participants have the app open and active when the screen-sharing feature is in use,” the spokesperson says, adding that the feature is off by default and only the account admin can enable it. 

“It is important to note the attention tracking feature only tracks if a participant’s Zoom video window is open and in focus when the host is sharing their screen. It does not track any aspects of the audio or video content of a call, and it also does not track any other applications or activity on your device.”

Follow me on Twitter.

I’m a freelance cybersecurity journalist with over a decade’s experience writing news, reviews and features. I report and analyze breaking cybersecurity and privacy stories with a particular interest in cyber warfare, application security and data misuse. Contact me at kate.oflaherty@techjournalist.co.uk.

Source: Zoom’s A Lifeline During COVID-19: This Is Why It’s Also A Privacy Risk

Please follow my instagram: http://instagram.com/arminhamidian67

New Facebook Lawsuit Suggests ‘Another Cambridge Analytica’ Has Come To Light

Facebook CEO Mark Zuckerberg after meeting French President Emmanuel Macron in Paris, 10 May 2019.

Just a few hours after meeting French President Emmanuel Macron to discuss the ways in which the company can become more accountable for the content published on its platform, and just a few days after Facebook’s co-founder Chris Hughes slammed the company and its CEO for what they have become, the company quietly announced on Friday that another Cambridge Analytica may have come to light.

“Today Facebook filed a lawsuit in California state court against Rankwave, a South Korean data analytics company that ran apps on the Facebook platform.” TechCrunch obtained a copy of the lawsuit and said that it “centers around Rankwave offering to help businesses build a Facebook authorization step into their apps so they can pass all the user data to Rankwave, which then analyzes biographic and behavioral traits to supply user contact info and ad targeting assistance to the business.”

Rankwave’s business model has echoes of Cambridge Analytica, where personality quizzes were used to build complex algorithms that targeted users and their circles of friends with highly-targeted ads. These ads were designed to shape voting behavior, amongst other things.

Facebook has accused Rankwave of using more than 30 apps to track and analyze comments and likes. They also have an app to track the popularity of a user’s posts, calculating a ‘social influence score’. That app is still available on the Google Play Store at the time of writing.

One of the major criticisms of Facebook over Cambridge Analytica was their delayed response. And ‘delayed’ might be a benevolent description. ‘Reluctant’ might be more apt. The company denied any exec-level knowledge of what was taking place on their platform, but this was undermined when reports of undisclosed meetings were exposed.

The Cambridge Analytica scandal is at the heart of the expected multi-billion-dollar FTC fine and the various criminal investigations taking place in the U.S. It was also, along with the torrent of inappropriate content that has come to light, responsible for the bow wave of regulation now coming into play worldwide. Cue that meeting with President Macron.

“We need new rules for the internet that will spell out the responsibilities of companies and those of governments,” Zuckerberg said in an interview with a French TV channel after meeting President Macron.

“Worryingly,’ writes TechCrunch, “Facebook didn’t reach out to Rankwave until January 2019 for information proving it complied with the social network’s policies. After receiving no response, Facebook issued a cease-and-desist order in February, which Rankwave replied to seeking more time because it’s CTO had resigned, which Facebook calls ‘false representations’. Later that month, Rankwave denied violating Facebook’s policies but refused to provide proof. Facebook gave it more time to provide proof, but Rankwave didn’t respond. Facebook has now shut down Rankwave’s apps.”

More echoes of Cambridge Analytica.

According to Facebook, the company “was investigating Rankwave’s data practices in relation to its advertising and marketing services. Rankwave failed to cooperate with our efforts to verify their compliance with our policies, which we require of all developers using our platform. Facebook has already suspended apps and accounts associated with Rankwave, and today’s suit asks the court to enforce the basic cooperation terms that Rankwave agreed to in exchange for the opportunity to operate apps on the platform.”

Earlier in the week, two U.S. senators penned an open letter to the Federal Trade Commission, demanding that the imminent sanctions against Facebook go much further than the “bargain” $3 billion to $5 billion fine that is expected. The senators wrote, “to urge the Commission to act swiftly to conclude its investigation of Facebook, and to move to compel sweeping changes to end the social network’s pattern of misuse and abuse of personal data.”

“The FTC must set a resounding precedent that is heard by Facebook and any other tech company that disregards the law in a rapacious quest for growth,” they said, arguing that fines are insufficient. “The FTC should impose long-term limits on Facebook’s collection and use of personal information, [this might include rules] on what Facebook can do with consumers’ private information, such as requiring the deletion of tracking data, restricting the collection of certain types of information, curbing advertising practices, and imposing a firewall on sharing private data between different products.”

This is exactly the kind of ‘don’t act until you have to’ activity they had in mind.

“By filing the lawsuit,” Facebook said on Friday, “we are sending a message to developers that Facebook is serious about enforcing our policies, including requiring developers to cooperate with us during an investigation.”

Maybe. But by waiting this long and giving Rankwave this much time and space to continue allegedly abusive behavior, you sent an entirely different message. Facebook wants a  judge to force Rankwave to allow an audit to show the extent of data being obtained and sold by the analytics company. Facebook also wants Rankwave to pay damages for harming Facebook’s ‘reputation’ and ‘public trust’. Reputation and public trust.

What’s that phrase about horses and stable doors?

Find me on Twitter or Linkedin or email zakd@me.com.

I am the Founder/CEO of Digital Barriers, a provider of AI and IoT surveillance technologies to defense, security and law enforcement agencies worldwide.

Source: New Facebook Lawsuit Suggests ‘Another Cambridge Analytica’ Has Come To Light

Facebook Could Face New Penalties In Addition To $3 Billion FTC Fine In Attorney General Probe

The New York State Attorney General is investigating Facebook following the embattled company’s claim last week that it unintentionally collected 1.5 million user email address books without permission.

“It is time Facebook is held accountable for how it handles consumers’ personal information,” Attorney General Letitia James said in a statement. People affected by the improper collection of new user contact databases could number in the hundreds of millions, the Attorney General’s office pointed out.

The latest announcement of Facebook harvesting its user’s data was three years in the making. Before May 2016, users had the option to give Facebook access to email contacts from the email address they used to sign up for the platform. But after a redesign of the verification process, email contacts were automatically uploaded to Facebook, allegedly unbeknownst to the company. Passwords for the email addresses used were also collected for some users.

The improperly obtained contacts were then used to improve ad-targeting algorithms on the social media platform.

“Facebook has repeatedly demonstrated a lack of respect for consumer information while at the same time profiting from mining that data,” James tweeted Thursday afternoon.

Facebook, which reported $14.9 million in revenue this week for the first quarter of 2019, may face fines for the latest violation.

Although the Attorney General’s Office has yet to comment on whether the investigation will lead to fines against the company, Facebook is already bracing for a $3 billion fine from the Federal Trade Commission (FTC), the result of an investigation into the privacy violations wrought from the company’s relationship with Cambridge Analytica.

I serve as assistant editor for Forbes Innovation, covering cybersecurity and venture capital. I have covered politics at POLITICO, entertainment for Time Out New York

Source: Facebook Could Face New Penalties In Addition To $3 Billion FTC Fine In Attorney General Probe

What Will Happen to Internet Privacy in the Future?

Unfortunately, we have reached a point where the internet doesn’t work correctly unless we sacrifice some of our privacy. Everything from Twitter to cell phones wants access to our personal information, GPS location, and more. To most of us, how companies store and use our information is mostly a mystery. There are constant stories about stolen consumer information, yet we still, willingly, give out ours because the alternative is cloud services and social networks locking us out. If internet privacy has already eroded so much in the present day, what will things be like in the future? Read more…..

Source: What Will Happen to Internet Privacy in the Future?

%d bloggers like this: