Jul 05

PRISM fallout: EU votes to investigate US, threatens to cut data sharing

Posted in: Today's Chili

Tensions between the US and Europe continue to escalate, after the EU voted to begin an “in-depth inquiry” into allegations that the NSA and other US security agencies bugged EU premises as well as regularly monitor the communications European citizens. The Civil Liberties Committee investigation – supported by 483 votes to 98 (with 65 abstentions) – sees the EU demand full details from the US on how, exactly, programs like PRISM affect EU member states, in addition to exploring greater protections for whistleblowers like Edward Snowden.

prism-580x3781

That could include formal “procedures allowing whistleblowers to unveil serious violations of fundamental rights” as well as international agreements for how such people should be handled. As it stands, Edward Snowden – the former NSA contractor who revealed details of PRISM and other spying behaviors – is currently in a no-mans-land of residence, seeking asylum from around twenty different countries but without a passport as it has been rescinded by the US government.

Repercussions for EU-US relations could be significant. Members of the European Parliament have apparently called for potentially extreme cuts in data sharing, “including suspending the current air passenger and bank data deals.” Those are the schemes which see the EU and US share passenger name record data for travelers, as well as tracking potential terrorist financing.

Although the new investigation may seem, at first glance, specifically critical to the US, the EU also wants to know what’s going on with reports that other countries operate their own comprehensive spying schemes. “Parliament also expresses grave concern about allegations that similar surveillance programmes are run by several EU member states, such as the UK, Sweden, The Netherlands, Germany and Poland” the EU said in a statement. “It urges them to examine whether those programmes are compatible with EU law.”

The end goal, the EU says, is for a more comprehensive – and fair – data-sharing system to be established, with MEPs demanding that “the final deal must ensure that EU citizens’ access to the US judicial system is equal to that enjoyed by US citizens.”

The Civil Liberties Committee is expected to present its findings by the end of the year, though the PRISM fall-out is likely to worsen considerably before that happens. The US government is yet to comment on the new inquiry.


PRISM fallout: EU votes to investigate US, threatens to cut data sharing is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2013, SlashGear. All right reserved.

No Comments | Tags: , , , , ,
Jul 05

Google must rewrite European privacy policy or face legal sanctions

Posted in: Today's Chili

Google must change its European privacy policy or run the risk of legal censure, with the UK joining Germany, Italy, France, and Spain in demanding the search giant modify its contentious “unified” policy. The UK’s Information Commissioner’s Office, the independent privacy watchdog, confirmed this week it had contacted Google giving it until September 20 to rewrite its privacy policy, as currently it “raises serious questions about its compliance with the UK Data Protection Act.” If it fails to amend the policy, the ICO warns, Google could find itself the target of “formal enforcement action.”

google_privacy

The UK isn’t the first European country to take issue with Google’s single privacy policy that over-arches the majority of its services. Revealed in 2012, the updated terms & conditions replaced the individual agreements for each product with a single per-account policy; at the time, Google claimed it shaved around 60 different agreements to just one, billing it as a more efficient and understandable approach to data privacy.

However, critics also pointed out that Google was explicitly giving itself permission to share data from different services, and in the process build up a more complete picture of each individual user. For Google, that only led to benefits overall: the company would be able to, for instance, use calendar data, location data, and its own understanding of traffic status to give more accurate directions and suggestions on when to travel, what route to take, and by what method to take it, Google argued.

Google privacy policy changes explanation video:

That wasn’t enough to placate privacy watchdogs, however, and a bitter back-and-forth began as regulators sparred with Google’s own legal advisors. In February this year, the French National Commission for Computing and Liberties announced it was unsatisfied with Google’s explanations, and that it would investigate and potentially level fines at the company.

“Our privacy policy respects European law and allows us to create simpler, more effective services” Google said in a statement on the matter. “We have engaged fully with the authorities involved throughout this process, and we’ll continue to do so going forward.”

Meanwhile, a German watchdog announced this week that it would hold a legal hearing with Google’s policy at its core. Professor Johannes Caspar, who heads the Hamburg-based organization, said that Google’s 2012 policy “violates the company’s commitment to full transparency about the use and handling of the data.”

Data use is a sensitive topic at the moment, especially given the ongoing PRISM revelations that forced Google – among others – to categorically deny that the US NSA or any other security agency had “back door” access to its servers. Google is also the subject of privacy concerns in the US, particularly around its Glass headset, which has led one Congressional caucus to question the potential for abuse of wearables.

UK ICO statement:

“We have today written to Google to confirm our findings relating to the update of the company’s privacy policy. In our letter we confirm that its updated privacy policy raises serious questions about its compliance with the UK Data Protection Act.

In particular, we believe that the updated policy does not provide sufficient information to enable UK users of Google’s services to understand how their data will be used across all of the company’s products.

Google must now amend their privacy policy to make it more informative for individual service users. Failure to take the necessary action to improve the policies compliance with the Data Protection Act by 20 September will leave the company open to the possibility of formal enforcement action” Information Commissioner’s Office, UK

VIA The Guardian


Google must rewrite European privacy policy or face legal sanctions is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2013, SlashGear. All right reserved.

No Comments | Tags: , , , , , ,
Jul 05

UK government issues ultimatum on Google’s troublesome privacy policy

Posted in: Today's Chili

A year and a half after Google introduced its new, “simpler” privacy policy, UK regulators have come to a verdict: Mountain View must now change that policy by September 20th or face the possibility of “formal enforcement action.” In a statement, the Information Commissioner’s Office said:

“We believe that the updated policy does not provide sufficient information to enable UK users of Google’s services to understand how their data will be used across all the company’s products.”

German and Italian governments have reached much the same conclusion, while France and Spain also wrote strongly-worded letters to Google last month. For its part, Google has the following response:

“Our privacy policy respects European law and allows us to create simpler, more effective services. We have engaged fully with the authorities involved throughout this process, and we’ll continue to do so going forward.”

As The Guardian points out however, Google’s statement doesn’t really explain how its privacy policy can “respect” EU law and yet be considered objectionable by five major EU governments.

Filed under: ,

Comments

Source: The Inquirer (1), The Guardian

No Comments | Tags: , , , , , , , ,
Jul 03

Twitter Wants to Start Tracking You on the Web, Here’s How to Opt-Out

Posted in: Today's Chili

Twitter Wants to Start Tracking You on the Web, Here's How to Opt-Out

In a blog post today, Twitter announced that they’re "experimenting with new ways of targeting ads," which is their way of saying they’re planning to track you around the web—even when you leave Twitter—and relay that information to advertisers to craft better ads. Here’s how to opt out.

Read more…

    

No Comments | Tags: , , , , ,
Jul 03

AT&T privacy policy updated, may start selling anonymous user data

Posted in: Today's Chili

AT&T has updated its privacy policy and disclosed that the carrier may begin selling its customers data to other businesses, although they stated that the data would be anonymized so that no one individual could be identified. However, AT&T said that customers will have the option of opting out if they choose.

ATT1-580x39111

AT&T says that the reason for selling the user data is “to deliver more relevant advertising,” which is surprising to hear at all, and many privacy concerns for other big services on the internet focus on this topic. Selling user data for improved advertisements is nothing new, but its ubiquitousness doesn’t lessen the concern that users have.

Verizon Wireless, Google, and Facebook are just a few of the big tech companies that have long been selling user data to marketers and advertisers in exchange for improved and catered advertisements on their websites. The IDC predicts that the sale of user data will become a $24 billion industry by 2016.

As for how AT&T will sell its user data, the carrier provided some insight as to what information will be sold to marketers. Specifically, things like demographics will be included, as well as viewing behavior for AT&T’s U-verse television service, and make and model information of mobile devices with regional information of these devices as well.

Again, this shouldn’t be too surprising to folks, and users are able to opt-out at any time, which may still upset some privacy advocates, as opting-in is much better for the consumer than opting out, since it takes an extra step that many users may forget about or not know that the option is even there.

SOURCE: AT&T


AT&T privacy policy updated, may start selling anonymous user data is written by Craig Lloyd & originally posted on SlashGear.
© 2005 – 2013, SlashGear. All right reserved.

No Comments | Tags: , , , , , ,
Jul 03

AT&T updates privacy policy, may begin sharing anonymous user data

Posted in: Today's Chili

dnp AT&T to begin sharing anonymous user data

In an update on its Public Policy Blog, AT&T disclosed that it may begin selling anonymous user data to retailers and marketers, with the end goal being “to deliver more relevant advertising to… customers.” The carrier is far from the first to sell aggregate information — here’s looking at you, Verizon — but the provider is unique in combining data on TV, WiFi and wireless usage. The company said it could also provide aggregate info about users’ app usage and U-Verse info.

Also notable in the new privacy policy: AT&T notes that it could sell information about individual users, with the stipulation that the data would still be kept anonymous, and media research companies would only be able to use that info in aggregate reports. While this is hardly a case of AT&T pushing new privacy boundaries, users can opt out of the program (see the second source link below).

Filed under: , ,

Comments

Via: FierceWireless

Source: AT&T Public Policy Blog, AT&T

No Comments | Tags: , , , , , , , ,
Jul 03

Dump Google, Facebook and other US sites warns German security chief

Posted in: Today's Chili

‘Stop using Google and Facebook’ is the advice from Germany’s highest security official, warning web users concerned about NSA monitoring to steer clear of anything that might pass through US services. “Whoever fears their communication is being intercepted in any way should use services that don’t go through American servers” Interior Minister Hans-Peter Friedrich cautioned today, the AP reports, the latest in escalating German concerns about the extent of US spying programs like PRISM

facebook_in_shadows

German politicians have been some of the most outspoken after the revelations of data gathering in recent weeks, though the pitch was turned up considerably once whistleblower Edward Snowden revealed alleged details of how the NSA and other US agencies monitored EU politicians. The country has threatened a full investigation of NSA activities, and warned that civil lawsuits from German citizens are highly likely.

According to Interior Minister Friedrich, a German delegation will fly to Washington next week for a meeting with US officials. On the agenda are the concerns that not only individual European citizens but EU politicians were being spied on.

However, Friedrich’s advice to avoid ostensibly US web services, like Facebook, Twitter, Google, and others, may prove tricky to actually follow. Even data used by non-US companies could well travel through US networks – giving them at least one opportunity to collect a copy, even if they then require, officially, a warrant to dig through it – or be stored on servers hosted in the US.

A recent Spiegel feature on how the NSA targets international traffic also suggests that traffic needn’t even reach the US for it to be monitored. The security agency reportedly has involvement “in a number of large internet hubs in western and southern Germany” insiders tell the magazine, with German counterparts supposedly knowing about some – though not all – of the tracking.

IMAGE Adib Roy


Dump Google, Facebook and other US sites warns German security chief is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2013, SlashGear. All right reserved.

No Comments | Tags: , , , , , ,
Jul 03

Google publishes Glass FAQ as latest round of invites wrap up

Posted in: Today's Chili

Google began sending out invitations for its #ifihadglass round of the Google Glass Explorer program, and though it has been a few weeks, some participants are still awaiting their invitations. Google posted a small update on its Google+ page today, saying that the program is coming to a close as the company begins looking at other ways to expand it. In light of some of the questions that have been raised as a result, Google has published some rather extensive Glass FAQ.

google_glass_live_sg_2-580x326111

The FAQ illuminate on a handful of categories of questions that have been raised over Glass, including general inquiries, specifications, software, and security/privacy. The general questions address what we already know about the device: what it does, whether it covers the eye, and what the Glass explorer edition is. Beyond this, however, is a look at our technology culture and how Glass fits in it.

In particular, Google says that Glass will not make people more dependent on technology as some say, with the company pointing out that device is not augmented reality and that the screen is, by default, inactive. According to the company, feedback from users who have been wearing Glass find that “after several weeks” their overall technology use decreases due to the reported efficiency of how the device provides access to information.

Beyond that is an addressing of privacy and security concerns, with Google stating that it has been “thinking very carefully” about both areas throughout the device’s creation. Information, says the company, is kept safe and secure, and that worries over whether Glass is constantly taking images or recording videos is unfounded, pointing out that the battery life only facilitates 45 minutes of recording.

The FAQ go on to address the privacy concerns of non-users, face recognition, third-party data sharing, and the instances in which it has been banned by some locations. You can read the entire write up for yourself, but the gist of it is that users should not fear the new technology. This comes shortly after Google failed to reassure a Congressional committee that raised concerns on these topics.

SOURCE: Google+


Google publishes Glass FAQ as latest round of invites wrap up is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2013, SlashGear. All right reserved.

No Comments | Tags: , , , , , ,
Jul 02

FTC approves settlement with HTC over logging software

Posted in: Today's Chili

FTC approves settlement with HTC over logging software

In late February the FTC and HTC came to a tentative settlement over the manufacturer’s poorly secured software, which included HTC Loggers. The commission voted three to none, with one commissioner recused, to require the company to patch the vulnerabilities and develop a security program that would undergo an independent assessment every other year for the next two decades. The American arm of HTC will also be watched closely regarding its security and consumer privacy claims. Any statements that are found to be false or misleading could lead to fines of up to $16,000 per violation. With the public comment period closed, the FTC has cleared the last hurdle to enforcing the settlement. Let’s just hope others are taking heed, last thing we need is second round of electronic privacy scandals. Oh, wait

Filed under: , ,

Comments

No Comments | Tags: , , , , , , , ,
Jul 02

Ubisoft hacked with usernames and passwords stolen, financial info safe

Posted in: Today's Chili

It’s been a bit of awhile since we’ve heard about a large online service hack, but we should’ve knocked on wood when we had the chance. Ubisoft has confirmed that some of its “online systems” were hacked, with only usernames, email addresses, and passwords stolen. The game publisher says that financial information is safe, since that info isn’t kept by Ubisoft.

timthumb

Obviously, Ubisoft is recommending that all account holders change their passwords on ubi.com, as well as on other websites where they use the same password. Of course, it’s good practice to not use the same password for everything, as that could start a chain reaction if your password gets stolen on one service.

However, Ubisoft says that the passwords are encrypted on their servers, so while the hackers didn’t have the passwords themselves at the time of the breach, Ubisoft says they “could be cracked, in particular if the password chosen is weak,” which is why the company is recommending that its users change their passwords as quickly as possible.

51rEm9gy4GL._SY445_

Unfortunately, specifics about how the breach happened weren’t disclosed by Ubisoft “for security reasons,” but they said that the hack did not affect their Uplay gaming service. Currently, ubi.com is “under maintenance,” and isn’t accessible at this time because the publisher is working on solving the attack.

Ubisoft is just one of the multiple big game publishers that will be releasing games for the Xbox One and PlayStation 4 later this year. Watch Dogs seems to be one of the big games to hit the new consoles in the fall, and the publisher looks to go all-in on the next-generation of gaming.

SOURCE: Ubisoft Blog


Ubisoft hacked with usernames and passwords stolen, financial info safe is written by Craig Lloyd & originally posted on SlashGear.
© 2005 – 2013, SlashGear. All right reserved.

No Comments | Tags: , , , , , , , , , , ,