Privacy

  • When the camera lies: our surveillance society needs a dose of integrity to be reliable

    Being watched is part of life today. Our governments and industry leaders hide their cameras inside domes of wine-dark opacity so we can’t see which way the camera is looking, or even if there is a camera in the dome at all. They’re shrouded in secrecy. But who is watching them and ensuring the data they collect as evidence against us is reliable? Surveillance evidence is increasingly being used in legal proceedings, but the surveillants – law enforcement, shop-keepers with a camera in their shops, people with smartphones, etc. — have control over their recordings, and if these are the only ones, the one-sided curation of the evidence undermines their integrity. There is thus a need to resolve the lack of integrity in our surveillance society. There are many paths to doing this, all of which lead to other options and issues that need to be considered. But unless we start establishing principles on these matters, we will be perpetuating a lack of integrity regarding surveillance technologies and their uses.

  • Can a hacker stop your car or your heart? Security and the Internet of Things

    An ever-increasing number of our consumer electronics is Internet-connected. We’re living at the dawn of the age of the Internet of Things. Appliances ranging from light switches and door locks, to cars and medical devices boast connectivity in addition to basic functionality. The convenience can’t be beat, but the security and privacy implications cannot and should not be ignored. There needs to be a concerted effort to improve security of future devices. Researchers, manufacturers and end users need to be aware that privacy, health and safety can be compromised by increased connectivity. Benefits in convenience must be balanced with security and privacy costs as the Internet of Things continues to infiltrate our personal spaces.

  • Online tools help users adopt better privacy practices

    Research shows a growing concern for online privacy, but Internet users give up personal information every day in exchange for the convenience and functionality of a variety of online services. Online privacy is distinct from online security, which encompasses efforts to mitigate the theft of personal information. Most violations of online privacy are not illegal but rather the results of tacit consumer consent. The new Privacy Helper mobile app teaches users about the features on their phones that can affect privacy. The key to Privacy Helper, its developers say, is its flexibility in giving users better control over how they share personal information.

  • Judges question claims that NSA metadata collection poses threat to ordinary citizens

    A panel of three judges on the U.S. Court of Appeals for the District of Columbia challenged arguments made earlier this week by Larry Klayman, a conservative lawyer arguing on his own behalf, and Cindy Cohn, an attorney representing the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU), that the National Security Agency’s (NSA) mass-surveillance program is a breach of the Fourth Amendment, which protects against unreasonable searches.The case, Klayman v. Obama, is one of three currently at the appeals-court level regarding the NSA surveillance program.In the D.C. Circuit Court of Appeals, Judges Stephen Williams and David Sentelle voiced skepticism about claims that collecting metadata posed a threat to ordinary citizens.

  • Identifying ways to improve smartphone security

    What information is beaming from your mobile phone over various computer networks this very second without you being aware of it? Experts say your contact lists, e-mail messages, surfed Web pages, browsing histories, usage patterns, online purchase records and even password protected accounts may all be sharing data with intrusive and sometimes malicious applications, and you may have given permission. The apps downloaded to smartphones can potentially track a user’s locations, monitor his or her phone calls and even monitor the messages a user sends and receives — including authentication messages used by online banking and other sites, he says, explaining why unsecured digital data are such a big issue. Assigning risk scores to apps may slow down unwarranted access to personal information.

  • ICE offices subscribed to national license-plate database in violation of DHS policy

    In February, DHS officials dropped a controversial bidwhich would have allowed the department to access a national license-plate database, citing possible violation of Americans’ civil liberties. Soon after, DHS officials established a policy which required similar plans to be reviewed by department privacy officers. Roughly two months after that policy was put in place, officials with DHS’s Newark and Houston field offices of the Immigration and Customs Enforcement(ICE) agency purchased subscriptions for a commercially run national license-plate database without approval from DHS’ privacy office.

  • Peekaboo, I see you: Government authority intended for terrorism is used for other purposes

    The Patriot Act continues to wreak its havoc on civil liberties. Section 213 was included in the Patriot Act over the protests of privacy advocates and granted law enforcement the power to conduct a search while delaying notice to the suspect of the search. Known as a “sneak and peek” warrant, law enforcement was adamant Section 213 was needed to protect against terrorism. But the latest government report detailing the numbers of “sneak and peek” warrants reveals that out of a total of over 11,000 sneak and peek requests, only fifty-one were used for terrorism. Yet again, terrorism concerns appear to be trampling our civil liberties.

  • Law enforcement: Apple iOS 8 software would hinder efforts to keep public safety

    With its new iOS 8 operating software, Apple is making it more difficult for law enforcement to engage in surveillance of users of iOS8 smartphones. Apple has announced that photos, e-mail, contacts, and other personal information will now be encrypted, using the user’s very own passwords — meaning that Apple will no longer be able to respond to government warrants for the extraction of data.

  • Growing scrutiny of police use of Stingray surveillance technology

    IMSI-catcher (International Mobile Subscriber Identity), aka Stingray, is a surveillance technology which simulates cell phone towers in order to intercept mobile phone calls and text messages. Privacy advocates have scrutinized the use of Stingrays in U.S. cities because, when the device tracks a suspect’s cell phone, it also gathers information about the phones of bystanders within the target range. Additionally, police use Stingrays without properly identifying the technology when requesting search warrants has raised concerns.

  • Social media firms pledging to keep users anonymous still collect users’ information

    Social media firm Whisperprides itself on offering anonymity in a market where the biggest players are often considered too transparent. Its co-founder, Michael Heyward, a tech entrepreneur, describes the company as “the first completely anonymous social network,” an alternative to Facebookand Twitter. It now emerges that Whisper’s back-end systems that retain digital libraries of texts and photographs sent by users, and in some cases the location information of users.

  • New Web privacy system would revolutionize surfing safety

    Scientists have built a new system that protects Internet users’ privacy while increasing the flexibility for Web developers to build Web applications that combine data from different Web sites, dramatically improving the safety of surfing the Web. The system, “Confinement with Origin Web Labels,” or COWL, works with Mozilla’s Firefox and the open-source version of Google’s Chrome Web browsers and prevents malicious code in a Web site from leaking sensitive information to unauthorized parties, while allowing code in a Web site to display content drawn from multiple Web sites — an essential function for modern, feature-rich Web applications.

  • $3 million in grants for three pilot projects to improve online security, privacy

    The National Institute of Standards and Technology (NIST) the other day announced nearly $3 million in grants that will support projects for online identity protection to improve privacy, security and convenience. The three recipients of the National Strategy for Trusted Identities in Cyberspace (NSTIC) grants will pilot solutions that make it easier to use mobile devices instead of passwords for online authentication, minimize loss from fraud and improve access to state services.

  • Sensors everywhere might mean privacy nowhere: Expert

    Just as we are coming to grips with having less privacy in our lives thanks to the Internet, a new use of the technology is poised to present new questions about security and privacy — and create a new threat to society. The so-called “Internet of Things” will see small microprocessors and sensors placed seemingly everywhere, and these devices will collect much data about us — often without our knowledge. A second concern with the Internet of Everything is that we may have already crossed a threshold where a large event that would cripple these devices would mean that our current civilization would come to an immediate stop. An occurrence of a massive solar flare, like the 1859 Carrington Event, could disable all the devices on which we have come to depend. “If something like that were to happen, the Amish would become the only people without a major life upheaval,” says one researcher.

  • Who is to blame when iCloud is "hacked" – you or Apple?

    A hacker’s release of personal photos of actress Jennifer Lawrence and other female celebrities on the Internet on the weekend has again drawn our attention to the security of our personal information online. Apple may wish to absolve itself of responsibility when individuals lose control of their personal data, yet understanding the control of data as a personal matter disregards how iCloud and similar services actually operate. If Apple and other cloud-based services want our trust, then they have to acknowledge the role their products play in perpetuating anxieties of data-out-of-control.

  • New tool reveals which online personal data is being used by advertisers

    The Web can be an opaque black box: it leverages our personal information without our knowledge or control. When, for instance, a user sees an ad about depression online, she may not realize that she is seeing it because she recently sent an e-mail about being sad. A new tool reveals which data in a Web account, such as e-mails, searches, or viewed products, are being used to target which outputs, such as ads, recommended products, or prices.