Data Privacy Day is upon us once again, here’s an interesting discussion around key privacy topics and how they might impact you.
“Um” is not a great call to action, but sometimes it’s all you’ve got.
Can you—as a user—understand an app or service’s security posture? If so, how?
What steps should we take to evaluate the privacy impact of a mobile app?
Data Privacy Day is January 28th, can we raise awareness about the issues around data privacy effectively? Will you take action?
When your local electric utility offered a new smart thermostat a heavy discount, a lot of homeowners jumped at the chance. Unfortunately, a clause in the terms of the promotion grants the utility access to your data and the ability to remotely control the device!
Apples annual developer conference announced the latest version of all of Apples operating sytems and privacy was a key pillar across all of them.
Apple and Facebook have been battling very publicly around privacy issues. What’s really going on?
Google continues to advocate for a ‘privacy-first’ web. The problem? Their definition of privacy and how it seems to be a Google-powered adtech nightmare.
Google has had to disclose the amount of tracking its apps do in iOS. Shocking no one: it turns out it’s a lot.
Clubhouse is the hot new social network. It’s a promising audio-only network that now boasts over 2 millions active weekly users. During this rise, it’s committed some easily avoidable and obvious mistakes around privacy and content moderation. Can they recover?
Security and privacy are linked yet for some reason, you see privacy experts ignoring the impact of security and security experts who are unconcerned with privacy. Why?
Passwords are the worst. Trying to pick a “secure” one makes the whole thing worse. Every site and service has it’s own variation on the “rules” for making a strong password and it’s hard to remember what you’ve set your password to.
Are those rules really making our passwords stronger? Do we need so many …
Apple recently launched macOS Big Sur and a security researcher’s post vent viral highlighting a steady stream of communications that “phone home” detailing what apps you’re using on your system. What’s going on here?
Is privacy promoting Apple actually spying on every app running on every macOS system around the …
Ad-tech, digital marketing, and the surveillance economy are worth billions and billions of dollars. It all hinges on the ability to target ads and you can’t target ads without tracking users and their devices.
A privacy-focused design decision by Apple for iOS 14 puts Facebook on edge and Google on notice. What is the IDFA? What happens in …
Epic Games is current waging war on Apple and Google over the right to distribute apps to mobile users. There’s been a ton of excellent coverage of the issues, but it’s usually missing one key perspective; what do we as users get from the App Stores?
On July 15th, 2020, Twitter was hit with the most visible hack of a social network of all time. 130 of the top accounts tweeted out a bitcoin scam. A month after, have we learned anything? What’s the impact of continuing to use Twitter?
The President has promised to ban TikTok in the United States for national security reasons. Is that the case? Are there real security & privacy concerns or is this purely a political move?
Video conferencing platform Zoom has been in the news almost constantly over the past few weeks. At first it was hailed as a tool to help reduce this isolated feeling all of us are experiencing, then it was a pile on for security and privacy issues, and finally the last two weeks have started a redemption story.
Contact tracing during an outbreak is a massive undertaking. Google and Apple are collaborating in order to automate parts of this task. Will it work? What are the challenges? We dive into the issue
CES 2020 brought out the big (and small) players in tech and one thing they all had in common was how much they used the word “privacy”. Is this privacy-washing or the start of real change?
COPPA was passed in the US in 1998 but a recent ruling against YouTube for violating the decades old law means big changes for creators.
Canadian data privacy laws state that an organization is responsible for the life cycle of the data. Most orgs struggle with protecting it while it’s in use, what about after they no longer need it?
Google really doesn’t like humans and they LOVE data. At the intersection of those two areas is a new A.I assistant that calls business to complete simple tasks for it’s users and to automatically update Google’s databases: enter Google Duplex.
CBC’s Go Public pointed out the rising rates of e-transfer fraud and consumers are shocking. The expectation was that e-transfers were safe and convenient…turns out, not so much.
CBC News posted an article about how Canadian federal MPs are using digital tracking technologies on their personal websites. So what is retargeting? How is it used? Why is its use in politics different?
Facebook was recently called out for listening to users audio messages on Facebook Messenger. They aren’t alone. Apple, Amazon, Google, and Microsoft all have admitted to having contractors analyze audio from their voice assitants (and Microsoft’s Skype service). What’s the impact? Do you need to worry?
FaceApp (first released in 2017) is back in the news for the #AgeChallenge and a host of privacy concerns. There’s a lot of knee-jerk reactions around the app but what’s really going on? We dive in on this (as usual) no-BS episode…
On Kara Swisher’s show, Recode Decode, she recently hosted Gabe Weinberg from DuckDuckGo. Their conversation revolved around some core concepts in online privacy.
During that conversation, a few terms popped up that I think are often misunderstood or misinterpreted. This episode looks at those terms and what they actually mean.
Bad Robot Transcript Good morning on this episode of the show. We’re going to take a look at the recent moves by nest and how they impact your privacy. The Nest Labs was founded in 2010 and quickly Brought The Nest learning thermostat to Market. This iconic product was a transformative product for the smart home. You see it everywhere. …
The Digital Economy Act of 2017 in the UK is trying to put up enforceable age gates to pornography. That might be a good idea but it’s extremely difficult to actual do online. At the same time, here in Canada, our major financial players are launching a joint identity service.
Connect both of these issues together and the larger issue …
A recent CBC News article highlighted both the powers of border agents to search digital devices and the general lack of awareness of your rights at the border. Are you aware of your rights as you cross the border? Do you take precautions to protect your digital footprint?
Facebook held its annual F8 developer conference this week and—in addition to the usual product updates—they repeatedly talked about creating and enabling private spaces. What’s stopping them? 15 years of poor information management.
Facial recognition is becoming more and more common. In some cases, it’s used to make existing procedures more efficient or to connect existing data points together. While that seems like the community has already consented to these use cases, people often have a visceral reaction to hearing that new technology is being applied.
Since May of 2016 Facebook has been prompting some new users for their email passwords. Yes, their email passwords. WTF?
Thomas Brewster, writing for Forbes, highlighted a recent case by the DEA. The case itself isn’t out of the ordinary. What is interesting is the issues raised by search warrant request for LogMeIn.com…parent company of LastPass. This password management service is used by the accused and is potentially a treasure trove of information …
A recent tweet called out a user’s perception about Grammarly, a SaaS-based grammar and writing tool. They accused the service of being predatory (due to it’s license) and a keylogger. While the points are off base (but not insanely so), they do raise a bigger issue: the user perception about a service vs the actual privacy risk
We rely on some digital services for critical functions around security and privacy. Trusting those services is paramount to their success and ours. But it can be difficult to trust when you don’t know what’s going on behind the scenes. Gag orders from the courts can amplify those trust issues. The idea of a warrant canary can help to …
Websites, apps, and even your desktop applications may be tracking a how lot more of your behaviour than you think. The reason in most cases is simply to deliver a better application from a technical perspective. But sometimes, it’s more insidious.
You’re building out a digital identity for you kids almost from the day they are born. But it’s not just you, the clubs they belong to, schools they attend, and sports they play are all contributing. What’s the impact to your child? To their digital future?
You agree to new contracts all the time but you probably don’t think of them as contracts, they are simply the “Terms of Service”. A recent study found that most of these agreements are essentially unreadable. That sets up a one-sides relationship between the services and their users. Fine for the services, not so much for the …
Facebook continues to do anything they can to build data profiles on users. This week it was revealed that they shifted their Onavo efforts to a new “research” project where they targeted 13-35 year olds via 3rd party market research companies. Lots of questions and issues here…
The 10 Year Challenge is sweeping social media right now. It’s a harmless way of looking back at yourself—and everyone else—a decade ago…or is it?
Is there something more to this challenge? Something very big brother tied to facial recognition?
Three articles this week each touching on smartphone data highlight a much bigger issue. Each of these articles remind us how much data our phones generate and how valuable that data is. Yet we don’t treat that data as valuable. It’s packaged and resold with no compensation to the owner of that data…if they are even aware that …
Data privacy is a critical area of concern around the world. Look no further than four distinct events today: Australia passing a new law, an arrest for Huawei, Apple publishes a new paper, and the Government of Canada sets a new directive.
You can’t really remove something from the internet. Not is the owner/operator really wants it out there. That’s a huge advantage and challenge for the internet community. What are the impacts of that fact?
Facebook removes 800+ accounts this week, some with massive followings, for political content. The twist? They were US-based, not foreign. What does this mean for our use of social networks?
Google recently conducted a complete security & privacy review of various APIs associated with Google+. The result? The service is shutting down and they found a vulnerability. Did they take the proper steps in disclosing the issue?
50 million Facebook accounts were hacked. Facebook responded quickly to the issue but could’ve done better communicating throughout. Here’s what you need to know about the hack.
A recent study proved that Facebook uses more information about you than you realize. Behind the scenes, Facebook compiles “shadow profiles” from various sources in order to better target ads…anyone surprised? 😔
In the recent dust up with the founders of WhatsApp, you might have heard the term “end-to-end encryption”. What is it? What does it means for you? Why was it frustrating efforts to data mine and monetize WhatsApp?
Personally identifiable information (PII) and Personal Health Information (PHI) are critical concepts. They help identify information that needs additional safeguards and care.
Should you track your children’s every move? Your partners? Family locator apps promise safety and convenience but are they really just an invasion of privacy?
VPNs can help secure your internet traffic when you’re travelling. They can help you route around geographic restrictions. But is using a VPN exposing you to more risk? What is the impact of centralizing all of your internet requests with one specific company?
GMail in the classroom just like on your phone. The promise of G Suite for Education is enticing. A low-cost way for schools to provide collaboration tools to students and teachers. But what are the privacy implications of letting the search giant into our schools?
Facial recognition is a technology that exemplifies the underlying neutrality of most technology. When used with positive intentions it makes out devices more secure. When in the wrong hands, it can violate privacy on a massive scale. Do we need to regulate this technology? At what level? Regardless of your stance, we need to talk about this as a …
Over the few years, mobile has become the dominant platform for gaming. As a result, smaller, simple games have come to prominence. In order to make money developers have (over) rotated on in-app purchases. Fortnite is a great example of an addictive FREE game that is making a ton of money without resorting to trickery.
With iOS 12, Apple will reduce the time an iOS device responds to the USB port when locked down to an hour. Having a hard time understanding why that matters to you? It’s because it really won’t. It is however a gap in the security posture of these devices that Apple is fixing.
G Suite for Education is making waves in the Canadian education market. And why not? It looks like a win-win-win. Too good to be true?
Net Neutrality is a simple dictate that states all network packets must be treated equally. This–of course–tanks a few business models for ISPs and in the US, they have successfully lobbying to remove previously regulations.
Security and privacy center on trust. You can’t have that without a high level of transparency. In this day and age, everything comes to light eventually. Better to be up front and open with most activities.
Apparently the FBI misrepresented the number of devices they can’t access due to encryption by up to a factor of 6x. This is most likely due to clerical error and a lack of actual statistics rather than malicious intent.
How do you handle data collection from your users? Is it hidden and suspect like the current rash of mobile provider exposures? With no opt-out like Microsoft Office? Or clear and transparent?
Deep thoughts in this episode around ethics in technology and their use. Sparked by the latest issues around mobile phone tracking, this episode tackles the lack of ethics discussions around security and technology.
There have been a lot of advancements in AI research and use lately, but are we moving in the right direction? Are we having the right conversations around AIs impact?
Facebook wrapped up it’s F8 conference this week with a series of new product announcements. In this episode, we’ll take a look and see how these announcements fit into the bigger picture.
Facebook is hosting it’s annual F8 conference and it appears that this will be a reserved year. Understandable given the scandals of late…
Gmail just launched a nice, new redesigned UI. It’s slick and has some great new features. One feature, “Confidential Mode”, is particularly interesting and poorly named/positioned.
Encryption on mobile devices is a challenge for law enforcement. 3rd party companies often use hacks in their products to address this need. Is it right? Is it sustainable?
The FBI and other federal law enforcement in the US (and elsewhere) continue to push back against “going dark”. Thankfully Apple is fighting back, because when we break security systems and processes, no one wins. This post tracks the signficant events in Apple vs. the FBI.
Facebook was called to the carpet and showed well…because they weren’t asked the right questions
It’s often stated that you have to trade usability for security. I call 💩
Had enough of the Facebook / Cambridge Analytica scandal yet? Yeah, me too. Thankfully, it’s rolling up to address the bigger issue of digital tracking in general.
We’re tracked everywhere online. Should we be? Is there an upside to this practice?
After the long weekend, this episode is a bit of a round up. Nothing big jumping out but a few minor issues to address.
You upload a ton of data to Facebook and in turn, Facebook generates a ton of data about you. I built a tool to take a look at Facebook’s view of you.
As the Facebook / Cambridge Analytica scandal continues to snowball, we take a look at the larger issues. How does privacy scale? Can it scale under the current social networks? What’s next?
Terms of Service agreements hide all manner of tricks and cede all of the power to the issuing corporation. Should they?
Ugh. Facebook Has Allowed A 3rd Party To Harvest Millions of Credentials
Security awareness is next to useless. Educate users instead
Passwords are a horrible solution to the challenge of authentication. But they’re the “best” we have for now…right?
Does blockchain finally bring the transparency and accountability needed for an internet scale identity provider?
