WebProNews

Tag: Stuff

  • Woman Ordered to Give Up Facebook Password in Custody Case

    A New York judge has set quite the precedent, ordering a woman to turn over her Facebook login details so that her profile can be scoured for evidence in a custody case.

    The New York Post says that 47-year-old Christina Antoine has until September 14th to turn over her Facebook credentials. Antoine is currently in a custody battle with her estranged husband, 54-year-old Anthony DiMartino.

    DiMartino and his lawyers argue that he, not his wife, has been the one spending time with their 4-year-old son – and Facebook can prove it. Apparently, Antoine’s Facebook page is filled with evidence that she’s been traveling out of state while DiMartino has been raising the kid.

    And judge Lawrence Ecker agrees that the Facebook evidence is material to the case.

    “The court finds that the time spent by the parties with the child may be relevant and material to its ultimate determination of custody,” the judge wrote in a ruling.

    Antoine is fighting the ruling, claiming her profile is private.

    The interesting thing about this is that the judge isn’t simply allowing evidence found on Antoine’s public Facebook profile to be used in court – he’s demanding access to all of her Facebook data.

    In theory, the court will be able to scour all of her photos, check-ins, and other data – even that set to a more private sharing setting.

    The Post says that this is a first-of-its-kind ruling, although social media data has been allowed in custody cases in Minnesota – in rare circumstances.

    In general, people involved in court cases can see their private records – phone data, bank information, etc – unearthed. Of course, people routinely have their private belongings and property searched as well.

    But in this case, Facebook is being treated like a digital locker. It appears some courts are catching up with the times.

  • Twitter Says Government Data Requests Way Up

    Twitter Says Government Data Requests Way Up

    Twitter’s new transparency report is out, and the trend continues. Government requests for user data and content removal are on the rise.

    “As has long been the trend, we continue to see a rise in the number of these requests. Notably, requests for account information have increased 52 percent, which is the largest increase between reporting periods we have ever seen, with removal requests and copyright notices growing by 26 percent and 11 percent respectively,” says Twitter’s Jeremy Kessel, Senior Manager, Global Legal Policy.

    Here’s what that looks like. First, government requests for user information:

    Screen Shot 2015-08-11 at 10.32.11 AM

    And here’s a look at government content removal requests. Per usual, Turkey leads the field. There were 25 specific requests for content removal in the US over the past six months, and Twitter complied with none of them.

    Screen Shot 2015-08-11 at 10.34.59 AM

    Twitter added two new sections to the transparency report – one on trademark notices and another on email privacy practices.

    From January to the end of June, Twitter received neatly 13,000 trademark notices for content on Twitter and Vine. The company removed approximately 7% of them.

    Image via Anthony Quintano, Flickr Creative Commons

  • Bernie Sanders, Elizabeth Warren, and Others Demand Specific Privacy Rules for ISPs

    Bernie Sanders, Elizabeth Warren, and Others Demand Specific Privacy Rules for ISPs

    In order to obtain the necessary services that the country’s various internet service providers offer, Americans must give up a lot of personal information. And what those companies do with said information should be a concern of every single American.

    Bernie Sanders, Elizabeth Warren, and seven other Senators have asked the FCC to implement some specific rules concerning how broadband providers deal with user information and privacy.

    The rules govern transparency, customer consent, and data security.

    The nine Senators – Ed Markey, Richard Blumenthal, Al Franken, Patrick Leahy, Ron Wyden, Bernie Sanders, Jeff Merkley, Cory Booker, and Elizabeth Warren – praise the FCC for their reclassification of boradband as a telecommunications service in February and choosing to “extend the duty to protect the privacy of information that ISPs collect about their customers because of the carrier-customer relationship.”

    But the Senators have some specific privacy rules they want considered:

    “We call on the Commission to adopt a comprehensive definition of Customer Proprietary Network Information as it pertains to broadband. Every click consumers make online paints a detailed pictures of their personal and professional lives. Accordingly, ISPs should be prohibited from sharing this information without user consent,” reads a letter addressed to the FCC. “Data pertaining to internet usage, online activity, and broadband service payments should be included in the FCC’s definition of CPNI.

    The Senators also call for added transparency rules, saying “ISPs should accurately outline data collection policies in standardized model forms – adopted by the Commission with prior input by stakeholders – that are easy for consumers to access, read, and understand.”

    One suggested rule involves notification of data breaches.

    “If a network of database is breached in a manner that could compromise the consumer’s privacy or cause the consumer harm, ISPs must notify consumers about the breach and any actions that consumers could take to mitigate potential harm from the breach.

    The senators also call for “clear, user-friendly” complaint processes.

    This is not the first time this contingent of the Senate has written the FCC on matters of broadband. A dew months ago, this same crew wrote the FCC urging a swift death for the Comcast/Time Warner deal.

    Image via Mredden, Wikimedia Commons

  • Google Reminds You It’s Tracking Your Every Move with Creepy, Somewhat Useful New Maps Feature

    Here’s the thing: We all know that Google knows everything about us – and of course that includes where you are and where you’ve been.

    But seeing all of that tracking in a neat little timeline is a tad disconcerting. A little bit neat and possibly useful, but pretty damn weird as well.

    Google has just launched a new feature for Android and desktop Google Maps called Your Timeline. What it amounts to is a detailed listing of all the locations you’ve been during a given day, month or year.

    “Have you ever wanted a way to easily remember all the places you’ve been — whether it’s a museum you visited during your last vacation or that fun bar you stumbled upon a few months ago? Well, starting today, Google Maps can help. We’re gradually rolling out Your Timeline, a useful way to remember and view the places you’ve been on a given day, month or year. Your Timeline allows you to visualize your real-world routines, easily see the trips you’ve taken and get a glimpse of the places where you spend your time. And if you use Google Photos, we’ll show the photos you took when viewing a specific day, to help resurface your memories,” says Map Product Manager Gerard Sanz.

    Creep level 100.

    As long as you’ve enabled “Location History”, Google tracks your every move. This is how it populates your Timeline.

    “Location History helps you get useful information – for example, automatic commute predictions, improved search results – by creating a private map of where you go with your logged-in devices,’ says Google.

    You Timeline is private and only visible to you. If you’re a person who frequently travels, or drinks too much, this could prove a useful reminder of where you’ve been (or what you’ve done).

    But there’s no denying that to some, this sort of knowledge of how much they’re being tracked will simply be unsettling. Even though they already knew.

  • Twitter Gives Users New Account Dashboard

    Twitter Gives Users New Account Dashboard

    Twitter is rolling out a new dashboard to help users monitor and manage their accounts. it can show you things about your login activity, manage contacts, download your Twitter archive, etc.

    Above all it’s about privacy and account security.

    “From the beginning, Twitter has empowered people to share information with the world,” says product manager Mollie Vandor. “To put you in control of your information, we’ve made a series of deliberate design decisions that help protect your privacy and security. For example, you don’t need to use your real name on Twitter. Your privacy settings let you control whether your Tweets are kept public, and you can enablelogin verification for greater account security. We respect Do Not Track, and we secure your Twitter experience with HTTPS by default, StartTLS and forward secrecy.”

    The dashboard can be accessed from your settings menu on Twitter.com. It shows account activation details, recent login history, and devices that have accessed your account.

    “If you see login activity from an app that you don’t recognize, you can go to the apps tab in your settings to revoke its access to your Twitter account,” says Vandor. “If you notice logins from suspicious locations, you can change your password immediately, and you can enroll in login verification for extra security. From your dashboard, you can also manage your uploaded address book contacts, download your Twitter archive, and more. Visit our Help Center for additional information.”

    The dashboard should serve as a good reminder for users about just what all apps are accessing their account. For some, it might be more than they realized.

    Twitter says it is continuing to roll out the feature, so it’s not clear exactly when that will be completed, but you should be able to access it soon.

    In other Twitter news, the company also updated its Summary card for websites.

    Image via Garrett Heath, Flickr Creative Commons

  • Here’s How Pinterest Is Changing Its Privacy Policy For Buyable Pins

    Here’s How Pinterest Is Changing Its Privacy Policy For Buyable Pins

    Pinterest is emailing users to inform them of new privacy policy changes that are rolling out now related to Buyable Pins.

    Pinterest announced Buyable Pins earlier this month with launch partners including Shopify, Demandware, Macy’s, Neiman Marcus and Nordstrom. Users will be able to buy things on Pinterest when they see a blue price and “Buy it” button.

    In a nutshell, the new language enables Pinterest to share users’ credit card info with sellers and to target ads at users based on other things they’ve purchased.

    Here’s the full text of the email:

    Soon, we’ll launch buyable Pins to U.S. Pinners on iPhone and iPad. Today, we’re rolling out a few updates to our Privacy Policy to help you understand how these buyable Pins will work. Here’s a quick look at those updates.

    1. When you buy something on Pinterest, you’ll need to share some payment and contact info with us so that we can complete your order. We’ll save this info so you don’t have to type it in next time you make a purchase. We’ll also share this info with the seller, and they’ll treat it as if you bought from their website directly.

    2. We also hope to make Promoted Pins even more relevant and useful to Pinners like you. For example, if you purchased a camping tent on Pinterest, we may show you Promoted Pins for other outdoorsy products.

    If you don’t want your purchases to be used to customize Pinterest, just go to “Order history” from your account settings and swipe to hide your purchases.

    To see these updates, visit our Privacy Policy. To learn more about buyable Pins, check out our Help Center.

    The Pinterest Team

    Upon announcement, Pinterest said users would soon find “millions” of Buyable Pins on Pinterest from its initial launch partners. For other sellers, there’s a waiting list they can sign up for to get a chance to take advantage of the feature as soon as possible.

    Image via YouTube

  • Facebook’s Facial Recognition Is Getting So Good It Doesn’t Need Faces

    Facial recognition technology, when deployed on a site like Facebook, is both convenient and disconcerting. Amazing but creepy. If you upload a lot of photos, Facebook’s facial recognition technology is great. Ain’t nobody got time to tag.

    As it stands, Facebook’s facial recognition tech is pretty good. Apparently, it’s about to get scary good.

    New Scientist reports on a new Facebook facial recognition algorithm that doesn’t even need to see your face. I guess it’s more like a person recognition algorithm.

    According to Facebook’s head of Artificial Intelligence, this new algorithm can identify people in photos based on their hair, clothes, body type, and even the way they’re standing.

    “There are a lot of cues we use. People have characteristic aspects, even if you look at them from the back,” Facebook head of AI Yann LeCun told New Scientist. “For example, you can recognize Mark Zuckerberg very easily, because he always wears a gray T-shirt.”

    And it reportedly works 83 percent of the time.

    Impressive. And creepy.

    Facial recognition isn’t as much of a hot-button issue in the States (though some are concerned), but overseas it is the worry of many a privacy group. Facebook’s recently-launched Moments photo sharing app is not launching in Europe due to concerns over facial recognition.

    So, if you think you can hide from Facebook’s robot people-spotting tech by covering your face, well, you probably can’t. I guess you could just stop wearing that one hoodie all the time.

  • Uber: We Don’t Collect Background Location Data, But We Might at Some Point

    Uber: We Don’t Collect Background Location Data, But We Might at Some Point

    On July 15, Uber is putting a new privacy statement into effect, and part of it is raising some eyebrows.

    A few paragraphs down in the new policy, under the heading “Collection of Information”, you’ll find this:

    Location Information: When you use the Services for transportation or delivery, we collect precise location data about the trip from the Uber app used by the Driver. If you permit the Uber app to access location services through the permission system used by your mobile operating system (“platform”), we may also collect the precise location of your device when the app is running in the foreground or background. We may also derive your approximate location from your IP address.

    If that sounds a little weird to you, you’re not alone. Privacy advocates EPIC (Electronic Privacy Information Center) have filed a formal complaint with the Federal Trade Commission over Uber’s stated intentions to collect location data – even when users aren’t actively using the app.

    EPIC also takes issues with Uber’s handling of users’ contacts information, mainly this:

    if you permit the Uber app to access the address book on your device through the permission system used by your mobile platform, we may access and store names and contact information from your address book to facilitate social interactions through our Services and for other purposes described in this Statement or at the time of consent or collection.

    “EPIC urges the Commission to investigate Uber Technologies, Inc., and enjoin its unfair and deceptive data collection practices with respect to Uber’s revised privacy policy that the company plans to implement on July 15, 2015. Specifically, EPIC requests the Commission to initiate an investigation of Uber’s business practices, including the collection personal data from users of location data and contact list and halt Uber’s collection of user location data when it is unnecessary for the provision of the service.”

    Uber provided a statement to Ars Technica, saying that this new policy is simply a clarification and that the company does not collect background data – but it might want to later.

    “There is no basis for this complaint. We care deeply about the privacy of our riders and driver-partners and have significantly streamlined our privacy statements in order to improve readability and transparency. These updated statements don’t reflect a shift in our practices, they more clearly lay out the data we collect today and how it is used to provide or improve our services,” said an Uber spokesperson.

    “We do not currently collect background location data. We may want to start doing that in order to provide new useful features, such as providing faster loading time when the user opens the app (currently, there is a lag time between opening the app and seeing the available cars in your area during which time the app is trying to figure out your location). We are not currently doing this and have no plans to start on July 15. If we move forward with this, users- will be in control and can choose whether they want to share the data with Uber.”

    Image via Uber, Facebook

  • Facebook’s New App Isn’t Available in Europe Thanks to Facial Recognition Fears

    Earlier this week, Facebook launched yet another standalone app. It’s called Moments, and it lets friends easily sync photos with each other.

    Here’s how product manager Will Ruben describes the app:

    “Syncing photos with the Moments app is a private way to give photos to friends and get the photos you didn’t take. Moments groups the photos on your phone based on when they were taken and, using facial recognition technology, which friends are in them. You can then privately sync those photos quickly and easily with specific friends, and they can choose to sync their photos with you as well. Now, you and your friends have all the photos you took together.”

    “Moments also keeps all of your synced photos organized and even lets you search them to find the ones that you or specific friends are in. Moments uses facial recognition technology to group your photos based on the friends who are in them. This is the same technology that powers tag suggestions on Facebook. You can control tag suggestions in your Settings.”

    Sounds pretty harmless, as long as you don’t have any photos of questionable content to hide. But that whole “facial recognition” thing, well, it’s a sore subject in Europe.

    According to Richard Allan, Facebook’s policy head in Europe, it’s this technology that it currently keeping Moments from launching in Europe.

    “Regulators have told us we have to offer an opt-in choice to people to do this,” Allan told the Wall Street Journal. “We don’t have an opt-in mechanism so it is turned off until we develop one.”

    The spat between European regulators and Facebook over facial recognition goes back years, as Facebook was forced to abandon its “tag suggestion” feature in 2012.

    Of course, the feature is alive and well in the States.

    According to Allan, there’s no timetable for when the app will launch in Europe. It does seem odd that Facebook wouldn’t have been ready for this, given the history.

  • Which Companies Best Protect Your Data from the Government’s Prying Eyes?

    According to the Electronic Frontier Foundation’s annual report on companies’ commitment to protecting user data, Adobe, Apple, Wikimedia, WordPress, and Yahoo have your back more than everyone else.

    The EFF’s Who Has Your Back? report looks at 24 major tech companies and awards stars based on five criteria – whether or not they 1) follow industry-accepted best practices (requiring warrants, publishing transparency reports, etc.); 2) tell users about government data requests; 3) publicly disclose the company’s data retention policies; 4) disclose the number of times governments seek the removal of user content or accounts and how often the company complies; and 5) oppose backdoors.

    The EFF says that overall, it has seen improvement just in the past few months. But the organization calls out some companies for failing to take steps it recommended to protect user privacy – including WhatsApp, Google, and Twitter.

    In the months that EFF has been talking to companies to develop “Who Has Your Back,” there has already been significant improvement in privacy practices. For example, just days ago Amazon released its first-ever transparency report.

     

    But it’s not all good news. For more than a year, EFF has urged Google and Twitter to commit to telling users about government data requests, even when that notice must be delayed due to an ongoing emergency or a gag order, but both companies have yet to improve their policies and earn a star. WhatsApp received only one star despite notice last year from EFF that it was going to be included in “Who Has Your Back” and an acquisition by Facebook that gave it plenty of resources to protect its customers.

    Here’s the final chart for 2015:

    Screen Shot 2015-06-18 at 9.28.54 AM

    “We are pleased to see major tech companies competing on privacy and user rights. Practices that encourage transparency with users about government data requests are becoming the default for companies across the web. While we’re only able to judge a small selection of the tech industry, we believe this is emblematic of a broader shift. Perhaps invigorated by the ongoing debates around government surveillance and in response to growing public attention around these issues, more and more companies are voluntarily speaking out about government data requests and giving users tools to fight back,” says the EFF.

    You can check out the entire report here.

    Image via Apple

  • Obama Urged to Reject Encryption Backdoors in Tech-Backed Letter

    President Obama is about to receive a letter signed by dozens upon dozens of companies and organizations, urging him to resist giving government agencies access to citizens’ personal data via backdoors in encrypted devices.

    “We urge you to reject any proposal that U.S. companies deliberately weaken the security of their products. We request that the White House instead focus on developing policies that will promote rather than undermine the wide adoption of strong encryption technology. Such policies will in turn help to promote and protect cybersecurity, economic growth, and human rights, both here and abroad,” says the letter.

    “We are writing today to respond to recent statements by some Administration officials regarding the deployment of strong encryption technology in the devices and services offered by the U.S. technology industry. Those officials have suggested that American companies should refrain from providing any products that are secured by encryption, unless those companies also weaken their security in order to maintain the capability to decrypt their customers’ data at the government’s request. Some officials have gone so far as to suggest that Congress should act to ban such products or mandate such capabilities.”

    The idea that devices should be encrypted but not that encrypted is one that’s been gloated around as of late by officials like U.S. Secretary of Homeland Security Jeh Johnson.

    The “current course [the technology industry is on], toward deeper and deeper encryption in response to the demands of the marketplace, is one that presents real challenges for those in law enforcement and national security,” said Johnson recently. “Encryption is making it harder for your government to find criminal activity and potential terrorist activity.”

    The consortium argues against backdoors (or front doors or whatever you want to call them) that would allow access to encrypted devices.

    “Encryption thereby protects us from innumerable criminal and national security threats. This protection would be undermined by the mandatory insertion of any new vulnerabilities into encrypted devices and services. Whether you call them ‘front doors’ or ‘back doors’, introducing intentional vulnerabilities into secure products for the government’s use will make those products less secure against other attackers. Every computer security expert that has spoken publicly on this issue agrees on this point, including the government’s own experts,” says the letter.

    The letter is signed by companies like Apple, Facebook, Microsoft, Google, Twitter, and Yahoo – as well as privacy organizations like the ACLU, Human Rights Watch, the Electronic Frontier Foundation, and over 50 security and policy experts.

    According to the Washington Post, the letter is also signed by “three of the five members of a presidential review group appointed by Obama in 2013 to assess technology policies in the wake of leaks by former intelligence contractor Edward Snowden.”

    “The Administration faces a critical choice: will it adopt policies that foster a global digital ecosystem that is more secure, or less? That choice may well define the future of the Internet in the 21st century,” they say.

    Image via White House, Twitter

  • Yes, Your Google Hangouts Can Be Wiretapped

    Google encrypts your Hangouts conversations, but it doesn’t use end-to-end encryption. This means that Google can wiretap your Hangouts at the government’s request.

    That’s one big revelation from a recent reddit AMA with Richard Salgado, Google’s director for law enforcement and information security, and David Lieber, Google’s senior privacy policy counsel.

    The American Civil Liberties Union’s chief technologist Christopher Soghoian asked the Google reps why they’ve made a habit of dodging questions about Hangouts’ encryption, saying,

    “Hi. Google has repeatedly refused to acknowledge whether or not it is capable of wiretapping Hangouts for government agencies. In contrast, Apple’s FaceTime product uses end-to-end encryption and the company says it is not able to wiretap this service. Why has Google refused to be transparent about its ability to provide wiretaps for Hangouts? Given Google’s rather impressive track record regarding surveillance transparency, the total secrecy regarding the company’s surveillance capabilities for this product is quite unusual.”

    Google’s response (bolding ours)?

    “There are legal authorities that allow the government to wiretap communications. Google was the first company to disclose the number of wiretap orders it receives issued in criminal investigations. (There were a total of 7 wiretap orders in the first half of 2014, covering 9 accounts, for example). We also report requests made under national security authorities to the extent we are allowed by law. We want to be able to be much more granular about the number and nature of these demands, and think that’s important for people who use Google, policymakers and the public. Hangouts are encrypted in transit, and we’re continuing to extend and strengthen encryption across more services.”

    As reddit user reddit_poly put it, “this means that Hangouts are only encrypted on their way between your computer and Google’s servers. Once they arrive at Google’s end, Google has full access. In short, this is confirmation Google can wiretap Hangouts.”

    Google confirmed all of this to Vice:

    We asked Google to clarify, or elaborate, on Monday, and a spokesperson confirmed that Hangouts doesn’t use end-to-end encryption. That makes it technically possible for Google to wiretap conversations at the request of law enforcement agents, even when you turn on the “off the record” feature, which actually only prevents the chat conversations from appearing in your history—it doesn’t provide extra encryption or security.

    According to Google’s latest Transparency Report, the company received 25 wiretap requests from January 2013 to June 2014. Whether or not those had to do specifically with hangouts was not disclosed.

  • How To Remove Your House From Google Street View

    Apparently it’s really easy to get your home blurred out on Google Maps Street View if you don’t like the idea of people looking at where you live. In fact, you can also let Google know you want other things, such as your face, car, license plate, or other objects, blurred if the company’s Street View cars captured them, and up them up for the world to see.

    These cars are driving around all the time, picking up all kinds of imagery from all over the world. As a result, they pick up a whole lot of imagery of people and private properties. Sometimes Google itself probably didn’t want the imagery on its service. Even more often, people who wish to remain private find Google is showcasing their homes.

    If you’re one of these people who finds Google’s photography to be an invasion of privacy, you can opt out of Street View simply by reporting an image and telling Google why you want it blurred.

    Earlier this year, Bloomberg Business reported on the process. You just find the image you want blurred, click to report a problem, and drag to move a rectangle over the area of concern, and fill out a form.

    Here’s where you click to report the problem:

    Then you’ll get a form that looks like this:

    According to Bloomberg, once you get something removed, it’s permanent.

    Speaking of Street View, Google announced last week that it has added imagery for the world’s oldest island.

    Images via Google Street View

  • Obama’s Police Body Camera Initiative Kicks into Gear

    On the day that Baltimore state’s attorney Marilyn Mosby charged six police officers in the death of Freddie Gray, the Obama administration has announced it’s kicking its police body camera initiative into full gear.

    The first step is to spend $20 million on the body cameras, according to the Justice Department.

    According to The Hill, “$17 million would reportedly come in the form of grants for departments to purchase the cameras, while $2 million will go towards training and technical assistance and another $1 million for evaluating the effectiveness of the program.”

    Also, a third of the funding will be spent on “small” police departments.

    “This body-worn camera pilot program is a vital part of the Justice Department’s comprehensive efforts to equip law enforcement agencies throughout the country with the tools, support and training they need to tackle the 21st century challenges we face,” Attorney General Loretta Lynch said in a statement. “Body-worn cameras hold tremendous promise for enhancing transparency, promoting accountability and advancing public safety for law enforcement officers and the communities they serve.”

    This is the beginning of an initiative announced by the administration in December of 2014. Obama’s “Strengthen Community Policing” plan has three main goals: Advancing the use of body worn cameras and promoting proven community policing initiatives; creating a new task force to promote expansion of the community-oriented policing model, which encourages strong relationships between law enforcement and the communities that they serve as a proven method of fighting crime; and reforming how the federal government equips state and local law enforcement – particularly with military-style equipment.

    The entire plan will be rolled out over three years and cost an estimated $263 million. The specific Body Worn Camera Partnership Program will cost $75 million and the White House hopes to provide 50,000 body cameras to departments across the country.

    Earlier this week presidential hopeful Hillary Clinton said that body cameras should be worn by all police.

  • Hillary Clinton: Body Cameras Should Be Worn by All Police Departments

    Speaking at the David N. Dinkins Leadership & Public Policy Forum, Presidential candidate Hillary Clinton called for body cameras to become “the norm”, saying that all police departments in America should have access to the devices.

    “We should make sure every police department in the country has body cameras to record interactions between officers on patrol and suspects,” said Clinton. “That will improve transparency and accountability, it will help protect good people on both sides of the lens. For every tragedy caught on tape, there surely have been many more that remained invisible. Not every problem can be or will be prevented with cameras, but this is a commonsense step we should take.”

    The speech also hit on issues of race, poverty, and injustice, with Clinton making her first public comments about the death of Freddie Gray and the subsuquents protests and riots in Baltimore.

    “There is something wrong when trust between law enforcement and the communities they serve breaks down as far as it has in many of our communities. We have allowed our criminal justice system to get out of balance. And these recent tragedies should galvanize us to come together as a nation to find our balance again,” she said.

    “We should begin by heeding the pleas of Freddie Gray’s family for peace and unity, echoing the families of Michael Brown, Trayvon Martin, and others in the past years. Those who are instigating further violence in Baltimore are disrespecting the Gray family and the entire community. They are compounding the tragedy of Freddie Gray’s death and setting back the cause of justice. So the violence has to stop. But more broadly, let’s remember that everyone in every community benefits when there is respect for the law and when everyone in every community is respected by the law. That is what we have to work towards in Baltimore and across our country.”

    Clinton praised President’s Obama’s task force on policing, calling it a “good place to start”.

    “The President has provided the idea of matching funds to state and local governments investing in body cameras. We should go even further and make this the norm everywhere,” she said.

    In the past, some Senators have proposed tying federal funding to compliance in a body camera initiative.

    A handful of police forces around the country have already begun equipping cops with cameras.

    In one of the first divisions to try it, Rialto, California. the presence of body cameras seemed to produce drastic results. Incidents of ‘use of force’ by police dropped 60 percent, and the number of complaints against officers fell 88 percent.

    But body cameras are no silver bullet to a complex issues. And there are issues beyond their efficacy in preventing civilian/police conflict – specifically privacy.

    Following the events in Ferguson, Missouri, the White House called for increased use of body cameras by police. Part of the White House’s proposal to “Strengthen Community Policing” is a Body Worn Camera Partnership Program, which gives a 50% match in funding to state and local forces the purchase body cameras. The White House said it could help purchase 50,000 body worn cameras over the next three years.

  • Uber Denies Breach After User Info Goes Up for Sale

    Uber says that it has found no evidence of a security breach following reports that user data has popped up for sale on dark web sites.

    Motherboard reports that thousands of active Uber accounts are currently for sale on sites like AlphaBay market – some for as cheap as $1 and up for $5. Of course, having one’s Uber login credentials would give you access to their email address, phone number, home address, and travel history.

    Uber accounts also show partial credit card numbers. There’s also the possibility that people share their Uber login/password with other services.

    From Motherboard:

    Motherboard received a sample of names and passwords available and verified that at least some of the accounts were active by contacting those users. The data includes names, usernames, passwords, partial credit card data, and telephone numbers for Uber customers.

    Despite the report, Uber is claiming an investigation has yielded no evidence of any sort of security breach.

    “We investigated and found no evidence of a breach. Attempting to fraudulently access or sell accounts is illegal and we notified the authorities about this report. This is a good opportunity to remind people to use strong and unique usernames and passwords and to avoid reusing the same credentials across multiple sites and services,” said the company in a statement.

    This isn’t the first time Uber has been involved in a possible hack. The company admitted that up to 50,000 users may have been affected by a breach back in May. This also isn’t the first time Uber’s been under fire for possibly employing lax security practices.

    Uber recently reiterated its mission to make the service safer.

  • Tech Companies Call for End to Mass Surveillance in Letter to Obama, Congress

    The group Reform Government Surveillance, which includes Apple, AOL, Facebook, Google, Microsoft, Twitter, Yahoo, and more, has joined dozens of other organizations in calling on the US government to reform mass surveillance and end the bulk data collection programs revealed over two years ago by Edward Snowden.

    Google explains in a blog post that with sections of the Patriot Act concerning bulk metadata collections expiring, now is the time for reform.

    “At the end of May, Section 215 of the USA Patriot Act is set to expire. Section 215 is one of the legal authorities relied upon by the U.S. government to conduct surveillance through the bulk collection of communications metadata. Earlier we joined other companies in the Reform Government Surveillance coalition, civil society groups, and trade associations in a letter that underscores the essential elements of any surveillance reform legislation,” says Google Chief Legal Officer David Drummond.

    In that letter, addressed to President Obama, Eric Holder, Director of National Intelligence James Clapper, NSA Director Michael Roger, members of Congress, and more, the coalition admits that its members probably don’t agree on the exact course of reform, but two things must happen.

    “Many of us have differing views on exactly what reforms must be included in any bill reauthorizing USA PATRIOT Act Section 215, which currently serves as the legal basis for the National Security Agency’s bulk collection of telephone metadata and is set to expire on June 1, 2015. That said, our broad, diverse, and bipartisan coalition believes that the
    status quo is untenable and that it is urgent that Congress move forward with reform,” it reads.

    Here’s what the group says must be included in reform:

    There must be a clear, strong, and effective end to bulk collection practices under the USA PATRIOT Act, including under the Section 215 records authority and the Section 2 214 authority regarding pen registers and trap & trace devices. Any collection that does occur under those authorities should have appropriate safeguards in place to protect privacy and users’ rights.

    The bill must contain transparency and accountability mechanisms for both government and company reporting, as well as an appropriate declassification regime for Foreign Intelligence Surveillance Court decisions.

    This isn’t the first time that this group of companies has pushed for a curbing of mass government surveillance

  • People Aren’t That Concerned About Government Surveillance, Even Post Snowden

    Pew has just published a new report on Americans and how they protect their privacy in the post-Edward Snowden era. Long story short – most don’t do much of anything to even attempt to keep out the prying government eyes.

    Most people have heard at least something about Edward Snowden’s leaks, and the massive government surveillance programs he exposed to the public – 87 percent, in fact. Basically, you really have to be living under as rock to have missed this (it’s been about two years since Snowden first came forward).

    Despite having at least some level of familiarity with the government’s data collection initiatives, many Americans haven’t really taken any steps (however pointless they might be) to protect their data.

    From Pew:

    34% of those who are aware of the surveillance programs (30% of all adults) have taken at least one step to hide or shield their information from the government. For instance, 17% changed their privacy settings on social media; 15% use social media less often; 15% have avoided certain apps and 13% have uninstalled apps; 14% say they speak more in person instead of communicating online or on the phone; and 13% have avoided using certain terms in online communications.

    25% of those who are aware of the surveillance programs (22% of all adults) say they have changed the patterns of their own use of various technological platforms “a great deal” or “somewhat” since the Snowden revelations. For instance, 18% say they have changed the way they use email “a great deal” or “somewhat”; 17% have changed the way they use search engines; 15% say they have changed the way they use social media sites such as Twitter and Facebook; and 15% have changed the way they use their cell phones.

    That leaves a whole lot of Americans who heard what Mr. Snowden had to say, and from then on felt no desire to modify their online behavior in the slightest.

    According to Pew, half of all surveyed have not even considered using a footprint-free search engine, using email encryption, or installing DoNotTrack plugins.

    Why? If not ignorance, is it laziness?

    Sort of. In reality, a large portion of the American public simply doesn’t care. They aren’t concerned about government surveillance and data collection in email, search, cellphones, or social media.

    However, Pew found that 57% of people think it’s “unacceptable” for the government to monitor US citizens’ private communications.

    Image via Pew

  • Twitter Takes on Revenge Porn and Other Content Posted without Consent

    Twitter Takes on Revenge Porn and Other Content Posted without Consent

    Twitter has taken another step in protecting its users from harassment, this time targeting explicit content posted without consent or so-called “revenge porn.”

    Twitter made a couple of important changes to its terms of service. First, the Twitter Rules section of Private Information now reads like this (new parts italicized):

    You may not publish or post other people’s private and confidential information, such as credit card numbers, street address or Social Security/National Identity numbers, without their express authorization and permission. You may not post intimate photos or videos that were taken or distributed without the subject’s consent.

    Twitter also made an update to its explainer on threats and abuse:

    Users may not make direct, specific threats of violence against others, including threats against a person or group on the basis of race, ethnicity, national origin, religion, sexual orientation, gender, gender identity, age, or disability. In addition, users may not post intimate photos or videos that were taken or distributed without the subject’s consent.

    So, how will Twitter enforce this?

    Like most instances of abuse and harassment, Twitter will rely on user reporting. Once a person files a complaint about some sort of non-consented content appearing on the network, Twitter will review said content and make a determination.

    “We will ask a reporting user to verify that he or she is the individual in question in content alleged to be violating our policy and to confirm that the photo or video in question was posted without consent. Agents will then act on content posted in violation of the policy. Users who believe that content they post has been incorrectly identified is violating the policy can appeal the decision and agents will review that request as well,” Twitter told BuzzFeed.

    “As part of their reports, users will be asked to confirm that the photos or videos in question were posted without consent. Agents will review complaints to confirm that the content at issue violates our policy. Photos or video that do not appear to violate the policy — such as content that an individual has previously indicated was made publicly available with permission — will not be actioned.”

    Twitter says it’s “confident” it’ll be able to handle all the reports “in a timely manner.” If content is deemed in violation of Twitter policy, it’ll be hidden from public view and the offending account will be locked until it’s deleted. If Twitter thinks something more sinister is going on – like an ongoing attempt to harass – then it’ll suspend the account in question.

    Users have been complaining for some time about the amount of abuse that takes place on the site, as well as Twitter’s seemingly unenthusiastic methods of dealing with it. CEO Dick Costolo admitted Twitter “sucked” at dealing with abuse, and vowed to make the service better. Twitter recently tripled the size of the team that handles abuse reports, and instituted some additional safeguards, for instance using phone numbers to track users who’ve been suspended for abusive behavior. Twitter may now ask for users to verify their phone number in order to reinstate their suspended account.

    Image via Rosaura Ochoa, Flickr Creative Commons

  • Reddit Wants No Part of the Next Fappening

    Reddit Wants No Part of the Next Fappening

    Last year, hundreds of nude images of celebrities were stolen off the cloud and passed around various internet channels including 4chan and reddit. The latter, being a much more mainstream community, faced a heavy dose of criticism for allowing multiple subreddits to continue to post the nude images, despite the protestations of many of the celebrities involved.

    Reddit eventually shut down these subreddits, but it look the company a couple of weeks – much to the chagrin of those affected, privacy activists, and yes, even many reddit users.

    “The Fappening”, as the leak was dubbed, was far from the first time reddit had come under fire for its seemingly hands-off approach to the content its users post. Over the years, reddit has found itself in the middle of many a debate regarding sexually suggestive content posted without the subject’s consent. But reddit’s role in The Fappening made the biggest splash. People pay a little more attention to Jennifer Lawrence’s naked body than some random girl a redditor upskirted on the subway.

    Now, reddit’s management has decided to make some changes to help both JLaw and random subway girl. Whether or not they will work is yet to be seen, but a new addition to the site’s privacy policy shows that reddit is trying to grow up a bit – or at least hold itself accountable for some of the creepier elements of its vast empire.

    “Last year, we missed a chance to be a leader in social media when it comes to protecting your privacy — something we’ve cared deeply about since reddit’s inception. At our recent all hands company meeting, this was something that we all, as a company, decided we needed to address,” says reddit’s founder and new Executive Chairman Alexis Ohanian and CEO Ellen Pao in an announcement made Tuesday.

    “No matter who you are, if a photograph, video, or digital image of you in a state of nudity, sexual excitement, or engaged in any act of sexual conduct, is posted or linked to on reddit without your permission, it is prohibited on reddit. We also recognize that violent personalized images are a form of harassment that we do not tolerate and we will remove them when notified.”

    This sort of outright ban, issued unequivocally, is a new thing for reddit. The new privacy policy, which will go into effect March 10, has a brand new section in it called “Involuntary Pornography”. Here’s what it says:

    reddit is committed to your privacy. If you believe that someone has submitted, without your permission, to reddit a link to a photograph, video, or digital image of you in a state of nudity or engaged in any act of sexual conduct, please contact us (contact@reddit.com), and we will expedite its removal as quickly as possible. reddit prohibits the posting of such content without consent.

    Of course, this is all contingent upon someone (presumably the victim) seeing the unauthorized imagery on reddit and filing a complaint. It’s self-reporting. Reddit isn’t going to spend resources searching its nether regions and removing anything that looks like it could fall into the “involuntary porn” category.

    And I can think of a dozen subreddits, just off the top of my head, where any number of posts could fall into this category.

    But the key phrase here is “expedite removal”. Reddit’s been criticized in the past for being slow to act. This is reddit saying all you have to do it point it out to us, and we’ll get rid of it as fast as we can.

    If you think back to 2011, you might remember that reddit had a rather popular subreddit called r/jailbait. Over on r/jailbait, folks would post photos of young girls – minors, almost exclusively – in a sexualized context. These weren’t nude photos – the girls were always clothed – but they often appeared in bathing suits and sometimes in suggestive poses.

    Well, reddit shut it down after some pressure. For those that disagreed with that decision, the argument was usually hey, it’s not porn. It’s just pictures of girls. What we’re thinking about when we look at suggestive images of girls shouldn’t be of any concern. It’s not a crime to think.

    Of course, the flip side to that is hey, you’re stealing 14-year-olds’ beach pictures off Facebook and jerking off to them.

    But the point it, there was at least a small debate over the morality, legality, and a couple other -alities regarding r/jailbait. There probably won’t be much blowback from reddit’s latest privacy policy update. Whether it’s stolen images, a la the Fappening, or revenge porn, most people (the ones not doing the posting, at least) recognize that “involuntary pornography” is some seedy ass stuff.

    Can another Fappening happen without reddit’s help? Of course. reddit’s not the alpha and the omega of internet culture. But when it does, and it will, reddit’s higher-ups don’t want the site to be a part of it.

    Image via Blake Patterson, Flickr Creative Commons

  • Jeb Bush Fixes Social Security Number Leak, but People’s Email Addresses and Names Are Still Out in the Open

    Earlier this week, The eGovernor (as the public apparently called him at some point) Jeb Bush released hundreds of thousands of emails from his tenure as governor of Florida. It was a move in the name of transparency – Jeb Bush’s transparency. But the Bush team didn’t quite think everything through, and they didn’t double-check everything before making it all public. Most importantly, the team didn’t think about how transparent thousands of Floridans wanted to be – or more aptly put, how un-transparent they wanted to be.

    So when the big email dump went live, there was no redaction. Not a single bit. People’s email address, names, and in some case home addresses and telephone numbers were made public, along with the content of whatever email correspondence they had with the governor.

    But that wasn’t all. The Bush email dump also exposed around 13,000 social security numbers – most of which were hidden in a spreadsheet on a PowerPoint slide attached to a 2003 email.

    In his attempt to promote transparency, Jeb Bush had pretty much doxxed a good chunk of Florida.

    Now, it turns out, Jeb Bush and crew have fixed the most egregious error in the email project. According to the Guardian, the team has successfully redacted the tens of thousands of exposed social security numbers – per a Bush spokeswoman.

    But that’s it. All of the rest of it still remains – the email addresses, the names, the home addresses, the telephone numbers. None of this has been redacted.

    I’m not sure what kind of expectation of privacy these Floridians had when emailing a public figure – especially when it’s the governor. But it doesn’t take a huge leap to see how this could be problematic. Maybe May Whitfield of Boca Raton isn’t too thrilled that everyone can now see how much she didn’t want that Islamic center built in her neighborhood. Also, if you want to tell Mrs. Whitfield just how racist she is, well look – there’s her email!

    Redacting the social security numbers is a no-brainer, as revealing those likely violated state privacy laws. But think about the implications of the rest of the now publicly-available information. Shouldn’t Jeb Bush and company redact the names and email addresses of the 300,000+ emails in the archive?