privacy

Link

U.S. Border Patrol Has ‘Near-Unfettered’ Authority to Search and Seize Devices

Andrew Orr ·

U.S. Customs and Border Protection (CBP) and U.S. Immigration and Customs Enforcement (ICE) have “near-unfettered authority to search and seize travelers’ devices at the border.”

The agencies’ policies allow officers to search devices for general law enforcement purposes, such as investigating and enforcing bankruptcy, environmental, and consumer protection laws. The agencies also say that they can search and seize devices for the purpose of compiling “risk assessments” or to advance pre-existing investigations. The policies even allow officers to consider requests from other government agencies to search specific travelers’ devices.

Link

Silicon Valley Lobbyists Want to Limit California Consumer Privacy Act

Andrew Orr ·

Silicon Valley lobbying groups are trying to gut the California Consumer Privacy Act (CCPA).

The California Consumer Privacy Act, or CCPA, gives residents of California the ability to request the data that businesses collect on them, demand that it be deleted, and opt out of having that data sold to third parties, among other things. But last week, the California Assembly’s Committee on Privacy and Consumer Protection advanced a series of bills that would either amend CCPA or carve out exemptions for certain categories of businesses.

I have a couple of opinions here. I think groups affected by a certain bill or law should have the right to voice their opinion. On the other hand I feel uneasy by corporate lobbying focused on donating or influencing political campaigns where there is a conflict of interest.

Link

4 Privacy Features Apple Should Add

Andrew Orr ·

Apple has made a good start when it comes to privacy, but there are more private features the company can add. Here are four.

…based on Apple’s marketing focus as of late, which has centered on privacy, it’s reasonable to assume that the company will unveil additional privacy protections for users and their data in its next operating systems. What those privacy protections might be is anyone’s guess–but here are my hopes.

End-to-end encryption for iCloud backups is definitely on my wish list. But it should remain optional, because people who forget their password would be unable to access this kind of backup.

Link

Advertisers Hate This Texas Privacy Proposal

Andrew Orr ·

The Texas Privacy Protection Act (HB 4390) was introduced last month, and it would require opt-in consent from consumers before companies could use their data for targeted ads. Advertisers aren’t happy.

Without the ability to effectively advertise online due to opt-in consent barriers, revenues will be impacted and companies that rely on such revenue may no longer be able to support free and low cost content and services that Texans desire, such as online newspapers, social networking sites, mobile applications, email, and phone services,” the ad industry writes in a letter sent last week.

The groups add that the constant requests for consent will frustrate consumers and also “desensitize” them, which will reduce “their sense of control over their privacy.”

Link

iPhones Aren’t Safe From Google’s Sensorvault Database

Andrew Orr ·

Google has a database called Sensorvault. It contains location data of users and shares it with law enforcement—if they have a warrant, of course. Apple honors lawful requests as well. But Jennifer Valentino-DeVries wonders whether the database is too broad.

Google would not provide details on Sensorvault, but Aaron Edens, an intelligence analyst with the sheriff’s office in San Mateo County, Calif., who has examined data from hundreds of phones, said most Android devices and some iPhones he had seen had this data available from Google…

“It shows the whole pattern of life,” said Mark Bruley, the deputy police chief in Brooklyn Park, Minn., where investigators have been using the technique since this fall. “That’s the game changer for law enforcement.”

Link

Why Does Apple Allow Pervasive App Tracking?

Andrew Orr ·

In the future, I hope Apple puts restrictions on the kind of app tracking developers use. We already have Safari’s Intelligent Tracking Prevention. I’d like to see that for the App Store.

SDKs present a solution to Apple’s pesky tracking restriction for advertisers. They can connect who you are between apps, provided the developer of each app uses the same SDK and the advertiser is able to use signals to figure out who you are. If we look at the top 200 apps on the iOS App Store, it’s interesting to see how broad the reach of most SDKs actually is.

Jumbo Privacy Assistant Can Manage Your Social Media
Cool Stuff Found

Jumbo Privacy Assistant Can Manage Your Social Media

Andrew Orr ·

Jumbo is a privacy assistant that can manage your social media. It can delete your old tweets, manage your Facebook privacy settings, delete your Google search history, and delete your Alexa voice recordings. Jumbo has no servers, so your data doesn’t leave your iPhone. When it comes to deleting tweets, there are several options to choose from, like tweets from the past day, week, month, and year. Due to Twitter’s API limitations, Jumbo can only clean 3,200 tweets at a time. Instagram and Tinder are coming soon to the app, so you can clean your Instagram photos and videos, and delete Tinder matches and messages. Personally, I also hope support for deleting Reddit posts and comments will come in the future. App Store: Free

Link

With Safari 12.1 You Can No Longer Disable Click Tracking

Andrew Orr ·

Click tracking, a.k.a. hyperlink auditing, is an HTML standard that can be used to track clicks on web sites. Previous versions of Safari used to let you disable this, but Safari 12.1 changes that.

Despite several months notice from me, Apple shipped Safari 12.1 last week to the public with no way to disable hyperlink auditing. I hope to raise awareness about this issue, with the ultimate goal of getting hyperlink auditing disabled by default in Safari. Apple claims that Safari is supposed to protect your privacy and prevent cross-site tracking, but hyperlink auditing is a wide open door to cross-site tracking that still exists.

Link

Eva Galperin Wants to Eliminate Stalkerware

Andrew Orr ·

Eva Galperin is the head of the Electronic Frontier Foundation’s (EFF) Threat Lab. Her latest project? Ending stalkerware once and for all.

In a talk she is scheduled to give next week at the Kaspersky Security Analyst Summit in Singapore, Galperin will lay out a list of demands: First, she’s calling on the antivirus industry to finally take the threat of stalkerware seriously, after years of negligence and inaction. She’ll also ask Apple to take measures to protect iPhone users from stalkerware, given that the company doesn’t allow antivirus apps into its App Store.

Link

Which Browser is the Most Private and Secure?

Andrew Orr ·

Zubair Khan put together a list of popular web browsers and tested them to figure out which was the most private and secure.

To decide which browser is the best for privacy and security, we will evaluate them using two criteria: Available security features [and ]embedded Privacy Tools. Each browser will be rated out of five and will be ranked accordingly.

The browsers he tested: Chrome, Internet Explorer (Not Edge?), Safari, Firefox, Chromium, Opera, and Tor browser.

Link

More Details on Mastercard's Universal Digital ID

Andrew Orr ·

Late last year Mastercard announced its idea for a universal digital ID. We have a bit more information on that.

Mastercard envisions a platform in which consumers have control of their identity information and it is stored locally on their devices, rather than in a centralized system that Mastercard would need to defend. The ID would be set up through a bank or other participating institution that already holds identity information about the individual. And people would manage their enrollment and interact with their universal ID through that institution’s secure mobile app.

Link

It's Now Easier to Delete Telegram Messages

Andrew Orr ·

With a new “delete everywhere” feature it’s now easier than ever to delete Telegram messages and erase your chat history.

The new ‘nuclear option’ delete feature allows a user to selectively delete their own messages and/or messages sent by any/all others in the chat. They don’t even have to have composed the original message or begun the thread to do so. They can just decide it’s time.