Most web sites track and store user activity, even from site to site. Google and Facebook have now announced new methods of aggregating tracking, analysis of user's personal data and habits. Even with public out-cries of privacy invasion, more and more personal data is being collected, analyzed and sold to 3rd parties each year. Until now users could opt-out of some of this tracking.
FaceBook's Mark Zuckerberg says "The age of privacy is over". Invasion of privacy is very profitable. At the end of 2011 Facebook had $3.9 billion in cash, making $4 per user and Google had $45 billion in cash making, $30 per user. Left unchallenged they will collect enough personal data to perform
predictive psychological behavioral analysis on all their users. Put simply, they will know more about you and what you will likely do in the future then you will, yourself. This information is invaluable to financial and marketing companies as well as law enforcement. Unfortunately, this will enable prejudgment without your knowledge or input.
• Not surprising that personal electronic data has be captured, recorded and analyzed on a global scale for more than 50 years.
• Google’s new
policy replaces more than 60 existing product-specific privacy documents, for services including Gmail, YouTube and Google Docs. Google says the unified terms will provide better search results and serve up ads that are more likely to be of interest. By combining your history across products, it will have more data to work with. Google will merge data from the products you use and then analyze it to make
new assumptions. Google has taken an-all-or-nothing position. "If you continue to use Google services after March 1 2012, you’ll be doing so under the new Privacy Policy and Terms of Service", which you can not opt-out of. If you have an Android phone, Google already knows your location. After public discovery and distain over Google's Wi-Fi location data
collection, finally offered a Wi-Fi
Opt-Out in Nov 2011. Google has been
mining your Gmail contacts database to figure out which competing social networks you belong to. Deleting your
profile won't delete your Google Account. First delete your profile then
delete your account. Gmail usernames cannot be recreated after they've been deleted. Your public data will be hidden but Google never really
deletes your data.
Google has been slow to react to 3rd party discoveries of over
1,000 malicious apps. Google and other advertising companies have been
bypassing the privacy settings of the Apple Web browser on the iPhones and computers,
tracking the Web-browsing habits of people who intended for that kind of monitoring to be blocked. Microsoft
says Google is employing similar methods to get around the default privacy protections in IE and track IE users with cookies.
• FaceBook announced
Timeline and Apps Integration.
The reverse-chronological display of a user's history on Facebook and other life events, replaces and combines a user's Facebook Wall and Profile, will become
non-optional. Facebook has
sparked an outcry after announcing users will have just seven days to add or remove things from their Timeline before the new, controversial feature goes public. This latest change to Facebook will allow people to access easily their friends' status updates and photographs, in a far more visual way, from as far back as 2004. Timeline integration, in a nutshell, posts activity from other Web sites and services that you use in your Facebook Timeline. Tried to leave Facebook and found out they only allow you "deactivate" your account? All your personal data, including photos, interests, friends etc, will be saved indefinitely. To "
permanently" delete your account and personal data follow these
instructions carefully. FaceBook had a major security breach with100 million Facebook profile pages
leaked to a torrent site in 2010, as well as numerous privacy
breach issues. Over 3 years
later, "deleted" Facebook photos are still online. Facebook admitted systems "did not always delete images". Facebook's "
Ticker" broadcasts everything you do. The company has put political veterans in key executive roles and board
positions with a powerhouse lobbying operation.
• LexisNexis Group who has been data mining since 1977, "delivers authoritative global news, business intelligence, legal information and public records", which is only available for a fee. They have one the world's largest databases.
• DoubleClick has been around since 1996. The FTC launched an investigation into DoubleClick's collection and compilation of personal information shortly after the 1999
Abacus acquisition. This raised fears that the combined company would link anonymous Web-surfing profiles with personally identifiable information and the merger was stopped. DoubleClick is considered to be malware by most anti-virus companies. Google purchased DoubleClick in 2007 for $3.1 billion, to aquire their technology and, more importantly, its relationships with Web publishers, advertisers and advertising agencies.
• Browser cookies are used to track users' web browsing habits. Most browsers can easily delete these cookies except for Flash cookies. Firefox has a
plugin to delete these type of cookies. More than half of the top websites
use Flash cookies (
local shared objects) to track users and store information about them but only four of them
mention it in their privacy policy. Some websites use Flash cookies as hidden backups, so that they can revive HTTP cookies when the user deletes them.
• Epsilon a subsiduary of
Alliance Data, has more than 2,500 corporate clients. It monitors social networking and other sites to see what people are saying about a company, and offers Abacus, "the world's largest cooperative database with over 8.6 billion consumer transactions and 4.8 billion business transactions" used for creating lists of prospective customers. They provide a broad range of loyalty marketing services spanning database marketing, direct mail, email marketing and sends billions of email ads every year. The data Epsilon
sells includes age, profession, residence, ethnic information and political affiliation. The Epsilon database was breached in April 2011 with over 100
companies affected.
DataLossdb.org tracks them and other company data breaches. Hundreds of millions of records have being stolen, containing end users' personal data.
• Apple's iDevices were logging geo locations for up to a year and was
easily accesible from an iTunes backup. After its discovery was made public, Apple reduced the tracking to 7 days and removed it from the iTunes backup. Apple allows developers free access to iPhones contact information and some apps are
collecting that info. Any iOS app can, without asking for your permission, upload all of the information stored in your address book to its servers. Twitter, Path and Hipster iPhone apps were
discovered to leak sensitive data without notification. Apple "said" it would
require apps to notify users that their contact data might be transmitted, precipitated by inquiries posed by two U.S. congressmen. Apple's Gatekeeper in OS X Mountain Lion will
block the installation of apps from third-party developers without an Apple Developer ID by default, and will serve to reinforce Apple's control of the OS X software sales channel.
• Microsoft has developed technology to
secretly intercept, monitor and record communications on voice over IP networks. Microsoft
purchased Skype for $8.5 billion. Their
patent pending application for a technology will provide a backdoor in communications equipment to record VOIP conversations and chat, called "Legal Intercept" in the patent application. Skype uses
complex obfuscation and anti-reverse engineering techniques. Skype has around 330 million active users each month.
• Carrier IQ claims its software is installed on over 140 million mobile devices with partners including Sprint, HTC, Apple and Samsung. The
software is capable of logging user keystrokes, recording telephone calls, storing text messages, tracking location and more. After its disclosure and public out-cry, most carriers have "
said" they will cease using it in the future. In Dec 2011 Carrier IQ released a pubic relations damage control
report. The first draft of the Mobile Device Privacy Act, which requires mobile companies and app creators to inform users of all monitoring software is now in the
works.
• TomTom has
admitted to The Australian Financial Review that every GPS device sold in Australia in the past three years has been built to report details, such as journey times, speeds and routes taken, back to the maker. Most of the roughly 1 million users of the TomTom global positioning system device will have details of their travel sold to the highest bidders. In the UK TomTom will report back to insurers on driver
behaviour. Tracking device will monitor driving habits and adjust charges accordingly. Anyone that signs up to the
Fair Play Insurance service will be issued a TomTom Pro 3100 navigation.
• UK network provider
O2 had been giving out mobile numbers when customers browsed websites from their handsets. Only after the news of the leak hit the mainstream, O2 confirmed that it had fixed problem which initiated spam texting.
• Employers and law enforcement are discreetly using Google, FaceBook and Twitter to get personal information on people, which they could not normally obtain. U.S. law-enforcement agencies are increasingly
obtaining warrants to search Facebook, often gaining detailed access to users' accounts without their knowledge.
• Google and Apple were among seven technology companies that must face a
lawsuit claiming they violated antitrust laws by entering into agreements not to recruit each other’s employees. This in part is an attempt to keep their internal "secrets" from leaving their company and possibly being publically disclosed.
• Twitter which prides itself in promoting unfettered expression in a stunning role
reversal, planned to allow country-specific censorship of tweets that "might" break local laws. This sparked a
backlash. Twitter now says that it will not filter tweets, but instead will be "reactive only" and will withhold specific content only when "required" to do so. Twitter
stores the contacts of iPhone users for a period of 18 months, if they used Twitter to search their iPhone contacts for Twitter accounts.
• WikiLeaks was the #1 whistle blowing site on the Internet. After releasing embarrassing US "secrets" the US government attempted to shut them
down. Twitter logs of WikiLeaks supporters were
subpoenaed. WikiLeaks was taken down for a while but it was mirrored by over 1,000 websites around the world. Then they hit WikiLeaks where it hurts, by "convincing" all of WikiLeaks' donation collection companies to drop them, killing their revenue. According to WikiLeaks "Despite Visa and MasterCard cutting off payments to WikiLeaks, they have found some ways around the banking blockade"
• SOPA (Stop Online Piracy) and
PIPA (Protect IP Act) were very
poorly written bills, opening the door for censorship. Perhaps the most dangerous aspect of the bills is that the conduct it would criminalize is so poorly defined. With 7 million signatures and 7,000 websites who coordinated a service blackout, or posted links and images in protest against SOPA and PIPA, the bills are postponed until issues raised about the bills are resolved.
• Bill HR 1981 is titled the "Protecting Children From Internet Pornographers Act". It would give law enforcement the power to review Internet service providers user logs for nearly any reason. All ISP's would be
required to store all users' Internet activity for up to 18 months, The most public champion of data retention is the U.S. Department of Justice, which has been quietly lobbying for the sweeping new requirements since 2005.
• The U.S. government is
seeking software that can mine social media to
predict everything from future terrorist attacks to foreign uprisings, according to requests posted online by federal law enforcement and intelligence agencies.
• In Syria's
cyberwar, the regime's supporters have deployed a new weapon against opposition activists -- computer viruses that spy on them. The cyberespionage campaign passes information it robs from computers to a server at a government-owned telecommunications company in Syria. Syria
restricted its citizens' access to the internet, using an American company's technology. Blue Coat
acknowledged the use of its technology in Syria.
• Canada reintroduces the Copyright Modernization Act as Bill
C-11. In 2010 it was Bill
C-32. In 2008 it was Bill
C-61. Under Bill C-11, transferring a movie with a lock to a portable device like an iPad could hold a penalty of $100 to $5,000. Again this is a poorly written bill getting more intrusive with each new incarnation (mimicking SOPA & PIPA). None of these bills have been passed. If the current form of the copyright bill becomes law, it could be subject to a constitutional challenge.
• Canada's
Bill C-30 "Protecting Children from Internet Predators Act", previously called "
Lawful Access" means Internet service providers and cellphone companies won't be able to say no to law enforcement if they ask them for subscriber information of any of their customers. The bill will also require ISPs and cellular phone companies to install equipment for real-time surveillance and create new police powers designed to obtain access to the surveillance data. The privacy commissioner of Canada said "it is a serious infringement of civil liberties." In a letter to Public Safety Canada from Canada's Privacy Commissioners
Quote "the provisions of Bills
C-50,
C-51, and
C-52 (augmented by changes in Bills
C-22 and
C-29) would substantially diminish the privacy rights of Canadians".
Warrantless surveillance details are
here.