Cowboy

10 Signs data privacy is the new Wild West

Digital privacy in the U.S. is in a Wild West phase. There are few laws, less enforcement, and a lot of uncertainty and chaos. Practically everything we do online creates a data trail that we have little or no access to or control over.

Take these two straightforward questions: What information does your favorite app or Internet service collect about you? And what do they do with it? Most of us couldn’t answer that, but that’s by design. The United States lacks an overarching privacy protection law, like the European Union’s GDPR—the big new law that might finally shake up digital privacy. So technology companies don’t have much reason to share exactly what data about you they collect, store, and, in some cases, sell to third parties. 

Below is Entefy’s latest roundup covering the gamut of cyber privacy matters to help keep you informed: 

1. The Lumen Privacy Monitor will tell you which apps are collecting your data. 7 in 10 smartphone apps share your data with third-party services. To help users become aware of which apps are collecting data from them, researchers developed an app that lets users “see their information collected in real time and the identity of the entities receiving the information.”

2. Get your Facebook data back. Do you ever wonder how Facebook gains so much insight about its users? The free browser extension Data Selfie sheds light on Facebook’s machine learning algorithms and “tracks all the digital breadcrumbs you would leave behind when using Facebook (hint: it’s a lot of breadcrumbs) and creates your personality profile.”

3. It’s possible to hack a phone through sound waves. Accelerometers measure rest and acceleration in smart devices and are commonly found in smartphones, fitness trackers, and automobiles. Although helpful for navigation and orientation, there’s been a recent discovery that accelerometers are susceptible to vulnerabilities. “Researchers describe how they added fake steps to a Fitbit fitness monitor and played a ‘malicious’ music file from the speaker of a smartphone to control the phone’s accelerometer. That allowed them to interfere with software that relies on the smartphone, like an app used to pilot a radio-controlled toy car.”

4. ESPN collected first-party data on about 106 million of its users. ESPN collects information such as a person’s favorite teams, leagues, and players, as well as displays strategic advertisements based on these preferences. If a Warriors fan visits the website after a win, advertisements for special merchandise will appear when that person checks the website. For the ESPN visitors that do not volunteer their preferences, the network can figure out sport preferences by tracking their behavior online.

5. Smart TVs are known to track personal data, and Vizio got caught. Earlier this year, Vizio paid $2.2 million to settle charges for monitoring viewing habits of more than 11 million TVs without consent. “The main problem was that Vizio TVs had tracking features turned on by default, instead of an opt-in setting like many other manufacturers use…but the situation is now a relatively good one for Vizio TV owners: the company is specifically prohibited from tracking your viewing habits without explicit permission.”

6. Google can track when someone clicks an ad and buys something from a physical store. If you see an online advertisement for a product, then go to a store and buy it with a credit card, Google can track your behavior and report the data to marketers so that they can see how effective their advertisements are. “How does Google know if you bought something at Subway or Aldo? It works with the credit and debit card companies to match up in-store purchases with your online identity. The company has partnerships with companies that account for 70% of credit and debit card purchases in the U.S.”

7. There are “microdots” on printed documents that encode the serial number for the original printer. Research that printers might be spying on us has been around for a while. A recently leaked document has brought it to the forefront of the news again. After a quick analysis of documents related to a National Security Agency leak case, experts “seemed to reveal the exact date and time that the pages in question were printed: 06:20 on 9 May, 2017 – at least, this is likely to be the time on the printer’s internal clock at that moment. The dots also encode a serial number for the printer.”

8. Not all virtual private networks (VPNs) are created equal. VPNs create an encrypted connection between your browser and another private server, and protect users from things like malware. But it can be hard to tell how secure every VPN is and what it’s doing with your data. To optimize security on your VPN, “avoid free services, and…look into setting up your own. Otherwise, make sure a paid VPN has a privacy policy you’re okay with…And on a larger scale, remember that the best solution is still policies that would tackle the problem at the source: ISPs’ ability to sell your data.”

9. Twitter’s new privacy policy with invasive defaults doesn’t “sound good.” Twitter has updated its privacy policy in order to provide users with a more personalized experience, which includes very specific tailored ads. Twitter “will now record and store non-EU users’ off-Twitter web browsing history for up to 30 days, up from 10 days in the previous policy.” This policy is on an opt-out basis. You can “click ‘Review settings’ to opt out of Twitter’s new mechanisms for user tracking.” Wondering why EU users are exempt from this privacy policy? Read on.

10. Amazon Echo Look is collecting a full picture of you and your home. The cloud-connected camera wants to give consumers feedback on their outfits by using advice from fashion experts and machine learning algorithms. “The lookbook is a digital collection of ‘what you wore and when.’” But what’s important here is that “you’re potentially giving the tech giant a lot more data than just the type of chinos you sport. The pictures can reveal socioeconomic status, whether you’re married, religious affiliation (hello cross above your bed), and potentially a lot more.”

Digital privacy in the U.S. is going through growing pains, and we hope these resources help you stay informed. After all, protecting yourself starts with awareness. For additional information be sure to check out our firstsecondthird, and fourth articles related to this topic.