• Privacy of Americans not protected in omnibus spending bill

    The CLOUD Act, inserted at the very end of the 2,232-page omnibus spending bill, will make substantial amendments to the Electronic Communications Privacy Act (ECPA). It grants U.S. law enforcement entities new powers to compel U.S. companies to disclose communications and data on U.S. and foreign users that is stored overseas. It also empowers foreign governments to demand the stored and real-time data and communications of users outside the U.S.

  • Leaky apps exacerbate Facebook’s privacy risks

    A bug in Facebook’s advertising platform made it possible for potential hackers to uncover users’ phone numbers, according to new research. The Facebook advertising system is incredibly effective at targeting specific audiences, which is what has made the company so lucrative, says a researcher. But because anyone can become an advertiser, and there is very little transparency in what ads are being placed, the platform “could be used for nefarious purposes,” he added.

  • With no clear liability against Facebook, expert calls for stronger data privacy laws

    The Federal Trade Commission announced Tuesday that it has opened an investigation into Facebook after a data analytics firm collected the private data of more than fifty million users. Cambridge Analytica, the data company hired by the Trump campaign in 2016, has been accused of taking private information unbeknownst to users. The FTC will investigate whether or not Facebook violated a 2011 consent order with the FTC over its handling of user data and how the company notifies changes to its terms of service. Northeastern’s Professor Woodrow Hartzog, who specializes in privacy and data protection law, explains the possible legal fallout from this investigation.

  • Cambridge Analytica: the data analytics industry is already in full swing

    Revelations about Cambridge Analytica have laid bare the seeming lack of control that we have over our own data. Suddenly, with all the talk of “psychographics” and voter manipulation, the power of data analytics has become the source of some concern. But the risk is that if we look at the case of Cambridge Analytica in isolation, we might prevent a much wider debate about the use and control of our data. By focusing on the reports of extreme practices, we might miss the many everyday ways that data analytics are now shaping our lives.

  • Use of face recognition systems threatens civil liberties: EFF report

    Face recognition—fast becoming law enforcement’s surveillance tool of choice—is being implemented with little oversight or privacy protections, leading to faulty systems that will disproportionately impact people of color and may implicate innocent people for crimes they didn’t commit, says an Electronic Frontier Foundation (EFF) report. Independent oversight, privacy protections are needed.

  • Cambridge Analytica’s abuse of Facebook user data shows “profound impact of technology on democracy”

    Facebook has suspended Cambridge Analytica from its platform for violating its guidelines on the use of user data. The Center for Democracy and Technology (CDT) says that a weekend New York Times article further illuminated the scale of Cambridge Analytica’s efforts and showed how the company used personal information about users to conduct targeted political outreach. “These revelations illustrate the profound impact internet platforms can have on democracy,” CDT says.

  • Appellate court issues encouraging border search opinion

    The U.S. Court of Appeals for the Fifth Circuit in U.S. v. Molina-Isidoro recently issued an encouraging opinion related to the digital privacy of travelers crossing the U.S. border. The Electronic Frontier Foundation (EFF) filed an amicus brief last year in the case, arguing that the Supreme Court’s decision in Riley v. California (2014) supports the conclusion that border agents need a probable cause warrant before searching electronic devices because of the unprecedented and significant privacy interests travelers have in their digital data. In Riley, the Supreme Court followed similar reasoning and held that police must obtain a warrant to search the cell phone of an arrestee.

  • Germany’s highest court reviewing country’s permissive new surveillance laws

    German journalists, press groups, and civil rights advocates have asked Germany’s Constitutional Court to review the legality of the government’s surveillance capabilities. The plaintiffs contend that the law allows for the “virtually unrestricted” monitoring of foreign reporters.

  • Detect illicit drone video filming

    Researchers have demonstrated the first technique to detect a drone camera illicitly capturing video. Their study addresses increasing concerns about the proliferation of drone use for personal and business applications and how it is impinging on privacy and safety.

  • Hackers can guess your phone PIN using its sensor data

    Instruments in smart phones such as the accelerometer, gyroscope and proximity sensors represent a potential security vulnerability, according to researchers. Using a combination of information gathered from six different sensors found in smart phones and state-of-the-art machine learning and deep learning algorithms, the researchers succeeded in unlocking Android smart phones with a 99.5 per cent accuracy within only three tries, when tackling a phone that had one of the 50 most common PIN numbers

  • Court recognizes first amendment right to anonymity even after speakers lose lawsuits

    Anonymous online speakers may be able to keep their identities secret even after they lose lawsuits brought against them, a federal appellate court ruled last week. The decision by the U.S. Court of Appeals for the Sixth Circuit in Signature Management Team, LLC v. John Doe is a victory for online speakers because it recognized that the First Amendment’s protections for anonymous speech do not end once a party suing the anonymous speaker prevails. The ruling, however, is not all good news for anonymous speech. The test announced by the court sets unmasking as the default rule post-judgment, placing the burden on the anonymous party to argue against unmasking.

  • EFF wants information about government tattoo recognition technology

    The Electronic Frontier Foundation (EFF) filed suit against the Department of Justice, the Department of Commerce, and the Department of Homeland Security the other day, demanding records about the agencies’ work on the federal Tattoo Recognition Technology program. EFF says that this secretive program involves a coalition of government, academia, and private industry working to develop a series of algorithms that would rapidly detect tattoos, identify people via their tattoos, and match people with others who have similar body art—as well as flagging tattoos believed to be connected to religious and ethnic symbols.

  • An armed robber’s Supreme Court case could affect all Americans’ digital privacy for decades to come

    A man named Timothy Carpenter planned and participated in several armed robberies at Radio Shack and T-Mobile stores in Michigan and Ohio between 2010 and 2012. He was caught, convicted and sentenced to 116 years in federal prison. His appeal, which was heard by the U.S. Supreme Court on 29 November, will shape the life of every American for years to come – no matter which way it’s decided. The FBI found Timothy Carpenter because one of his accomplices told them about him. I believe the FBI could have obtained a search warrant to track Carpenter, if agents had applied for one. Instead, federal agents got cellphone location data not just for Carpenter, but for fifteen other people, most of whom were not charged with any crime. One of them could be you, and you’d likely never know it. The more people rely on external devices whose basic functions record and transmit important data about their lives, the more critical it becomes for everyone to have real protection for their private data stored on and communicated by these devices.

  • Email writer’s identity can be revealed by analyzing small sequences of words

    Researchers examined thousands of emails to show it is possible to identify someone by analyzing small sequences of words and prove them as the author. The research aims to address the challenges experts face when analyzing language evidence in court proceedings or in reports.

  • Too much browser functionality creates unnecessary security, privacy risks

    Modern website browsers provide an incredibly broad range of features, with more and more capabilities being added every day. New research has identified numerous browser functionalities rarely used or needed by websites, but which pose substantial security and privacy risks to web surfers. Blocking website access to unnecessary browser functionality would help reduce these risks.