• Repealing FCC’s privacy rules: A serious blow to privacy, cybersecurity

    In the end, the cybersecurity implications of repealing the FCC’s privacy rules come from simple logic. If the privacy rules are repealed, Internet providers will resume and accelerate these dangerous practices with the aim of monetizing their customers’ browsing history and app usage. But in order to do that, Internet providers will need to record and store even more sensitive data on their customers, which will become a target for hackers. Internet providers will also be incentivized to break their customers’ security, so they can see all the valuable encrypted data their customers send. And when Internet providers break their customers’ security, you can be sure malicious hackers will be right on their heels. The net result is simple: repealing the FCC’s privacy rules won’t just be a disaster for Americans’ privacy. It will be a disaster for America’s cybersecurity, too.

  • Connected dolls, tell-tale teddy bears: Managing the Internet of Toys

    Large numbers of connected toys have been put on the market over the past few years, and the turnover is expected to reach €10 billion by 2020 – up from just €2.6 billion in 2015. Connected toys come in many different forms, from smart watches to teddy bears that interact with their users. They are connected to the internet and together with other connected appliances they form the Internet of Things, which is bringing technology into our daily lives more than ever. However, the toys’ ability to record, store and share information about their young users raises concerns about children’s safety, privacy and social development. Action is thus needed to monitor and control the emerging Internet of Toys.

  • Protecting web users’ privacy

    Most website visits these days entail a database query — to look up airline flights, for example, or to find the fastest driving route between two addresses. But online database queries can reveal a surprising amount of information about the people making them. And some travel sites have been known to jack up the prices on flights whose routes are drawing an unusually high volume of queries. MIT researchers next week will present a new encryption system that disguises users’ database queries so that they reveal no private information.

  • Border agents should obtain a warrant to search travelers’ phones, EFF tells court

    Border agents must obtain a warrant to search travelers’ phones, tablets, and laptops, which contain a vast trove of sensitive, highly personal information that is protected by the Fourth Amendment, the Electronic Frontier Foundation (EFF) told a federal appeals court the other day. The EFF says that searches of devices at the border have more than doubled since the inauguration of President Trump — from nearly 25,000 in all of 2016, to 5,000 in February alone. This increase, along with the increasing number of people who carry these devices when they travel, has heightened awareness of the need for stronger privacy rights while crossing the U.S. border.

  • YouTube users beware: Your viewing habits can be tracked

    Despite YouTube’s attempts to safeguard user anonymity, intelligence agencies, hackers, and online advertising companies can still determine which videos a user is watching. Researchers developed an algorithm to determine if someone had watched a specific video from a set of suspicious, terror-related videos. Intelligence agencies could access this technology for tracking terrorists or other suspicious individuals. Internet marketing companies could track the number and make-up of viewers watching an ad.

  • Vibrator maker to pay out $3 million for tracking users' sexual activity

    We-Vibe, the sex toy maker, has agreed to pay customers up to $7,600 each selling them a “smart vibrator” which tracked the customers’ sexual habits without their knowledge. A class-action lawsuit was filed against in an Illinois federal court against We-Vibe’s parent company, Standard Innovation. Standard Innovation has been ordered to pay a total of $3 million to owners of the vibrator who had also used the app associated with the vibrators (the tracking of customers was done by the app).

  • New guide helps travelers protect their digital information at the border

    Increasingly frequent and invasive searches at the U.S. border have raised questions for those who want to protect the private data on their computers, phones, and other digital devices. A new guide released last week by the Electronic Frontier Foundation (EFF) gives travelers the facts they need in order to prepare for border crossings while protecting their digital information.

  • If surveillance cameras are to be kept in line, the rules will have to keep pace with technology

    The growing prevalence of cameras and greater understanding of the many ways in which we are surveilled has led many – including the current commissioner, Tony Porter, to voice concern that Britain is “sleepwalking into a surveillance state”. This raises critical questions about whether we can be confident that all these cameras are being used in a way the public would approve of – and if not, whether regulation can force CCTV operators into line. In the future, surveillance camera processes will become more opaque, more sophisticated, and potentially integrated with data from a variety of sources, including social media, meaning decisions about who to survey and who determines intensive surveillance will be determined by big data and algorithms. Any regulatory framework that does not or cannot keep up with the pace of change will soon become worthless.

  • Building privacy right into software code

    It is the programmer’s job to enforce these privacy restrictions. Because privacy-related code is scattered throughout all the programs Facebook uses to run its systems, the programmer must be vigilant everywhere. To make sure nobody finds out where I am unless I want them to, the programmer must tell the system to check my privacy settings everywhere it uses my location value, directly or indirectly. The best way to avoid these problems is to take the task of privacy protection away from humans and entrust it to the computers themselves. We can – and should – develop programming models that allow us to more easily incorporate security and privacy into software. Prior research in what is called “language-based information flow” looks at how to automatically check programs to ensure that sloppy programming is not inadvertently violating privacy or other data-protection rules.

  • Tech coalition fights DHS proposal to collect social media passwords

    Earlier this week, the Center for Democracy & Technology announced the creation of a coalition of tech companies, NGOs, and privacy advocates to oppose efforts by DHS to collect social media passwords from individuals entering the United States. The coalition focuses on visa applicants who might be compelled to share their passwords under new DHS policies.

  • The problem with U.S. secrets

    Secrets are often harmless, but they can prompt major problems when they happen at the highest levels of government. So what are the consequences when a U.S. president is dangerously preoccupied with secrecy? One expert says that question is particularly relevant with a new administration taking charge. She said that every other administration withheld some crucial information, whether about Woodrow Wilson’s stroke, Richard Nixon’s burglaries, or Bill Clinton’s affairs. “Secrecy turns out to be the president’s greatest power,” she said. “And if not controlled, it’s also the greatest threat to democracy.”

  • Making it harder to track Bitcoin transactions

    Bitcoin was initially conceived as a way for people to exchange money anonymously. But then it was discovered that anyone could track all Bitcoin transactions and often identify the parties involved. Researchers have developed a Bitcoin-compatible system that could make it significantly more difficult for observers to identify or track the parties involved in any given Bitcoin transaction.

  • Consumers ignorant of tracking methods used by online advertisers

    The general public has a poor understanding of the workings of online behavioral advertising, and the privacy implications behind the information that advertisers gather. Researchers found that two-thirds of the consumers they interviewed in the study did not realize that most online advertising involved third-party entities and advertising networks that track a user’s browsing activities across websites to provide targeted ads.

  • “Anonymized” Web browsing history may not be anonymous after all

    Raising further questions about privacy on the internet, researchers have released a study showing that a specific person’s online behavior can be identified by linking anonymous Web browsing histories with social media profiles. The new research shows that anyone with access to browsing histories — a great number of companies and organizations —can identify many users by analyzing public information from social media accounts.

  • Personal technology aids in criminal proceedings, but poses privacy, rights risks

    Personal technology such as fitness trackers and smartphones that record users’ daily activities are likely to be used increasingly in criminal investigations, raising questions about individuals’ rights that the legal system is not yet fully prepared to address. Information such as location, travel patterns, and even physiological details such as heart rate and activity levels could be retrieved from devices as a part of criminal investigations. Such technology offers new tools to law enforcement, but raises unique issues regarding important constitutional rights such as self-incrimination, according to the report.