This Company Sells Your Credit Card Data

· · Link

Yodlee is the biggest financial data broker in the U.S., and it routinely sells your credit card data to investment and research firms.

The Yodlee document describes in detail what type of data its clients gain access to, how the company manages that data across its infrastructure, and the specific measures Yodlee takes to try and anonymize its dataset…Once logged into Yodlee’s server, clients download the data as a large text file, rather than interacting with the data in a dashboard or interface that stays solely within Yodlee’s control, according to the document.

How Jeff Bezos Built a Data Collecting Empire

· · Link

BBC News published an inside look into “Why Amazon knows so much about you.”

“They happen to sell products, but they are a data company,” says James Thomson, one of the former executives interviewed.

“Each opportunity to interact with a customer is another opportunity to collect data.”

Founder Jeff Bezos frames it in terms of being a “customer obsession”, saying the firm’s first priority is to “figure out what they want, what’s important to them”.

Czech Authorities Investigate Avast Over Data Collection

· · Link

Investigations are underway to examine Avast’s practice of collecting and selling its users’ browser histories.

Avast, which is based in the Czech Republic, claimed it was stripping away users’ personal details from the collected browser histories as a way to “de-identify” the data, and preserve their customers’ privacy. However, the joint investigation from PCMag and Motherboard found the contrary: The same data can actually be combined with other information to identify the web activities of individual Avast users, including their internet searches. As many as 100 million users had their data collected.

I’m glad there are investigations. As I found out last week, there are likely other companies participating in this data collection practice.

Edison Mail Uses Your Emails For Market Research

· · Link

Popular Apple Mail alternative Edison Mail scans your emails for market research so companies can make “better investment decisions” among other uses.

On its website Edison says that it does “process” users’ emails, but some users did not know that when using the Edison app the company scrapes their inbox for profit. Motherboard has also obtained documentation that provides more specifics about how two other popular apps—Cleanfox and Slice—sell products based on users’ emails to corporate clients.

I did write about Edison Mail coming to the Mac last year, and noted that the company calls it “interesting research.”

Not Wanting Surveillance Competition, Facebook Tells Clearview AI to Back Off

· · Link

Last month, we got word that a company called Clearview AI helped law enforcement with its facial recognition technology. Now, Facebook and Google, which also use facial recognition, told Clearview AI to stop scraping images from each one’s website.

Ton-That argued that his firm’s work is protected by the First Amendment and also that Clearview doesn’t do anything Google doesn’t.

“The way we have built our system is to only take publicly available information and index it that way,” he said.

Ton-That added, “Google can pull in information from all different websites… So if it’s public and it’s out there and could be inside Google search engine, it can be inside ours as well.”

Avast Probably Isn't The Only Antivirus Company Selling User Data

· · Link

In today’s episode of The Mac Observer‘s Daily Observations podcast, Kelly and I did our Security Friday. We talked about two security articles this week, and answered a reader’s question about antivirus programs. I mentioned that people shouldn’t use Avast since it was revealed they collected and sold user data. Now, in the irony of ironies, I got an email today from someone offering me Trend Micro user data.

We have an updated contact list of Trend Micro Users, which can support your marketing campaigns. The database will have access to complete contact information of Trend Micro Users including Emails, Phone number, Mailing address and other relevant data fields. Please let me know your interest in acquiring the list and I will get back to you with counts and pricing. Also, let me know if you are interested in acquiring similar technology users contact list.

That’s a no from me, fam.

Wacom Tablets Track Your Open Apps, Sending the Data to Google

· · Link

Software engineer Robert Heaton discovered that his Wacom tablet was tracking every app he opened and sending that data to Google Analytics.

I suspect that Wacom doesn’t really think that it’s acceptable to record the name of every application I open on my personal laptop. I suspect that this is why their privacy policy doesn’t really admit that this is what that they do. I imagine that if pressed they would argue that the name of every application I open on my personal laptop falls into one of their broad buckets like “aggregate data” or “technical session information”, although it’s not immediately obvious to me which bucket.

Kids Need End-to-End Encryption for Protection Against Corporations

· · Link

In a report from the Financial Times (paywall), a letter signed by 129 non-profits, think tanks, and academics urge Facebook to reconsider encrypting its apps. They use the “think of the children” argument because encryption could enable more child sexual abuse. But Justin Myles Holmes says we should think of the children and enable end-to-end encryption for them, so their data isn’t used and abused by corporations precisely like Facebook.

If we fail to take action now, we risk a world in which unsavory actors – domestic and foreign – have built rich, comprehensive profiles for every one of our children, following the trajectories of their education, home life, consumer habits, health, and on and on.  These profiles will then be used to manipulate their behavior not only as consumers, but as voters and participants in all those corners of society which, in order for freedom and justice to prevail, require instead that these kids mature into functional, free-thinking adults.

Apple’s Commitment to Privacy is Going Down the Drain

· · Link

Vicki Boykis wrote yesterday about Apple’s privacy, current flaws, and how the company should do better (I agree!)

So, here we are, in 2020, with Apple in a bit of a pickle. It’s becoming so big that it’s not prioritizing security. At the same time, it needs to advertise privacy as a key differentiator as consumer tastes change. And, at the same time, it’s about to get canclled [sic] by the FBI, China, and Russia.

And while it’s thinking over all of these things, it’s royally screwing over the consumer who came in search of a respite from being tracked.

FCC Unsure Whether to Punish Carriers for Selling Location Data

· · Link

Two years ago we found out that US carriers were selling real-time location data of its customers. The FCC has wrapped up its investigation, and maybe it will punish the carriers…or maybe not. Who knows? Chairman Ajit Pai doesn’t.

Pai’s statement went on: “Accordingly, in the coming days, I intend to circulate to my fellow Commissioners for their consideration one or more Notice(s) of Apparent Liability for Forfeiture in connection with the apparent violation(s). We are unable to provide additional information about any pending enforcement action(s) beyond what is stated in the letter.”

If that seems unusual vague: that “one or more” mobile operators “apparently violated” the law by selling location data, you’re not the only one.

Amazon Will Sell Your Face for as Low as 40 Cents for Facial Recognition

· · Link

Reporters at The California Sunday Magazine recently published an overview of facial recognition technology. It’s a long read and it provides a lot of information on this technology and how it works. Among the tidbits that caught my eye I wanted to share this one:

Why has the use of facial recognition become such a hot-button issue now? The most obvious answer is that the technology has been improved, streamlined, and commercialized to the point that it has become widely accessible, available for purchase for as low as 40 cents an image if you opt for Amazon’s facial-recognition software plan.

RoomMe is a Smart Home Device to Person-Specific Automation

· · Cool Stuff Found

RoomMe is a occupancy automation sensor for your home. This means when a person walks into a room, it detects your phone via Bluetooth to enable person-specific automation. A spokesperson told me it uses localized technology called Presence Sensing Technology. It stores your automation rules on your smartphone and doesn’t accept external automation triggers or manual operation. Meaning, the device commands your other devices and doesn’t accept commands from other devices. However, according to its privacy policy the app does contain Google analytics and “behavioral remarketing services” to show you ads outside of the app. But you can enable Limit Ad Tracking in iOS settings. You can pick up a single RoomMe sensor for US$69.99, or buy combo packs. It supports various smart home protocols including HomeKit.

RoomMe is a Smart Home Device to Person-Specific Automation

Location is One of The Big Factors in Advertising

· · Link

Jennifer Jolly wrote an article wondering if Siri was spying on her because she began to see ads in Spanish after her husband began speaking Spanish at home, within “earshot” of her iPad. The answer is, of course, no. In her buried lede she tells us that she had just moved to a predominantly Spanish-speaking part of Oakland California. It seems reasonable to me that you would see Spanish ads in a Spanish area. Although I’m sure the device’s language is a factor. We did have news last year that contractors listened to some snippets of Siri recordings, but that was to improve the service and not sell ads. Meanwhile, if you turn on Limit Ad Tracking in Settings, your advertising identifier is zeroed. After that, location becomes one of the big factors in advertising.

And Apple says it engineers its devices to protect user privacy. When it comes to Siri, which is integrated in nearly every Apple device, the assistant is designed to activate only after the wake word (“Hey, Siri”) or a waking action is completed, Apple says.

CocoonWeaver Gives You Private Voice Transcriptions

· · Cool Stuff Found

CocoonWeaver is a new-ish app (released five months ago) that gives you private voice transcriptions automatically sorted into categories with a voice command. To assign a category to a transcription just say at the beginning, “Cocoon, <category>” then start talking as normal. The developers also have a good privacy policy. Audio and textual data is encrypted and stored locally. The app’s design adheres to guidelines put forth by The Center for Humane Technology. Other features include: Integrated maps for geotagged notes, global search of history, an Apple Watch app, works offline, and more. App Store: Free

CocoonWeaver Gives You Private Voice Transcriptions

Facebook Hilariously Reminds its Users About ‘Data Privacy Day’

· · Link

In the next few weeks you might see a reminder in the Facebook to review your privacy settings. That is, what little privacy the company gives you.

The updates represent Facebook burnishing its image to some extent. It spent much of the last decade embroiled in privacy problems that ranged from the Cambridge Analytica scandal through to data exposure on a third-party system. At the same time, it’s safe to say many people want to know their data is being used properly — the prompt and expanded tools could provide a degree of reassurance.

I don’t think it’s possible for Facebook to burnish its image.