Examples of Abuse Timeline

  • According to information collected by Le Temps, telco Swisscom will use SIM card geolocation data to communicate to federal authorities when more than 20 phones are detected in an 100 square meters area. Gathering of more than 5 people are forbidden in Switzerland since March 21. Data collected by
  • The free app Testeate, developed by the company Adrómeda in collaboration with the Association of Information and Communication Technologies of Mar del Plata (ATICMA) and the Chamber of Software and Computer Services Companies of Argentina (CESSI), is intended to enable direct information exchange
  • To contain the coronavirus, Vietnam focused on aggressive contact tracing, forced quarantines for all people arriving in the country, cancelling all foreign flights, conscripting medical students and retired doctors and nurses, instituting surveillance, and mobilising medical and military personnel
  • After Pakistani residents queried whether messages labelled "CoronaALERT" sent out via SMS were legitimate, telecom authorities confirmed that it was authentic, being sent to selected individuals at the request of the Ministry of Health under the Digital Parkistan programme. Individuals were chosen
  • The Local Government Association has argued that councils should not have to comply with freedom of information requests during the coronavirus crisis. Greater Manchester police followed suit, saying that police in non-critical roles were being reallocated to operational policing and would not
  • Malaysia will use both government-owned drones and drones borrowed from local industries under the direction of the armed forces and on-the-ground police to monitor compliance with the Movement Control Order. Because Malaysia doesn't have enough drones to cover the whole country, they will be
  • Under a new protocol, international passengers arriving at Lime's Jorge Chavez International Airport or by ship at Callao Port, is referred to medical staff if they are arriving from places with confirmed cases, even if they are asymptomatic. Passengers who show symptoms in transit are transferred
  • Russian prime minister Mikhail Mishustin has ordered the country's Communications Ministry to develop a system, to be built on analysing specific individuals' geolocation data from telecommunications companies that can track people who have come into contact with those who have tested positive for
  • Because tracking and limiting the movement of those suspected to be carrying COVID-19 carriers has been a factor in flattening the exponential curve of cases in places like Singapore, Taiwan, and South Korea, Professor Marylouise McLaws, a technical advisor to the WHO's Infection Prevention and
  • The Dutch coronavirus containment measures introduced on March 23 were in line with many other countries: gatherings banned until June 1 except for funerals and weddings; social distancing; personal services such as nail bars and hairdressers shut down; schools, gyms, fitness centres, and sports
  • The Greek government issued a ban on all unnecessary traffic from March 23 to April 6 in order to stop the spread of the coronavirus. Anyone moving around under one of the list of exceptions must carry a police identity card or passport and a certificate of movement, which citizens obtain by filling
  • After Asian countries used mass surveillance of smartphones to trace contacts and halt the spread of the coronavirus, Western countries such as the UK and Germany are trying to find less-invasive ways to use phones to collect and share data about infections that would work within data privacy laws
  • The Hungarian government is seeking to extend indefinitely the state of emergency it has declared because of the coronavirus epidemic. The extension, which was debated in the Hungarian parliament on March 23, would allow the government to rule by decree without parliamentary approval for as long as
  • The self-testing web app issued by Argentina's Secretariat of Public Innovation asks for national ID number, email and phone as mandatory fields in order to submit the test. The Android version requires numerous permissions: calendar, contacts, geolocation data (both network-based and GPS)
  • Technology such as Hong Kong's electronic monitoring bracelets, used to ensure that people do not break their mandated quarantine, is sensible during a pandemic, but could be problematic if deployed widely and used to identify those who have joined anti-government protests. The same applies to
  • Albania deployed the army for a planned 40 hours to enforce a curfew that the country initiated on March 21 to control the spread of COVID-19 after citizens continued to openly ignore the orders to stay at home. Although the country had only 76 confirmed cases at the time, it was concerned about the
  • The US Department of Justice has asked Congress for the ability to ask chief judges to detain people indefinitely without trial during emergencies as one of a number of new powers the department is seeking during the coronavirus crisis. The DoJ also wants Congress to pause the statute of limitations
  • Among the Chinese companies making efforts to help the country respond to the coronavirus are the technology giants Alibaba, Baidu, ByteDance, Tencent, Xiaomi, and Foxconn. In order to fight misinformation, Baidu created a map layer on top of its standard Map App that shows real-time locations of
  • India has begun stamping the hands of people arriving at airports in the states of Maharashtra and Karnataka to specify the date until which they must remain in quarantine. The government is also using airline and railway reservation data to track suspected infections and find hand-stamped people
  • The new Singaporean app, TraceTogether, developed by the Government Technology Agency in collaboration with the Ministry of Health was launched on March 20 after eight weeks of development. The app, which can be downloaded by anyone with a Singapore mobile number and a Bluetooth-enabled smartphone
  • To counter the many rumours, fake news, and hoaxes spreading in Myanmar, the country's Ministry of Health and Sports launched a website in collaboration with state and regional governments with videos about the virus, the latest data, and updates on the latest number of cases and lab results in
  • On March 20, the Peruvian government introduced a website where citizens can retrieve the results of tests for COVID-19. The site asks only for the patient to fill in their National ID number and a simple captcha, making it easy for unauthorised parties to access others' results and put people at
  • Researchers at the University of Oxford are working with the UK government on an app similar to the smartphone tracking system China developed to alert people who have come in contact with someone infected with the coronavirus. The British app, which would be associated with the country's National
  • Hakob Arshakyan, Armenia's minister of the high technology industry, has convened a research group comprising experts in IT and AI has been convened to collect and analyse data on the spread of coronavirus, compare it with the data collected by international partners, and develop forecasts. The
  • Facebook's scientists are analysing location data about compliance with social distancing recommendations in various countries using information from a private vault of location information its apps have collected. The analysis shows that only "very modest" changes in habits in the US, France, and
  • Four members of the Council of Europe - Romania, Latvia, Moldova, and Armenia - have activated Article 15 of the European Convention on Human Rights, which allows derogations in cases of public emergency. Derogation allows Member States to take measures to the extent required by the situation as
  • Four members of the Council of Europe - Romania, Latvia, Moldova, and Armenia - have activated Article 15 of the European Convention on Human Rights, which allows derogations in cases of public emergency. Derogation allows Member States to take measures to the extent required by the situation as
  • Four members of the Council of Europe - Romania, Latvia, Moldova, and Armenia - have activated Article 15 of the European Convention on Human Rights, which allows derogations in cases of public emergency. Derogation allows Member States to take measures to the extent required by the situation as
  • In response to a case brought by the Legal Center for Arab Minority Rights in Israel (Adalah), the Arab Joint List, and the Association for Civil Rights in Israel, the Israeli Supreme Court issued a temporary injunction on March 19 limiting the the state's and the Shin Bet security service's use of
  • Four members of the Council of Europe - Romania, Latvia, Moldova, and Armenia - have activated Article 15 of the European Convention on Human Rights, which allows derogations in cases of public emergency. Derogation allows Member States to take measures to the extent required by the situation as
  • As governments look into surveillance, geolocation and biometric facial recognition to contain the coronavirus, even if they violate user data privacy, the controversial facial recognition company Clearview AI is allegedly negotiating a partnership with state agencies to monitor infected people and
  • As governments look into surveillance, geolocation and biometric facial recognition to contain the coronavirus, even if they violate user data privacy, the controversial facial recognition company Clearview AI is allegedly negotiating a partnership with state agencies to monitor infected people and
  • The Serb-dominated Republika Srpska, one of two entities that make up Bosnia and Herzegovina, is introducing fines of €500 to €1,500 (individuals) or €3,000 to €9,000 for spreading "panic and disorder" by publishing false news about the coronavirus outbreak in the media and on social networks
  • Mobile network operator O2 is providing aggregated data to the UK government to analyse anonymous smartphone location data in order to show people are following the country's social distancing guidelines, particularly in London, which to date accounts for about 40% of the UK's confirmed cases and 30
  • BT, owner of UK mobile operator EE, is in talks with the government about using its phone location and usage data to monitor whether coronavirus limitation measures such as asking the public to stay at home are working. The information EE supplies would be delayed by 12 to 24 hours, and would
  • The Chinese Communist Party has worked to control the narrative and deflect blame during the coronavirus crisis by drawing on its state and CCP-owned media to disseminate content via its English-language Facebook pages and Twitter feed (even though these platforms are banned in China). China has
  • The Polish government has developed the free Home Quarantine app for both iPhone and Android, which allows the police to check that individuals do not break quarantine; those who do may be fined up to PLN 5,000 and also offers support to those who are quarantined. Once users activate the app by
  • The Romanian government has formally notified the Council of Europe under Article 15, paragraph 3 of the ECHR of the country's state of emergency decree, noting that some of the measures being taken involve derogations from the obligations under the Convention. Source: https://rm.coe.int
  • Hong Kong is issuing electronic tracker wristbands to people under compulsory home quarantine to ensure they do not go out. The wristbands are accompanied by a mandatory smartphone app that shares their location with the government via messaging platforms such as WeChat and WhatsApp. Upon arriving
  • In emergency legislation, the government of Norway proposed to exempt itself from current laws other than the Constitution and human rights so that it could issue new rules and regulations without needing Parliamentary debate even if they conflict with other laws. MPs may intervene if a third of
  • The identities of Montenegro's first two confirmed COVID-19 patients were published by social media users, including photos of one of the patients and her family, leading to online abuse based on their ethnicity and religious beliefs. Source: https://balkaninsight.com/2020/03/18/montenegrin
  • According to a company announcement, Telepower Communication (Telpo), a leading Chinese manufacturer of smart point-of-sale systems and intelligent hardware, has integrated into its terminals new features to support a wide variety of contactless use cases. The company’s family of terminals for
  • After Singapore’s Ministry of Health made information about victims public, and a developer turned the information into an interactive map. The map was discontinued on March 18 because the volume of cases had outstripped the developer's limits. Source: https://sgwuhan.xose.net/
  • In a statement, Vodafone said it is "producing an aggregated and anonymous heat map for the Lombardy region in Italy to help the authorities to better understand population movements in order to help thwart the spread of COVID-19." The company offered to help governments develop insights based on
  • Kinsa Health, which has sold or given away more than 1 million internet-connected thermometers to household covering 2 million people, finds that the maps it creates showing the difference between expected (based on years of data the company has collected) and reported levels of fever may act as an
  • Technology entrepreneurs within Belgium would like to introduce a health code app similar to China's Alipay Health Code that would control individuals' movements based on their health status. The government has engaged privacy experts from the Belgian data protection authority and Ghent University
  • On March 19, the Peruvian government instituted a daily curfew from 8pm to 5am, which applies to all but those working to provide essential services. Members of the print and broadcast press must carry their special permits, badges, and ID cards, and those requiring urgent medical care are allowed
  • The CovPY Auto Reporte project is an auto-reporting system created by Penguin Academy in the hope of smoothing the peak impact of the pandemic on the Paraguayan health system. It allows anyone to access it and report their symptoms and get quick feedback what steps to take next as well as generate
  • Thailand's National Broadcasting and Telecommunication Commission (NBTC) provided a SIM card to every foreigner and Thai who had travelled from countries that have have been designated as "high risk" for COVID-19 infections (at the time, China, Hong Kong, South Korea, Italy, and Macau). According to
  • The German mobile operator Deutsche Telekom announced in a press conference on RKI Live that it had passed on, anonymised, its users' movement data to the Robert-Koch Institute to study the extent to which the population would follow the government's restrictions. RKI president Lothar Wieler said
  • A task force at the Italian Ministry of Innovation, in collaboration with the University of Pavia to leverage big data technologies to deal with COVID-19, after the WHO advised governments that lockdowns alone are not enough, and that testing, isolation, and contact tracing are crucial. The effort
  • The coronavirus action plan announced on March 3, alongside many measures for managing the NHS in the crisis, will also allow the Investigatory Powers Commissioner to appoint judicial commissioners (JCs) on a temporary basis in the event that there are insufficient JCs available to operate the
  • The Austrian telecom operator A1 has voluntarily provided the government with "anonymized" location data of its customers for the first two Saturdays in March. The data shows that citizens have significantly reduced their social contacts. After critics expressed privacy concerns, the company issued
  • The Israeli compnay NSO Group, best known for the spyware it sells governments and has been used to target journalists and advocates, says it has developed a product aimed at analysing data to map people’s movements to identify who they’ve come in contact with, which can then be used to stop the
  • The Paraguayan Minister of Defense, Bernardino Soto Estigarribia, announced that from March 17 onward restrictions on movement and crowds would be enforced by the military along with the police forces. The minister said it should not be thought of as a violation of human rights because the military
  • Ministers have permitted the Shin Bet security service to "use the cellular phone data of carriers of the disease to retrace their steps and identify anyone they may have infected", and will relay the information to the Health Ministry, which will send a message to those who were within two meters
  • Athena Security, which previously sold a system claiming to detect weapons in video feeds, is marketing "artificially intelligent thermal cameras" that the company claims can detect fevers and send an alert to the client that they may be carrying the coronavirus, and claims that its Fever Detection
  • A task force at the Italian Ministry of Innovation, in collaboration with the University of Pavia to leverage big data technologies to deal with COVID-19, after the WHO advised governments that lockdowns alone are not enough, and that testing, isolation, and contact tracing are crucial. The effort
  • At the MIT Media lab, Ramesh Raskar is leading a team that includes software engineers at companies such as Facebook and Uber to develop the free and open source app Private Kit: Safe Paths. The app is intended to share encrypted information between phones in the network without going through a
  • Taiwan, linked by direct flights to Wuhan, moved to contain the virus as soon as reports of the Wuhan outbreak emerged. At the end of January, it suspended flights from China, and integrated its national health database with its immigration and customs information in order to trace potential cases
  • Aided by its small size, Singapore's contact tracing efforts were a key element of controlling the virus's spread; detectives used CCTV footage to locate the contacts of more than 6,000 people. Singapore also contacts individuals required to self-isolate several times a day and requires them to send
  • Russia has set up a coronavirus information centre to to monitor social media for misinformation about the coronavirus and spot empty supermarket shelves using a combination of surveillance cameras and AI. The centre also has a database of contacts and places of work for 95% of those under mandatory
  • The Ecuadorian government has authorised tracking mobile phones via GPS satellite to ensure that citizens do not break mandatory quarantine after six violators were identified. Source: https://www.ecuadortv.ec/noticias/covid-19/romo-vigilancia-epidemiologico-covid19-? Writer: Ecuador TV Publication
  • On March 17, after declaring a state of emergency an ordering everyone to stay at home, the Peruvian government began requiring a special authorisation for street travel. Workers in a the categories specified in Article 4 of the Supreme Decree must obtain the authorisation via a government website
  • Metrolinx, the public transport agency for the Canadian province of Ontario says that, on request, it gave Toronto Public Health contact information associated with registered Presto payment cards used on specific trips, after a 40-year-old man was diagnosed with coronavirus (COVID-19). The agency
  • The Israeli prime minister, Benjamin Netanyahu, has authorised the country's internal security agency to use a previously secret tranche of mobile phone geolocation data, gathered to combat terrorism, to retrace the movements of individuals with confirmed cases of the coronavirus and identify people
  • Peru has suspended constitutional rights such as freedom of movement and assembly, although the government has guaranteed the operation of supermarkets, pharmacies, banks, basic services, and the transportation of merchandise. Source: https://www.reuters.com/article/us-health-coronavirus-latam
  • Three years ago, the Alphabet subsidiary Verily developed a software platform, Project Baseline, to run clinical trials on a group of volunteers who agree to share their medical data with a group of researchers at pharmaceutical companies and research hospitals. In early March, Verily began
  • The presidential decree declaring a health emergency in Paraguay empowers the Ministry of Public Health to order "general preventive isolation" from 8:00 p.m. to 4:00 a.m, with exceptions for those doing vital work such as delivering food or transportation. The Ministry of the Interior and its
  • The Indonesian Doctors Association has asked the government to open up the identity of patients who have tested positive for the novel coronavirus in order to facilitate contact tracing and improve the efficiency of efforts to prevent further spread, arguing that in an emergency like this the public
  • Among the emergency measures announced by Serbian president Aleksandar Vucic, the military will guard hospitals and police will monitor those in quarantine or self-isolation for 14 or 28 days, who could face jail terms of up to three years for violating the rules. Source: https://www.reuters.com
  • On Wednesday, the government of Madrid will launch a free app to track COVID-19 cases similar to those developed in Asian countries such as South Korea, China, and Taiwan. The development is being carried out at no charge by developers from Google, Telefónica, Ferrovial, Goggo Network, Carto
  • The Thai Tech Startup Association, Department of Disease Control (Ministry of Public Health), Digital Economy Promotion Agency (Ministry of Digital Economy and Society), and National Innovation Agency have developed a questionnaire on an app which as adverised on the Thai Tech Startup Associaiton
  • US government agencies are considering a range of tracking and surveillance technologies as part of efforts to control the spread of the novel coronavirus. These include: geolocation tracking and facial recognition systems to analyse photos, both to enable contact tracing. Palantir is working with
  • On March 14 a group of immigrant advocacy groups wrote to the government asking for the Home Office to release all 1,500 to 2,000 detainees in order to protect them from a coronavirus outbreak in the UK's seven removal centres and two short-term holding centres.. On March 21, the Home Office said it
  • On March 14, the Peruvian government set up a website for individuals to check their symptoms so they can be directed towards sources of help. The web form asks for ID number, phone, email and home address. Source: https://www.gob.pe/coronavirus Writer: Peruvian government Publication: Peruvian
  • On March 14, Romanian president Klaus Iohannis announced a state of emergency to make it possible to allocate new resources for crisis management, and urged the public to follow isolation guidelines and hygiene rules. The Parliament must approve within five days, and the state of emergency lasts 30
  • The Belgian Minister of Public Health has approved a programme under which telephone companies Proximus and Telenet will transfer some of their their data to the private third-party company Dalberg Data Insights in order to help combat the coronavirus epidemic; Orange has also agreed "in principle"
  • A review of European privacy laws considers whether the tracking and monitoring methods China used to shut down the COVID-19 epidemic are in compliance with GDPR. The French data protection authority CNIL says employers are not allowed to take mandatory temperature readings from employees or
  • Taiwan's response to the coronavirus has kept the country's level of cases extremely low. Building on its experience from the 2003 SARS outbreak, the country immediately responded when the first news of the outbreak in China appeared with numerous measures that leveraged its national insurance data
  • A Hamburg geotracking startup called Ubilabs is working with the Hannover School of Medicine on a data analysis platform that could track people who have tested positive for the coronavirus and their contacts, Der Tagesspiegel reported on Tuesday; this type of tracking would require individuals'
  • Frisco, TX-based MTX Group is collaborating with the New York State Department of Health in deploying a coronavirus-monitoring and messaging system enabling New York State to monitor travellers, physicians, and others who come into close contact with anyone with symptoms. The application asks users
  • Technology companies are struggling to cope with the flood of misinformation spreading across the internet, both on social media sites and on the open web, where 4,000 new websites have been created since the beginning of the year that include "coronavirus" in their title and 3% of which are
  • After the Iranian government produced the AC19 Android app, intended to help people self-diagnose rather than going to a hospital, Google pulled it from the Play Store apparently suspecting that the app made the misleading claim that it could detect COVID-19 infections although it is also true that
  • Colombia's has launched the free, Android-only, prevention-focused Colombia-Coronapp developed by the National Health Institute (INS) to help identify and eradicate the virus across the country, as well provide centralisation and transparency. Besides their basic information, users are asked to say
  • China's airport screening, which includes scanning all arriving passengers for fever using “noncontact thermal imaging” since late January and requiring passengers to report their health status on arrival, look reassuring but won't stop the spread of the novel coronavirus because experience with
  • With 6,300 COVID-19 cases and more than 40 reported deaths, the South Korean government launched a smarphone app (Android first, iPhone due on March 20) to monitor citizens on lockdown as part of its "maximum" action to contain the outbreak. The app keeps patients in touch with care workers and uses
  • The "safety guidance texts" sent by health authorities and district offices in South Korea are causing information overload and have included embarrassing revelations about infected people's private lives. A text may include, for example, a link to trace the movements of people who have recently
  • Despite warnings that airport screening will only delay but not stop disease outbreaks, in early March US vice-president Mike Pence pledged "100% screening" on direct flights from Italy and South Korea to the United States. Source: https://www.sciencemag.org/news/2020/03/why-airport-screening-wont
  • In a rare departure from personalisation, Facebook announced that it had begun inserting a box into its news feed directing users to the Centers for Disease Control’s page about COVID-19, potentially driving many millions of users to reliable information from an authoritative source. Facebook also
  • WhatsApp is being flooded with fake cures, false information about how the illness is transmitted, and coronavirus conspiracy theories, and has become a vector for spreading panic and misinformation around the world, particularly in countries such as Nigeria, Singapore, Brazil, Pakistan, and Ireland
  • Twitter announced that searching for COVID-19 will take you to a page featuring recent stories from public health organizations and credible mainstream news sources. The search takes common misspellings into account. The company also said it would take a zero-tolerance approach to platform
  • The first two confirmed cases of COVID-19 in Indonesia and their neighbours became the targets of media coverage and social media abuse after their personal details were spread via WhatsApp and other social media soon after the President announced the positive tests results - before anyone told the
  • A group of independent developers in Argentina started CoTrack, a public crowdsourced effort to develop an app to track and slow the spread of the virus. CoTrack registers each user's geographic movements and looks for times when they are close to people who have been diagnosed with COVID-19. When
  • Software on smartphones dictates whether an individual should be quarantined. Chinese citizens in 200 cities, beginning with Hangzhou, are required to install the Alipay Health Code app, developed by Hangzhou's local government with the help of Alipay owner Ant Financial, on their smartphones. After
  • An Argentinian crowdsourcing website is collecting information on flights with passengers who were reported as testing positive for COVID-19. Users are asked to enter their email address and the date, airline, and flight number, and tick a box to indicate that someone on their flight was infected
  • Software on smartphones dictates whether an individual should be quarantined. Chinese citizens in 200 cities, beginning with Hangzhou, are required to install the Alipay Health Code app, developed by Hangzhou's local government with the help of Alipay owner Ant Financial, on their smartphones. After
  • A document awaiting approval from the federal authorities outlines the measures Russia may need to adopt in the event of a widespread COVID-19 outbreak. In "emergency mode". The proposal's Plan A allows for cancelling all international sports, cultural, scientific, and social events in Moscow
  • A new surveillance system to detect cases of COVID-19 in England was established by Public Health England (PHE) and the NHS to strengthen existing systems and to prepare for and prevent wider transmission of the virus. Some NHS hospitals have been asked to take part in the plan, which involves
  • Facebook is providing researchers at Harvard University’s School of Public Health and National Tsing Hua University in Taiwan "aggregated and anonymized" mobility data and high resolution population density maps to help inform their forecasting models for the spread of the virus as part of our
  • Facebook announced on its blog that it was providing researchers at Harvard University’s School of Public Health and National Tsing Hua University in Taiwan with aggregated and anonymised mobility data and high resolution population density maps to help inform their forecasting models for the spread
  • Russian authorities are using surveillance cameras, facial recognition systems, and geolocation to enforce a two-week quarantine regime affecting 2,500 people. Chinese citizens are banned from entering Russia; Russians and citizens of other countries who arrive from China are required to go through
  • The Hong Kong Department of Health has asked the police to deploy its computerised Major Incident Investigation and Disaster Support System in order to trace the contacts of patients infected by the novel coronavirus. The request for the system, which was used during the SARS epidemic in 2003, came
  • In mid-February the Federal Register published new CDC rules, which came into interim effect on February 7, under which airlines are required to collect the name and contact information of all passengers and crew arriving in the United States on international flights, and to transmit this
  • A phone-tracking system used by SAPOL for criminal investigations was used to better understand where a coronavirus-infected 60-year-old couple, who had travelled from Wuhan to visit relatives, roamed in Adelaide in order to identify people who might have been exposed, according to the South
  • After 195 US citizens were repatriated from Wuhan, China in January they were placed in quarantine without warning in a cordoned-off section of the Air Force Research Base in California's Mojave Desert. The legal position of this and other similar quarantines is unclear, as the Centers for Disease
  • Recent study shows that Americans are wary of data from smart speakers being used in criminal investigations, the Pew Research Center reported. A recent study showed that 49% of Americans answered that it is unacceptable for smart speakers companies to share audio recordings of their customers with
  • A woman was killed by a spear to the chest at her home in Hallandale Beache, Florida, north of Miami, in July. Witness "Alexa" has been called yet another time to give evidence and solve the mystery. The police is hoping that the smart assistance Amazon Echo, known as Alexa, was accidentally
  • Rewire.News has reported that Google apparently remains unwilling to differentiate its Maps search results between clinics in the US that offer abortion care and faith-based organisations that do not provide abortion care. Rewire.News reports that, in contrast Yelp "made a concerted effort" to
  • Bethany Christian Services, an international pregnancy support and adoption agency, is launching a programme with Copley Advertising to send targeted ads to individuals visiting Planned Parenthood clinics, abortion clinics, methadone clinics and high-risk areas (AHPA). The targeting will be done
  • Ahead of the Irish referendum to amend the Constitutions of Ireland to allow the parliament to legislative for abortion which took place in May 2018, Google decided to stop all advertising relating to the referendum on all of its advertising platforms, including AdWords and YouTube. This followed
  • Denmark released 32 prisoners as part of an ongoing review of 10,700 criminal cases, after serious questions arose regarding the reliability of geolocation data obtained from mobile phone operators. Among the various problems with the software used to convert the phone data into usable evidence, it
  • The Lumi by Pampers nappies will track a child's urine (not bowel movements) and comes with an app that helps you "Track just about everything". The activity sensor that is placed on the nappy also tracks a baby's sleep. Concerns over security and privacy have been raised, given baby monitors can be
  • US campaigners supported by the Catholic church are promoting the app Femm, which collects sensitive data about women's sexual lives and aim to scare women from using hormonal birth control, in rural Nigeria. Femm received a $100,000 from the Papal Foundation to promote their app. https://www
  • Bahrain has warned its citizens and residents could face legal action simply for following social media accounts it deems anti-government, which raises concerns about the ability of Bahraini citizens and residents to exercise their fundamental rights and freedoms. In May 2019, a state terrorism law
  • Amazon shareholders rejected two non-binding proposals governing its facial recognition software, Rekognition: one would have limited sales of Rekognition to governments, unless a board determined that such sales would not violate peoples’ rights, and the other was to study the extent to which
  • GDPR complaints about Real-Time Bidding (RTB) in the online advertising industry were filed today with Data Protection Authorities in Spain, the Netherlands, Belgium, and Luxembourg. The complaints detail the vast scale of personal data leakage by Google and other major companies in the “Ad Tech”
  • As a part of Facebook’s efforts to curb disinformation and misinformation on its platform, the company introduced new rules over how political content is marked. This has resulted in content that is educational, news articles, and otherwise seemingly non-political being marked incorrectly and taken
  • Political ads on Facebook are meant to be marked with a disclaimer that says who paid for the ad, as well as be archived into the platform’s ad library, where users are able to see more information about how an ad was targeted. It’s important to note that the ‘who paid for the ad’ requirement is
  • Facebook has taken down 65 accounts, 161 pages, dozens of groups and four Instagram accounts, which were ran by Archimedes Group, an Israeli political consulting and lobbying firm that aimed at disrupting elections in various countries. Archimedes was mostly active in Sub-Saharan Africa but also
  • Facebook's efforts to remove disinformation in the wake of the 2019 Ukrainian Presidential election have so far failed. Politico reports that "Among the Facebook pages that spread spurious claims during the election was one with more than 100,000 followers that ran a video claiming (the Presidential
  • Absher, an online platform and mobile phone app created by the Saudi Arabian government, can allow men to restrict women’s ability to travel, live in Saudi Arabia, or access government services. This app, which is available in the Google and Apple app stores, supports and enables the discriminatory
  • The Irish Data Protection Commission has today launched an inquiry into the data practices of ad-tech company Quantcast, a major player in the online tracking industry. PI's 2018 investigation and subsequent submission to the Irish DPC showed how the company is systematically collecting and
  • The New York Times picked 16 categories (like registered Democrats or people trying to lose weight) and targeted ads at people in them. They used the ads to reveal the invisible information itself, noting that it is a "story of how our information is used not just to target us but to manipulate
  • A private intelligence company, LookingGlass Cyber Solutions, used social media to monitor more than 600 “Family Separation Day Protests” held across the United States on June 30, 2018, to oppose the Trump administration’s policy family separation policy. The policy was part of a “zero tolerance”
  • The two leading Presidential candidates in Ukraine's 2019 elections have expressed frustration at major social media platform's seemingly lack of assistance combatting disinformation and bots. Bots flood social media networks and can promote content or flood platforms with pull requests to have a
  • On April 16th 2019, Italy’s antitrust authority said that it had launched a probe into five Amazon companies for possible abuse of dominant market position in e-commerce and logistical services. The companies being looked into include Amazon Services Europe, Amazon Europe Core, Amazon EU, Amazon
  • In Ireland benefits claimants are expected to register for a Public Services Card (PSC) in order to access benefits. PSC users are expected to have their photographs taken in department offices, which is then digitally captured along with their signature. While this card was originally created to
  • An investigation by Bloomberg, disclosed that thousands of Amazon employees around the world are listening in on Amazon Echo users.
  • In an effort to improve political advertising transparency, Canada drafted a Bill that requires companies to develop ad libraries, to which ads are added immediately in order for researchers, journalists, and other people to be able to search and understand how political actors are targeting ads. In
  • The rise of social media has also been a game changer in the tracking of benefits claimants. In the UK in 2019, a woman was jailed after she was jailed for five months after pictures of her partying in Ibiza emerged on social media. She had previously sued the NHS for £2.5 million, after surviving a
  • The Five Star Movement, a populist party, which is currently in power along with the League in Italy initially grew out of Il Blog delle Stelle (formerly Beppe Grillo’s blog). The Five Star Movement was founded by comedian Beppe Grillo, along with Gianroberto Casaleggio, a web strategist in 2009. As
  • The European Commission, EU’s antitrust watchdog, is nearing a decision on its investigation into Amazon. According to a report in Seeking Alpha, EU Competition Chief Margrethe Vestager said the Commission gathered “a lot of data” in its investigation into Amazon. The report noted the EU sent out 1
  • Dr Johnny Ryan filed a formal complaint with the Irish Data Protection Commission against IAB Europe, the tracking industry’s primary lobbying organization. The complaint was filed against IAB Europe’s use of an unlawful “cookie wall” on its website. Visitors to IAB Europe’s website, www.iabeurope
  • Volunteers for Presidential candidate Volodymyr Zelenskiy were tasked with pouring over social media sites to search for disinformation and combat bot armies that spread negative comments about the candidate. Facebook has been slow to take down 'fake news' and so the volunteers search social media
  • In London, four boroughs have been trialling the London Counter Fraud Hub. The hub is designed to process huge quantities of data from millions of household to detect certain types of fraud involving the single person council tax discount (in London, a person living alone gets a reduced rate on
  • In February 2019, an examination of Facebook's searchable database of Indian political ads showed that in India political ads on Facebook were viewed nine times more often by men than by women. Facebook's Indian user base was reported as 24% female in 2016. The reason for the disparity in ad viewing
  • In August 2018, Apple forced Facebook to remove its Onava VPN from the App Store because the Facebook had been using it to harvest data across multiple apps and track user activity. In January 2019, a TechCrunch investigation revealed that in a separate part of the same programme Facebook had been
  • In February 2019, a faulty firmware update meant that Nike's latest $350 Adapt BB self-lacing shoes could not pair with the app that allows owners to adjust their tightness, customise the lights, and check remaining battery life. Because the shoes have no physical laces, the error effectively made
  • In February 2019, an anonymous tip-off to Computer Sweden revealed that a database containing recordings of 170,000 hours of calls made to the Vårdguiden 1177 non-emergency healthcare advice line was left without encryption or password protection on an open web server provided by Voice Integrate
  • In February 2019, shortly after eight British Labour MPs quit the party and formed the "Independent Group", one of them was caught accessing data and campaigning tools belonging to their former party. In response, Labour shut down access to tools Contact Creator, used to collect campaign data and
  • In February 2019, Twitter announced it would expand the political campaigning policy it launched in the US in May 2018 to all EU member states, Australia, and India, commencing March 11. Once the policy is live, only certified advertisers would be allowed to run political campaign ads on the service
  • In February 2019, with a general election expected in May, the Australian government revealed that Australia's main political parties had been hacked by a "sophisticated state actor". The Australian Cyber Security Centre uncovered the hack while investigating a just-revealed hack of the Australian
  • The National Board of Scholarships and School Aid (Junaeb) in Chile was also heavily criticised for its use of facial recognition programmes to deliver meals at thirty schools in three cities across the country. After the Supreme Court requested in 2017 that the system must not be applied without
  • In October 2018, Google developers announced Manifest V3, a new standard for developing extensions for its Chrome web browser. One of the modifications included replacing the API used by extensions that need to intercept and work with network requests. The new API, DeclarativeNetRequest, limits the
  • In 2016, Jamie Siminoff, the CEO of the miniature security camera company Ring, emailed his employees information them that the company would adopt a new mission to fight crime by using consumer electronics. The company, which Amazon acquired in 2018, sells its cameras with a social app, "Neighbors"
  • Similar to the European Commission’s investigation and the stand-alone German and Italian investigations into Amazon’s anti-competitive behaviour, Austria is now investigating whether Amazon is exploiting its market dominance in relation to other retailers that use its website as a marketplace. The
  • A couple who tried, in February 2018, to keep their unborn child a secret from the internet, in part so the child could create its own internet identity when it was ready. They had some success in avoiding being pursued by baby-related ads, but found themselves unable to exercise the control they
  • In February 2019, publicity led the gay dating app Jack'd, which claimed to have more than 5 million users and was ranked among the top four gay social apps on both Apple and Android, to close a security flaw that meant that photos users uploaded to share in private chat sessions were accessible to
  • In January 2019, Facebook announced that as of February 28 the site would add more information to that displayed when users click on the "Why am I seeing this?" button that appears next to ads on the service. Along with the brand that paid for the ad, some of the biographical details they'd targeted
  • In February 2019, Joke Schauvliege, an environment minister in Flanders, was forced to resign after she suggested that Belgian intelligence services had information showing that the schoolchildren's strikes to protest climate change were being directed by others. The largest march in Belgium to date
  • In its February 2019 iOS release (12.2), Apple introduced a toggle enabling users to control whether websites received motion and orientation data collected by the gyroscope and accelerometer inside the iPhone, iPad, and iPod touch. The change is believed to be in response to a 2018 report that
  • In February 2019, the cybersecurity company Trend Micro found that at least 29 beauty and photo editing apps that had been downloaded more than 4 million times from Google's Play Store included code that pushed full-screen ads for fraudulent or pornography content or that directed users to phishing
  • In February 2019 the UK Information Commissioner's Office issued fines totalling £120,000 against the EU referendum campaign Leave.EU (£15,000 and £45,000) and Eldon Insurance (£60,000), trading as Go Skippy Insurance, for serious breaches of electronic marketing laws. The ICO also said it would
  • In January 2019, researchers reported finding two huge data dumps. Collection #1 contained passwords and usernames relating to nearly 773 million email addresses spread across about 2.7 spreadsheet rows in 12,000 files. Collection #2.5 contained 845GB of data and more than 25 billion records that
  • In late 2018, researchers at SINTEF Digital Norway, ETH Zurich, and Berlin's Technical University discovered a new and serious vulnerability in several generations of the cellular mobile communications protocols: 3G, 4G, and the upcoming 5G. The flaw affected Authentication and Key Agreement, which
  • In January 2019 Apple briefly disabled the group functionality in its FaceTime video calling application after bug was discovered that allowed users to listen on the people they were calling when they did not pick up the call and also allowed some callers to see video of the person they were calling
  • Panoptykon Foundation, the Warsaw based digital rights organization, has joined in the complaints filed in the UK and Ireland in September by Jim Killock of the Open Rights Group, Michael Veale of University College London, and Dr Johnny Ryan of Brave, by filing a new complaint in Poland. Together
  • As part of its planning for the 2020 Olympic Games, due to be held in Tokyo, Japan approved a law that would allow the government to conduct a survey to identify vulnerable Internet of Things devices. The National Institute of Information and Communications Technology staff who carry out the survey
  • In January 2019, the British transparency NGO WhoTargetsMe, Mozilla, and the US investigative journalism site Pro Publica reported that recent changes in the social network's code were restricting their ability to monitor political ads on Facebook. The company said the changes were part of a
  • In January 2019 the UK's Information Commissioner's Office announced it was investigating an incident in which the food service company Deliveroo reported that some of its customers had complained they were charged up to £1,000 for orders they had not placed. Customers have used social media to
  • By January 2019, more than 100 million women worldwide were using smartphone apps that began as period-tracking apps but were beginning to branch out into tracking other types of health data - and also to broaden their use of the data they collect in search or profit. Unlike medical establishments
  • The vast majority of public benefits programs in the United States—Supplemental Security Income, Temporary Assistance for Needy Families, Medicaid, Children’s Health Insurance Program, Supplemental Nutrition Assistance Programs, the Earned Income Tax Credit, and Housing Assistance—do not take the
  • In January 2019, Facebook' announced it had removed multiple pages, groups, and accounts coordinating inauthentic behaviour on Facebook and Instagram that were set up by two unrelated operations originating in Russia. One of these operated 364 pages and accounts was active in the Baltics, Central
  • In January 2019 Twitter revealed that it had discovered a security flaw in that meant that Android users who updated the email address linked to their account between November 2014 and January 2019 had inadvertently turned off the "protected" setting on their accounts so that their tweets could have
  • In January 2019, Facebook announced it would extend some of the rules and transparency tools it developed for political advertising for upcoming spring elections in Nigeria, Ukraine, India, and the EU. In Nigeria, the site will bar electoral ads from advertisers outside the country where the
  • A vulnerability in Amadeus, the customer reservation system used by 144 of the world's airlines, was only superficially patched after a team reported the vulnerability in 2018. As a result, an attacker could alter online strangers' Passenger Name Records, which contain all the details of the
  • Despite Facebook's October 2018 rules intended to provide greater transparency about political ads, the sources of funding for UK political ads remained obscure in early 2019. when a network of hard-Brexit and people's vote campaigning groups spent more than £1 million on Facebook ads in the lead-up
  • The miniature security camera maker Ring, which was acquired by Amazon in 2017 for a reported $1 billion, has a history of inadequate oversight of the data collected by those cameras on behalf of its customers. In 2016, it reportedly granted virtually unlimited access to its Ukraine-based research
  • The US government created a database of more than 50 journalists and immigrant rights advocates, many of whom were American citizens, associated with the journey of migrants travelling from Central America to the Mexico-US border in late 2018. Officials from Customs and Border Protection (CBP)
  • On January 9, 2019 the UK Information Commissioner's Office fined SCL Elections, also known as Cambridge Analytica, £15,000 for failure to comply with an enforcement notice the ICO issued in May 2018 ordering the company to respond in full to a subject access request submitted by US-based academic
  • It was already known that law enforcement agencies can track phones to within 500 metres if they show service providers a warrant, but in January 2019, it became clear that the same real-time location data was being sold to a wide range of third parties, including car salesmen, property managers
  • A November 2018 breach of a government-funded resettlement agency's database in South Korea allowed hackers, believed to be North Korean state security officials, to copy the personal information belonging to 997 North Koreans living in South Korea. Escaping to South Korea is considered an act of
  • In December 2018, the Institute for Policy Research and Advocacy (ELSAM) warned that data misuse and voter behavioural targeting and micro-targeting could prove factors in the 2019 Indonesian general elections. Researcher Wahyudi Djafar cited examples from Kenya, where Cambridge Analytica had sent
  • In 2014, when the the far-right party of French politician Marine Le Pen needed cash, the loan of €9.4 million came from First Czech-Russian Bank, which was founded in the early 2000s as a joint venture between a Czech state bank and a Russian lender and went on to come under the personal ownership
  • In December 2018, the security researchers at 0DayAllDay discovered that the encryption keys hard-coded into the firmware inside the Guardzilla indoor wireless security system were protected by a ten-year-old, easily cracked algorithm. Because all the devices used the same keys, anyone could use the
  • Shortly after the 2016 US presidential election, LinkedIn founder and billionaire Reid Hoffman made a series of multi-million-dollar donations to dozens of left-leaning groups. Among them was American Engagement Technologies, in which Hoffman invested $750,000. In 2018, Hoffman wound up apologising
  • A startling amount of the internet is fake in one way or another, studies found in 2018. Less than 60% of web traffic is human; a 2013 study found that at least half of YouTube traffic was bots masquerading as people; in November 2018 the US Justice Department revealed that eight people were accused
  • In November 2018, the criminal hacker group 3ve found a new way of exploiting security weaknesses in the Border Gateway Protocol that allowed them to take control of IP addresses belonging to the US Air Force and other reputable organisations; the result was to net them $29 million in fraudulent
  • Millions of people own smart home devices like the Amazon Echo and Echo Dot—equipped with the Alex cloud-based artificial intelligence service—which have concerning implications for privacy rights. While, Amazon’s own policies promise that only the user and Amazon will listen to what those devices
  • In 2015, officials within the US Treasury Department Office of Terrorist Financing and Financial Crimes unit used a network of private Gmail and Hotmail accounts set up by the Russians with the stated goal of jointly defeating ISIS. Soon, however, instead the Russian financial crimes agency was
  • A December 2018 report prepared by the Oxford Internet Institute's Computational propaganda Research Project and the network analysis firm Graphika for the US Senate Intelligence Committee found that the campaign conducted by Russia's Internet Research Agency during the 2016 US presidential election
  • A December 2018 analysis of the use of Facebook by Matteo Salvini and Luigi Di Maio, Italy's two populist leaders, showed that the two exploited Facebook's streaming video and live broadcast services to bypass the mainstream media and foment discord during the March 2018 Italian general election
  • In December 2018 Facebook revealed that over a 12-day period in September a software bug may have wrongly allowed about 1,500 third-party apps to access 6.8 million users' photos, including some that people began uploading to the social network but didn't go on to finish posting. EPIC executive
  • The New York City public benefits system has been criticized for its punitive design, how it too often disciplines, rather than helps, people who are legally entitled to benefits. According to Mariana Chilton, the public benefits system is designed to control, surveil, and penalize low-income people
  • In December 2018 reports emerged that the Indian Electoral Commission would propose amendments to the Representation of the People Act 1951 that would require citizens to link their Electoral Photo ID Card to their Aadhaar number with the stated goal of improving the accuracy of the electoral rolls
  • A December 2018 analysis found that Facebook's measures for improving election security and discouraging anonymous political messages were poorly executed and inconsistently applied, and placed an unfair burden on charitable organisations and small businesses while simultaneously being easy for
  • On 14 May 2018, the husband of the victim, a pharmacist living in Linthorpe in Middlesbrough, subdued his wife with insulin injection before straggling her. He then ransacked the house to make it appear as a burglary. The data recorded by the health app on the murder’s phone, showed him racing
  • During the campaign leading up to the 2018 US midterm elections, the email accounts of four senior aides at the National Republican Congressional Committee were surveilled for several months. The intrusion was detected in April 2018 by an NRCC vendor, who alerted the committee and its cybersecurity
  • In Israel, the National Insurance Institute – in charge of granting benefits – eventually dropped a tender that had caused outrage in the country after being uncovered by Haaretz and Channel 13. The tender revealed the NII was trying to collect online data about benefits claimants – including from
  • Days after the 2018 shooting that killed 11 Jewish congregants in a Pittsburgh synagogue, The Intercept found that Facebook still allowed advertisers to choose "white genocide conspiracy theory" as a targeting criterion, capturing 168,000 members of the social network. The technique used was the
  • In December 2018, a hacker made more than 50,000 internet-connected printers worldwide print out flyers asking everyone to subscribe to the YouTube channel belonging to PewDiePie, whose real name is Felix Kjellberg. PewDiePie, who has had the most subscribers on YouTube since 2013, was in danger of
  • Following Ms. Vestager’s investigation into Amazon and its own sector enquiry into online price comparison services in October 2017, in June 2018 the German Federal Cartel Office (“Bundeskartellamt”) claimed that it “received a lot of complaints” and is said to be “looking at the role and market
  • In November 2018, Germany's Federal Cyberintelligence Agency (Bundesamt für Sicherheit in der Informationstechnik, or BSI) released a highly detailed analysis of the myriad ways that Windows 10 tracks users and showing that only enterprise versions of Windows have the ability to turn them off. BSI
  • In November 2018 the UK Information Commissioner's Office fined Uber's European operation £385,000 for inadequate security that permitted a November 2016 data breach affecting nearly 3 million British users and 82,000 drivers. In the 2016 breach, attackers obtained credentials that allowed them to
  • In November 2018, the Spanish senate approved 220-21 an online data protection law intended to ensure compliance with the General Data Protection Regulation with an added amendment that allowed political parties to use personal data obtained from web pages and other publicly accessible sources for
  • In the run-up to the May 2019 European Parliament elections, Google announced it would launch a new set of transparency tools to combat voter manipulation. Before being allowed to buy advertising on Google platforms, campaigns will be required to verify their identity, and approved ads will be
  • A 2018 study found that Twitter bots played a disproportionate role in spreading the false claim, made by US President Donald Trump shortly after winning the election but losing the popular vote in November 2016, that 3 million illegal immigrants had voted for Democratic opponent Hillary Clinton
  • In November 2018 the campaign group Freedom from Facebook used the social network's own advertising tools to promote a "safe space" website where they can submit whistleblower tips anonymously. Facebook declined to comment but did not appear to be blocking the ads nor keeping a log of who viewed
  • Police in the German state of Hesse are using a bespoke version of Palantir's Gotham software system, specially adapted for the police force. Palantir CEO Alex Karp sits on the board of the German mega publisher Axel Springer. Publication: WorldCrunch, Jannis Brühl Date: 20 November 2018
  • As part of the digital campaign to win re-election, in mid-2018 the BJP, which controls the Indian national government as well as that of the state of Chhattisbarh, handed out $71 million worth of free phones and subsidised data plans to 2.9 million of the state's voters and then used the phones to
  • With only days to go before the 2018 US midterm elections, a federal judge ruled that the state of Georgia must change its "exact match" law that required voter registrations with even the tiniest variation from other official identifications to be flagged as potential non-citizens unless they could
  • In November 2018, a report by the consultancy Privacy Company, on behalf of the Dutch Ministry of Justice, found that Microsoft could be breaking European data collection rules because its Office software was collecting large amounts of personal data including email subject lines and snippets of
  • In November 2018 Bidooh announced it was developing an intelligent and automated digital billboard advertising platform that it said would leverage facial recognition and blockchain technology to track engagement. Billboard advertising is valued globally at almost $34.8 billion a year. Bidooh has
  • In November 2018, a security researcher found that the location-tracking children's watch MiSafe's Kid Watcher Plus, originally released in 2015, neither encrypted nor secured the children's accounts, allowing him to track their movements, secretly listen in to their activities, and spoof calls to
  • In yet another murder case, a New Hampshire judge ordered Amazon to turn over two days of Amazon Echo recordings in a double murder case in November 2018. Prosecutors believe that recordings from an Amazon Echo in the Farmington home where two women were murdered in January 2017 may yield further
  • Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. It’s been more than five months since the EU’s
  • In November 2018, HSBC announced a serious data breach in its US business between October 4 and 14, when fraudsters used credential stuffing to gain access to detailed account information relating to about 1% of its 1.4 million US customers. HSBC said that in response it had strengthened its login
  • Shortly before the November 2018 US midterm elections, the Center for Media and Democracy uncovered documents showing that the multi-billionaire Koch brothers have developed detailed personality profiles on 89 percent of the US population with the goal of using them to launch a private propaganda
  • In November 2018, the UK government announced it would pilot voter ID for in 11 local authorities during thte 2019 local elections in order to gain insight into ensuring voting security and lowering the risk of voter fraud. The Cabinet Office deemed the pilots conducted in five local authorities
  • During the November 2018 US midterm elections, Moveon conducted an experiment to test whether it could cheaply and quickly maximise the effectiveness of digital persuasion. The project created a Facebook app called MO Research, and recruited people to answer survey questions about current issues via
  • The results of a year-long review issued by the UK Information Commissioner's Office in November 2018 uncovered a "disturbing disregard for voters' personal privacy" on the part of 30 organisations, including social media platforms, political parties, data brokers, and credit reference agencies
  • Shortly before the 2018 US midterm elections, Georgia secretary of state and gubernatorial candidate Brian Kemp accused Georgia's Democratic Party of hacking into the state's voter registration database, though without providing any evidence to support the claim. The motives behind the claim were
  • In November 2018, the UK government announced that 11 local authorities across England would participate in Voter ID pilots in the interest of gaining "further insight into how best to ensure the security of the voting process and reduce the risk of voter fraud". Five local authorities participated
  • Facebook's latest tool for inspecting political ads showed that in the run-up to the US mid-term elections in November 2018, many of the same politicians who had been questioning Facebook about privacy and leaked user data were spending campaign funds on advertisements on the service. Between 2014
  • A November 2018 report from Data & Society discusses "data craft", the methods manipulators use to create disinformation with falsified metadata, specifically platform activity signals, which can be read by machine learning algorithms, platforms, and humans. Manipulators use platform features in
  • Days before the US November 2018 midterm elections, ProPublica discovered that an organisation called Energy4US spent $20,000 to run ads on Facebook pushing conservatives to support the Trump administration's reversal of fuel emission standards. On closer scrutiny, Energy4US appeared to be a front
  • In 2018, the EU announced iBorderCtrl, a six-month pilot led by the Hungarian National Police to install an automated lie detection test at four border crossing points in Hungary, Latvia, and Greece. The system uses an animated AI border agent that records travellers' faces while asking questions
  • In the run-up to the November 2018 US midterm elections, Vice tested Facebook's new system of mandatory "Paid for" disclosure intended to bring greater transparency to the sources of ads relating to "issues of national importance". Placing political ads requires a valid ID and proof of residence
  • In 2017, Alphabet's Sidewalk Labs began a collaboration with Waterfront Toronto intended to turn a 12-acre lakeside area into a "smart city" equipped with sensors and responsive infrastructure. Frustration that Torontonians' data privacy concerns were not being addressed led Saadia Muzaffar, founder
  • In 2018, to enhance its AI capabilities Oracle acquired DataFox, which supplies business intelligence that can be used to help businesses plan a variety of customer relationship management services. The startup has a database covering 2.8 million public and private businesses and expecting to add 1
  • In October 2018, researcher Johannes Eichstaedt led a project to study how the words people use on social media reflect their underlying psychological state. Working with 1,200 patients at a Philadelphia emergency department, 114 of whom had a depression diagnosis, Eichstaedt's group studied their
  • More than 450 Amazon employees delivered a letter to Jeff Bezos and other Amazon executives, demanding that the company immediately stop selling facial recognition software to law enforcement, sever connections to companies like Palantir that help immigration authorities track and deport immigrants
  • In March 2018 the Palo Alto startup Mindstrong Health, founded by three doctors, began clinical tests of an app that uses patients' interactions with their smartphones to monitor their mental state. The app, which is being tested on people with serious illness, measures the way patients swipe, tap
  • In the run-up to the US 2018 mid-term elections, Facebook announced it would broaden the company's policies against voter suppression by banning misrepresentations about how to vote and whether a vote will be counted. The company also introduced a reporting option to allow users to report incorrect
  • In October 2018, in the wake of the Cambridge Analytica scandal and questions over Facebook's influence on the UK's EU referendum, Facebook announced it would add Britain to the US and Brazil on the list of countries where the company will no longer allow political groups to publish "dark" ads on
  • A database compiled through investigations conducted in 2018 by the Guardian and the Undercover Research Group network of activists shows that undercover police officers spied on 124 left-wing activist groups between 1970 and 2007. The police infiltrated 24 officers over that time within the
  • A few months before the US 2018 midterm elections, the Trump campaign team signed a contract with the newly-formed Virginia-based company Excelsior Strategies to exploit the first-party data the campaign had collected. The contract was set up by Trump's campaign manager, Brad Parscale, who built the
  • In October 2018, a transparency report from the smart home company Nest, which Google acquired for $3.2 billion in 2014, found that between 2015 and 2018 Nest had been told to hand over data on 300 separate occasions relating to up to 525 Nest account holders. Nest turned over data in fewer than 20%
  • In the months leading up to the US 2018 midterm elections, Republican officials in Georgia, Texas, and North Carolina made moves they described as ensuring voting integrity but which critics saw as blocking voter access. In Georgia, where Secretary of State Brian Kemp is charged with enforcing
  • In announcing a data breach in 2018, at first Facebook said 50 million people's data had been accessed, then 30 million - but the data accessed was more sensitive than they thought at first. After investigation, the company explained that it had identified four stages of attack with a different
  • In October 2018, the app that supports the burglar alarm functions of Yale's "smart" locks and burglar alarms was disabled for 24 hours after an "unforeseen issue while carrying out unplanned network maintenance". Customers complained that they were unable to open or lock doors or disarm alarms, and
  • In the run-up to the 2018 US mid-term elections, researchers found that the dissemination of fake news on Facebook was increasingly a domestic American phenomenon rather than, as in the 2016 presidential election, an effort driven by state-backed Russian operatives. Removing such accounts (Twitter)
  • From 2014 to early 2017, Amazon used an artificial intelligence (AI) hiring tool to review prospective employees’ resumes and select qualified candidates, based on Amazon’s previous hiring decisions from a ten-year period; however, the tool was much more effective at simply selecting male candidates
  • In October 2018 Amazon patented a new version of its Alexa virtual assistant that would analyse speech to identify signs of illness or emotion and offer to sell remedies. The patent also envisions using the technology to target ads. Although the company may never exploit the patent, the NHS had
  • In 2018, the French company Criteo announced it would link up with the ecommerce company Shopify to enable retailers and merchants of all sizes to use its technology to target users across channels and devices and scale up their businesses. Retailers will not need to expand their IT resources. https
  • Google announced on October 8 having discovered a vulnerability in the Google+ API which has been open since 2015. This vulnerability allowed third-party developers to access data for more than 500,000 users, including their usernames, email addresses, occupation, date of birth, profile photos, and
  • In 2018, the French company Criteo formed a partnership with AgilOne to identify and link customer behaviour across multiple online and offline channels. The service is intended to make the ads consumers see more relevant, but also stop showing them ads for products they've already bought in offline
  • The 90-year old suspect when to his stepdaughter's house at San Jose, California for a brief visit. Five days later, his stepdaugter's body, Karen was discovered by a co-worker in her house with fatal lacerations on her head and neck. The police used the data recorded by the victim's Fitbit fitness
  • A little over a month before the US 2018 midterm elections, Twitter updated its rules to reduce manipulation of its platform. Among the changes, the company outlined the factors it would use to determine whether an account is fake and should be removed, provided an update on its automated detection
  • In September 2018, the US Department of Homeland Security proposed to add credit scores and histories to the list of information immigrants are required to submit when applying for legal resident status. The stated purpose of the proposed rule is to bar those who might become a "public charge" from
  • In September 2017, the UN Capital Development Fund, the UN Development Programme, and the non-profit San Francisco-based startup Kiva, which has worked for 13 years as a crowd-funded microlending platform announced a joint initiative to open up financial services to the 20% of the Sierra Leone
  • A flaw in the official 2018 UK Conservative Party conference app granted both read and write access to the private data of senior party members, including cabinet ministers, to anyone who logged in by second-guessing the email address they used to sign into the app. Twitter users claimed that one
  • At the end of September 2018, the sales intelligence company and data aggregator Apollo notified its customers that over the summer Vinny Troia, the founder of Night Lion Security, had discovered that Apollo's database of 212 million contact listings and 9 billion data points relating to companies
  • 30 million users had their accounts breached, with a total of 90 million accounts reset after Facebook's "view as" feature leaked unique user account access tokens, allowing attackers to not only trivially impersonate any other user on the platform, but also to potentially automate the attack on a
  • In 2018, experiments showed that despite the company's denials, ads could be targeted at specific Facebook users via information that the users had never given Facebook, such as phone numbers. The reason: Facebook allows advertisers to upload their own lists of phone numbers of email addresses, and
  • The proposed extension to the Trans Mountain pipeline, which would connect Alberta and British Columbia in parallel to the existing pipeline and triple its capacity, was controversial for years before Canada approved the project in 2016. In 2014, the British Columbia Civil Liberties Association
  • Canada began experiments introducing automated decision-making algorithms into its immigration systems to support evaluation of some of the country's immigrant and visitor applications in 2014. In a 2018 study, Citizen Lab and NewsDeeply found that AI's use was expanding despite concerns about bias
  • In September 2018, researchers discovered that websites accessed via mobile phones could access an array of device sensors, unlike apps, which request permissions for such access. The researchers found that 3,695 of the top 100,000 websites incorporate scripts that tap into one or more sensors
  • In 2018, WhatsApp founder Brian Acton responded to the Cambridge Analytica scandal by tweeting "It is time. #deletefacebook." He also left the company, walking away from $850 million in unvested stock rather than accede to Facebook's plans to add advertising and commercial messaging, a purpose at
  • A combination of entrenched and litigious voting machine manufacturers with immense control over their proprietary software and a highly complex and fragmented voting infrastructure mean that even though concerns were raised as early as 2004 about the security of US voting machines, the 2018 midterm
  • In 2018, the Paris prosecutor's office opened a preliminary inquiry after the lawyer Pierre Farge accused a Bercy specialist intelligence branch of the tax authorities of hacking his firm's database to access information covered by professional confidentiality. The case serves to illustrate the
  • In 2017, the head of China’s security and intelligence systems, Meng Jianzhu, called on security forces to break down barriers to data sharing in order to use AI and cloud computing to find patterns that could predict and prevent terrorist attacks. Meng also called for increased integration of the
  • In September 2018 the UK's Information Commissioner found that it was likely that during 2017 a number of migrant rough sleepers were reported to the Home Office enforcement teams by the homelessness charity St. Mungo's. The finding followed a complaint from the Public Interest Law Unit. The charity
  • The internet provides employers with the opportunity to learn an unprecedented amount about prospective employees by searching social media feeds and other postings. By 2018, DeepSense was taking this a step further by analysing individual's Twitter feeds to predict their personality and employment
  • In 2018 a report from the Royal United Services Institute found that UK police were testing automated facial recognition, crime location prediction, and decision-making systems but offering little transparency in evaluating them. An automated facial recognition system trialled by the South Wales
  • Reports that Amazon is planning on launching a free ad-supported music service caused Spotify’s (the Swedish audio streaming platform) shares to fall 4% on Monday, April 15th. And, on April 18th, Amazon published a blog post where it announced that launch of Amazon’s free music-streaming service in
  • In September 2018, Google warned a selection of US senators and their aides that their Gmail accounts were being targeted by foreign government hackers. Google has issued warnings of phishing attempts by state-sponsored actors since 2012, though getting a notice does not mean the account has been
  • In September 2018, the 156-year-old US life insurance company John Hancock announced it would stop underwriting traditional life insurance policies, instead selling only interactive policies that track health and fitness through the data collected by wearable devices and smartphones. Interactive
  • In September 2018, EU’s antitrust watchdog, the European Commission, launched a preliminary investigation into how the platform uses data about merchants. Margrethe Vestager, EU Competition Commissioner said that the informal probe concerns the e-commerce group’s dual role as a competitor while
  • In internet scans conducted between August 2016 and August 2018, Canada's Citizen Lab identified a total of 45 countries in which operators of Israel-based NSO Group's Pegasus spyware may be conducting surveillance operations. Pegasus is mobile phone spyware that targets are coerced into installing
  • In 2018, at least five British local authorities began developing systems intended to use predictive analytics to identify families needing attention from child services on the basis that algorithmic profiling could help them target their scarce resources more efficiently. Data about at least 377
  • In September 2017, soon after announcing the company had suffered a major data breach that exposed sensitive information pertaining to about 150 million people, Equifax set up a poorly secured website intended to help people determine whether they had been affected. The site was flagged by numerous
  • In 2014, Britain announced an infrastructure plan requiring all energy suppliers to offer smart meters to all homes and businesses by the end of 2020. With two years to go, at the end of 2018, the problems customers experienced after making the switch led to calls to halt the rollout, which had
  • In September 2018, when Massachusetts state police tweeted a map of responses to fires and explosions during a gas emergency, they inadvertently revealed that they were closely monitoring several activist groups, including a Facebook group for Mass Action Against Police Brutality, the Coalition to
  • In September 2018, Google was discovered to be prototyping a search engine, codenamed Dragonfly, designed to comply with China's censorship regime. Among other features, Dragonfly would tie users' searches to their personal phone numbers, ensuring the government could track their queries. Among the
  • In September 2018, a number of people whose Google Pixel phones, Essential Phone, OnePlus 6, Nokia handsets, and other devices running Android 9 Pie discovered that the devices had, apparently autonomously, activated the software's Battery Saver feature. Google later explained that an internal
  • In September 2018, the attorney general of the US state of New Mexico filed suit against Lithuania-based Tiny Lab Productions claiming that the maker of the children's app Fun Kid Racing had violated the Children's Online Privacy Protection Act (1998) by collecting location and other data about the
  • Simultaneous complaints have been filed with European data protection authorities against Google and other ad tech firms. The complainants are being made by Dr Johnny Ryan of Brave, the private web browser, Jim Killock, Executive Director of the Open Rights Group, and Michael Veale of University
  • In September 2018, Acxiom introduced an open data framework intended to create an omnichannel view of the people in its database. The company claims this "unified data layer" will let customer companies connect their marketing technology and ad technology ecosystems and connect the online world to
  • In September 2018, a software patch was found by journalists to be widely available, that disabled or weakened the security features in the software used to enroll people on the Aadhaar databse, potentially from anywhere in the world. The patch was reportedly widely-available in WhatsApp groups
  • In September 2018, AI Now co-founder Meredith Whittaker sounded the alarm about the potential for abuse of the convergence of neuroscience, human enhancement, and AI in the form of brain-computer interfaces. Part of Whittaker's concern was that the only companies with the computational power
  • In September 2018, the GuardianApp group of security researchers discovered that dozens of popular news, weather, and fitness iPhone apps that require access to location data sell the data they collect to companies engaged in businesses such as ad targeting. The group found apps such as ASKfm, NOAA
  • Following the 9/11 attacks in 2001, the New York City Police Department installed thousands of CCTV cameras and by 2008 in partnership with Microsoft had built the Lower Manhattan Security Coordination Center to consolidate its video surveillance operations into a single command centre that also
  • After a series of scandals, in the year up to September 2018 54% of American Facebook users had changed their privacy settings and 42% had skipped visiting the platform for several weeks or more. About 26% said they had deleted the Facebook app from their smartphone. Some 74% of Facebook users had
  • In 2018, a group of researchers from the Campaign for Accountability posed as Russian trolls and were able to purchase divisive online ads and target them at Americans using Google's advertising platform. The researchers constructed fake profiles using the name and identifying details of the
  • For many Filipinos, Facebook is their only way online because subsidies have kept it free to use on mobile phones since its launch in the country in 2013, while the open web is expensive to access. The social media network is believed to have been an important engine behind the ascent to the
  • In September 2018, security researcher Patrick Wardle found that Adware Doctor, the top-selling paid utilities app in the US Mac App Store, was exfiltrating the browser history of anyone who downloaded it and sending it to a developer. Adware Doctor is intended to protect browsers against adware. A
  • In August 2018, two lawsuits, were filed against NSO Group, one brought in Israel by a Qatari citizen and the other in Cyprus by Mexican journalists and activists. All the plaintiffs had been targeted by the company's Pegasus spyware, which takes control of targets' phones when they click on links
  • The payday lender Wonga announced in April 2017 that a data breach at the company affected an estimated 270,000 customers, 245,000 of them in the UK and the rest in Poland. The company sent those it thought were affected messages warning that it believed there may have been illegal and unauthorised
  • By the time T-Mobile announced in August 2018 that a data breach had compromised customers' names, billing zip codes, email addresses, account numbers, account types, phone numbers, and some hashed passwords, the most crucial of these had become phone numbers. Never intended as identifiers, phone
  • Facebook-owned Onavo VPN (adertised as a way to block harmful websites, and keep a user's data safe) is pulled from the Apple App Store due to tracking, collecting, and analysing customers' usage data, including from other unrelated apps. https://arstechnica.com/tech-policy/2018/08/facebook-violates
  • In August 2018, domestic abuse victims, their lawyers, shelter workers, and emergency responders began finding that the Internet of Things was becoming an alarming new tool for harassment, monitoring, revenge, and control. Smartphone apps enable abusers to remotely control everyday objects inside
  • In 2018, changes to Apple's rules for data collection led Facebook to withdraw its Onavo Protect VPN app from the app store. The app's function was to warn users when they were visiting potentially harmful websites and protected their data when using public wifi. However, the app also collected data
  • The 2017 hack of the shipping company A.P. Møller-Maersk, which manages 800 seafaring vessels and 76 ports that handle nearly a fifth of the world's shipping capacity, required an emergency shutdown of the company's entire IT system, including its phones. Maersk was a victim of NotPetya, the most
  • In August 2018, the US Democratic National Committee notified the FBI that the San Francisco-based security company Lookout and the cloud service provider DigitalOcean had detected an attempted hack targeted at the DNC voter database. The attack took the form of a fake DNC login page intended to
  • In August 2018, Facebook announced it would remove more than 5,000 ad targeting options in order to prevent discrimination. Options specifying the exclusion of people interested in "Passover", "Native American culture", or "Islam" could be used as proxies to allow advertisers to exclude ethnic and
  • In August 2018 the US Food and Drug Administration approved the first over-the-counter digital contraceptive, an app called Natural Cycles. The app, which analyses basal body temperature readings and monthly menstruation data to determine whether unprotected sex is likely to lead to pregnancy
  • US Immigrations & Customs Enforcement (ICE) used social media monitoring to track groups and people in New York City associated with public events opposing the Trump administration’s policies, including ones related to immigration and gun control. The investigative branch of ICE created and
  • As the use of non-cash payment mechanisms continued to increase over the course of 2018, Europe's central banks began warning that phasing out cash poses a serious threat to the financial system, as too-heavy reliance on digital payments exposes countries to the potential for catastrophic failure
  • In August 2018, three months after the General Data Protection Regulation came into force in the EU, Quantcast reported that over 90% of visitors to websites using the company's Quantcast Choice consent management platform were giving consent to at least some use of cookies. About 81% were
  • In 2018, Wells Fargo disclosed that due to a computer bug that remained undiscovered for nearly five years 600 customers were granted more expensive mortgage loans than they could have qualified for. About 400 of them went on to lose their homes. The announcement reignited the public anger and
  • In August 2018 Amazon rolled out a software update to Fire OS 5, the operating system used by older versions of its Fire TV and Fire TV Stick devices to counteract malware. At risk were versions of the devices before the company released Fire OS 6 whose owners had turned on Android Debug Bridge in
  • Semi-autonomous cars with built-in internet connections are increasingly being delivered with location tracking in place. Marketed as a convenience, the app FordPass links to Ford's Sync Infotainment system and can log frequent and recently visited locations. Similarly, GM Onstar's Family Link
  • In August 2018, banks and merchants had begun tracking the physical movements users make with input devices - keyboard, mouse, finger swipes - to aid in blocking automated attacks and suspicious transactions. In some cases, however, sites are amassing tens of millions of identifying "behavioural
  • At the 2018 DefCon security conference, a researcher from the security firm Nuix presented the discovery that body cameras from five different manufacturers shoe cameras are in use by US law enforcement are vulnerable to remote digital attacks, some of which could manipulate footage so it could not
  • In what appears to be an extension of China's tracking of its Muslim citizens, 3,300 of the 11,500 Chinese pilgrims joining the 2018 hajj to Mecca were outfitted with GPS trackers. When photos were shown of the first group preparing to depart wearing trackers around their necks, the state-run
  • AirAsia engaged Palantir as a data science partner focused on “guest experience, inflight sales, route revenue, finance, security, flight operations, network planning, cargo, supply chain management, commercial and people development.” Publication: AirAsia newsroom Date: 8 August 2018
  • In 2018, the UK Information Commissioner's Office fined Emma's Diary, a site offering pregnancy and childcare advice owned by Lifecycle Marketing (Mother and Baby) Ltd, £140,000 for collecting and selling personal information belonging to more than 1 million people without disclosing in the site's
  • Under a clause in the country's computer crime act that criminalises uploading content that is false or causes "panic", in 2018, Thailand's ruling military junta pursued a criminal investigation into a live feed on the Facebook page belonging to the rising Future Forward Party. The postings claimed
  • Cookies and other tracking mechanisms are enabling advertisers to manipulate consumers in new ways. For $29, The Spinner will provide a seemingly innocent link containing an embedded cookie that will allow the buyer to deliver targeted content to their chosen recipient. The service advertises
  • By August 2018, the UK government's "hostile environment" policy, as set out in the 2014 and 2016 Immigration Acts and other measures, was extending the national border into the heart of services such as banking, education, health, and housing where landlords and staff have been forced to implement
  • The common reporting standard brought in by the UK's HMRC in 2018 require tax authorities to automatically exchange information on millions of citizens living abroad. In response, an EU citizen domiciled in Italy who formerly lived in the UK and maintains a UK bank account, filed a complaint with
  • In 2018 genetic testing companies such as Ancestry and 23andMe agreed on guidelines for sharing users' DNA data and handling police requests. The guidelines, which include easy-to-read privacy policies, were inspired by two incidents: one in which local investigators used the GEDmatch DNA comparison
  • In 2018, documents filed in a court case showed that a few days before the 2017 inauguration of US president Donald Trump - timing that may have been a coincidence - two Romanian hackers took over 123 of the police department's 187 surveillance cameras in Washington, DC with the intention of using
  • By July 2018, ten-year-old Twitter had become such a frequent data resource for social scientists that estimates were that anyone who tweeted publicly on the service was part of a dataset somewhere. The ease and low cost of using Twitter have enabled studies such as analysing bot behaviour during
  • In 2018, the chair of the London Assembly's police and crime committee called on London's mayor to cut the budget of the Mayor's Office for Policing and Crime, which provides oversight, in order to pay for AI systems. The intention was that the efficiencies of adopting AI would free up officers'
  • The American Civil Liberties Union (ACLU) used Rekognition, Amazon’s facial recognition software, to compare images of US lawmakers to a publicly available database of 25,000 mugshot photos. The ACLU’s study validated research that has shown that facial recognition technology is more likely to
  • In 2018, 17 US states and the District of Columbia filed suit to block the addition of a citizenship question to the 2020 census. Emails released as part of the lawsuit show that the administration began pushing to add the question as early as the beginning of 2017, claiming it was to improve
  • In this interview (podcast and transcript) Virginia Eubanks discuss three case studies from her book Automating Inequality to illustrate how technology and data collection negatively impact people in vulnerable situation. The (failed) attempt to automate and privatise the welfare system elligibility
  • In July 2018, a group of researchers at Northwestern University published the results of two years of studying the collaboration behaviour of tens of thousands of scientists. A controversy rapidly sprang up about the method they used: they had been given access to project folder-related data by the
  • "Buzzer teams" - teams employed to amplify messages and create a buzz on social media - were used by all candidates in the 2017 Indonesian general elections. Coordinated via WhatsApp groups, many of the teams opened fake accounts to spread both positive and negative messages, as well as hate speech
  • In July 2018, Facebook announced it was investigating whether the Boston-based company Crimson Hexagon had violated the company's policies on surveillance. Crimson Hexagon markets itself as offering "consumer insights". Its customers include a Russian non-profit with ties to the Kremlin, and
  • In July 2018, attackers broke into the SingHealth Singaporean government health database and stole names, addresses, and various other details of 1.5 million people who visited clinics between May 1, 2015 and July 4, 2018; however, the attackers did not gain access to most medical records with the
  • Britain's £11 billion plan to offer smart meters to all homes and businesses by the end of 2020 was based in part on claims that the meters would give consumers better information about the energy they were using and offer sophisticated variable rate charging as part of working to combat climate
  • In November 2018 New York City's housing committee ruled that Airbnb must turn over the addresses and host names that use its service to the city's Office of Special Enforcement as part of a crackdown on illegal operators. The hotel industry contended in a report earlier in the year that around two
  • In July 2018, Dutch researcher Foeke Postma discovered that Polar, the manufacturer of the world's first wireless heart rate monitor manufacturer, was exposing the heart rates, routes, dates, times, duration, and pace of exercises performed by individuals at military sites and at their homes via its
  • In July 2018 the three-year-old payment system Revolut notified the UK's National Crime Agency and the Financial Conduct Authority that it had found evidence of money laundering on its system. From its beginnings as a prepaid credit card operator, Revolut had branched out into small business
  • In July 2018, Election Systems and Software (ES&S), long the top US manufacturer of voter machines, admitted in a letter to Senator Ron Wyden (D-OR) that it had installed pcAnywhere remote access software and modems on a number of the election management systems it had sold between 2000 and 2006
  • In 2018, the Berlin-based researcher Hang Do Thi Duc concluded after analysing more than 200 million public transactions made in 2017 that anyone can track the purchase history of a user of the peer-to-peer payment app Venmo. By accessing the data via an open API, Do Thi Duc was able to view the
  • In July 2018, a hacker attack exposed the personal data of millions of Spanish subscribers Telefónica's Movistar service. The data included identity and payment information, phone and national ID numbers, banks, and calling data. The cause was a basic programming error known as an "enumeration bug"
  • In July 2018, Robert Mueller, the special prosecutor appointed to look into Russian interference in the 2016 US presidential election, charged 12 Russian intelligence officers with hacking Hillary Clinton's campaign and the Democratic National Committee by spearphishing staffers. The charges include
  • In July 2018 Walmart filed a patent on a system of sensors that would gather conversations between cashiers and customers, the rattle of bags, and other audio data to monitor employee performance. Earlier in 2018, Amazon was awarded a patent on a wristaband that would monitor and guide workers in
  • In July 2018, the leader of a private Facebook group for women with the BRCA gene, which is associated with high breast cancer risk, discovered that a Chrome plug-in was allowing marketers to harvest group members' names and other information. The group was concerned that exposure might lead to
  • While not currently mandatory to access healthcare services, Aadhaar is however increasingly used in the health sector as well. In 2018, the health ministry had to issue a statement to clarify that Aadhaar was “desirable” but not a must to access a 5 rupee insurance cover for hospitalisation under
  • In 2018, British immigration officers demanded that the mothers of two children provide DNA samples in order to provide proof of paternity. The children both had British fathers and had previously been issued British passports, but their mothers were not UK citizens. In one case, the father had
  • In 2018, economists Marianne Bertrand and Emir Kamenica at the University of Chicago Booth School of Business showed that national divisions are so entrenched that details of what Americans buy, do, and watch can be used to predict, sometimes with more than 90% accuracy, their politics, race, income
  • As part of an ongoing hacker vendetta against surveillance apps installed by abusive partners, in July 2018 a hacker targeted SpyHuman, an India-based company that offers software that monitors Android devices, claiming the software should be taken off the market. Once someone gains physical access
  • In July 2018, members of the Internal Security Organisation, Uganda's counterintelligence agency, raided South African telecommunications provider MTN's Uganda data centre in Mutundwe. In a letter to the police, MTN said the ISO kidnapped a data manager who worked for the contractor that ran the
  • In July 2018, members of the Internal Security Organisation, Uganda's counterintelligence agency, raided South African telecommunications provider MTN's Uganda data centre in Mutundwe. In a letter to the police, MTN said the ISO kidnapped a data manager who worked for the contractor that ran the
  • In a 2018 interview, the Stanford professor of organisational behaviour Michal Kosinski discussed his research, which included a controversial and widely debunked 2017 study claiming that his algorithms could distinguish gay and straight faces; a 2013 study of 58,000 people that explored the
  • Between May 18 and May 22, a bug in Facebook's system changed the settings on 14 million users' accounts so that newly posted updates they thought were private might have been made public instead. The company attributed the error to a mistake made in redesigning how the public parts of user profiles
  • The Tel-Aviv-based private intelligence firm Black Cube, which is largely staffed by former Israeli intelligence operatives, was involved in a campaign to attack NGOs and businessman-turned-philanthropist George Soros during Hungary's election campaign. Between December 2017 and March 2018, agents
  • In July 2018, researchers at the London-based security and mobile commerce firm Upstream Systems found that millions of cheap smartphones sold in developing countries lacking privacy protections come with pre-installed apps that harvest users' data for the purpose of targeting advertising and that
  • In 2018, military security officers from the Israeli Defence Force accused Hamas of loading fake World Cup and dating apps with malware and making them available via the Israeli version of the Google Play store in order to hack the mobile phones of Israeli soldiers. The apps were capable of
  • In July 2018 the UK's Information Commissioner's Office announced it would fine Facebook £500,000, the maximum under the 1998 data protection law, for failing to safeguard its users' information and lacking transparency about how the data was harvested and used by others, specifically Cambridge
  • In 2018, the Spanish La Liga app was found to be using the microphone and GPS to clamp down on bars infringing copyright by broadcasting matches without paying. Granting the app the permissions it requests at installation to access the mic and GPS location allows it to turn on the mic at any time
  • On the night of June 23, 2016, as the polls closed Britain's Sky News broadcast what sounded like a concession statement from Nigel Farage, the leader of the campaign to leave the EU, plus a YouGov exit poll indicating that the country had voted to remain; over an hour later, Farage reiterated his
  • In 2018, the French company Criteo unveiled its new €20 million AI lab, dedicated to researching and developing machine learning. The company intends the lab to shape industry standards for measurement and best practices in this area, and lead the international conversation on responsible data use
  • In June 2018, security researcher Vinny Troia discovered that the Florida-based data broker Exactis had exposed a comprehensive database containing nearly 340 million individual records on a publicly accessible server. The 2TB of data appeared to include detailed information on millions of
  • During 2018, when US president Donald Trump operated a policy under which immigration officers separated families arriving at the border without documentation, there were a number of suggestions for using genetic testing to verify family relationships in the interests of reuniting them. After
  • Even after they move out, domestic abusers may retain control over their former residence via Internet of Things devices and the mobile phone apps that control them. Using those tools, abusers can confuse, intimidate, and spy upon their former spouses and partners. Lack of knowledge about how these
  • In an experiment conducted by Fabio Chiusi and Claudio Agosti during the 2018 election season and set out in detail in their report for Tactical Tech, the duo sought to investigate the Facebook algorithm that powers users’ news feed and the algorithm’s treatment of political content. One of the
  • In June 2018, a panel set up to examine the partnerships between Alphabet's DeepMind and the UK's NHS express concern that the revenue-less AI subsidiary would eventually have to prove its value to its parent. Panel chair Julian Huppert said DeepMind should commit to a business model, either non
  • In June 2018, human rights and digital rights activists in Myanmar called on Facebook to raise its level of moderation of Burmese-language content in order to reduce hate speech, which they said was at high risk of sparking open violence. In Myanmar, decades of civil war and the end of military rule
  • In a systematic campaign over more than five years, Myanmar military used Facebook to covertly spread propaganda, mostly against the Rohynga, via accounts that appeared to be dedicated to pop stars and entertainment, turning the social media site into a tool for ethnic cleansing. Having garnered a
  • In June 2018 Facebook announced it would install new controls to improve members' understanding of how companies targeted them with advertising, including letting them know if a data broker supplied the information. This was the second update to the company's policies in 2018; in March it attempted
  • In June 2018 Apple updated its app store policies to bar developers from collecting information from users' address books and selling it on. While some apps have a legitimate need to access users' contacts, collecting information unnecessarily is a common money-making tactic. How many apps were
  • In June 2018, Uber filed a US patent application for technology intended to help the company identify drunk riders by comparing data from new ride requests to past requests made by the same user. Conclusions drawn from data such as the number of typos or the angle at which the rider is holding the
  • Even after 2015, when Facebook said it had walled off user records from third parties, inside sources and court documents showed that the company went on maintaining a whitelist of companies that were allowed customised access to information about users' Friends, phone numbers, and a "friend link"
  • In 2018, the British army used paid Facebook messages to target 16-year-olds around the day GCSE results were announced to suggest that an army career might still be open to them if their grades were sub-par. The move was criticised for targeting teenagers at their most vulnerable and stressed
  • In 2018, a South Carolina woman realised her FREDI video baby monitor had been hacked when the camera began panning across the room to the spot where she breastfed her son. A 2015 study conducted by Rapid7 found that baby monitors have a number of vulnerabilities that are both easily exploited and
  • In June 2018, after privacy activists found security flaws in toys such as My Friend Cayla and others and the US Consumer Product Safety Commission opened an investigation into the problems of connected gadgets, Amazon, Walmart, and Target announced they would stop selling CloudPets. Made by Spiral
  • In 2014, a team of four Swedish and Polish researchers began scraping every comment and interaction from 160 public Facebook pages. By two years later, they had collected one of the largest sets of user data ever assembled from the social network; it enabled them to track the behaviour of 368
  • In June 2018, security researchers found that Google's smart speaker and home assistant, Google Home, and its Chromecast streaming device could be made to leak highly accurate location information because they failed to require authentication from other machines on their local network. The attack
  • The surveillance of benefits claimants does not happen only online. In the UK, the Department of Work and Pensions (DWP) is known to be using CCTV footage of public buildings but also gyms and supermarkets to prove some benefits claimants are not actually disabled. Gym memberships are also being
  • Rising suspicion of benefits claimants in the UK led by 2018 to the Department of Work and Pensions' adoption of numerous surveillance tactics, including using social media postings, gym memberships, airport footage, and surveillance video from public buildings including supermarkets, to build cases
  • Amazon has been accused of treating its UK warehouse staff like robots. Between 2015 and 2018, ambulances were called out close to 600 times to Amazon’s UK warehouses. A Freedom of Information request to ambulance services from the GMB union revealed 115 call-outs to Amazon’s site in Rugeley, near
  • In 2018, a Duke University medical doctor who worked with Microsoft researchers to analyse millions of Bing user searches found links between some computer users' physical behaviours - tremors while using a mouse, repeated queries, and average scrolling speed - and Parkinson's disease. The hope was
  • In 2018, an investigation found that children as young as nine in Hong Kong were exposing their identities online via Tik Tok, the most-downloaded iPhone app for creating and sharing short videos. Both Tik Tok and its sibling app Musical.ly, which is popular in Europe, Australia, and the US and
  • In 2018, the digital marketing company Tell All Digital began marketing technology to personal injury law firms to enable them to send mobile ads to patients they know are waiting for treatment in an emergency room and for up to a month afterwards. The technology relies on geofencing, a technique
  • In 2018, a week before the General Data Protection Regulation came into force in the EU, Quantcast and several other publishing industry groups complained that Google in an open letter that Google was imposing GDPR risks on publishers and consumers. Under the system Google proposed for GDPR
  • In May 2018, the ACLU of Northern California obtained documents under a FOIA request showing that Amazon was essentially giving away its two-year-old Rekognition facial recognition tools to law enforcement agencies in Oregon and Orlando, Florida. Amazon defended the move by saying the technology has
  • In May 2018, UK-based security researcher Robert Wiggins discovered that the mobile app TeenSafe, marketed as a secure app for iOS and Android, was storing data it collected on servers hosted on Amazon's cloud without a password and openly accessible. The app lets parents monitor their children's
  • In May 2018, Google announced an AI system to carry out tasks such as scheduling appointments over the phone using natural language. A Duplex user wanting to make a restaurant booking, for example, could hand the task off to Duplex, which would make the phone call and negotiate times and numbers. In
  • In May 2018, US Immigration and Customs Enforcement abandoned the development of machine learning software intended to mine Facebook, Twitter, and the open Internet to identify terrorists. The software, announced in the summer of 2017, had been a key element of president Donald Trump's "extreme
  • In 2011, the US Department of Homeland Security funded research into a virtual border agent kiosk called AVATAR, for Automated Virtual Agent for Truth Assessments in Real-Time, and tested it at the US-Mexico border on low-risk travellers who volunteered to participate. In the following years, the
  • Three months after the 2018 discovery that Google was working on Project Maven, a military pilot program intended to speed up analysis of drone footage by automating classification of images of people and objects, dozens of Google employees resigned in protest. Among their complaints: Google
  • In May 2018, Facebook said that as part of its investigation into how Cambridge Analytica had abused personal data on the social network, it had investigated thousands of apps on its platform and suspended about 200 of them. The company said it was investigating further to identify every app that
  • In this piece Gavin Sheridan, transparency campaigner and CEO of legal intelligence company Vizlegal, argues for the need for a regulatory oversight to control the impact big tech companies and force them to be more transparent. https://www.theguardian.com/commentisfree/2018/may/13/ireland-abortion
  • Facebook ads purchased in May 2016 by the Internet Research Agency, a notorious Russian troll farm, urged users to install the FaceMusic app. When installed, this Chrome extension gained wide access to the users' Facebook accounts and web browsing behaviour; in some cases it messaged all the user's
  • In 2018, the Brazil-based Coding Rights' feminist online cybersecurity guide Chupadados undertook a study of four popular period-tracking apps to find which best protected user privacy. Most, they found, rely on collecting and analysing data in order to be financially viable. The apps track more
  • The US company Securus provides a cellphone tracking service that can locate almost any cellphone in the US within seconds by obtaining data from major carriers via a system used by marketers and other companies. In 2018, former Mississippi County, Missouri, sheriff Cory Hutcheson was charged in
  • In May 2018, a report form Strathmore University's Centre for Intellectual Property and Information Technology (CIPIT) found that some staff at Kenya's Independent Electoral and Boundaries Commission who were mandated to protect voter data made millions of Kenyan shillings by illegally selling
  • In May 2018, researchers in the US and China demonstrated that they could send commands that activate Apple's Siri, Amazon's Alexa, and Google Assistant but that are inaudible to the human ear. The researchers were able to make smartphones and smart speakers dial phone numbers and open websites; the
  • In May 2018 Facebook announced it would partner with organisations in places such as Myanmar and South Sudan in order to develop more "context-specific" knowledge about how its platform is being abused to create real risks of harm and violence. In Myanmar, where telephone companies allowed Facebook
  • For US citizens who can access benefits, many states use electronic benefit transfer (EBT) cards, which function like debit cards, to distribute benefits. As of 2015, at least 37 states issued Temporary Assistance to Needy Families benefits, also known as welfare, through EBT cards. http://www.ncsl
  • Although the US rejected a "National Data Center" approach in 1966, eventually instead passing the 1974 Privacy Act, in 2018 the House of Representatives proposed a national database of all 40 million recipients of benefits under the Supplemental Nutrition Assistance Program (SNAP, formerly known as
  • Following pressure from civil society and pro-abortion groups, Facebook announced on May 8th 208 a ban on foreign ads related to the Irish referendum on abortion. Facebook said they were being consistent with Irish electoral law. https://www.irishtimes.com/business/technology/facebook-bans-foreign
  • In its May 2018 quarterly filing with the Securities and Exchange Commission, Equifax provided its most detailed analysis to date of the company's 2017 data breach. In the US, nearly 147 million people had their names, dates of birth, and/or Social Security numbers stolen; address information was
  • In 2018, based on an analysis of 270,000 purchases between October 2015 and December 2016 on a German ecommerce site that sells furniture on credit, researchers at the National Bureau of Economic Research found that variables such as the type of device could be used to estimate the likelihood that a
  • In 2018, documents obtained by a public records request revealed that the Los Angeles Police Department required its analysts to maintain a minimum of a dozen ongoing surveillance targets identified using Palantir software and a "probable offender" formula based on an LAPD points-based predictive
  • Una Mullally writes about the online campaign led by the anti-abortion groups Protect the 8th and Undecided8 and their targeting of undecided voters in Ireland. She spoke to Facebook about their role in the spreading of those campaign and to campaigner Gavin Sheridan, who has demanded transparency
  • A 2018 law passed in Egypt requires ride-hailing services such as Uber and local competitor Careem to supply passenger data to the security agencies when requested to do so. More than 4 million people in Egypt have used Uber since it debuted there in 2014. While human rights advocates expressed
  • In May 2018, the UK's Information Commissioner's Office announced it would investigate Police Scotland after Privacy International filed a complaint that offers' use of "cyber kiosks", which when connected to a device can view all its data, violated the Data Protection Act. Trials of the technology
  • In May 2018, Slice Technologies, which provides the free Unroll.me email management service in return for data-mining individuals' email inboxes, announced it would discontinue offering its service in Europe rather than comply with the incoming General Data Protection Regulation. Unroll.me's privacy
  • At the 2017 Champions League Final, South Wales Police deployed an automated facial recognition system that wrongly identified more than 2,000 people in Cardiff as potential criminals. The system's cameras watched 170,000 people arrive in Cardiff for the football match between Real Madrid and
  • The French company Criteo is struggling to conform to the requirements of the EU's General Data Protection Regulation, which came into force in May 2018. Critics believed that Criteo's practice of opting visitors to European retail sites into first-party cookies and tracking even if they ignored the
  • In India, one of the reasons the Aadhaar ID system has been increasingly widely used is that it is mandatory for much India’s benefits system. Government subsidies are now processed through under the Direct Benefit Transfer scheme, which requires citizens to have a bank account and to insure that
  • In 2018, after the UK Cabinet Office said a trial of compulsory voter ID was necessary because reports of voter fraud had more than doubled between the 2014 and 2016 elections - a claim immediately disputed by a voter and upheld by the UK Statistics Authority. While it was true that there were 21
  • In 2018, the Chinese Communist Party's anti-corruption watchdog in southeastern Hefei in the Anhul province claimed in a social media post that its branch in a neighbouring city had retrieved deleted messages from a suspect's WeChat account. Tencent, WeChat's operator, denied that the company stored
  • In 2018 industry insiders revealed that the gambling industry was increasingly turning to data analytics and AI to personalise their services and predict and manipulate consumer response in order to keep gamblers hooked. Based on profiles assembled by examining every click, page view, and
  • For years, car manufacturers including Range Rover, BMW, and Volkswagen kept secret security risks in their vehicles' keyless entry systems that exposed hundreds of millions of car owners to the risk of theft from attackers using gadgets available online for £100. In March 2018, Range Rovers were
  • Police and blackmailers in Egypt are using gay dating apps like Grindr, Hornet, and Growlr to find targets tor arrest and imprisonment while the developers who can make changes are thousands of miles away and struggle to know what to change to protect their users. In a typical story, a target finds
  • The US Securities and Exchange Commission announced in April 2018 that it would fine Altaba, formerly known as Yahoo, $35 million for failing to disclose its massive 2014 data breach. Yahoo did not notify the hundreds of millions of customers until the end of 2016, when it was closing its
  • In December 2014 researchers at Malwarebytes discovered that for two months an Adobe Flash player zero-day exploit with a ransomware payload was embedded in online ads placed by a leading advertising network. The attack ended when Adobe patched Flash to close the vulnerability on February 2, 2015
  • In April 2018, the Austrian cabinet agreed on legislation that required asylum seekers would be forced to hand over their mobile devices to allow authorities to check their identities and origins. If they have been found to have entered another EU country first, under the Dublin regulation, they can
  • By 2018, Palantir, founded in 2004 by Peter Thiel to supply tools for finding obscure connections by analysing a wide range of data streams to the Pentagon and the CIA for the War on Terror, was supplying its software to the US Department of Health and Human Services to detect Medicare fraud, to the
  • In a talk at the 2018 Wall Street Journal CEO Council Conference, Darktrace CEO Nicole Eagan gave as an example of the new opportunities afforded by the Internet of Things a case in which attackers used a thermometer in a lobby aquarium to gain a foothold in a casino's network and exfiltrate the
  • In April 2018, Facebook announced that in six months it would end a programme it called "Partner Categories", in which the social network acted as a bridge between data brokers like Acxiom, Epsilon, and TransUnion and the consumers their customers want to reach. In this deal, Facebook did not
  • A 2016 Privacy International report on Syrian state surveillance found that between 2007 and 2012 the Assad regime spent millions of dollars on building a nationwide communications monitoring system. By 2012, this surveillance capability helped the Syrian government target and murder journalists
  • In late 2018, after apps like Strava and Polar Flow exposed the movements of staff around military bases, the US Department of Defense banned military troops and other workers at sensitive sites from using fitness trackers and other apps that could reveal their users' location. Military leaders will
  • In the United States, monitoring efforts to combat public benefits fraud are often part of a broader approach that focuses on stigmatizing people receiving benefits and reducing their number, rather than ensuring that the maximum number of people who are eligible receive benefits. However, fraud
  • In 2016, researchers discovered that the personalisation built into online advertising platforms such as Facebook is making it easy to invisibly bypass anti-discrimination laws regarding housing and employment. Under the US Fair Housing Act, it would be illegal for ads to explicitly state a
  • The body of a 57-year-old was found in the laundry room of her home in Valley View, Adelaide, in September 2016. Her daughter-in-law who was in the house at the time of the murder claimed that she was tied up by a group of men who entered the house and managed to escape when they left. However, the
  • In April 2018, a researcher at Norway's SINTEF found that the gay-daring app Grindr was sending its 3.6 million users' HIV status and last tested date along with their GPS data, phone ID, and email to two app-optimising companies, Apptimize and Localytics. SINTEF also found that the company was
  • By 2018, gene studies involving more than 200,000 test takers had found correlations between 500 human genes and academic success. Based on these results, the behavioural geneticist Robert Plomin claimed that parents would be able to use consumer tests to enable "precision education", built around
  • The Sunday edition of the national newspaper Bild reported that Chancellor Angela Merkel's conservative Christian Democrats (CDU) party and the centre-right Free Democrats (FDP) party purchased "more than a billion" pieces of personal data about potential voters from a subsidiary of Deutsche Post
  • Behind the colourful bicycles and games rooms, Silicon Valley tech giants operate a strict code of secrecy, relying on a combination of cultural pressure, digital and physical surveillance, legal threats, and restricted stock to prevent and detect not only criminal activity and intellectual property
  • Users downloading their Facebook histories have been startled to find that the company has been collecting call and SMS data. The company has responded by saying users are in control of what's uploaded to Facebook. However, the company also says it's a widely used practice when users first sign in
  • In March 2018, Indian Congress president Rahul Gandhi tweeted that the Naramendra Modi app issued by India's ruling Bharatiya Janata Party was leaking user data. The app is intended to spearhead BJP's social media strategy in the run-up to the 2019 general elections; the party hopes to use it to
  • In March 2018, Facebook announced it was scrapping plans to show off new home products at its developer conference in May, in part because revelations about the use of internal advertising tools by Cambridge Analytica have angered the public. The new products were expected to include connected
  • Affiliate marketers, who buy ad space in bulk, run campaigns, and earn commissions on the sales they generate, are behind some of the shady and misleading ads that pollute social media and the wider internet, despite also promoting some legitimate businesses such as Amazon and eBay. At one of
  • In March 2018, a security researcher discovered that the state-owned utility company Indane had access to the Aadhaar database via an API, but they did not secure this way of entry. As a result, anybody was able to use this service to access details on the Aadhaar database about any Aadhaar number
  • According to whistleblower Christopher Wylie, during the 2014 US midtern elections, Cambridge Analytica, needing data to complete the new products it had promised to political advisor Steve Bannon, harvested private information from the Facebook profiles of more than 50 million users without their
  • In 2015, Facebook removed a feature that had been in place for some years that allowed developers to access information about Friends who had also signed up for their app. During that time, about 270,000 people downloaded and installed an app that was portrayed as part of an online personality quiz
  • The small, portable GrayKey box, costing $15,000 for an internet-connected version tied to a specific location or $30,000 for an offline version usable anywhere, takes two minutes to install proprietary software designed to guess an iPhone's passcode. Intended for use by law enforcement officials
  • In March 2018, Trever Feden, the CEO of a property management startup, exposed a flaw in the gay-dating app Grindr that opened access to the location data and other information about its more than 3 million daily users. A website Faden set up allowed Grindr users to see who was blocking them after
  • A 2018 study of the use of biometric technology for voter identification and verification in Ghana in 2012 called the effort a failure. It's not enough, the researchers argue, for biometrics to be technically sound; for the technology to function as intended registration centres must have real-time
  • A data breach at the Internet Research Agency, the Russian troll farm at the centre of Russia's interference in the 2016 US presidential election, reveals that one way the IRA operated was to use identities stolen from Americans. Using these accounts and other fake ones, the troll farm interacted
  • As part of efforts to tone down street fights at night Statumseind in Eindhoven, the Netherlands, the city has deployed technology: wifi trackers, cameras, and microphones attached to lamp posts detect aggressive behaviour and alert police. The data collected by these sensors is used to profile
  • Recruiters are beginning to incorporate emotional recognition technology into the processes they use for assessing video-based job applications. Human, a London-based start-up, claims its algorithms can match the subliminal facial expressions of prospective candidates to personality traits. It then
  • The Houston, Texas-based online dating startup Pheramor claims to use 11 "attraction genes" taken from DNA samples in its matchmaking algorithm. Launched in February 2018 in Houston with 3,000 users, Pheramor also encourages users to connect it to their social media profiles so it can datamine them
  • As part of its attempt to keep its 40,000 drivers operating on the streets of London after Transport for London ruled in October 2017 it was not "fit and proper" to run a taxi service, Uber has promised to share its anonymised data on travel conditions and journey times. TfL said in February 2018
  • In February 2018 Uber and the city of Cincinnati, Ohio announced the Cincinnati Mobility Lab, a three-year-partnership that will allow the city and the surrounding area in northern Kentucky to use Uber data for transport planning. Cincinnati, like many cities, is anxious to identify the impact of
  • Under a secret deal beginning in 2012, the data mining company Palantir provided software to a New Orleans Police Department programme that used a variety of data such as ties to gang members, criminal histories, and social media to predict the likelihood that individuals would commit acts of
  • A former Facebook insider explains to Wired Magazine why it's almost certain that the Trump campaign's skill using the site's internal advertising infrastructure was more important in the 2016 US presidential election than Russia's troll farm was. The first was the ads auction; the second a little
  • In 2017, Facebook introduced two mechanisms intended to give users greater transparency about its data practices: the "why am I seeing this?" button users can click to get an explanation of why they're being shown a particular ad, and an Ad Preferences page that shows users a list of attributes the
  • In 2018, pending agreement from its Institutional Review Board, the University of St Thomas in Minnesota will trial sentiment analysis software in the classroom in order to test the software, which relies on analysing the expressions on students' faces captured by a high-resolution webcam
  • In February 2018 the Home Office gave the Yorkshire Police 250 scanners that use a smartphone app to run mobile fingerprint checks against the UK's criminal fingerprint and biometrics database (IDENT1) and the Immigration and Asylum Biometrics System (IABS). The app was simultaneously made available
  • In 2018, Tapad announced a partnership with Twine Data intended to integrate Tapad's probabilistic cross-device tracking capability with Twine's deterministic identity graph. The two companies intend to create one of the largest portable identity graph and customer relationship management onboarding
  • In February 2018, police in China began using connected sunglasses equipped with facial recognition to scan crowds looking for suspected criminals. In a test at a busy train station in the city of Zhengzhou, police were able to identify and apprehend seven suspects accused of crimes ranging from hit
  • In February 2019 Google engineers announced that they had created faster, more efficient encryption system that could function on less-expensive Android phones that were too low-powered to implement existing full-device encryption. The scheme, known as Adiantum, uses established and well-vetted
  • In 2019, after five years of acquisitions and billions of dollars in investment in advertising software and real-time tracking of web users, Oracle, facing questions about the practices of Data Cloud, its advertising software division, began laying off staff. The reason may have been partly
  • In this interview with Virginia Eubanks, the author highlights how electronic benefit transfer cards have become tracking devices and how data exploitation used to restrict access to welfare. https://www.vox.com/2018/2/6/16874782/welfare-big-data-technology-poverty Author: Sean Illing Publication
  • Amazon, which is already known for closely monitoring its warehouse workers has been granted two US patents on a wristband that could use ultrasonic sound pujlses and radio transmissions track a worker's every move, pause, or fidget, and vibrate to provide haptic feedback to nudge them when they
  • In 2018, Tapad announced it would offload its media business to Brand Networks, refocusing instead on its data business and identity products, primarily its cross-device graph. A particular target for its new focus was the telecommunications industry, starting with Telenor, which acquired Tapad in
  • As a gift in 2012, the Chinese government built the African Union's $200 million Addis Ababa headquarters, where African ministers and heads of state meet twice a year to discuss major continental issues. In 2017, Le Monde Afrique discovered that the building's computer systems incorporated an
  • In November 2017, San Francisco-based Strava, maker of a GPS-enabled fitness app, published a heat map showing the activity of all its 27 million users around the world. Upon outside examination, the data visualisation, which was built from 1 billion activities and 3 trillion data points covering 27
  • In 2018, Quantcast began expanding into Asia, opening operations in Hong Kong, Indonesia, Malaysia, Philippines, Singapore, Taiwan, and Thailand. The company explained the move was part of a market "tipping point", in which AI would transform every customer experience, company, and industry
  • In January 2018, internet users began complaining about a new wave of pop-up ads across the web: hard-to-close, misleading, and malicious, some of them making it impossible for people to read news. While many blamed reputable publishers like the New York Times and the Atlantic for being willing to
  • Modern vehicles are networks of sophisticated computers on wheels that can collect more intimate data about ourselves and our lives than smartphones do. The agreements covering nearly every new vehicle that is leased or sold in the US often now include a clause permitting the manufacturer to monitor
  • Police investigating the 2016 rape and murder of a 19-year-old medical student were unable to search the iPhone of suspect Hussein Khavari, an Afghan refugee who declined to give them his password. The investigators gained access to the phone via a private company in Munich, and went through Apple's
  • As of early 2018, Facebook's friends recommendations (People You May Know) are based on the address books users give them. However, Facebook has been filing patent applications for a new generation of technologies for collecting more information about its users and matching them more accurately. One
  • In 2017, a study claimed to have shown that artificial intelligence can infer sexual orientation from facial images, reviving the kinds of claims made in the 19th century about inferring character from outer appearance. Despite widespread complaints and criticisms, the study, by Michal Kosinski and
  • A 19-year-old medical student was raped and drowned in the River Dresiam in October 2016. The police identified the accused by a hair found at the scene of the crime. The data recorded by the health app on his phone helped identify his location and recorded his activities throughout the day. A
  • In this review of Virginia Eubanks's book Automating Inequality, the author of the review looks at the three main case studies Eubanks explores in her book: the attempt to automate and privatise the welfare system elligibility management in the state of Indiana in 2006, the use of a coordinated
  • In November 2016, the security contractor Krytowire discovered that cheap Chinese Android phones often include pre-installed software that monitors users' locations, messaging, and contacts, and sends the gathered information to China every 72 hours. Shanghai Adups Technology Company, the Chinese
  • In January 2018, journalists found that, for 500 rupees (around $7USD), they were able to buy on WhatsApp access to a gateway that allowed them to access the personal details connected to any of the entries on the Aadhaar database - by entering any Aadhaar number, they could see details like the
  • In a letter accompanying his annual report to the Prime Minister for 2017, the British Interception of Communications Commissioner, Stanley Burnton, has expressed concern about the increasingly unacceptable number of errors police are making in resolving Internet Protocol addresses. Because of the
  • In February 2018 the Canadian government announced a three-month pilot partnership with the artificial intelligence company Advanced Symbolics to monitor social media posts with a view to predicting rises in regional suicide risk. Advanced Symbolics will look for trends by analysing posts from 160
  • EU antitrust regulators are studying how companies gather and use big data with a view to understanding how access to data may close off the market to smaller, newer competitors. Among the companies being scrutinised are the obvious technology companies, such as Google and Facebook, and less obvious
  • In 2016, the US Federal Trade Coimmission issued a warning to app developers that had installed Silverpush, software that uses device microphones to listen for audio signals inaudible to the human ear that identify the television programmes they are watching. Nonetheless, similar technology
  • In the United States, while everyone is surveilled not every is equal when it comes to surveillance. Factors including poverty, race, religion, ethnicity, and immigration status will affect how much you end up being surveilled. This reality has a punitive effect on poor people and their families and
  • Research from ProPublica in December 2017 found that dozens of companies, including Verizon, Amazon, and Target are using Facebook to target job ads to exclude older workers. Excluding older workers is illegal under US law, but Facebook's system allows advertisers to specify precisely who should see
  • A company called Liegey Muller Pons (LMP) offers data analysis tools to help candidates and political parties improve their political campaign strategy. The three founders of the company were member's of former President François Hollande's 2012 campaign team. LMP was then hired by current President
  • NationBuilder is an American political campaigning software company, which offers a fully integrated suite of tools for the organization of a campaign, and outreach through e-mail, telephone, social media, and traditional door-to-door campaigning. Many candidates in the 2017 French presidential
  • During the primary elections in November 2016, the former French president, Nicolas Sarkozy, reportedly used an app, called Knockin, that made it possible to identify and geolocate supporters for door-to-door campaigning. Based on a report by the French Radio RMC, the app would harvest public data
  • According to research conducted by Ronan Chardonneau, a French associate professor of digital marketing at Angers University, none of the websites of the eleven candidates' in the 2017 French presidential elections, that he looked into respected CNIL's directives regarding information that should be
  • In December 2017, the German cartel office presented preliminary findings in an investigation of Facebook, ruling that the company had abused its dominant position by requiring access to third-party data (including data from subsidiaries WhatsApp and Instagram) when an account is opened and tracking
  • "To the 53 people who’ve watched A Christmas Prince every day for the past 18 days: Who hurt you?" Netflix tweeted in December 2017. While the tweet did not contain any information that could have identified any of the 53 people, it still made many of those who saw it uncomfortable. A Christmas
  • In December 2017, it was revealed that the large telco Bharti Airtel made use of Aadhaar-linked eKYC (electronic Know Your Customer) to open bank accounts for their customers without their knowledge or consent. eKYC is a way of using data in the UIDAI database as part of the verification process
  • In 2017, Britain's' two biggest supermarkets, Tesco and Sainsbury's, which jointly cover 45% of the UK's grocery market, announced they would offer discounts on car and home insurance based on customers' shopping habits. For example, based on data from its Nectar card loyalty scheme, Sainsbury's
  • The French data protection regulator, the Commission Nationale de l'Informatique et des Libertés (CNIL), has issued a formal notice to Genesis Industries Limited, the maker of the connected toys My Friend Cayla and I-QUE. Genesis has two months to bring the toys into compliance with data protection
  • In 2015, James Bates (of Arkansas, United States) was charged with first-degree murder in the death of Victor Collins. Collins was found floating face down in Bates’ hot tub in November 2015, police said. Amazon Echo entered the murder case because someone present on the night of Collins’ death
  • A report for the US National Academy of Sciences explains the methods used by a team of computer scientists to derive accurate, neighbourhood-level estimates of the racial, economic, and political characteristics of 200 US cities using the images collected by Google Street View in 2013 and 2014. The
  • In 2017, Grindr, which at the time was available in 192 countries, began implementing new privacyimplementing new privacy protection measures in order to help protect its users in anti-gay countries such as those in the Middle East and Africa. Among them: users will be able to to change the Grindr
  • Facebook and Twitter have advised Damian Collins, the chair of the UK Parliament's digital, culture, media, and sport committee, that the companies will hand over some information relating to the rearch of Russia-backed posts during the EU referendum. Facebook has already given the US Senate similar
  • A recent study from the Yale Privacy lab and Exodus Privacy founds dozens of invasive trackers hidden in common Android apps. However, the method the researchers used, which involved writing code to expose the internal workings of the devices they tested, is legally barred under the US Digital
  • Recognising that many parents will be considering purchasing connected toys and other devices for their children, for Christmas 2017 the UK's Information Commissioner's Office issued a list of 12 guidelines for assessing products before purchasing. These include: research the product's security
  • Before and after the Italian election on 4 March 2018, concerns were raised about the spread of misinformation, disinformation and inflammatory content through a network of news sites and Facebook pages. In November 2017, in the run up to the election, Buzzfeed reported on links between a large
  • Following a 2016 hack including names, emails, adresses, and phone numbers of 57 millions Uber users and drivers, the company has paid 100,000 USD to hackers hoping that the data collected would be deleted. This decision was in line with Uber's strategy to try to keep the breach quiet while limiting
  • There has been the spread of the linking of the patient identity cards of HIV positive patients, pushed for by the National Aids Control Organisation. While it is not compulsory, in November 2017 it was reported that some patients reported that they were denied treatment until they gave their
  • In 2017, US Immigration & Customs Enforcement (ICE) announced that it would seek to use artificial intelligence to automatically evaluate the probability of a prospective immigrant “becoming a positively contributing member of society.” In a letter to acting Department of Homeland Security Secretary
  • The UK consumer watchdog Which? has called on retailers to stop selling popular connected toys it says have proven security issues. These include Hasbro's Furby Connect, Vivid Imagination's I-Que robot, and Spiral Toys' Cloudpets and Toy-fi Teddy. In its report, Which? found that these toys do not
  • A 2017 Freedom House survey of 65 countries found that 30 of them were using armies of "opinion-shapers" to manipulate elections, advance anti-democratic agendas, and repress their citizens. Although most of these countries direct these efforts to manipulate opinion domestically, the report finds
  • Owners of the Hong Kong-based sex toy company Lovense's vibrators who installed the company's remote control app were surprised to discover that the app was recording user sessions without their knowledge. They had authorised the app to use the phone's built-in microphone and camera, but only for
  • Logitech's announcement that it would end service and support for its Harmony Link devices in 2018 sparked online outrage after consumers realised this meant the devices would be disabled and that only those with devices still under warranty would get free replacements. Logitech has since said it
  • Cases of people being denied healthcare as they fail to provide an Aadhaar number have already started emerging. A 28-year old domestic worker, for instance, had to be hospitalised for a blood transfusion after she had an abortion with an unqualified local physician. She had been denied an abortion
  • In October 2017, the farm equipment manufacturer John Deere began requiring American farmers to sign an agreement forbidding almost all repair and modification of the equipment they buy and also preventing them from suiting for software-related problems. In response, the began hacking their John
  • Cracked Labs examines the impact on individuals, groups, and wider society of the corporate use of personal information as it feeds into automated decision-making, personalisation, and data-driven manipulation. On the web, companies track us via hidden software that collects information about the
  • In October 2017, an anonymous security researcher informed Equifax that in December 2016 they had found a vulnerability in one of its public-facing websites that allowed them to access the personal data of every American, including full names, birthdates, city and state of residence, and social
  • After investigation, the UK's privacy regulatory, the Information Commissioner's Office has found that two small sections of the written scripts used by Blue Telecoms, a marketing firm that made calls on behalf of the Conservative Party during the 2017 general election, crossed the line from
  • Our usual image of online advertising is that we are one of millions whose data is being examined by a large, remote organisation - a government or major company. Research from the University of Washington has found that anyone equipped with time, determination, and a relatively small budget of $1
  • A mistake in Facebook's machine translation service led to the arrest and questioning of a Palestinian man by Israeli police. The man, a construction worker on the West Bank, posted a picture of himself leaning against a bulldozer like those that have been used in hit-and-run terrorist attacks, with
  • On October 13, 2017, as a result of the massive data breach announced in September and the discovery that the company's website was infected with malware, the U.S. Internal Revenue Service suspended a $7.2 million contract with Equifax pending investigation. A week earlier, the IRS had announced
  • Some of the Google Home Mini units distributed before release to the tech press and at "Made By Google" events had a defective touch panel. The devices were meant to turn on recording only when the owner woke it up with "OK, Google" or applied a long press to the centre of the touch panels. Instead
  • In October 2017, the Equifax website was infected by malware that redirected visitors to a page that delivered fraudulent Adobe Flash updates that infected visitors' computers with adware. The company took down the affected pages after it was notified. Investigation showed that the malicious
  • In 2017, after protests from children's health and privacy advocates, Mattel cancelled its planned child-focused "Aristotle" smart hub. Aristotle was designed to adapt to and learn about the child as they grew while controlling devices from night lights to homework aids. However, Aristotle was only
  • In the lead up to the 2017 German federal election (Bundestagswahl), all political parties used social media like Facebook, Twitter, Instagram, YouTube, and e-mails as platforms to reach voters. The far-right Alternative for Germany party (AfD) reportedly hired a Texas-based company for their
  • In 2017 a free online service offered by Experian was found to be allowing anyone to request the PIN needed to unlock a previously-frozen consumer credit file. Freezing the file is intended to secure such accounts against tampering and fraud. To get an unlocking number, visitors needed to provide
  • In September 2017, unrelated to the massive data breach the company simultaneously announced, Equifax withdrew its mobile apps from Apple's App Store and Google Play because of security flaws that meant that data transferred between users and Equifax was not encrypted in transmission. Given the
  • A week after Equifax's massive 2017 data breach, researchers discovered that the company's Veraz online portal, designed to let Equifax's employees in Argentina manage credit report disputes mounted by that country's consumers, was left wide open, protected only by the user name and password
  • In September 2017, the Spanish national data protection regulator fined Facebook €1.2 million, alleging that the company collected personal information from Spanish users that could then be used for advertising. The investigation, which took place alongside others in Belgium, France, Germany, and
  • On September 11, 2017, while Florida residents were evacuating during the approach of Hurricane Irma, Tesla rolled out a real-time software update that increased the battery capacity of some of its Model S sedans and Model X SUVs. The update extended the vehicles' range, enabling drivers to travel
  • Days after Equifax discovered its data breach in July 2017 but before the breach was announced publicly in September, three of its top executives including the chief financial officer sold nearly $2 million worth of shares. The company told the Securities and Exchange Commission that the sales
  • On September 7, 2017, the credit scoring company Equifax announced that between mid-May and July 2017 its database of consumer records had been hacked. Eventually, in a filing with the Securities and Exchange Commission following demands from US senators, the company provided detailed statistics of
  • The UK Information Commissioner's Office has published policy guidelines for big data, artificial intelligence, machine learning and their interaction with data protection law. Applying data protection principles becomes more complex when using these techniques. The volume of data, the ways it's
  • Every Tesla vehicle is a mobile data collector incorporating built-in sensors that constantly record information about the car's environment and the way the driver navigates through it. The result is to inspire established automakers such as General Motors, Volkswagen, and Nissan-Renault to follow
  • In August 2017, it was reported that a researcher scraped videos of transgender Youtubers documenting their transition process without informing them or asking their permission, as part of an attempt to train artificial intelligence facial recognition software to be able to identify transgender
  • Sonos, which makes connected home sound systems, has told its customers that they will not be able to opt out of a new privacy policy launched in August 2017 that allows the company to begin collecting audio settings, errors, and other account data. Customers can opt out of sending some types of
  • In November 2017, an investigation of Equifax's Work Number database, owned by the company's TALX division, found that it contains over 296 million employment records including employees at all salary levels. Every week the database receives current payroll data on about a third of the working US
  • In the lead up to the German elections, the conservative Christian Democratic Union (CDU) created a mobile app, Connect 17, which was designed to create a feedback loop between party headquarters and door-to-door volunteers (also known as canvassers). The app drew on data from the federal statistics
  • In October 2017, researcher Brian Krebs discovered that a service provided by Equifax's TALX division, The Work Number, made it possible for anyone equipped with an individual's Social Security Number and date of birth to access that person's detailed salary and employment history. Because of the
  • A federal class-action lawsuit filed in California in July 2017 alleges that in violation of the Children's Online Privacy Protection Act (COPPA) and without parental permission, the Walt Disney Company secretly collects personal information about some of its youngest customers and shares it
  • In 2017 the Electronic Privacy Information Center filed a complaint with the US Federal Trade Commission asking the agency to block Google's Store Sales Measurement service, which the company introduced in May at the 2017 Google Marketing Next event. Google's stated goal was to link offline sales to
  • A man from Middletown, Ohio, was indicted in January 2017 for aggravated arson and insurance fraud for allegedly setting fire to his home in September 2016. Ohio authorities decided and succeeded to obtain a search warrant for the data recorded on the pacemaker after identifying inconsistencies in
  • Scientists at MIT have created an algorithm called "EQ Radio" that detects and measures individual heartbeats and therefore individuals' emotions by bouncing radio frequency signals - such as ordinary wifi- off of people. The algorithm works the same as an electrocardiogram but needs no leads to be
  • When Google launched Gmail in 2004, the new service rapidly gained acceptance because it offered far more storage space than any other comparable service. From the beginning, however, Gmail scanned the contents of emails to help the company generate contextual ads. Scanning has never applied to the
  • In 2017, Amazon was granted a patent has been granted a patent, first filed in 2012, on a mechanism that allows retailers to intercept network requests such as URLs and search terms on in-store wifi and either block shoppers from conducting online price comparisons or offer them discount coupons or
  • French spy agency Direction Générale de la Sécurité Intérieure in December 2016 for 10 million euros signed a contract buying access to Palantir’s Gotham software. French politicians have voiced concerns over the software as France pushes to become more technologically independent. Publication: EU
  • In May 2017, the French data protection regular, CNIL, fined Facebook €150,000 saying the company had failed to inform users properly about how their personal data is tracked and shared with advertisers. The regulator did not, however, order the company to change its practices. The decision was one
  • In May 2017, the European Commission fined Facebook $122 million for providing incorrect or misleading information during its 2014 acquisition of WhatsApp. At the time of the acquisition, Facebook assured the EC that it would not be able to link its accounts database to that of WhatsApp. After the
  • In May 2017, Equifax advised a number of customers that between April 2016 and March 2017 criminals had been able to steal income tax data from the service The Work Number provided by its TALX subsidiary. The Work Number provides online payroll, human resources, and tax services to companies for
  • In 2017, a group of data brokers led by Acxiom, AppNexus, and MediaMath, and including Index Exchange, LiveIntent, OpenX, and Rocket Fuel, launched a consortium to make targeted programmatic advertising more widely available. Part of the consortium's goal is to enable the companies involved to
  • In Bangladesh, as part of the USAID and Bill and Melinda Gates Foundation supported programme “a2i” (Access to Information), the government has built a system to allow citizens to receive their welfare payment on a pre-paid debit card given to them at the Bangladesh Post Office after having been
  • Facebook has come under fire after leaked documents revealed the social media site has been targeting potentially vulnerable children. The allegations suggest the company is gathering information on young people who “need a confidence boost” to facilitate predatory advertising practices
  • In a November 2017 report, Facebook's security group outlined the steps it would take to combat new forms of misuse of the platform, including attempts to deceive people and manipulate civic discourse at low cost or risk to the organisers. Among the drivers, the group cited the global reach Facebook
  • Connecticut police have used the data collected by a murder victim's Fitbit to question her husband's alibi. Richard Dabate, accused of killing his wife in 2015, claimed a masked assailant came into the couple's home and used pressure points to subdue him before shooting his wife, Connie. However
  • Widespread controversy resulted when users discovered in April 2017 that the little-known data company Slice Intelligence was passing anonymised data derived from scanning users' email inboxes to the ride-hailing company Uber. The story illustrates both the power of anonymous data and the complex
  • For some months in 2017, in one of a series of high-risk missteps, Uber violated Apple's privacy guidelines by tagging and identifying iPhones even after their users had deleted Uber's app. When Apple discovered the deception, CEO Tim Cook told Uber CEO Travis Kalanick to cease the practice or face
  • Using anonymised data GPS data from mobile devices, primarily smart phones, SafeGraph concluded that the crowds attending the US presidential inauguration in January 2016 make significantly less money than attendees of the Women's March two months later. The income level estimates were made possible
  • In 2017, Oracle Data Cloud and Simulmedia entered into an agreement to enable purchase-based targeting on national television. In this system, advertisers are able to reach audiences that are targeted based on their in-store purchases. Simulmedia is a leader in data-optimised TV campaigns; its
  • In a 2017 study of patterns of postings on Chinese social media, three Harvard researchers disagreed with the widespread claim that the government's strategy is to post "50c party" posts that argue for the government's side in policy and political debates. Instead, the researchers estimated that the
  • In 2015, the Swedish startup hub Epicenter began offering employees microchip implants that unlock doors, operate printers, and pay for food and drink. By 2017, about 150 of the 2,000 workers employed by the hub's more than 100 companies had accepted the implants. Epicenter is just one of a number
  • In 2017, the Massachusetts attorney general's office reached an agreement under which Boston-based Copley Advertising agreed to eschew sending mobile ads to patients visiting Planned Parenthood and other health clinics. In 2015, Copley's geofencing technique used location information from
  • In 2017, Uber began a programme experimenting with using psychology and social science insights to influence when, where, and how long its drivers work. Among other techniques, Uber auto-loaded the next fare to encourage the driver equivalent of binge TV-watching; reminded drivers when they're close
  • By 2017, facial recognition was developing quickly in China and was beginning to become embedded in payment and other systems. The Chinese startup Face++, valued at roughly $1 billion, supplies facial recognition software to Alipay, a mobile payment app used by more than 120 million people; the
  • A US House of Representatives oversight committee was told in March 2017 that photographs of about half of the adult US population are stored in facial recognition databases that can be accessed by the FBI without their knowledge or consent. In addition, about 80% of the photos in the FBI's network
  • Few people realise how many databases may include images of their face; these may be owned by data brokers, social media companies such as Facebook and Snapchat, and governments. The systems in use by Snap and the Chinese start-up Face++ don't save facial images, but map detailed points on faces and
  • In March 2017, Experian agreed to pay a $3 million fine to settle a complaint brought by the Consumer Financial Protection Bureau that until 2014 the company had provided consumers with "educational" credit scores that were different from the FICO scores actually provided to credit card issues
  • In 2017, an anonymous whistleblower sent a letter to Green party peer Jenny Jones alleging that a secretive Scotland Yard unit was illegally monitoring the private emails of campaigners and journalists. The letter included a list of ten people and the passwords to their email accounts and claimed
  • In 2017, an automated facial recognition dispenser was installed in one of the busiest toilets in Beijing in order to prevent theft of toilet paper rolls, chiefly by elderly residents. Would-be users must remove hats and glasses and stand in front of a high-definition camera for three seconds in
  • In 2017, the New York Times discovered that Uber had a secret internal programme known as "Greyball", which used data collected from the Uber app and other techniques to identify and bar regulators and officials from using its service. As the company expanded into new areas, its standard practice
  • In 2017, the French retargeting company Criteo admitted that Apple's Intelligent Tracking Prrevention - changed default settings that prevent ad networks and other technology companies from tracking users - would cut its revenues by 8% to 10%. Although Safari had blocked such third-party cookies
  • In 2017, Quantcast, which measures visitors to over 150 million web destinations, announced it would partner with Quantium, a company that collects purchase data and analytics, to bridge the gap between offline and online audiences and provide insight into the patterns of online consumer behaviour
  • In 2017 two Metropolitan police officers were jailed for five years for hacking into the force's intelligence database and leaking the identity of a protected witness to the defence lawyer in a 2011 murder trial that eventually saw the defendant, Leon De St Aubin, convicted. While the trial was in
  • In January 2017 two of the three largest US credit reporting bureaus, Equifax and TransUnion, were jointly fined $23 million in a settlement with the Consumer Financial Protection Bureau. CFPB held that the two companies marketed some of their products as free or costing $1 when in fact consumers
  • The key claim of retargeting, the business of companies like Paris-based Criteo, is that it can match long-tail advertisers with long-tail publishers and retailers. Ad exchanges enable these connections by identifying the specific group of people who need what smaller brands have - products such as
  • For a period between the end of October and November 3 2016 the heating and hot water systems in two buildings in the city of Lappeenranta, Finland were knocked out by a distributed denial of service attack designed to make the systems fail. The systems responded by repeatedly rebooting the main
  • Private companies are not the only actors pushing for increased control of benefit claimants. The World Bank has also instrumental in funding programmes aiming at assisting government in administrating welfare programmes which has led to futher surveillance of benefits claimants, in December 2016
  • In 2016 researchers in China claimed an experimental algorithm could correctly identify criminals based on images of their faces 89% of the time. The research involved training an algorithm on 90% of a dataset of 1,856 photos of Chinese males between 18 and 55 with no facial hair or markings. Among
  • In 2015, security contractors at Kryptowire discovered that some cheap Android phones came with pre-installed software that monitors where users go, whom they communicate with and the contents of the text messages they write. Written by the China-based company Shanghai Adups Technology Company, the
  • In 2016, Tapad and Acxiom's LiveRamp announced an expanded partnership to make Tapad's proprietary Device Graph accessible to LiveRamp's more than 400 adtech and marketing technology platforms. Device Graph enables marketers to track customer engagement across all digital channels. LiveRamp will use
  • At the Sixth Annual Conference on Social Media Within the Defence and Military Sector, held in London in 2016, senior military and intelligence officials made it clear that governments increasingly view social media as a tool for the Armed Forces and a "new front in warfare". Social media are also
  • In 2016, researchers at Dalhousie University in Canada and the Weizman Institute of Science in Israel developed a proof-of-concept attack that allowed them to take control of LED light bulbs from a distance of up to 400 metres by exploiting a flaw in the Zigbee protocol implementation used in the
  • In 2016, researchers at MIT developed a wristband device to automate tracking screen time based on an off-the-shelf colour sensor used to calibrate colour and brightness in TVs and other screens and a learning algorithm that could detect when a screen was nearby. The device was intended for use in a
  • In a presentation at London's 2016 Black Hat cybersecurity conference, researchers from UCL showed that it was possible to use ultrasound to track consumers across multiple devices. Marketers were already using beacons inaudible to the human ear to activate functions on devices via their microphones
  • A 2016 report, "The Perpetual Lineup", from the Center for Privacy and Technology at Georgetown University's law school based on records from dozens of US police departments found that African-Americans are more likely to have their images captured, analysed, and reviewed during computerised
  • The Japanese electronics giant NEC introduced one of its facial recognition systems for the first time in a sports arena in Colombia. The soccer stadium in Medellin has a capacity of 45,000 people and occasionally suffers from hooligans. The operator of the arena takes photos of such hooligans when
  • In 2016, the American Civil Liberties Union of Northern California published a report revealing that the social media monitoring service Geofeedia had suggested it could help police track protesters. The report's publication led Twitter and Facebook to restrict Geofeedia's access to their bulk data
  • A 2009 paper by the US National Academy of Sciences found that among forensic methods only DNA can reliably and consistency match evidence to specific individuals or sources. While it's commonly understood that techniques such as analysis of blood spatter patterns are up for debate, other types of
  • In 2016, rising awareness of the profits pharmaceutical and other medical companies make from personal data such as DNA samples and cell lines led to the rise of a "biorights" movement to ensure that patients retain greater control over their contributions. A federal complaint filed by the American
  • In 2016 researchers at the University of Texas at Austin and Cornell University demonstrated that a neural network trained on image datasets can successfully identify faces and objects that have been blurred, pixellated, or obscured by the P3 privacy system. In some cases, the algorithm performed
  • In 2016, researchers at MIT's Computer Science and Artificial Intelligence Laboratory developed a new device that uses wireless signals that measure heartbeats by bouncing off a person's body. The researchers claim that this system is 87% accurate in recognising joy, pleasure, sadness, or anger
  • In 2016, when data scientist Fred Benenson investigated why he had received an email from Sears asking if he was still interested in a product shortly after he had browsed for it on the Sears website, he discovered that Sears had contracted the French company Criteo to make this type of connection
  • The "couples vibrator" We-Vibe 4 Plus is controlled via a smartphone app connected to the device via Bluetooth. In 2016, researchers revealed at Defcon that the devices uses its internet connectivity to send information back to its manufacturer including the device's temperature, measured every
  • In September 2016, an algorithm assigned to pick the winners of a beauty contest examined selfies sent in by 600,000 entrants from India, China, the US, and all over Africa, and selected 44 finalists, almost all of whom were white. Of the six non-white finalists, all were Asian and only one had
  • A pregnancy-tracking app collected basic information such as name, address, age, and date of last period from its users. A woman who miscarried found that although she had entered the miscarriage into the app to terminate its tracking, the information was not passed along to the marketers to which
  • In May 2014 the Polish Ministry of Labor and Social Policy (MLSP) introduced a scoring system to distribute unemployment assistance. Citizens are divided into three categories by their “readiness” to work, the place they live, disabilities and other data. Assignment to a given category determines
  • Automated systems such as the personality test developed by Massachusetts-based workforce management company Kronos are increasingly used by large companies to screen job applicants. To avoid falling foul of regulations prohibiting discrimination against those with mental illness, often the
  • In 2016, researchers at the University of Birmingham and the German engineering firm Kasper & Oswald discovered two vulnerabilities in the keyless entry systems affecting practically every car Volkswagen Group had sold since 1995, estimated at 100 million vehicles. Two separate attacks use cheap
  • In a presentation given at the Knowledge Discovery and Data Mining conference in 2016, researchers discussed a method of using the data generated by smart card public transport tickets to catch pickpockets. In a study of 6 million passenger movements in Beijing, the researchers used a classifier to
  • Many people fail to recognise the sensitivity of the data collected by fitness tracking devices, focusing instead on the messages and photographs collected by mobile phone apps and social media. Increasingly, however, researchers are finding that the data collected by these trackers - seemingly
  • At the 2016 Usenix Workshop on Offensive Technologies, researchers from the University of Michigan presented the results of tests that showed that industrial vehicles - a 2006 semi-trailer and a 2001 school bus - were subject to the same security flaws as had already been found in domestic cars. Via
  • In 2016, when Australia was planning to introduce a new welfare system based on data collection, experts from New Zealand, where a similar system was set up in 2012, warned that experience showed that the most vulnerable people were checking out of any relationship with the state. They warned, for
  • In the past, car insurers relied on drivers to report their annual mileage when renewing their policies. Increasingly, however, insurers are turning to other methods. In 2016, State Farm, a US insurance company, acknowledged that the company verifies the mileage driven by the cars it insures in a
  • In 2016, PlaceIQ, which connected physical and digital activities across time, space, and mobile devices, announced a collaboration with Oracle that would make its audience data available through Data Cloud's BlueKai Marketplace. PlaceIQ uses data from 475 million location points, 100 million unique
  • In 2016, the French company Criteo, which uses website tags to collect information about the products visitors see, noted that it keeps such data for 13 months. The company creates user profiles based on each visit to a website to view content or a product, and also uses the data for retargeting ads
  • In 2016, supporters of Ted Cruz and Rand Paul for president were surprised to begin getting emails from the Trump campaign soon after their candidates dropped out of the race for the Republican nomination. In an investigation, CNNMoney found that nearly every failed 2016 presidential candidate sold
  • When journalist Alex Hern needed to set up a Facebook account in order to manage the Guardian's technology page and other work-related things, he locked down its privacy settings so that the account's profile would not appear in searches and only Friends of Friends could add him as a friend. In
  • In 2016, Facebook gave conflicting accounts of whether the service uses location data in order to recommend prospective Friends in its "People You May Know" feature. When the company first admitted - for publication - that location data was indeed one of the signals it used, many users felt this
  • In 2015, the DNA testing company 23andMe revealed it had sold access to the DNA information it had collected from the 1.2 million people who had paid for genetic testing to more than 13 drug companies. One of these was Genentech, which paid $10 million to look at the genes of people with Parkinson's
  • In 2016, Facebook and Google began introducing ways to measure the effectiveness of online ads by linking them to offline sales and in-store visits. Facebook's measurement tools are intended to allow stores to see how many people visit in person after seeing a Facebook campaign, and the company
  • In June 2016, National Security Agency deputy director Richard Ledgett told a conference on military technology conference that the agency was researching whether internet-connected biomedical devices such as pacemakers could be used to collect foreign intelligence. Ledgett identified the complexity
  • A new breed of market research companies are pioneering geoanalytics to find complex financial information. That is, they use machine learning algorithms to search for patterns in high-resolution satellite imagery that's refreshed daily and available at the scale of 1 meter per pixel. Much of the
  • In 2016, security expert Ken Munro discovered security bugs in the onboard wifi in Mitsubishi's Outlander hybrid car that could be exploited to turn off the car's alarm. Some aspects of the Outlander can be controlled by a smartphone app that talks to the car via the onboard wifi. Security flaws in
  • The discovery in 2016 of previous hacker break-ins such as the 2013 theft of 360 million old MySpace accounts and the 2012 hack of LinkedIn suggest that although websites come and go and "linkrot" means web pages have a short half-life, user data lives on for a deceptively long time. This is
  • The price of using voice search is that Google records many of the conversations that take place in their presence. Users wishing to understand what Google has captured can do so by accessing the portal the company introduced in 2015. Their personal history pages on the site include both a page
  • As speech recognition and language-processing software continue to improve, the potential exists for digital personal assistants - Apple's Siri, Amazon's Alexa, and Google Assistant - to amass deeper profiles of customers than has ever been possible before. A new level of competition arrived in 2016
  • In 2015, Boston advertising executive John Flynn, CEO of Copley Advertising, began developing a system that uses standard online advertising and tracking techniques, coupled with geofencing, to send advertisements to women's smartphones when they are sitting inside Planned Parenthood clinics and
  • Computer programs that perform risk assessments of crime suspects are increasingly common in American courtrooms, and are used at every stage of the criminal justice systems to determine who may be set free or granted parole, and the size of the bond they must pay. By 2016, the results of these
  • Uber has closely studied how dynamic pricing functions and when it's acceptable to users. One discovery is that round numbers signal haste and sloppiness where riders appear to believe that more precise numbers (for example, 2.1 instead of 2) have been carefully worked out by an algorithm. The
  • In 2016, Nguyen Phong Hoang, a security researcher in Kyoto, Japan demonstrated that the location of users of gay dating apps such as Grindr, Hornet, and Jack'd can be pinpointed even when they have turned on features intended to obscure it - a dangerous problem for those have not come out publicly
  • In 2016, Verbraucherzentrale NRW, a consumer protection organisation in the German state of North Rhine-Westphalia accused Samsung of harvesting data and sending it back to the company over the internet without informing users as soon as its smart televisions are connected to the internet. The
  • FindFace compares photos to profile pictures on social network Vkontakte and works out identities with 70% reliability. Some have sounded the alarm about the potentially disturbing implications. Already the app has been used by a St Petersburg photographer to snap and identify people on the city’s
  • In 2016, Acxiom announced a deal with the media delivery company Valassis, a subsidiary of Harland Clarke Holdings Corp, intended to provide marketers with better post-campaign analytics. The linkage of the two companies was intended to "provide an integrated view of a consumer's purchase behaviour"
  • In 2016, Danish researchers Emil Kirkegaard and Julius Daugbjerg Bjerrekær released a dataset onto the Open Science Framework that included details of almost 70,000 users of the online dating site OkCupid. The researchers created the dataset themselves by using software to scrape information from
  • In 2016, VICE News discovered that the confidential and "shadowy" World-Check database, which has wrongly linked individuals to terrorist activity, was being widely used by British police and intelligence. Also a customer is the Charity Commission, which uses it to screen charities and aid
  • Twitter requested one of its key B2B partners, Dataminr — a service that offers advanced social media analytics and early detection of major events like terrorist attacks or natural disasters — stop providing U.S. intelligence agencies with their tools and content. Dataminr isn’t ending its
  • By 2020, digital ad spending on political campaigns, which was about $22 million in 2008, is projected to reach $3.3 billion. Broadcast audiences in 2016 were about a quarter the size they were in the 1980s, and they are continuing to shrink, while half of US broadcast radio stations are expected to
  • In 2012, London Royal Free, Barnet, and Chase Farm hospitals agreed to provide Google's DeepMind subsidiary with access to an estimated 1.6 million NHS patient records, including full names and medical histories. The company claimed the information, which would remain encrypted so that employees
  • In 2016, Oracle, long known as an enterprise software company, acquired the audience tracking company AddThis as part of expanding its business into marketing technology. AddThis places buttons on web pages to enable visitors to share stories or follow accounts on social media sites such as Facebook
  • As part of its Smart Nation programme, in 2016 Singapore launched the most extensive collection of data on everyday living ever attempted in a city. The programme involved deploying myriad sensors and cameras across the city-state to comprehensively monitor people, places, and things, including all
  • According to the US security firm Statfor the Chinese government has been builsing a system to analyse the massive amounts of data it has been collecting over the past years. The company claims: "The new grid management system aims to help the Chinese government act early to contain social unrest
  • In 2016, 21-year-old Russian photographer Egor Tsvetkov launched the "Your Face is Big Data" project. He created the project by semi-secretly photographing passengers seated across from him on the St. Petersburg metro, then uploading the images to an online service called FindFace. FindFace's
  • Between 2010 and 2016, access control spyware implementing a remote "kill switch" was installed increasingly often in rent-to-buy laptops and cars financed by subprime loans. In a 2012 case the Federal Trade Commission settled with seven computer rental companies over their use of DesignerWare's
  • In March 2016, a hacker group identifying itself as Anonymous Philippines defaced the website of the Philippine Commission on the Elections (Comelec), leaving a message that accused Comelec of not doing enough to secure the voting machines due to be used in the general election the following month
  • In September 2016, the US Federal Trade Commission hosted a workshop to study the impact of big data analysis on poor people, whose efforts to escape poverty may be hindered by the extensive amounts of data being gathered about them. Among those who intensively surveil low-income communities are
  • In April 2016, Google's Nest subsidiary announced it would drop support for Revolv, a rival smart home start-up the company bought in 2014. After that, the company said, the thermostats would cease functioning entirely because they relied on connecting to a central server and had no local-only mode
  • At the 2016 Usenix conference, MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) presented a system called Chronos that could use wifi signals to detect the position of a person or object inside a room to within tens of centimetres. MIT claimed Chronos was 20 times more accurate
  • In early 2016 Libreville, the capital of Gabon, signed up for Microsoft's CityNext programme, which is intended to supply innovative "smart city" solutions in eight key areas: health, social services, infrastructure, water, electricity, justice, culture, and education. Applications in each area will
  • In 2016, the Big Data lab at the Chinese search engine company Baidu published a study of an algorithm it had developed that it claimed could predict crowd formation and suggested it could be used to warn authorities and individuals of public safety threats stemming from unusually large crowds. The
  • By 2016, numerous examples had surfaced of bias in facial recognition systems that meant they failed to recognise non-white faces, labelled non-white people as "gorillas", "animals", or "apes" (Google, Flickr), told Asian users their eyes were closed when taking photographs (Nikon), or tracked white
  • In 2016, when security expert Matthew Garrett stayed in a London hotel where the light switches had been replaced by Android tablets, it took him only a few hours to gain access to all of the room's electronics. The steps he followed: plug his laptop into a link in place of one of the tablets; set
  • In 2016 Jonathan Evans, the former head of Britain's MI5 warned that private firms are analysing "open source" - that is, publicly posted - information to create profiles that are just as intrusive as anything Britain's intelligence agencies deploy and that the gap is closing between open
  • In 2016, Spanish Jose Carlos Norte, the chief technology officer at Telefonica subsidiary EyeOS, used the scanning software Shodan to find thousands of publicly exposed telematics gateway units. TGUs are small radio-enabled devices that are attached to industrial vehicles so their owners can track
  • In 2016 the Dutch Data Protection Authority (AP) ruled that the Personal Data Protection Act prohibits companies from monitoring their employees' health via wearables, even when employees have given their permission. The ruling concluded the AP's investigation into two companies; in one of them
  • In 2016, researchers affiliated with Verto Analytics and the Qatar Computing Research Institute published work in which they analysed the app usage and demographics of more than 3,700 people in order to find correlations. Based on the models they developed, they found they could predict a user's
  • In 2016, a group of criminologists intend on identifying the famous graffiti artist Banksy used a forensic technique known as geographical profiling. The technique is more commonly used to identify potential suspects in cases of serial rape, arson, and murder, and works by mapping crimes to see if
  • A 2016 study from the French Institute for Research in Computer Science and Automation found that in 95% of cases it takes as few as four of the apps users have installed on their smartphones to reidentify them within a dataset. Based on a study of 54,893 Android users over seven months, the
  • Caucuses, which are used in some US states as a method of voting in presidential primaries, rely on voters indicating their support for a particulate candidate by travelling to the caucus location. In a 2016 Marketplace radio interview, Tom Phillips, the CEO of Dstillery, a big data intelligence
  • French website IVG.net, first Google result when typing IVG (Interuption Volontaire de Grossesse or abortion in french), has been exposed as being anti-abortion website spreading misinformation. Offering an official looking "Numero vert" (free to call phone number number), IVG.net attempts to
  • In 2015, Norwegian telephone company Telenor announced it was acquiring Tapad, a five-year-old New York-based advertising startup for $360 million. Tapad focuses on cross-device "retargeting"; that is, it claims to track billions o dfata points across mobile devices, PCs, TV, and watches, and, going
  • By 2016, a logical direction for data-driven personalisation efforts to go was toward the "Internet of Emotions": equipping devices with facial, vocal, and biometric sensors that use affective computing to analyse and influence the feelings of device owners. Of particular concern is the potential
  • In 2016 reports surfaced that bricks-and-mortar retailers were beginning to adopt physical-world analogues to the tracking techniques long used by their online counterparts. In a report, Computer Sciences Corporation claimed that about 30% of retailers were tracking customers in-store via facial
  • A new generation of technology has given local law enforcement officers in some parts of the US unprecedented power to peer into the lives of citizens. In Fresno, California, the police department's $600,000 Real Time Crime Center is providing a model for other such centres that have opened in New
  • In 2016, the US's third-largest property and casualty insurer, Liberty Mutual, announced it would partner with Subaru to enable drivers who have bought Subaru's Starlink infotainment system to download a car app that will notify them if they are accelerating too aggressively or braking too hard. The
  • In 2013, Oracle spent $1.5 billion to acquire the cross-channel marketer Responsys in a move analysts saw as an effort to compete with Salesforce, and also Adobe Systems. The acquisition was the beginning of a push into marketing that continued through 2015. Oracle, better known for enterprise
  • In 2015, the Royal Parks conducted a covert study of visitors to London's Hyde Park using anonymised mobile phone signals provided by the network operator EE to analyse footfall. During the study, which was conducted via government-funded Future Cities Catapult, the Royal Parks also had access to
  • In 2015, Oracle and the US Federal Trade Commission settled charges that Oracle had compromised users' security by failing to remove older versions of Java SE from their computers when the software was updated. The software was installed on more than 850 million computers as of August 2014; Oracle
  • In what proved to be the first of several years of scandals over the use of personal data in illegal, anti-democratic campaigning, in 2015 the Guardian discovered that Ted Cruz's campaign for the US presidency paid at least $750,000 that year to use tens of millions of profiles of Facebook users
  • A 2015 study carried out in Rwanda and published in the journal Science used mobile phone records to study the distribution of wealth and poverty in an attempt to fill in the gap left by the difficulty of collecting accurate statistics. A rought idea of geographic location was derived from
  • In 2015, Facebook created the "Free Basics" programme, in which the company partnered with telephone carriers in various countries to offer free access to Facebook - that is, using Facebook would not count against their data plan. While critics argued the plan is anti-competitive, violates the
  • In 2015, a small number of Silicon Valley start-ups began experimenting with assessing prospective borrowers in developing countries such as Kenya by inspecting their smartphones. Doing so, they claimed, enabled them to charge less in interest than more traditional microlenders, since many of their
  • Documents submitted as part of a 2015 US National Labor Relations Board investigation show that Walmart, long known to be hostile to unions, spied on and retaliated against a group of employees who sought higher wages, more full-time jobs, and predictable schedules. In combating the group, who
  • In 2015, ABI Research discovered that the power light on the front of Alphabet's Nest Cam was deceptive: even when users had used the associated app to power down the camera and the power light went off, the device continued to monitor its surroundings, noting sound, movement, and other activities
  • In 2015, Oracle rolled out "Validated Demographics", a service based on combining the capabilities it acquired with BlueKai, a data management platform that gathers data from publishers, and Datalogix, a tool that compiles offline demographic data. The combination of these complementary services
  • In 2015, Quantcast CEO Konrad Feldman explained his purpose in starting up the company in 2006: "to manufacture data to make advertising more relevant for consumers". By 2015, as display advertising on the web was beginning to use the targeting techniques previously preserved for search advertising
  • In 2015, plans to install smart electricity meters in 95% of Austrian homes by 2019 were in doubt because of legal uncertainty about data protection, with customers trying to prevent their deployment, according to Die Presse newspaper. The idea is that smart meters will allow customers to log on and
  • For low-income Americans to receive public benefits they are legally entitled to, they must submit to widespread monitoring of their intimate and personal affairs. This monitoring includes sharing a trove of personal documents and information, unannounced home visits from caseworkers, mandatory face
  • In 2015, a data leak apparently linked to the new Uber partner app exposed the personal information of hundreds of drivers, including their Social Security numbers, scanned drivers' licences, tax forms, and other documents. The information was likely to have been available for at least a few hours
  • In 2019, a prominent page on the Facebook Business site cited the British Conservative Party as a "success story" at the 2015 general election, which put the party into power with a narrow majority. The site boasted that via Facebook the Conservatives had an 80.6% reach in key constituencies, 3.5
  • In 2015, Ant Financial, a Chinese company affiliated with Alibaba, began deploying "Sesame Credit scores". Ant, which also runs the popular payment app Alipay, claims that it uses both online and offline purchasing and spending habits to calculate a credit worthiness score for each of its more than
  • The news that connected TVs and set-top boxes were listening in on their owners' conversations led the state of California to pass legislation (AB1116) prohibiting companies from operating a voice recognition feature without prominently informing the user or installer during initial setup. In
  • In 2015, the Canadian Department of National Defence issued a procurement request for a contractor who could find "vulnerabilities and security measures" in a 2015 pick-up truck whose model and make were not specified and "develop and demonstrate exploits" for the military. The contractor was to
  • In 2015, researchers at Harvard University found vulnerabilities in the anonymisation procedures used for health care data in South Korea that enabled them to de-anonymise patients with a 100% success rate and to decrypt the Resident Registration Numbers included with prescription data relating to
  • In a 2015 study of 79 apps listed in NHS England's Health Apps Library, which tests programs to ensure they meet standards of clinical and data safety, researchers at Imperial College London discovered that 70 of them sent personal data to associated online services and 23 sent that data without
  • In 2015, US director of national intelligence James Clapper, backed by National Security Agency director Admiral Michael Rogers, warned Congress that the next phase of escalating online data theft is likely to involve manipulating digital information. Clapper and Rogers viewed this type of attack as
  • In Mexico, people registered as beneficiaries of any programmes led by the Ministry of Social Development could obtain a TV set, as part of the transition from analogue to digital TV organised by the Ministry of Communications and Transportation. Yet, the Ministry of Communications and
  • In May 2015, the US Department of Justice and the FBI submitted a declaration to an Oregon federal judge stating that the US government's no-fly lists and broader watchlisting system relied on predictive judgements of individuals rather than records of actual offences. The documents were filed as
  • On July 1, 2015 Kuwait's National Assembly passed a new counter-terrorism law that included the requirement that all 1.3 million Kuwaiti citizens and 2.9 million foreign residents provide DNA samples, which will be stored in a database maintained and operated by the Interior Ministry. The law, which
  • In 2015, Quantcast launched Audience Grid, an "open data marketing platform" to combine the data it collects from websites with data on audience habits collected by partners such as Tivo Research and Oracle's Datalogix. The combination is intended to give online advertisers greater insight into
  • In 2015, Chinese hackers stole sensitive information including social security numbers and residency, employment, educational, and medical histories concerning more than 21 million people from the US Office of Personnel Management. OPM houses this information about all federal employees along with
  • In June 2015, the Belgian data protection regulator, Commission for the Protection of Privacy, launched a complaint that Facebook indiscriminately tracked internet users when they visited Facebook pages or clicked Like or Share, even when they are not Facebook members. In November 2015, the Court of
  • A 2015 study by The Learning Curve found that although 71% of parents believe technology has improved their child's education, 79% were worried about the privacy and security of their child's data, and 75% were worried that advertisers had access to that data. At issue is the privacy and security
  • In 2015, Facebook's AI lab announced that its researchers had devised an experimental algorithm that could recognise people in photographs even when their faces are hidden or turned away. The researchers trained a sophisticated neural network on a dataset of 40,000 photographs taken from Flickr
  • In 2015, a series of interviews with Moshe Greenshpan, the founder and CEO of the Israeli company Skakash, revealed the existence of the company's facial recognition software Churchix. The software is intended to help churches keep track of who attends services and other events by matching reference
  • In 2013, the New York-based startup Tapad was growing fast based on its claim to be able to track and target individual consumers across many devices - desktop and laptop computers, TVs, smartphones, and tablets. The technique goes well beyond cookies, which enable sites to track individuals across
  • In 2015, the advertising startup Tapad launched TV Pulse, a measurement platform that added linear TV data to its existing cross-device platform. The company claimed that its technology could detect devices such as smartphones being used by the same consumer who had viewed the company's TV ads, to
  • In 2014, Oracle beat out Facebook, Adobe Systems, and TV ratings agency AC Nielsen to acquire Datalogix for an estimated $1.2 billion. At the time, DataLogix, which provides data on offline consumer spending to digital marketers to enable them to track the effectiveness of their ads, had estimated
  • By 2015, the cost, invasiveness, and effort involved in conducting medical tests led to proposals for lightweight wearable sensors that could perform the same job. Several such efforts focus on making these sensors fashionably acceptable by making them out of skinlike substances with electronics
  • In 2015, the Carrefour supermarket in Lille installed a system of LED lights designed by Philips that send special offers and location data to customers' smartphones. Using the system, customers who install an app can use their smartphone camera to detect all the promotions around them or search for
  • In 2015, a newly launched image recognition function built into Yahoo's Flickr image hosting site automatically tagged images of black people with tags such as "ape" and "animal", and also tagged images of concentration camps with "sport" or "jungle gym". The company responded to user complaints by
  • Over the course of a few seconds in April 2013, a false tweet from a hacked account owned by the Associated Press is thought to have caused the Dow-Jones Industrial Average to drop 143.5 points and the Standard & Poor's 500 Index to lose more than $136 in value. The tweet was retweeted 4,000 times
  • In 2015, Chinese authorities banned the 1.6 million members of the country's People's Liberation Army from using smartwatches and other wearable technology in order to prevent security breaches. Army leaders announced the decision after a soldier in the city of Nanjing was reported for trying to use
  • In 2014, India's newly elected prime minister, Narendra Modi, allocated INR70.6 billion (upwards of £750 million) to a plan called "100 Smart Cities". Although a year later the funding dropped to INR1.4 billion, smart city-themed conference continued to take place in Delhi and Mumbai, and urban
  • In 2016, Tapad launched a partnership with the location-based ad targeting firm Placed to provide a service measuring the impact of digital advertising on in-store sales. Tapad sends anonymous campaign data to Placed, which has a panel of more than 500,000 users who have opted in. Placed measures
  • In 2014, Tapad claimed its system for matching consumers across multiple devices protected privacy because it relied on probabilistic matching rather than a deterministic approach that builds on personally identifiable information. The deterministic approach relies on logins - for example, an
  • Because banks often decline to give loans to those whose "thin" credit histories make it hard to assess the associated risk, in 2015 some financial technology startups began looking at the possibility of instead performing such assessments by using metadata collected by mobile phones or logged from
  • In October 2015, Experian announced that a breach of its computer systems exposed the Social Security numbers and other data of approximately 15 million people who applied for financing from the mobile network operator T-Mobile USA, to which Experian supplied credit assessment services. Experian
  • In 2015, Turner Broadcasting, a semi-autonomous division of AT&T's Warner Media announced it would integrate offerings from Episilon, Krux, and Oracle into its data management platform, which powers its ads. Oracle and Epsilon help bring in offline and multichannel consumer data, while Krux bridges
  • In 2014, researchers at Princeton University outlined an attack that uses multiple third-party cookies to link traffic so that individual users can be identified and tracked from anywhere in the world. A nation-state wishing to surveil particular users outside its jurisdiction, for example, may have
  • In the 2014 report "Networked Employment Discrimination", the Future of Work Project studied data-driven hiring systems, which often rely on data prospective employees have no idea may be used, such as the results of Google searches, and other stray personal data scattered online. In addition
  • Nearly 700,000 Facebook users were subjects of a research study where researchers changed randomly selected users' newsfeeds to be more positive or negative to study whether those users then displayed a more positive or negative affect in response. The experiment showed the power of Facebook's control over the News Feed and the algorithms that determine which of the possible pieces of content shows up at the top at any given moment.
  • In 2014, NYC Planning Labs Chris Whong was sent and made public a complete a complete dump of historical trip and fare logs from New York City taxis in response to a Freedom of Information request. The more than 20GB of uncompressed data comprising more than 173 million individual trips included
  • In 2013 and 2014, Quantcast's CEO, Konrad Feldman, claimed that real-time bidding, the latest trend in advertising technology, was providing a new way to game advertisers. RTB, also known as "programmatic" advertising, uses cookies to track what users have looked at and then retarget them through
  • In 2009, Spanish citizen Mario Costeja González objected to the fact that an auction notice from 1998, when his home was repossessed, was still accessible on the website of the Spanish newspaper La Vanguardia and the first thing people saw when they searched for him on Google. When the courts
  • This article is an overview of some of the research documenting how people in vulnerable positions are the ones most affected by government surveillance. https://stateofopportunity.michiganradio.org/post/technology-opportunity-researcher-says-surveillance-separate-and-unequal Author: Kimberly
  • In 2014, DataKind sent two volunteers to work with GiveDirectly, an organisation that makes cash donations to poor households in Kenya and Uganda. In order to better identify villages with households that are in need, the volunteers developed an algorithm that classified village roofs in satellite
  • Virginia Eubanks explains what we can draw from understanding the experience of surveillance of marginalised groups: it is a civil rights issue, technologies carry the bias of those who design them, people are resisting and why we need to move away from the privacy rights discourse. https://prospect
  • In 2014, Acxiom's chief product and engineering officer, Phil Mui, described the system the company had been building to link individuals' activities across the many channels, devices, and applications they use. A single individual may accumulate four different personas via 24 cookies across six
  • In August 2016, Oracle's MICROS division, one of the top three global point-of-sale vendors, was hacked by the Carbanak Gang, a Russian organised cybercrime group known for hacking into banks and retailers. In 2014 when Oracle acquired it, MICROS' systems were in use at more than 200,000 food and
  • In this 2013 piece, Virginia Eubanks discuss the move in Indiana from relying on caseworkers to automating the distribution of benefits and how through the use of performance metrics to speed up the decision-making process, the system ended up being incentivising the non-distribution of benefits
  • In Israel, the National Insurance Institutes sends out anti-fraud officers to spy on benefits claimants. Among the cases reported, a woman had her benefits allowances halved after a man entered her house pretending to be interested in buying the flat next door. The man, who was in fact a NII
  • In 2013, detailed personal information being sold by the fraudster-friendly underground service Superget.info was found to have been bought from CourtVentures, a public records aggregator bought by Experian in 2012. In late 2013, Superget.info's operator, 24-year-old Vietnamese national Ngô Minh
  • In 2012, when the French company Criteo filed with the Securities and Exchange Commission to go public, it cited its data assets and the accuracy of its algorithms as a crucial part of its valuation. The company said that every day it was presented with billions of opportunities to connect
  • In 2013, 44 years after Acxiom went into business selling consumer data, the company opened a website, aboutthedata.com, to allow Americans to see the data the company holds about them and make it easier to opt out of tracking. However, using the site requires visitors to input a substantial amount
  • In August 2013, a jury in the Portland, Oregon Federal District Court awarded Julie Miller $18.4 million in punitive damages when despite two years of complaints and filings Equifax failed to rectify errors in her credit report that blocked many aspects of her financial life. Miller had followed the
  • In 2013, Edward Snowden, working under contract to the US National Security Agency for the consultancy Booz Allen Hamilton, copied and leaked thousands of classified documents that revealed the inner workings of dozens of previously unknown surveillance programs. One of these was PRISM, launched in
  • In 2013, Twitter announced it would partner with numerous advertising companies including Quantcast and Oracle's BlueKai to create "tailored audiences". Twitter claims the service anbles advertisers to define targeted groups of current and prospective customers who have "shown interest" in their
  • In 2013, companies like Tapad developed new "cross-screen marketing" techniques to allow them to expand from tracking desktop computer users across the web to targeting them as they moved to smartphones and tablets. Cookies - small bits of code deposited on computers - do not work as well on mobile
  • The Satellite Sentinel Project, a constellation of high-powered satellites trained to find atrocities on the ground with a half-metre resolution, was set up in 2009 to find human rights abuses in the conflict in Sudan. Conceived by former Clinton administration State department staffer John
  • In 2013, Harvard professor Latanya Sweeney found that racial discrimination pervades online advertising delivery. In a study, she found that searches on black-identifying names such as Revon, Lakisha, and Darnell are 25% more likely to be served with an ad from Instant Checkmate offering a
  • In January 2013, Facebook upgraded its search tool to enable the site to answer more complex questions. Called Graph Search, the new tool aimed to make it possible for users to find businesses and each other based on location, personal history, personal interests, and mutual friends. The site
  • In December 2012, the US Federal Trade Commission opened an investigation into data brokers' privacy practices, requesting information from nine companies: Acxiom, Corelogic, Datalogix, eBureau, ID Analytics, Intelius, Peekyou, Rapleaf, and Recorded Future. The FTC sought information about: the
  • In October 2012, Equifax agreed to a settlement with the US Federal Trade Commission over charges that between January 2008 and early 2010 the company improperly sold lists of consumers who were late on their mortgage payments in violation of the FTC Act and the Fair Credit Reporting Act. Equifax
  • In 2012 the US Consumer Watchdog advocacy group filed a complaint against Google alleging that the company had violated its 2011 consent decree with the US Federal Trade Commission in the case about Google Buzz. The complaint was based on February 2012 revelations that the site was failing to honour
  • The State is not always the only actor involved in the surveillance of benefits claimants. Often those practices are encouraged, facilitated or conducted by private companies. South Africa for instance mandated MasterCard to help distribute benefits through biometric debit cards. https://www
  • Research from the Brennan Center shows minorities are primarily affected by new laws that restrict citizens access to voting through ID requirement, increased distance to polling station, inconvenient opening hours and hidden costs. https://www.theguardian.com/world/2012/jul/18/voter-id-poor-black
  • In 2012, Acxiom's database was reported to be the largest commercial database on consumers in the world, containing approximately 1,500 data points, or "elements", for each of the 500 million active consumers worldwide and processing more than 50 trillion data transactions per year. Each of the
  • In 2012, Google announced it would condense 70 different privacy policies into a single one that would allow the company to merge the data collected across all its services, including Maps, search, Android, Books, Chrome, Wallet, Gmail, and the advertising service provided by its DoubleClick
  • In 2012, Facebook CEO Mark Zuckerberg's sister, Randi, tweeted to fellow Twitter user Callie Schweitzer that Schweitzer had violated her privacy by posting a picture taken in her kitchen. Randi Zuckerberg, the former head of Facebook's marketing department, had posted the picture, which was taken in
  • In November 2011, the US Federal Trade Commission charged Facebook with repeatedly breaking the privacy promises it made to users. Among the list of deceptive practices and incidents in the FTC's complaint were December 2009 changes Facebook made to its site that publicly exposed information users