One way to avoid the California Consumer Privacy Act is to claim that you don’t sell data. This is what Google has seemingly done.
Google monetizes what it observes about people in two major ways: It uses data to build individual profiles with demographics and interests, then lets advertisers target groups of people based on those traits. It shares data with advertisers directly and asks them to bid on individual ads.
As I tweeted yesterday, there is no difference between selling “access” to data and selling data “directly.” In both scenarios, people are products for advertisers. Although I’m sure lawsuits have been won and lost on lesser technicalities.
Google indexes links to WhatsApp group invites that may be private, meaning people can find and join them.
Motherboard used a number of specific Google searches to find invite links to WhatsApp groups. Some of the groups appear to not be overly sensitive or for a particular audience. Many of the links on Google lead to groups for sharing porn.
But others appear to be catered to specific groups. Motherboard entered one WhatsApp group chat that described itself as being for NGOs accredited by the United Nations. After joining, Motherboard was able to see a list of all 48 participants and their phone numbers.
Google shared a blog post today in which it announced that Gmail for iOS will now support adding files from the Files app.
Last month, we got word that a company called Clearview AI helped law enforcement with its facial recognition technology. Now, Facebook and Google, which also use facial recognition, told Clearview AI to stop scraping images from each one’s website.
Ton-That argued that his firm’s work is protected by the First Amendment and also that Clearview doesn’t do anything Google doesn’t.
“The way we have built our system is to only take publicly available information and index it that way,” he said.
Ton-That added, “Google can pull in information from all different websites… So if it’s public and it’s out there and could be inside Google search engine, it can be inside ours as well.”
Google’s Project Zero security team found multiple Intelligent Tracking Prevention flaws in Safari that let users be tracked anyway.
Google updated its Smart Lock app on iOS to let iPhones be used for two-factor authentication. But it will only work inside Chrome. Now your only choices for Google two-factor authentication are this Smart Lock app, or a phone number (an insecure method). You can also use a physical security key but not an app like Authy.
After installing the update, users are asked to select a Google account to set up their phone’s built-in security key. According to a Google cryptographer, the feature makes use of Apple’s Secure Enclave hardware, which securely stores Touch ID, Face ID, and other cryptographic data on iOS devices.
Update. So I made a mistake and you can use an app like Authy, but you first have to surrender your phone number to Google. Which I’m obviously loathe to do so I use a disposable number.
Sonos launched legal action against Google, alleging that the search giant stole its multiroom speaker technology.
A new privacy law comes into force in California tomorrow, January 1st 2020 and retailers are scrambling to make sure they comply.
The UK competition regulator may impose tougher regulations on Google and Facebook over concerns about their dominance of online advertising.
Google started an initiative called Project Understood. It’s partnering with the Canadian Down Syndrome Society to ask people with Down syndrome help train its voice recognition algorithms to understand them better.
“Out of the box, Google’s speech recognizer would not recognize every third word for a person with Down syndrome, and that makes the technology not very usable,” Google engineer Jimmy Tobin said in a video introducing the project. Google is aiming to collect 500 “donations” of voice recordings from people with Down syndrome, and is already more than halfway toward its goal.
A worthy project.
The Federal Trade Commission is considering a revamp of the Children’s Online Privacy Protection Act (COPPA). Google wants to help them change the rules, and asked the agency to eliminate rules that categorizes anyone watching kids content online as actual kids.
In September, Google agreed to pay US$170 million to the FTC to resolve claims that YouTube violated COPPA by serving targeted advertisements to children under 13…After the FTC settlement, YouTube told creators that they would have to identify when videos are aimed at children under 13. When that happens, YouTube now turns off ads that rely on web browsing behavior and other targeting data, which earn more for YouTube and creators.
Apple lets you go into iOS settings and change your default search engine. But Google is still the default engine when you search via Spotlight.
Siobhan O’Flynn writes about all the ways that companies like Google collect data from kids in violation of the Children’s Online Privacy Protection Act. It starts when schools increasingly turn to Google services in education.
Alphabet Inc. dominates child-directed and child-featured content online through YouTube Kids and has now colonized online educational spaces through Google Docs, G-Suite, Chromebooks and the associated Gmail accounts for children that are required for use. This means that Google’s access to children’s data spans entertainment (YouTube and YouTube Kids), search and purchase histories (via associated parental accounts), and educational sectors.
Alex Cranz reviewed Google Stadia, a game service where games are streamed to you instead of you loading them onto your device.
With Stadia, you can slip into a game typically found on a PC or console using almost any device. It makes you wonder why we’ve tethered ourselves to hardware for so long when the internet can give us all of that power at a considerably lower cost (and smaller energy bill). The problem is that Stadia rarely works perfectly. Instead, it offers us a glimmer of the future before crashing back down into the muddy present.
”It makes you wonder why.” Here’s why we’re still tethering ourselves: Because arguably you own physical copies of media like games, books, and movies. The “future” that Mr. Cranz’s headline alludes to is the Ideal Corporate World in which no one owns anything because it’s all a subscription.
Teaming up with Ascension, Project Nightingale aims to collect health data from millions of Americans, without telling patients or doctors.
According to YouTube’s new terms of service, your YouTube account can be terminated if it isn’t commercially viable enough. The phrasing is broad enough that some people think this means Google will take action against people using adblockers.
YouTube may terminate your access, or your Google account’s access to all or part of the Service if YouTube believes, in its sole discretion, that provision of the Service to you is no longer commercially viable.
I’m personally not sure if that’s the case. You don’t need a Google account to watch YouTube, nor does Google need you to have an account for it to track you.
Charlotte Henry and Bryan Chaffin join host Kelly Guimont to discuss Google announcing better malware scans and Apple’s updated family leave.
Google wants Android to have better security so it’s teaming up with other firms to create the App Defense Alliance.
Andrew Orr and Charlotte Henry join host Kelly Guimont to discuss Google’s secure enclave, and how streaming services can retain subscribers.
Google wants Android phones to have a Secure Enclave chip like iPhones. Its OpenTitan project aims to help design an open source one.
OpenTitan is loosely based on a proprietary root-of-trust chip that Google uses in its Pixel 3 and 4 phones. But OpenTitan is its own chip architecture and extensive set of schematics developed by engineers at lowRISC, along with partners at ETH Zurich, G+D Mobile Security, Nuvoton Technology, Western Digital, and, of course, Google.
The consortium will use community feedback and contributions to develop and improve the industry-grade chip design, while lowRISC will manage the project and keep suggestions and proposed changes from going live haphazardly.
You can view the OpenTitan Github repo here, but it’s not fully fleshed out yet.