• Some Mobile Phone Apps Contain Hidden Secrets Compromising Users’ Private Data

    Researchers have discovered that a large number of cell phone applications contain hardcoded secrets allowing others to access private data or block content provided by users. The study’s findings: that the apps on mobile phones might have hidden or harmful behaviors about which end users know little to nothing.

  • How to Think about the Right to Privacy and Using Location Data to Fight COVID-19

    If asked to give up their privacy in the interests of stemming the coronavirus, many Americans may be inclined to say yes. Jay Stanley writes, however, that the answer requires more nuance, both because there are serious tradeoffs to be made, and because sacrificing privacy may actually backfire.

  • Mind Reading: New Software Agents Will Infer What Users Are Thinking

    Personal assistants today can figure out what you are saying, but what if they could infer what you were thinking based on your actions? A team of academic and industrial researchers is working to build artificially intelligent agents with this social skill.

  • Lawmaker Presses Clearview AI on Foreign Sales of Facial Recognition

    Senator Edward J. Markey (D-Massachusetts earlier this week raised new concerns about Clearview AI’s facial recognition app. Markey initially wrote to Clearview in January 2020 with concerns about how the company’s app might violate Americans’ civil liberties and privacy. Clearview is marketing its product to users in foreign countries with authoritarian regimes such as Saudi Arabia. The company might also be collecting and processing images of children from social media sites.

  • Protecting Sensitive Metadata So It Cannot Be Used for Surveillance

    By Rob Matheson

    MIT researchers have designed a scalable system that secures the metadata of millions of users in communications networks, to help protect the information against possible state-level surveillance. The system ensures hackers eavesdropping on large networks cannot find out who is communicating and when they’re doing so.

  • Enhancing Privacy in Today's Internet of Things

    People navigating the digital landscape of today’s internet are bombarded with notices about how their data is being collected. But in the physical world — where internet of things (IoT) technologies increasingly track our activities — few, if any, notices are provided. A team of researchers has created an app and an entire infrastructure to change that.

  • U.S. Plans to Collect DNA from Nearly a Million Immigrants Despite Charges It Violates Privacy

    By Alex Ellerbeck

    The Trump administration is pushing ahead with a project that could lead to the government collecting DNA from hundreds of thousands of detained immigrants, some as young as 14 years old, alarming civil rights advocates. Once fully underway, the DNA program could become the largest U.S. law enforcement effort to systemically collect genetic material from people not accused of a crime.

  • Israeli Court to Hear Case against Spy-Software Company NSO Behind Closed Doors

    On Thursday, a judge at Tel Aviv’s District Court begin hearing arguments as to why Israel’s Ministry of Defense (MoD) should revoke the export license of NSO Group. The firm’s Pegasus software has been used to target journalists and activists in several countries – including in Morocco, Saudi Arabia, Mexico, and the United Arab Emirates.

  • Unlawful Metadata Access Is Easy When We’re Flogging a Dead Law

    By Genna Churches and Monika Zalnieriute

    After watching this year’s media raids and the prosecution of lawyers and whistleblowers, it’s not hard to see why Australians wonder about excessive police power and dwindling journalistic freedom. But these problems are compounded by another, less known issue: police, and other bodies not even involved in law enforcement, have broad powers to access metadata. Each year, police alone access metadata in excess of 300,000 times.

  • Mobile Devices Blur Work and Personal Privacy Increasing Cyber Risks

    Organizations aren’t moving quickly enough to identify cyber security threats linked to the drive toward using personal mobile devices in the workplace, cybersecurity researchers warn. “The breakneck speed of digital transformation brought with it opportunities as well as threats,” one researcher said. “Organizations don’t appear to be keeping up with the pace of change, deliberately putting the brakes on digital transformation because it comes with security challenges.”

  • Crack Down on Genomic Surveillance

    Across the world, DNA databases that could be used for state-level surveillance are steadily growing. Yves Moreau writes that “Now the stakes are higher for two reasons. First, as technology gets cheaper, many countries might want to build massive DNA databases. Second, DNA-profiling technology can be used in conjunction with other tools for biometric identification — and alongside the analysis of many other types of personal data, including an individual’s posting behavior on social networks.”

  • Facial-Recognition Technology: Closer to Utopia Than Dystopia

    Is facial recognition technology ushering in the age of Big Brother, allowing the government to monitor what we do everywhere we do it? “This is the image that the American Civil Liberties Union, the Electronic Freedom Foundation (EFF), and a host of other alarmists are attempting to conjure in the minds of the media, elected officials, and the American public,” Robert Atkinson writes. But with the right regulations, “Americans can be safer and have more convenience with little or no reduction of our precious civil liberties.”

  • Victory: Pennsylvania Supreme Court Rules Police Can’t Force You to Tell Them Your Password

    The Pennsylvania Supreme Court issued a forceful opinion on Wednesday holding that the Fifth Amendment to the U.S. Constitution protects individuals from being forced to disclose the passcode to their devices to the police. The court found that disclosing a password is “testimony” protected by the Fifth Amendment’s privilege against self-incrimination.

  • Saudi “Twitter Spies” Broke No Federal Privacy Laws -- Because There Are None

    Privacy expert Mike Chapple of the University of Notre Dame says that the Saudi “Twitter Spies,” who were charged last week by the Justice Department for spying on behalf of Saudi Arabia, committed espionage — but broke no federal privacy laws because there are no such laws. Chapple says that Twitter failed to live up to industry-standard cybersecurity practices.

  • Why Adding Client-Side Scanning Breaks End-To-End Encryption

    Recent attacks on encryption have diverged. On the one hand, we’ve seen Attorney General William Barr call for “lawful access” to encrypted communications, using arguments that have barely changed since the 1990’s. Erica Portnoy writes that we’ve also seen suggestions from a different set of actors for more purportedly “reasonable” interventions, particularly the use of client-side scanning to stop the transmission of contraband files, most often child exploitation imagery (CEI).