Advanced Search
Content Type: Examples
In September 2018, the attorney general of the US state of New Mexico filed suit against Lithuania-based Tiny Lab Productions claiming that the maker of the children's app Fun Kid Racing had violated the Children's Online Privacy Protection Act (1998) by collecting location and other data about the children playing the game. The suit also included online ad businesses run by Google, Twitter, and three other companies, arguing that Google's inclusion of the app in the family section of its Play…
Content Type: Examples
Affiliate marketers, who buy ad space in bulk, run campaigns, and earn commissions on the sales they generate, are behind some of the shady and misleading ads that pollute social media and the wider internet, despite also promoting some legitimate businesses such as Amazon and eBay. At one of several yearly conferences, a Berlin event sponsored by Stack That Money, included representatives from Facebook, "Your Computer May Be Infected", "You Won an iPhone", a Russian promoter of black mask face…
Content Type: Examples
By the time T-Mobile announced in August 2018 that a data breach had compromised customers' names, billing zip codes, email addresses, account numbers, account types, phone numbers, and some hashed passwords, the most crucial of these had become phone numbers. Never intended as identifiers, phone numbers have become tools for authentication and therefore long-term "skeleton keys" to individuals' lives. Techniques such as SIM-swapping allow attackers to intercept SMS messages. Credit card…
Content Type: Examples
In 2017, Alphabet's Sidewalk Labs began a collaboration with Waterfront Toronto intended to turn a 12-acre lakeside area into a "smart city" equipped with sensors and responsive infrastructure. Frustration that Torontonians' data privacy concerns were not being addressed led Saadia Muzaffar, founder of TechGirls Canada, to resign from Waterfront Toronto's Digital Strategy Advisory Panel in October 2018. In a lengthy resignation letter, she called attention to the risk that embedding poorly…
Content Type: Examples
In October 2018, researcher Johannes Eichstaedt led a project to study how the words people use on social media reflect their underlying psychological state. Working with 1,200 patients at a Philadelphia emergency department, 114 of whom had a depression diagnosis, Eichstaedt's group studied their EMRs and up to seven years of their Facebook posts. Matching every person with a depressive diagnosis with five who did not, to mimic the distribution of depression in the population at large, from…
Content Type: Examples
In 2018, WhatsApp founder Brian Acton responded to the Cambridge Analytica scandal by tweeting "It is time. #deletefacebook." He also left the company, walking away from $850 million in unvested stock rather than accede to Facebook's plans to add advertising and commercial messaging, a purpose at odds with WhatsApp's encrypted environment. In 2014, Acton and his co-founder Jan Koum, sold WhatsApp to Facebook for $22 billion. Acton's wanted instead to monetise WhatsApp by charging users tiny…
Content Type: Examples
After a series of scandals, in the year up to September 2018 54% of American Facebook users had changed their privacy settings and 42% had skipped visiting the platform for several weeks or more. About 26% said they had deleted the Facebook app from their smartphone. Some 74% of Facebook users had taken at least one of these three actions, split evenly across Democrats and Republicans. Across age groups, younger users (18 to 29) were more likely to have deleted the app (44%), and only a third…
Content Type: Examples
Even after 2015, when Facebook said it had walled off user records from third parties, inside sources and court documents showed that the company went on maintaining a whitelist of companies that were allowed customised access to information about users' Friends, phone numbers, and a "friend link" metric that measured the degrees of separation. Whitelisted companies included Nissan and Royal Bank of Canada, and others that either advertised on the network or were valuable to Facebook for other…
Content Type: Examples
In July 2018, Facebook announced it was investigating whether the Boston-based company Crimson Hexagon had violated the company's policies on surveillance. Crimson Hexagon markets itself as offering "consumer insights". Its customers include a Russian non-profit with ties to the Kremlin, and multiple US government agencies. After pressure from civil liberties groups, Facebook put a policy in place in March 2017 barring the use of members' data for the purposes of government surveillance.…
Content Type: Examples
In May 2018 Facebook announced it would partner with organisations in places such as Myanmar and South Sudan in order to develop more "context-specific" knowledge about how its platform is being abused to create real risks of harm and violence. In Myanmar, where telephone companies allowed Facebook to offer free access, the number of users rose in tandem with the amount of online hate speech, most of it directed against the country's Muslim minority. Facebook wound up withdrawing its Free…
Content Type: Examples
In May 2018, Facebook said that as part of its investigation into how Cambridge Analytica had abused personal data on the social network, it had investigated thousands of apps on its platform and suspended about 200 of them. The company said it was investigating further to identify every app that may have misused users' personal data before the site's policy changed in 2014. Facebook said it would ban any further apps it found and notify users through a dedicated web page. Among those suspended…
Content Type: Examples
In 2018, economists Marianne Bertrand and Emir Kamenica at the University of Chicago Booth School of Business showed that national divisions are so entrenched that details of what Americans buy, do, and watch can be used to predict, sometimes with more than 90% accuracy, their politics, race, income, education, and gender. In a paper published by the National Bureau of Economic Research, the economists taught machine algorithms to detect patterns in decades of responses to three long-running…
Content Type: Examples
In 2018, experiments showed that despite the company's denials, ads could be targeted at specific Facebook users via information that the users had never given Facebook, such as phone numbers.
The reason: Facebook allows advertisers to upload their own lists of phone numbers of email addresses, and the service will use them to put ads in front of users associated with those details. The company also uses information supplied for security purposes, including phone numbers provided for two-…
Content Type: Examples
In June 2018 Facebook announced it would install new controls to improve members' understanding of how companies targeted them with advertising, including letting them know if a data broker supplied the information. This was the second update to the company's policies in 2018; in March it attempted to ban the use of data brokers but pulled back when advertisers threatened to pull their business.
https://uk.reuters.com/article/us-facebook-privacy-broker/facebook-releases-new-privacy-safeguards-…
Content Type: Examples
In November 2018, HSBC announced a serious data breach in its US business between October 4 and 14, when fraudsters used credential stuffing to gain access to detailed account information relating to about 1% of its 1.4 million US customers. HSBC said that in response it had strengthened its login and authentication processes and implemented additional layers of security. The bank gave affected customers a year's credit monitoring and identity fraud protection, and reminded customers to use…
Content Type: Examples
In July 2018 the three-year-old payment system Revolut notified the UK's National Crime Agency and the Financial Conduct Authority that it had found evidence of money laundering on its system. From its beginnings as a prepaid credit card operator, Revolut had branched out into small business services and cryptocurrencies. Former employees suggest that although the company recently participated in an industry-wide review of money laundering checks and was in compliance with the EU's PSD2, its…
Content Type: Examples
In 2018, the Berlin-based researcher Hang Do Thi Duc concluded after analysing more than 200 million public transactions made in 2017 that anyone can track the purchase history of a user of the peer-to-peer payment app Venmo. By accessing the data via an open API, Do Thi Duc was able to view the names, transaction dates, and messages sent with payment for all users who hadn't changed their settings to private. Venmo's default setting is "public", and does not clearly highlight how to change it…
Content Type: Examples
In 2017, Britain's' two biggest supermarkets, Tesco and Sainsbury's, which jointly cover 45% of the UK's grocery market, announced they would offer discounts on car and home insurance based on customers' shopping habits. For example, based on data from its Nectar card loyalty scheme, Sainsbury's associates reliable, predictable patterns of visits to stores with safer and more cautious driving, and therefore offers those individuals cheaper insurance. For some products, Sainsbury's also mines…
Content Type: Examples
In 2018, based on an analysis of 270,000 purchases between October 2015 and December 2016 on a German ecommerce site that sells furniture on credit, researchers at the National Bureau of Economic Research found that variables such as the type of device could be used to estimate the likelihood that a purchaser would default. The difference in rates of default between users of iOS and Android was about the same as the difference between a median FICO credit score and the 80th percentile of FICO…
Content Type: Examples
The common reporting standard brought in by the UK's HMRC in 2018 require tax authorities to automatically exchange information on millions of citizens living abroad. In response, an EU citizen domiciled in Italy who formerly lived in the UK and maintains a UK bank account, filed a complaint with the UK's data protection regulator arguing that sharing this data exposed her to risk of cyber hacking or accidental leaks and therefore violates GDPR. Developed by the OECD, the common reporting…
Content Type: Examples
In September 2017, the UN Capital Development Fund, the UN Development Programme, and the non-profit San Francisco-based startup Kiva, which has worked for 13 years as a crowd-funded microlending platform announced a joint initiative to open up financial services to the 20% of the Sierra Leone population - 7 million citizens - who have no credit history or proof of formal identity and are therefore unable to start businesses, raise loans, or generally access mainstream financial services. The…
Content Type: Examples
A flaw in the official 2018 UK Conservative Party conference app granted both read and write access to the private data of senior party members, including cabinet ministers, to anyone who logged in by second-guessing the email address they used to sign into the app. Twitter users claimed that one leading politician, Boris Johnson, had his avatar briefly replaced by a pornographic image, while another, Michael Gove, had his replaced by that of media magnate Rupert Murdoch. The app was…
Content Type: Examples
In January 2019, it was discovered that the HIV-positive status of 14,200 people in Singapore, as well as their identification numbers and contact details, had been leaked online. According to a statement of the Ministry of Health, records leaked include 5,400 Singaporeans diagnosed as HIV-positive before January 2013, and 8,800 foreigners diagnosed before December 2011. Patient names, identification numbers, phone numbers, addresses, HIV test results and medical information was included in the…
Content Type: Examples
Shortly before the November 2018 US midterm elections, the Center for Media and Democracy uncovered documents showing that the multi-billionaire Koch brothers have developed detailed personality profiles on 89 percent of the US population with the goal of using them to launch a private propaganda offensive to promote Republican candidates. The brothers have also developed "persuasion models" and partnered with cable and satellite TV providers to target voters with tailored messaging during TV…
Content Type: Examples
In 2018, 17 US states and the District of Columbia filed suit to block the addition of a citizenship question to the 2020 census. Emails released as part of the lawsuit show that the administration began pushing to add the question as early as the beginning of 2017, claiming it was to improve enforcement of the 1965 Voting Rights Act. Critics, however, say the question will depress response rates, make the count more expensive and less accurate, and believe the question is intended to…
Content Type: Examples
The Tel-Aviv-based private intelligence firm Black Cube, which is largely staffed by former Israeli intelligence operatives, was involved in a campaign to attack NGOs and businessman-turned-philanthropist George Soros during Hungary's election campaign. Between December 2017 and March 2018, agents using false identities secretly recorded the results of contacts with Hungarian NGOs and individuals connected to Soros. The recordings began appearing in the press three weeks before the election,…
Content Type: Examples
"Buzzer teams" - teams employed to amplify messages and create a buzz on social media - were used by all candidates in the 2017 Indonesian general elections. Coordinated via WhatsApp groups, many of the teams opened fake accounts to spread both positive and negative messages, as well as hate speech. The operators of the most influential accounts could command $1,400 for a single tweet.
https://www.theguardian.com/world/2018/jul/23/indonesias-fake-twitter-account-factories-jakarta-politic…
Content Type: Examples
On the night of June 23, 2016, as the polls closed Britain's Sky News broadcast what sounded like a concession statement from Nigel Farage, the leader of the campaign to leave the EU, plus a YouGov exit poll indicating that the country had voted to remain; over an hour later, Farage reiterated his concession to the Press Association. The combination pushed up the pound on the world's foreign exchanges. A few hours later, when the true result was announced, the pound crashed - but in between a…
Content Type: Examples
Facebook ads purchased in May 2016 by the Internet Research Agency, a notorious Russian troll farm, urged users to install the FaceMusic app. When installed, this Chrome extension gained wide access to the users' Facebook accounts and web browsing behaviour; in some cases it messaged all the user's Facebook Friends. The most successful of these ads specifically targeted American girls aged 14 to 17 and said the app would let them play their favourite music on Facebook for free and share it…
Content Type: Examples
In July 2018, Robert Mueller, the special prosecutor appointed to look into Russian interference in the 2016 US presidential election, charged 12 Russian intelligence officers with hacking Hillary Clinton's campaign and the Democratic National Committee by spearphishing staffers. The charges include conspiracy to commit an offence against the US, aggravated identity theft, conspiracy to launder money, and conspiracy to access computers without authorisation. The hack led to the release of…