Your Privacy Can't be Left up to Others

· · Link

Doc Searls argues that if your privacy is in the hands of others alone, you don’t have any privacy.

If you think regulations are going to protect your privacy, you’re wrong. In fact they can make things worse, especially if they start with the assumption that your privacy is provided only by other parties, most of whom are incentivized to violate it.

I think Mr. Searls makes some good points. I’m in favor of privacy regulations, but I also agree that individuals need to manage their privacy better. Privacy should also be the default, and not a feature you have to pay for.

We do Not Know how to Talk About Online Privacy Violations

· · Link

Abstract image of data that has been locked down

The debate over user privacy online is getting ever more intense. Barely a week goes by without some new horror being revealed. On Buzzfeed News, Charlie Warzel laid out just how dire the privacy situation has got and how bad the general public is at understanding the problem. Whether its celeb-twinning apps or Facebook, users simply do not know enough about how their data is being used nor how to discuss the issue.

Opaque algorithms and operations allow executives to dismiss the concerns of journalists and activists as unfounded or ignorant. They argue that critics are casting normal, industry-standard practices and terms of service agreements as malicious. What does it say about us or the culture built atop the modern internet that Byzantine terms of service agreements that few understand or even bother reading govern so much of our lives online?

Bounty Hunter Successfully Tracked Down a Phone

· · Link

AT&T, Sprint, and T-Mobile sell access to customers’ location data. As an experiment, Joseph Cox paid a bounty hunter to locate a phone, and it worked.

The bounty hunter did this all without deploying a hacking tool or having any previous knowledge of the phone’s whereabouts. Instead, the tracking tool relies on real-time location data sold to bounty hunters that ultimately originated from the telcos themselves, including T-Mobile, AT&T, and Sprint, a Motherboard investigation has found. These surveillance capabilities are sometimes sold through word-of-mouth networks.

The technology apparently works on all mobile networks, but there was some issue with Verizon. Shady practices like this are why we need an American GDPR, as well as a better FCC.

Apple's Public Billboard at CES: 'What Happens on Your iPhone, Stays on Your iPhone'

· · Cool Stuff Found

What happens on your iPhone, stays on your iPhone

I heart this so much. There aren’t enough emojis in the world to describe how much I love Apple’s giant message to CES: “What happens on your iPhone, stays on your iPhone.” It’s on a massive outdoor sign hanging on the side of a ::checks notes:: Marriott…wait, is Apple trolling Marriott, too? Fitting, if so. Whatever, the target is ostensibly Google, Facebook, Amazon, Android, and the myriad of companies whose customers are the product. And that message is being delivered to CES in Las Vegas, a show Apple doesn’t bother to attend. Chris Velazco of Engadget tweeted the first image I could find (below), and Mashable‘s Adam Rosenberg pitched it as, “Apple spent money to publicly troll everyone else’s privacy issues at CES.” Again with the feels, Apple. Thanks for brightening my day.

Browser Fingerprinting? DuckDuckGo says DuckDuckNo!

· · Link

In a Whonix forum a person alleged that DuckDuckGo was using browser fingerprinting techniques to track people. The search engine denies the claim however.

“Fingerprinting-detection libraries unfortunately create false positives because they don’t anticipate good actors using some browser APIs for non-nefarious purposes for which they were designed. We know this not only because we’re falsely identified here (and have been elsewhere) but because we are building this type of detection into our mobile app and browser extension and don’t similarly want to make false claims.”

DuckDuckGo CEO Gabe Weinberg said an API they use to determine the size of the browser might be triggering the fingerprinting flag.

Apple's International Privacy Trade-Offs

· · Link

Apple and privacy

LONDON – Apple has for a long time proudly flaunted its pro-privacy values. It, quite fairly, highlights how its products are aligned with these values, especially when compared to its competitors.  However, this is coming under increasing strain. According to a Techcrunch report, European customers, in particular, are beginning to question whether Apple is still putting its money where its mouth is when it comes to privacy. Deals with Google and its ongoing presence in China, are leaving Apple walking something of a tightrope.

Far from Apple’s troubles in emerging markets and China, the company is attracting the ire of what should really be a core supporter demographic naturally aligned with the pro-privacy stance CEO Tim Cook has made into his public soapbox in recent years — but which is instead crying foul over perceived hypocrisy. The problem for this subset of otherwise loyal European iPhone users is that Apple isn’t offering enough privacy.

Manage iPhone Privacy With This iMore Guide

· · Link

Rene Ritchie put together a good iMore guide to manage your online information and privacy settings.

Now, just to be clear, these aren’t security tips. I’ll cover those in another column. These are privacy tips. They’re ways to make sure people and companies learn as little as possible about you, while you still get the most you can from them. Cool?

It’s a good guide and everyone should read it. It’s full of tips to manage privacy settings on iPhone and online accounts. While you’re at it, check out my guide where I include privacy apps I’ve used.

Weather Channel Accused of Mining User Data

· · Link

The Los Angeles city attorney has filed a lawsuit saying that the Weather Channel collects user data for commercial purposes, not just to provide local forecasts.

The government said the Weather Company, the business behind the app, unfairly manipulated users into turning on location tracking by implying that the information would be used only to localize weather reports. Yet the company, which is owned by IBM, also used the data for unrelated commercial purposes, like targeted marketing and analysis for hedge funds, according to the lawsuit.

The New York Times uses the word “covert” in its headline. It’s not that covert though. The Weather Channel has a How is My Data Used page. I’m not defending them but people really need to start reading privacy policies and service terms. Although using dark patterns to obfuscate this is wrong.

Security Week: Privacy.com Gives You Unlimited Virtual Cards

· · Cool Stuff Found

I’ve talked a lot about Privacy.com lately, but that’s because I think it’s such a good service. I’ve been using it for about two years. When you link your bank account to the app, you can generate unlimited virtual cards to use. You won’t have to worry about your credit card number getting leaked in a data breach anymore. When you create a card there are several configurations to use. You can create a one-time use burner card. You can lock a card to a specific merchant, and it can’t be used anywhere else. You can pause or cancel cards at any time. You can set a maximum charge for cards as well. Privacy.com is free too, because the company makes money from merchants just like traditional debit/credit cards.

Security Week: Privacy.com Gives You Unlimited Virtual Cards