Apple Will Ban ‘X-Mode’ Data Broker From its Platforms

· Andrew Orr · Link

Image of person holding phone

A report from The Wall Street Journal reveals that Apple and Google are banning a data broker called X-Mode from collecting location data from their platforms. (Non-paywalled version here). This is due to X-Mode links to selling data to government contractors involved in national security as Vice reported.

Both Apple and Google disclosed their decision to ban X-Mode to investigators working for Sen. Ron Wyden (D., Ore.), who has been conducting an investigation into the sale of location data to government entities.

How to Safely See Your Top 9 Instagram Photos of 2020

· Andrew Orr · Link

Instagram logo

Your Top 9 Instagram posts of each year is a trend that has been going on for several years now. You probably don’t want to give websites access to your Instagram account just to see these photos. Or, maybe you don’t care. In any case, CNN has a short guide to safely do it with apps called Top Nine and Best Nine.

When you give your email to Top Nine, the service uses it to send you your yearly roundup, but may also contact you in the future for marketing, the company’s privacy policy says. The emails may come from Top Nine and its affiliate companies, but each one will contain instructions on how to “opt-out” of these messages.

If it doesn’t automatically use your email from Instagram, you could try a disposable email service like TempMail.

Ahead of Apple’s ATT, WhatsApp Explains its Privacy Labels

· Andrew Orr · Link


Ahead of the upcoming iOS 14 App Tracking Transparency feature, Facebook-owned WhatsApp explains the privacy labels people will see on its App Store page. The app will collect contact information like your phone number, your (optional) email address, contacts, financial information to use certain features, shopping activity like product browsing and purchasing data, your IP address, general location, usage data, and diagnostics.

With end-to-end encryption, messages are not stored on our servers after they’re delivered, and in the normal course of operating our services we do not retain a record of the people you may message.

Will Apple’s Crackdown on Data Tracking Hurt Small Businesses?

· Andrew Orr · Link

Apple’s icon to denote privacy.

Ben Thompson publishes good analysis on Stratechery, but I don’t agree with his latest piece. It’s about Apple’s privacy campaign and the new iOS 14 privacy “nutrition labels.” If I understand them correctly, he seems to have two main points: We should feel bad for small businesses because they won’t be able to collect our data in the same capacity as before, and that Apple’s attempts are futile because the internet is a giant shopping mall and “personal data wants to be free.” My summary is an oversimplification but I believe we should be combining Apple’s privacy with regulation like GDPR. In my opinion you can still have ads that don’t invade your privacy.

While transparency for customers is definitely a good thing, Apple’s simultaneous appeals to analog analogies and simplistic presentation of privacy trade-offs risks a similar path when it comes to the GDP of the Internet and to what extent power is disbursed versus centralized.

How the U.S. Used the Patriot Act to Track Web Browsing

· Andrew Orr · Link

Person using a macbook

Government entities have been using Section 215 of the Patriot Act as justification to collect logs of web browsing activity.

In fact, “one of those 61 orders resulted in the production of information that could be characterized as information regarding browsing,” Mr. Ratcliffe wrote in the second letter. Specifically, one order had approved collection of logs revealing which computers “in a specified foreign country” had visited “a single, identified U. S. web page.”

5 Encrypted DNS Services to Use on iOS and macOS

· Andrew Orr · Deep Dive

Switching from your ISP’s DNS is good because your browsing history could be sold. Here are five encrypted DNS services to use instead.

Amazon Sidewalk Shares Your Wi-Fi With Neighbors

· Andrew Orr · Link

Amazon sidewalk Graphic

Amazon Sidewalk is a new initiative by the company that creates a low-bandwidth network pooled from the personal networks of Amazon device owners.

Amazon Sidewalk is a shared network, coming later this year, that helps devices like Amazon Echo devices, Ring Security Cams, outdoor lights, and motion sensors work better at home and beyond the front door. When enabled, Sidewalk can unlock unique benefits for your device, support other Sidewalk devices in your community, and even open the door to new innovations like locating items connected to Sidewalk.

Of course, there are numerous privacy and security concerns, although Amazon does claim it has “strong encryption” without going into details.

Facebook Responds to Apple’s Criticism of Data Monetization

· Andrew Orr · Link

Person using Facebook on iPhone.

On Thursday, Apple defended its iOS 14 anti-tracking feature in a letter to privacy groups like the EFF, criticizing data collection practices like those used by Facebook. Naturally, Facebook responded.

[Apple] are using their dominant market position to self-preference their own data collection while making it nearly impossible for their competitors to use the same data. They claim it’s about privacy, but it’s about profit.

Fortunately, of course it’s possible to be private and profitable simultaneously. Paid apps and services hopefully incentivize developers to monetize their talent, not our attention through tracking and ads.

LAPD Bans Commercial Facial Recognition Technology

· Andrew Orr · Link

The Los Angeles police department has banned the use of commercial facial recognition like Clearview AI by its officers.

The LAPD, the third-largest police department in the United States, issued a moratorium on the use of third-party facial recognition software on Nov. 13, after it was told that documents seen by BuzzFeed News showed more than 25 LAPD employees had performed nearly 475 searches using Clearview AI as of earlier this year. Department officials have made conflicting statements in the past about their use of facial recognition technology, including claims that they deploy it sparingly.

Michigan Prop 2 Passes; Police Need a Warrant to Search Your Devices

· Andrew Orr · Link

Police car

Voters in Michigan overwhelmingly passed Proposition 2 which adds “electronic data and electronic communications” to the state’s search and seizure laws.

The person, houses, papers, possessions, and electronic data and electronic communications of every person shall be secure from unreasonable searches and seizures. No warrant to search any place or to seize any person or things or to access electronic data or electronic communications shall issue without describing them, nor without probable cause, supported by oath or affirmation.

Translation: Michigan police need a warrant to search your electronic devices. And as a Michigander myself I definitely voted in favor of this.

California Prop 24 Will Hamper Facebook, Google

· Andrew Orr · News

California flag

California passed Proposition 24 on Tuesday, expanding the state’s existing privacy laws to make it harder for companies to collect your data.

How Homeland Security Caught Suspect in R. Kelly Case

· Andrew Orr · Link

A recently revealed warrant in the R. Kelly case revealed how U.S. Homeland Security used a Google search warrant.

Homeland Security special agent Sylvette Reynoso testified that her team began by asking Google to produce a list of public IP addresses used to google the home of the victim in the run-up to the arson. The Chocolate Factory complied with the warrant, and gave the investigators the list.

As we discussed on Security Friday today, it’s cool that law enforcement was able to do this, yet simultaneously scary since it involved a dragnet of Google users.

Sony PS4 Update Will Monitor Your Party Chats

· Andrew Orr · Link

In a 8.00 PS4 update today, players must agree to have their voice chats monitored for moderation purposes. It’s a gross breach of privacy and fans are understandably upset.

Fans noticed that upon downloading PS4 update 8.00, they were greeted by a message telling them that voice chats can now be recorded and subject to moderation. Not only that, but anyone that uses the PS4 party chat system has to agree to their voice being recorded.

Here Are 6 Privacy Reasons You Should Delete WhatsApp

· Andrew Orr · Link


Sebastian Meineck shares six privacy reasons people should delete Facebook-owned WhatsApp from their devices.

But WhatsApp also has its flaws. On closer inspection, user privacy and data protection are no longer its priority, and plans to merge it with other Facebook-owned services like Facebook Messenger and Instagram DMs are concerning.

Signal is a good open-source private messenger to use instead.

Privacy Advocates Call on Tim Cook to to Implement iOS 14 Privacy Features

· Andrew Orr · Link

Tim Cook at antitrust hearing

Ranking Digital Rights, along with seven other organizations, sent a letter [PDF] to Apple CEO Tim Cook, urging the company to implement iOS 14 privacy features that are delayed until 2021.

Apple has the opportunity to reinforce its position as an industry leader on protecting the privacy of its users by empowering them to control who can track their online behavior. At the same time, this change can and should enable the company to become more transparent about how it enforces its terms against apps that violate its policies. By delaying the introduction of crucial privacy measures, the company is slowing the momentum it created.