• Home
  • About
  • CBS Interactive
  • Cambodia
  • Freelance
  • UN/IOM
  • BUSINESS DAY
  • MEDILL
Menu

Jonathan Greig

Street Address
City, State, Zip
Phone Number

Your Custom Text Here

Jonathan Greig

  • Home
  • About
  • CBS Interactive
  • Cambodia
  • Freelance
  • UN/IOM
  • BUSINESS DAY
  • MEDILL

Facebook caught testing Instagram user location history →

October 5, 2018 Jonathan Greig
Image: CNET

Image: CNET

Instagram's founders resigned last week reportedly over efforts by Facebook to gather more user information from the popular app for targeted ads.

Facebook's rough week started with news of a potential data breach exposing nearly 50 million users and is ending with further controversy, now that eagle-eyed tech researcher Jane Manchun Wong discovered testing for a feature that would give location data from Instagram -- even if the app was closed -- to Facebook.

Facebook was forced to release a statement to TechCrunch about the feature, and Wong said it was later shut down. But the move comes on the heels of a major change in management at Instagram. The company's founders, Kevin Systrom and Mike Krieger, quit last week amid rumors that they, like recently-resigned WhatsApp founder Jan Koum, were having increased concerns about Facebook's stance on data, privacy, and information collection practices.

Facebook announced recently that former News Feed VP Adam Mosseri would run Instagram, with the primary goal being closer ties between the two apps. Instagram continues to be one of Facebook's best purchases and has helped the company's popularity stay afloat amid a seemingly never-ending stream of bad news.

But the company was recently fined $122 million by the EU for siphoning data from WhatsApp. Facebook has been able to use its other, more successful apps to push people back into the Facebook orbit with constant ads and attempts to take you to the main Facebook app. With location data from Instagram, Facebook would be able to target ads based on where you are and note what stores you go to.

"To confirm, we haven't introduced updates to our location settings. As you know, we often work on ideas that may evolve over time or ultimately not be tested or released," a Facebook spokesperson told TechCrunch.

"Instagram does not currently store Location History; we'll keep people updated with any changes to our location settings in the future," it added, implying that there were plans for the feature to appear in both Instagram and Facebook Messenger. The feature may also be tied to other efforts on Facebook to tie events to locations and create "find friends nearby" capabilities.

Users could find the information stored in Facebook Profile's Activity Log, even containing maps of where you went with the time and date. When you go to the page, a Learn More tab leads you to an explanation from Facebook where it openly admits to tracking your location even when the app is not in use.

"When Location History is on, Facebook will periodically add your current precise location to your Location History even if you leave the app. You can turn off Location History at any time in your Location Settings on the app," it writes.

"Facebook may still receive your most recent precise location so that you can, for example, post content that's tagged with your location. Location History helps you explore what's around you, get more relevant ads, and helps improve Facebook."

Google employs many of the same tracking tactics as Facebook and has been similarly criticized for the data it stores on your location history even when you aren't using its apps. It faced a heavy amount of criticism and blowback from users in August when the AP confirmed that Google could and did track people even when they turned the Location History feature off.

Location data is a particularly thorny issue, especially after a Facebook employee was arrested in May after stalking a woman online using his position as an engineer to track certain data about her. Facebook chief security officer Alex Stamos was forced to apologize in a statement at the time, writing that it was "important that people's information is kept secure and private when they use Facebook."

"It's why we have strict policy controls and technical restrictions so employees only access the data they need to do their jobs - for example to fix bugs, manage customer support issues or respond to valid legal requests," he added.

"Employees who abuse these controls will be fired."

*this story was featured on Download.com on October 5, 2018: https://download.cnet.com/blog/download-blog/facebook-caught-testing-instagram-user-location-history/

In cbs interactive Tags facebook, instagram, data, security, google, tracking, location, eu, gdpr, privacy, download.com

New 'Firefox Monitor' will alert you if your data or passwords are stolen →

September 26, 2018 Jonathan Greig
firefox.png

Mozilla unveils the email security tool it has been testing since last fall.

If you've ever wondered whether your email has been compromised in one of the many data breaches in the last decade, Mozilla now has an answer for you. Yesterday, it unveiled Firefox Monitor, a website that can give you detailed information about any of your accounts that may have been hacked.

"It can be hard to keep track of when your information has been stolen, so we're going to help by launching Firefox Monitor, a free service that notifies people when they've been part of a data breach," Nick Nguyen wrote in a blog post for Mozilla."After testing this summer, the results and positive attention gave us the confidence we needed to know this was a feature we wanted to give to all of our users."

The effort represents the culmination of a partnership between Mozilla and renowned Australian digital security expert Troy Hunt, the brainchild behind HaveIBeenPwned.com. There is little difference between Firefox Monitor and HaveIBeenPwned.com, but when Hunt announced the partnership in June, he said Mozilla's massive user base would help popularize the tool.

"Over the coming weeks, Mozilla will begin trialling integration between HIBP and Firefox to make breach data searchable via a new tool called 'Firefox Monitor'," Hunt wrote in a June blog post about the partnership, adding that they were "baking" HIBP into Firefox.

"This is major because Firefox has an install base of hundreds of millions of people which significantly expands the audience that can be reached once this feature rolls out to the mainstream."

HaveIBeenPwned.com currently has a secure database of 5.1 billion records, with 3.1 billion unique email addresses, yet only a bit more than 2 million subscribers. The more people who take advantage of the pwned website, the more people will be able to secure their accounts and make it safer for everyone, including the websites involved in the original hack.

When I put my own email address in, Firefox notified me of 4 data breaches that may have included my email address and account information. My email was found in a Ticketfly data breach in May, a 2013 breach of Adobe, and two 2012 hacks of Dropbox and LinkedIn. The information released in these hacks included email addresses, names, phone numbers, physical addresses, password hints, passwords, and usernames.

Despite the name, the website can be accessed from any browser, and both Mozilla and Hunt have painstakingly described the complex process that they use to search for email addresses while protecting your privacy and encrypting any information about you.

They use a technique known as hashing to mathematically encode data, making it impossible for HIBP to actually read any of the email addresses sent to it by Firefox. A Mozilla spokesperson told The Register UK that its goal was to protect their users by bringing HIBP to a wider pool.

"One difference for now is that sensitive sites will only be sent to you after you've verified your email to help keep you safe. There are future plans to integrate it more deeply into the Firefox and future products that are underway," they told the Register.

Mozilla and HaveIBeenPwned.com initially announced a partnership last fall that saw the web browser add an alert that would notify users when they were visiting a website that had recently been involved in a data breach. In June, 250,000 mostly U.S.-based users were invited to join a trial period for the website.

Hunt also secured a deal with 1Password, a password management app, in February that allows users to search if their email or password had been released in a data breach.

*this article was featured on Download.com on September 26, 2018: https://download.cnet.com/blog/download-blog/new-firefox-monitor-will-alert-you-if-your-data-or-passwords-are-stolen/

In cbs interactive Tags firefox, firefox monitor, data, stolen, password, safety, haveibeenpwned, mozilla

Apple double downs on privacy by requiring all third-party apps to publish data policies

August 31, 2018 Jonathan Greig
Image: CNET

Image: CNET

Any user will now be able to quickly find and read an app's privacy policy, which Apple says must include information on how data is retained.

Concerns about privacy continue to dominate discussions around technology and its effect on everyday life. Just this week, Intel released the results of a survey that found that average consumers are just as excited as they are scared of what the future holds for how humans interact with the latest technological advances.

Apple -- in a move many believe stems from the EU's new, stringent GDPR law that came into effect earlier this year -- will now require that all apps in its App Store create a specific landing page for their privacy policy so users can easily access it. The rules come into effect on October 3.

The company has always required this for apps that need subscriptions. But now, every app that wants a spot in the app store will have to add code to their platforms to facilitate the changes Apple wants.

"All apps must include a link to their privacy policy in the App Store Connect metadata field and within the app in an easily accessible manner," they wrote in the announcement. Their statement goes on to say that every app privacy policy must identify "what data, if any, the app/service collects, how it collects that data, and all uses of that data."

They are also now required to take responsibility for the actions of any third-party functions that are built into the apps and certify that they too are following the app's privacy policy.

Data retention was a particular focus of the announcement as many of the country's biggest app platforms continue to grapple with the adoption of the EU's thorough GDPR and the Cambridge Analytica scandal, which continues to roil Facebook and worry users who question whether Facebook's admittedly abusive data collection practices have truly stopped.

Apple says all apps have to "confirm that any third party with whom an app shares user data (in compliance with these Guidelines) -- such as analytics tools, advertising networks and third party SDKs, as well as any parent, subsidiary or other related entities that will have access to user data -- will provide the same or equal protection of user data as stated in the app's privacy policy and required by these Guidelines."

Apple's new rules demand that apps allow users to revoke their consent and provide options for people to have any information of theirs deleted.

Any apps lacking a privacy policy page or access to information deletion features will not be deleted from the App Store by Apple, but any updates from October 3 on must have it.

The move was announced in the News section of Apple's App Store Connect platform.

*this article was featured on Download.com on August 31, 2018: https://download.cnet.com/blog/download-blog/apple-double-downs-on-privacy-by-requiring-all-third-party-apps-to-publish-data-policies/

Source: https://download.cnet.com/blog/download-bl...
In cbs interactive Tags apple, privacy, third-party apps, apps, data

Could Facebook's data debacle force more companies to act like Apple on privacy? →

March 26, 2018 Jonathan Greig
Image: James Martin/CNET

Image: James Martin/CNET

Apple CEO Tim Cook called on Congress to create tougher measures protecting people's data and privacy.

At a recent forum in Beijing, Apple CEO Tim Cook called on US legislators to address digital privacy issues, highlighting the need for corporations to let their customers know how, when, and why their data is being used.

"The ability of anyone to know what you've been browsing about for years, who your contacts are, who their contacts are, things you like and dislike and every intimate detail of your life—from my own point of view, it shouldn't exist," he told the crowd at the annual China Development Forum on Saturday.

Cook later added: "I think that this certain situation is so dire and has become so large that probably some well-crafted regulation is necessary."

Facebook is reeling from revelations aired last week that the company had been allowing third-party app makers, developers, and others widespread access to significant amounts of their data. Many users have complained that they were not aware of Facebook's use of their personal data, 'like' history, and other profile features.

The news has prompted a growing #DeleteFacebook movement, wreaking havoc on Facebook's stock market position and forcing CEO Mark Zuckerberg to release multiple apologies, even acquiescing to possible legislation by Congress.

"We've worried for a number of years that people in many countries were giving up data probably without knowing fully what they were doing and that these detailed profiles that were being built of them, that one day something would occur and people would be incredibly offended by what had been done without them being aware of it," Cook said, according to Bloomberg. "Unfortunately that prediction has come true more than once."

British news outlet Channel 4 released a series of videos and stories last weekillustrating how political consulting firm Cambridge Analytica used over 50 million American Facebook profiles to craft and bombard people with hyper-specific political messaging, some of which they openly admitted was propaganda and false information.

Both US and EU lawmakers are scrutinizing Cambridge Analytica's actions as well as Facebook's privacy policies concerning how they store and market access to people's data.

In an attempt to address this very issue, the EU passed the General Data Protection Regulation (GDPR), a set of rules designed specifically to protect data collected by any company that does business in any EU nation. The 2016 legislation comes into effect on May 25, and companies are scrambling to comply with it.

"Under the GDPR, before processing any personal data, a business must ask for explicit permission from the subject. The request must use clear language. The provisions of the regulation specifically outlaw the use of long documents filled with legalese, so hiding permissions within a tome called Terms and Conditions or Privacy Policy will not suffice," according to Tech Republic. "The consent must be given for a specific purpose and must be requested separately from other documents and policy statements."

Cook's predecessor, Steve Jobs, called on companies in 2010 to do many of the things listed in the GDPR themselves, warning of privacy issues that may crop up in the future.

"Privacy means people know what they're signing up for, in plain English, and repeatedly," Jobs said in a speech, according to TechCrunch. "I'm an optimist; I believe people are smart, and some people want to share more data than other people do. Ask them. Ask them every time. Make them tell you to stop asking them if they get tired of your asking them. Let them know precisely what you're going to do with their data."

*this article was featured on the Tech Republic website on March 26, 2018: https://www.techrepublic.com/article/could-facebooks-data-debacle-force-more-companies-to-act-like-apple-on-privacy/

In cbs interactive Tags facebook, cbs, apple, tim cook, data, privacy

POWERED BY SQUARESPACE.