Advanced Search
Content Type: Examples
Police investigating the 2016 rape and murder of a 19-year-old medical student were unable to search the iPhone of suspect Hussein Khavari, an Afghan refugee who declined to give them his password. The investigators gained access to the phone via a private company in Munich, and went through Apple's health app data to discern what kinds of activities Khavari participated in on the day of the murder. The app identified the bulk of his activity as "climbing stairs". An investigator of similar…
Content Type: Examples
In February 2018 Uber and the city of Cincinnati, Ohio announced the Cincinnati Mobility Lab, a three-year-partnership that will allow the city and the surrounding area in northern Kentucky to use Uber data for transport planning. Cincinnati, like many cities, is anxious to identify the impact of Uber and Lyft on local roads and transit networks. Uber claims 200,000 app users and 4,000 active drivers in the Cincinnati area, and sees the city as a representative example for a test that it may…
Content Type: Examples
In October 2017, the farm equipment manufacturer John Deere began requiring American farmers to sign an agreement forbidding almost all repair and modification of the equipment they buy and also preventing them from suiting for software-related problems. In response, the began hacking their John Deere tractors with internet-sourced Ukrainian firmware in order to circumvent the restrictions. Farmers, who have traditionally had the ability to repair their own equipment, view the restrictions as…
Content Type: Examples
As a gift in 2012, the Chinese government built the African Union's $200 million Addis Ababa headquarters, where African ministers and heads of state meet twice a year to discuss major continental issues. In 2017, Le Monde Afrique discovered that the building's computer systems incorporated an undocumented portal that grants Chinese administrators access to the entire system. After the surveillance was exposed, the AU acquired its own servers and declined China's offer to configure them; it…
Content Type: Examples
In February 2018, police in China began using connected sunglasses equipped with facial recognition to scan crowds looking for suspected criminals. In a test at a busy train station in the city of Zhengzhou, police were able to identify and apprehend seven suspects accused of crimes ranging from hit-and-run to human trafficking. Police also identified 26 people using fake IDs, according to the Communist Party's People's Daily Newspaper. The glasses allow police officers to take a…
Content Type: Examples
In February 2018 the Canadian government announced a three-month pilot partnership with the artificial intelligence company Advanced Symbolics to monitor social media posts with a view to predicting rises in regional suicide risk. Advanced Symbolics will look for trends by analysing posts from 160,000 social media accounts; the results are intended to aid the Canadian government in allocating mental health resources. The company claims to be able to predict suicidal ideation, behaviours, and…
Content Type: Examples
In 2010, Apple's then-CEO Steve Jobs revealed that the reason his company changed the rules in the written agreement it requires iPhone app developers to sign was due to a report published by the vice-president of the app analytics company Flurry, Peter Farago. In one of its monthly reports on app development, Farago had published the fact that Flurry's analytics had identified 50 gadgets in use on Apple's campus that seemed likely to be the then-still-secret iPad. In line with the new…
Content Type: Examples
In November 2017, San Francisco-based Strava, maker of a GPS-enabled fitness app, published a heat map showing the activity of all its 27 million users around the world. Upon outside examination, the data visualisation, which was built from 1 billion activities and 3 trillion data points covering 27 billion kilometres of distance travelled over the previous two years, exposed individual jogging routes in remote areas, including those used by soldiers around military bases in war zones, where…
Content Type: Examples
In 2014, the UK suicide prevention group The Samaritans launched Radar, a Twitter-based service intended to leverage the social graph to identify people showing signs of suicidal intent on social media and alert their friends to reach out to offer them help. The app was quickly taken offline after widespread criticism and an online petition asking them to delete the app. Among the complaints: the high error rate, intrusiveness, and the Samaritans' response, which was to suggest that people…
Content Type: Examples
As of early 2018, Facebook's friends recommendations (People You May Know) are based on the address books users give them. However, Facebook has been filing patent applications for a new generation of technologies for collecting more information about its users and matching them more accurately. One, filed in 2014, describes technology to discern whether two people might know each other from smartphone data including location, accelerometer, and gyroscope readings, which show how often two…
Content Type: Examples
EU antitrust regulators are studying how companies gather and use big data with a view to understanding how access to data may close off the market to smaller, newer competitors. Among the companies being scrutinised are the obvious technology companies, such as Google and Facebook, and less obvious companies such as German car maker BMW. The commissioner for competition, Margrethe Vestager, says her office has not yet found cause for concerns, although it fined Facebook for giving misleading…
Content Type: Examples
In 2014, researchers at Princeton University outlined an attack that uses multiple third-party cookies to link traffic so that individual users can be identified and tracked from anywhere in the world. A nation-state wishing to surveil particular users outside its jurisdiction, for example, may have access only to data that passes through routers within their country. Linking cookies and using only web page header data to track 25 simulated users browsing from a US location over a three-…
Content Type: Examples
In a letter accompanying his annual report to the Prime Minister for 2017, the British Interception of Communications Commissioner, Stanley Burnton, has expressed concern about the increasingly unacceptable number of errors police are making in resolving Internet Protocol addresses. Because of the way communications service providers allocate - and reallocate - IP addresses, tracing one to a specific location requires manual entry of the address (up to 12 digits) along with details such as…
Content Type: Examples
The Chinese company Tencent has issued a statement denying that it stores or analyses communications sent over WeChat, the country's most popular messaging platform after Geely Automobile chairman Li Shufu claimed there was no data privacy in China at a business forum. Shufu also claimed that Tencent chairman Pony Ma was "definitely looking at our WeChat messages every day". Under the Chinese government's rules, all social media groups are required to store user records. Although relatively…
Content Type: Examples
In 2016, the US Federal Trade Coimmission issued a warning to app developers that had installed Silverpush, software that uses device microphones to listen for audio signals inaudible to the human ear that identify the television programmes they are watching. Nonetheless, similar technology continued to spread. In 2017, software from the TV data collection startup Alphonso, began to spread. As many as 1,000 gaming, messaging, and social apps using Alphonso's software, some of them aimed at…
Content Type: Examples
A report for the US National Academy of Sciences explains the methods used by a team of computer scientists to derive accurate, neighbourhood-level estimates of the racial, economic, and political characteristics of 200 US cities using the images collected by Google Street View in 2013 and 2014. The key element: the pictures captured of 22 million cars parked along or driving down those streets. The scientists trained a computer algorithm to recognise the make, model, and year of each…
Content Type: Examples
Mothers of black, male teenagers in Chicago, fear their children will be added to the Chicago Police Department's gang database. As of the end of 2017, the database contains the names of 130,000 people, 90% of them black or Latino, who are suspected of being gang members. Most have never been arrested for a violent offence or for a drug or weapons charge. The police are not required to notify those who are added to the database, and the reasons for inclusion may be as trivial as style of dress…
Content Type: Examples
In 2017, a study claimed to have shown that artificial intelligence can infer sexual orientation from facial images, reviving the kinds of claims made in the 19th century about inferring character from outer appearance. Despite widespread complaints and criticisms, the study, by Michal Kosinski and Yilun Wang, is scheduled for publication in the respected Journal of Personality and Social Psychology. A reanalysis of the study's methodology and findings shows that the answers to a handful of yes…
Content Type: Examples
Research from ProPublica in December 2017 found that dozens of companies, including Verizon, Amazon, and Target are using Facebook to target job ads to exclude older workers. Excluding older workers is illegal under US law, but Facebook's system allows advertisers to specify precisely who should see their ads. Verizon, for example, specified that its effort to recruit applicants for a unit focused on financial planning and analysis would run on the Facebook feeds of users 25 to 36 years…
Content Type: Examples
Sidewalk Labs, a subsidiary of Alphabet (Google's owner), has signed a deal with the Canadian city of Toronto to redevelop the brownfield Quayside waterfront district and turn it into a technology hub. The deal raises three sets of issues. First (The Guardian) is the essential privatisation of public space by granting Sidewalk Labs over the technology used and the data collected. Second (The Civicist), are the privacy implications, discussed in a public forum, of allowing Sidewalk Labs to…
Content Type: Examples
"To the 53 people who’ve watched A Christmas Prince every day for the past 18 days: Who hurt you?" Netflix tweeted in December 2017. While the tweet did not contain any information that could have identified any of the 53 people, it still made many of those who saw it uncomfortable. A Christmas Prince was a new movie released by Netflix, and the statistic is apparently derived from the service's detailed collection of data on what its subscribers watch.
Subscribers are generally aware that the…
Content Type: Examples
Researchers at Princeton University have shown that a vulnerability identified 11 years ago in the password managers built into web browsers can be exploited to allow third parties to track users across more than a thousand websites. The attack depends on the managers' autofill capability, and works by injecting an invisible login form onto non-login pages on sites where users have already stored their credentials. The password manager fills in the user's email address and password, and the…
Content Type: Examples
Scientists at MIT have created an algorithm called "EQ Radio" that detects and measures individual heartbeats and therefore individuals' emotions by bouncing radio frequency signals - such as ordinary wifi- off of people. The algorithm works the same as an electrocardiogram but needs no leads to be attached, but must process the information it receives differently. With no leads physically attached, EQ Radio can't anticipate the size and shape of the wavelengths it will receive but must develop…
Content Type: Examples
A federal class-action lawsuit filed in California in July 2017 alleges that in violation of the Children's Online Privacy Protection Act (COPPA) and without parental permission, the Walt Disney Company secretly collects personal information about some of its youngest customers and shares it illegally with advertisers. The lawsuit alleges that Disney allowed the software companies Upsight, Unity, and Kochava, which are also named in the suit, to embed trackers in Disney apps that can then…
Content Type: Examples
Every Tesla vehicle is a mobile data collector incorporating built-in sensors that constantly record information about the car's environment and the way the driver navigates through it. The result is to inspire established automakers such as General Motors, Volkswagen, and Nissan-Renault to follow suit by signing partnerships with Mobileye, a sensor supplier that will integrate its camera-based Road Experience Management system into their non-autonomous vehicles and begin a crowd-sourced…
Content Type: Examples
After investigation, the UK's privacy regulatory, the Information Commissioner's Office has found that two small sections of the written scripts used by Blue Telecoms, a marketing firm that made calls on behalf of the Conservative Party during the 2017 general election, crossed the line from legitimate market research to unlawful direct marketing. The ICO has issued a warning to the Conservative Party rather than launching a formal regulatory action because, it says, the overall campaign was…
Content Type: Examples
The French data protection regulator, the Commission Nationale de l'Informatique et des Libertés (CNIL), has issued a formal notice to Genesis Industries Limited, the maker of the connected toys My Friend Cayla and I-QUE. Genesis has two months to bring the toys into compliance with data protection law. CNIL says that based on the security flaws found by a consumer association (presumably the Norwegian Consumer Council, which did this work in 2016) its chair decided to perform online…
Content Type: Examples
GPS data indicates economic gap between crowds attending presidential inauguration and women's march
Using anonymised data GPS data from mobile devices, primarily smart phones, SafeGraph concluded that the crowds attending the US presidential inauguration in January 2016 make significantly less money than attendees of the Women's March two months later. The income level estimates were made possible by merging SafeGraph's movement data with census data, which is organised by US postal zip codes. Identifying the zip code in which a phone spends most of its time enabled Safe Graph to show that…
Content Type: Examples
Facebook and Twitter have advised Damian Collins, the chair of the UK Parliament's digital, culture, media, and sport committee, that the companies will hand over some information relating to the rearch of Russia-backed posts during the EU referendum. Facebook has already given the US Senate similar information about Russia-backed posts during the 2016 presidential election; this information showed that campaign ads and fake news generated by the Internet Research Agency troll factory in St…
Content Type: Examples
In 2017, Grindr, which at the time was available in 192 countries, began implementing new privacyimplementing new privacy protection measures in order to help protect its users in anti-gay countries such as those in the Middle East and Africa. Among them: users will be able to to change the Grindr app icon on their phones, and in collaboration with regional activists the company will put out weekly (or, if necessary, daily) notifications including safety tips to avoid police entrapment and…