From a short article by Jan-Jaap Oerlemans on the privacy risks of automated open source intelligence:
[T]raditional OSINT has evolved into a professional and intrusive practice. With the use of tools hundreds of online sources can be queried simultaneously. These sources are diverse and can range from publicly available data on social media services, to location data generated by advertisements on apps on mobile phones, to leaked user data. Automated OSINT interferes with the right to privacy and the right to the protection of personal data more seriously than before.
The Markup has investigated the shadowy industry of collecting and selling location data. The article details some worrisome examples of very invasive practices.
In an article by Yuval Noah Harari at the Financial Times, he talks about how Israel has “vaccines for data” deal with the company Pfizer:
Meanwhile, Israel has the seventh highest average confirmed case rate, and to counter the disaster it resorted to a “vaccines for data” deal with the American corporation Pfizer. Pfizer agreed to provide Israel with enough vaccines for the entire population, in exchange for huge amounts of valuable data, raising concerns about privacy and data monopoly, and demonstrating that citizens’ data is now one of the most valuable state assets.
Read more about it also in an article titled “Vaccines For Data: Israel’s Pfizer Deal Drives Quick Rollout — And Privacy Worries” at NPR.org.
The current technocratic hype are “track and trace” apps to help contain the coronavirus. The example of South Korea is frequently given as success story. This success is debatable however and needs to be put in context. An article on nature.com gives more context on the surveillance of infected people in South Korea:
South Korea’s data transparency during this outbreak has its origins in how the government handled the 2015 outbreak of MERS, which reportedly infected 186 people in South Korea and killed 36. The government at the time initially refused to identify the hospitals in which infected people were being treated, but a software programmer made a map of cases based on crowdsourced reports and anonymous tips from hospital staff. Eventually, the government relented and named the affected hospitals.
Read the full article on nature.com for more background information.
Facebook made available a new tool this week which allows users to see which businesses have shared information from these users with Facebook. Although lucklily only one, I was suprised to see that one company shared a purchase with Facebook without me being aware. The Verge reported on the release.
As usual the tool is hidden somewhere in the settings: Settings —> Your Facebook Information —> Off-Facebook Activity.
Today Mark Zuckerberg accounced his new vision for Facebook as a more privacy-focused company. The principal change he thinks should be to have interoperable end-to-end encryption for all of Facebook’s apps. Although this would be an interesting improvement to protect the communication, the links with law enforcement are worrying. Who is deciding what patterns identify “bad actors”, and how are they not influenced by governments? It also a way for Facebook to seem like they deem it appropriate to decide who are “bad actors”, which is equally worrying in my opinion.
We have a responsibility to work with law enforcement and to help prevent these wherever we can. We are working to improve our ability to identify and stop bad actors across our apps by detecting patterns of activity or through other means, even when we can’t see the content of the messages, and we will continue to invest in this work.
Another piece from The Intercept reminds us that may be another form of coporate white-washing, and how they haven’t delivered on any other privacy improvement promises.
An opnion piece on The New York Times discusses why deleting your Facebook account may not be an effective way to drive the company to change and may cause harm by “recasting a political issue as a willpower issue”.
But it would also seem to be the case that if millions of angry individuals were going to save us from the worst excesses of the tech industry, we would have been saved from them by now. Collective action is difficult against a global behemoth like Facebook. Even were such action to succeed, the company also owns WhatsApp and Instagram. With a couple of billion users on Facebook alone, it is hard to fathom how many deleted accounts it would take to drive genuine change.
The New York Times on what some of the filed Facebook patents tell about their privacy policy: “Facebook’s patents show a commitment to collecting personal information, despite widespread public criticism of the company’s privacy policies and a promise from its chief executive to “do better.””.
Winter cleanup: trying to delete google activity…so much different kinds… 😱 But at least the tools to manage the data are great 🙃
From @ProtonMail on a new Autralian anti-encryption law: “There is nothing new about a government seeking to break encryption. From the British Investigatory Powers law to the NSA’s possible decryption programs, law enforcement agencies around the world are working hard to gain an edge over information security technology. But Australia’s new law goes much further, deputizing tech businesses as accomplices in a surveillance scheme so loosely conceived that no one really knows its limits.” .