Archive for the ‘Privacy’ Category

EA opts Origin users out of “real-name sharing” after complaints

February 19th, 2019
EA opts Origin users out of “real-name sharing” after complaints

Enlarge

Electronic Arts is opting all users out of the "real name sharing" option on its Origin gaming service following complaints that some users may have been entered into the program without their consent.

The option to "show my real name on my profile" (as opposed to just sharing an online handle) is buried in the privacy settings for every EA Origin account, as it is for many other gaming networks. But Randi Lee Harper, the founder of the nonprofit Online Abuse Prevention Initiative, recently noted in a Twitter thread that her real name was being shared via the account without any opt-in.

Harper said anecdotal reports and spot checks of others with Origin accounts showed that the setting "has been seemingly randomly enabled" for a number of other Origin users. Accounts created between 2013 and 2015 seem to have more likelihood of having the option enabled by default, Harper said, but she added that she "can't find any kind of commonality in the data. It seems so random." (New accounts created today default the real name sharing to be off.)

Read 5 remaining paragraphs | Comments

Posted in access, EA, Gaming & Culture, name, Origin, Privacy | Comments (0)

Apple to developers: disclose screen recording or get booted from App Store

February 8th, 2019
The home screen on the iPhone XS.

Enlarge / The home screen on the iPhone XS. (credit: Valentina Palladino)

Apple has begun notifying developers who use screen-recording code in their apps to either properly disclose it to users or remove it entirely if they want to keep their apps in the App Store. The move comes after a TechCrunch report showed that many apps do not disclose such activity to users at all, and some sensitive user data has been compromised through screen recordings.

"Protecting user privacy is paramount in the Apple ecosystem," an Apple spokesperson told TechCrunch. "Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity."

The initial report highlighted third-party analytics code used by Air Canada, Expedia, Hotels.com, Hollister and other companies in their mobile apps that allows them to record the screens of users while they navigate the app. These "session replays" are designed to help developers work out kinks, make informed UI decisions, and better inform them on how users are interacting with their apps in general.

Read 6 remaining paragraphs | Comments

Posted in App Store, app store review guidelines, apple, glassbox, Privacy, screen recording, Tech | Comments (0)

Cisco, like Apple and other tech giants, now wants new federal privacy law

February 7th, 2019
Cisco, like Apple and other tech giants, now wants new federal privacy law

Enlarge (credit: Igor Golovniov/SOPA Images/LightRocket via Getty Images)

On Thursday, Cisco formally joined the parade of major tech companies that have been calling for a comprehensive federal privacy law that would once and for all set a clear standard for tech companies nationwide.

Currently in the United States, there is a patchwork of laws governing how various types of data are handled—health, financial, etc.—but there isn’t a clear set of rules for Silicon Valley giants that traffic in vast amounts of information sharing. As a hardware networking giant, however, Cisco does not profit from user data in the same way that a company like Google or Facebook does.

In a blog post, Cisco’s top lawyer, Mark Chandler, called the current legal framework "not adequate." Cisco hasn’t put forward specific bill language just yet; it is speaking for now in generalities.

Read 10 remaining paragraphs | Comments

Posted in ashkan soltani, Cisco, Policy, Privacy | Comments (0)

How to Delete Accidentally Sent Messages, Photos on Facebook Messenger

February 6th, 2019
Ever sent a message on Facebook Messenger then immediately regretted it, or an embarrassing text to your boss in the heat of the moment at late night, or maybe accidentally sent messages or photos to a wrong group chat? Of course, you have. We have all been through drunk texts and embarrassing photos many times that we later regret sending but are forced to live with our mistakes. Good news,

Posted in Delete Sent Messages, Facebook, Facebook Messages, Facebook Messenger, Privacy, Unsend Messages | Comments (0)

Apple revokes Facebook’s developer certificate over data-snooping app—Google could be next

January 30th, 2019
Google and Facebook circumvented the App Store to distribute VPN apps that collected user data against Apple's policies.

Enlarge / Google and Facebook circumvented the App Store to distribute VPN apps that collected user data against Apple's policies. (credit: Aurich / Getty)

Both Facebook and Google have used Apple's Enterprise Developer Program—which is intended for exclusive use by companies to give system administrators the ability to distribute apps to employees' devices internally—to circumvent Apple's app store and distribute to users applications that closely monitor users' app, messaging, and network activity.

News of Facebook's application was published on TechCrunch yesterday, leading Apple to revoke Facebook's enterprise certificate. This same certificate had been used internally by Facebook for distributing beta builds of Facebook's apps and for other needs, so the revocation poses a serious challenge for the company.

News of Google's similar program also broke on TechCrunch, but that happened more recently, and Apple has not yet indicated whether it intends to take similar action with Google. We'll start by unpacking the Facebook side.

Read 18 remaining paragraphs | Comments

Posted in apple, Enterprise Certificates, Enterprise Developer Program, Facebook, Facebook Research, google, onavo, Policy, Privacy, Tech, user data | Comments (0)

FaceTime bug lets callers hear you before you answer (really) [Updated]

January 29th, 2019
Apple demonstrates Group Facetime at WWDC 2018.

Enlarge / Apple demonstrates Group Facetime at WWDC 2018. (credit: Valentina Palladino)

Users have discovered a bug in Apple's FaceTime video-calling application that allows you to hear audio from a person you're calling before they accept the call—a critical bug that could potentially be used as a tool by malicious users to invade the privacy of others.

When Ars reached out to Apple for a statement, the company replied, "We're aware of this issue, and we have identified a fix that will be released in a software update later this week." An hour or two after this post went live, Apple disabled Group FaceTime to mitigate the bug.

The bug requires you to perform a few actions while the phone is ringing, so if the person on the other end picks up quickly, they might not be affected. Knowledge of how to use the bug is already widespread. The steps include:

Read 6 remaining paragraphs | Comments

Posted in apple, FaceTime, Privacy, Tech | Comments (0)

Google fined $57 million by France for lack of transparency and consent

January 21st, 2019
The French data protection watchdog CNIL has issued its first fine of €50 million (around $57 million) under the European Union's new General Data Protection Regulation (GDPR) law that came into force in May last year. The fine has been levied on Google for "lack of transparency, inadequate information and lack of valid consent regarding the ads personalization," the CNIL (National Data

Posted in data breach, GDPR, GDPR Compliant, GDPR Fine, google, Privacy, Privacy Breach, privacy watchdog | Comments (0)

Google must pay €50 million for GDPR violations, France says

January 21st, 2019
Exterior of Google office building.

Enlarge / Google's main headquarters. (credit: Cyrus Farivar)

Google has been fined €50 million (~$57 million) by French regulators, the first major penalty under a sweeping new European Union privacy law known as GDPR, which took effect last year.

According to the French government agency, known by the acronym CNIL, Google is still in breach of the law.

CNIL explained that Google had violated two provisions of the law: first by not making its data-collection policies easily accessible enough and second by not obtaining sufficient and specific user consent for ad personalization across each of Google’s numerous services, including YouTube, Google Maps, and more.

Read 5 remaining paragraphs | Comments

Posted in CNIL, google, Policy, Privacy | Comments (0)