Apple double downs on privacy by requiring all third-party apps to publish data policies

August 31, 2018 Jonathan Greig

Any user will now be able to quickly find and read an app's privacy policy, which Apple says must include information on how data is retained.

Concerns about privacy continue to dominate discussions around technology and its effect on everyday life. Just this week, Intel released the results of a survey that found that average consumers are just as excited as they are scared of what the future holds for how humans interact with the latest technological advances.

Apple -- in a move many believe stems from the EU's new, stringent GDPR law that came into effect earlier this year -- will now require that all apps in its App Store create a specific landing page for their privacy policy so users can easily access it. The rules come into effect on October 3.

The company has always required this for apps that need subscriptions. But now, every app that wants a spot in the app store will have to add code to their platforms to facilitate the changes Apple wants.

"All apps must include a link to their privacy policy in the App Store Connect metadata field and within the app in an easily accessible manner," they wrote in the announcement. Their statement goes on to say that every app privacy policy must identify "what data, if any, the app/service collects, how it collects that data, and all uses of that data."

They are also now required to take responsibility for the actions of any third-party functions that are built into the apps and certify that they too are following the app's privacy policy.

Data retention was a particular focus of the announcement as many of the country's biggest app platforms continue to grapple with the adoption of the EU's thorough GDPR and the Cambridge Analytica scandal, which continues to roil Facebook and worry users who question whether Facebook's admittedly abusive data collection practices have truly stopped.

Apple says all apps have to "confirm that any third party with whom an app shares user data (in compliance with these Guidelines) -- such as analytics tools, advertising networks and third party SDKs, as well as any parent, subsidiary or other related entities that will have access to user data -- will provide the same or equal protection of user data as stated in the app's privacy policy and required by these Guidelines."

Apple's new rules demand that apps allow users to revoke their consent and provide options for people to have any information of theirs deleted.

Any apps lacking a privacy policy page or access to information deletion features will not be deleted from the App Store by Apple, but any updates from October 3 on must have it.

The move was announced in the News section of Apple's App Store Connect platform.

*this article was featured on Download.com on August 31, 2018: https://download.cnet.com/blog/download-blog/apple-double-downs-on-privacy-by-requiring-all-third-party-apps-to-publish-data-policies/

Source: https://download.cnet.com/blog/download-bl...

Reporting sexual misconduct could get easier with new apps JDoe and Callisto →

August 22, 2018 Jonathan Greig

Two apps are leading the way in providing safe, simple reporting options for sexual-assault and harassment survivors.

Throughout the last year, the #MeToo movement has brought attention to the pervasive issue of sexual assault and harassment on campuses and in workplaces across the world, yet many survivors are still afraid to report what happened to them, fearing they will be ignored, vilified, or attacked.

Two apps, JDoe and Callisto, are trying to tackle this issue head on by providing safe avenues for people to report sexual misconduct. JDoe aims to give victims or witnesses a platform to share their story, identify repeat offenders, and access lawyers.

Callisto provides similar services but is targeted specifically at college campuses. The app, started in 2015, is now available on 13 campuses across the U.S. and serves more than 149,000 students. The developer is planning to expand the service to workplaces this year and has already started work with the Upright Citizens Brigade Theatre.

According to statistics from Callisto, 20 percent of women, 7 percent of men, and 24 percent of transgender and gender nonconforming students are sexually assaulted during their college career.

"An estimated 90% of sexual assaults are committed by repeat perpetrators. Over 85% of college survivors know their assailant, and less than 10% report to their school or the police," they say on their website.

Callisto's university-specific platform gives students three ways to record their experience. They can write a secure, encrypted report about what happened to them that even Callisto's own team does not have access to.

Survivors can also note the identity of their attacker and match their name against a database of reports. Callisto says that if there is a match, "their Title IX coordinator will reach out to each survivor individually." The third option is a report that can be sent directly to your school's administrators that will trigger an investigation or administrative consultation.

The app's founder and CEO, Jess Ladd, said in an annual report that she was sexually assaulted in college and found the reporting process "as traumatizing as the assault."

"Years later, she realized technology could introduce opportunities to facilitate healing, justice, and support in a way that simply didn't exist. Callisto was born," they wrote. Callisto is now partnered with Stanford University, St. John's University, Pomona College, and many other schools across the country.

JDoe does many of the same things as Callisto, but because it was built for workplace sexual misconduct, the app is focused more on pairing survivors with lawyers and prosecutors.

Its aim is to allow victims to circumvent the often traumatizing experience of dealing with police officers or HR officials and provide an easy, safe way to record your experience, save any evidence, speak with lawyers and identify whether your attacker is a repeat offender.

As Callisto noted, it takes many survivors nearly a year to be able to report their situation to police, administrators or their HR office. JDoe says they "ensure survivors and witnesses complete control over their data." Through names, Facebook profile or email addresses, JDoe users can identify their attacker and record the location of their assault.

"Nothing will be sent to anyone, ever, until a user specifically requests it. Our encryption algorithms guarantee your privacy. Even if compelled to do so by a warrant, JDoe would be unable to read your data and hand it over," it said.

JDoe creator Ryan Soscia told NPR that the idea for the app came from a friend who described his own assault and later found out his attacker molested ten other teenagers.

"We can find those connections exponentially faster. So the hope is we're going to prevent these types of crimes from happening. And the idea that that could have stopped this from happening to ten other people...that's really powerful." he said in the NPR interview.

Both apps are free for people to use, with JDoe getting most of its funding from lawyers who pay $1,000 per year to sign up and take on cases through the service. Callisto is built specifically for each school or company that buys its service, costing between $10,000 and $30,000 according to NPR.

Just last month, employment law attorney Marc Garbar founded the app HarassmentLaw, which provides access to lawyers 24/7 for those who have been victims of workplace sexual harassment. He told Download.com that "[T]he #MeToo and #TimesUp movements have brought the closet culture of harassment into the forefront of American conversation."

Stanford University student Shanta Katipamula was part of the push behind her school's adoption of Callisto, and she said she was working "towards a world where campus sexual assault is eradicated, but in the meantime we must also provide adequate resources for survivors who are sexually assaulted."

"Callisto is informed by extensive survivor research, making it a truly survivor centric reporting mechanism, something that is missing from most current reporting options. In my research, I found Callisto to be a one-of-a-kind tool that placed the needs of survivors first while also providing data for universities that could help prevent assaults," she said.

*this article was featured on Download.com on August 22, 2018: https://download.cnet.com/blog/download-blog/reporting-sexual-misconduct-could-get-easier-with-new-apps-jdoe-and-callisto/

Twitter disables core features on third party apps like Tweetbot with recent API changes →

August 17, 2018 Jonathan Greig

Twitter's new restrictions on its most avid users are designed to force more people, and ads, onto the app.

Twitter has finally gone through with changes to its API that restrict features offered by popular third-party apps like Tweetbot, Twitterrific, Talons and Tweetings. Some, like Favstar, have already gone offline since Twitter made the decision to wrest control of its social service away from outside developers responsible for so many of the platform's most popular and vital features.

"We feel the best Twitter experience we can provide today is through our owned and operated Twitter for iOS and Android apps, as well as desktop and mobile twitter.com," senior Twitter product direction Rob Johnson said in a blog post on the move.

"We know some of you don't like this more focused approach. There are good reasons you love the various Twitter apps you have used over the years, and we're grateful for the developers who build them."

The changes to the API will bar many users of third-party apps from updating their feed quickly, delay notifications for messages, and completely disable notifications for likes, retweets, follows, and quotes. Other tracking features have also been disabled, and Twitter stated emphatically that they will not be replacing these functions with their new Account Activity API.

In a letter written to Twitter employees yesterday, Johnson put the onus on third-party apps while acknowledging that the company has not been good about explaining a variety of moves designed to set limitations on the reach of third-party apps.

"In 2011, we told developers (in an email) not to build apps that mimic the core Twitter experience. In 2012, we announced changes to our developer policies intended to make these limitations clearer by capping the number of users allowed for a 3rd party client," Johnson wrote.

"It's time to make the hard decision to end support for these legacy APIs -- acknowledging that some aspects of these apps would be degraded as a result. Today, we are facing technical and business constraints we can't ignore," he added.

"The User Streams and Site Streams APIs that serve core functions of many of these clients have been in a 'beta' state for more than 9 years, and are built on a technology stack we no longer support."

Johnson's message to Twitter employees was a bit different than the public post he sent out, which trumpeted Twitter's own app and web platform over any third-party apps. He claimed the changes to Twitter would help the company control "troll-like behavior," enforce guidelines, quicken search functions, and more.

Many of the app developers affected by the move blamed it advertising dollars, claiming Twitter was trying to force its most avid users to use their platforms to increase ad revenue.

Twitter user Ash McAllan criticized the changes but said users had no choice but to accept the changes because it was difficult to re-create the communities that have formed on the platform.

"Yes, Twitter as a platform is bad and getting worse, but I cannot afford to migrate away from a system where I've built a community and audience I love in favour of other platforms where that's actively harder to do," she wrote. "Marginalised folks can't afford to 'just rebuild'."

Johnson was open about the already-negative responses to the changes, even citing the #breakingmytwitter movement growing on the platform while claiming the company was "committed" to understanding why so many of its users liked third-party applications better than the Twitter app itself.

"We are not changing our rules or setting out to 'kill' 3rd party clients; but we are killing, out of operational necessity, some of the legacy APis that power some features of those clients," Johnson said, claiming that it "wasn't realistic for us to invest in building a totally new service to replace all of the functionality of these APIs."

Outside developers have been integral to Twitter's success and popularization over the years, creating and spearheading some of the apps' now integral features like the hashtag and the quick refresh feature.

"3rd party clients have had a notable impact on the Twitter service and the products we built. Independent developers built the first Twitter client for Mac and the first native app for iPhone. These clients pioneered product features we all know and love," Johnson said on Twitter.

New York Magazine highlighted the fact that even the word "tweet" was created by outside developers who needed a design-friendly term for the act of sending a Twitter message. Twitter absorbed Tweetdeck after it became a popular third-party app for many of their most avid users.

Twitter had to push back the date the changes would take effect after announcing it last year. They originally planned to institute the changes in June but pushed it back to this month to give third-party apps more time to update themselves in advance. Many of the most popular third-party apps have already released updates to their apps with reduced and scaled back features, much to the dismay of users.

*this article was featured on Download.com on August 17, 2018: https://download.cnet.com/blog/download-blog/twitter-disables-core-features-on-third-party-apps-like-tweetbot-with-recent-api-changes/

The next great app might be a mobile lawyer, as Kenyan app Haki shows →

August 8, 2018 Jonathan Greig

*(Credit: Lukasz Stefanski, Shutterstock / Lukasz Stefanski)*

Haki allows people to look up the Kenyan legal code and call a lawyer in their time of need.

Anyone who has been stopped by the police understands the fear that comes with the interaction. This situation can be all the more stressful if you've done nothing wrong, and without a rule book at your side it can be difficult to defend yourself.

One Kenyan lawyer turned a seemingly random police stop into something positive: a digital legal book that users can call upon in case of emergency. The app, named Haki, is already in its third iteration and provides users with the Kenyan legal code, summaries of laws, and a way to call a lawyer.

Richard Muhereza, the legal mind behind the app, said the idea came to him after one of his own troubling interactions with the police.

He told The Daily Nation in Kenya that he was stopped by two police officers after missing his bus stop and walking under a foot bridge to save time. He politely asked the officers what he had done wrong, and they told him that due to a number of road accidents, people had to walk on the footbridge and were not allowed to cross under it.

"So I asked them to tell me if their relatives from the village who perhaps come for a visit in the city would know what I did was wrong, why there were no sign posts or public education about it and how sustainable it is for the government to have officers under every footbridge," he told the newspaper.

Just days later, two of his friends were arrested for minor violations that they did not know were rules, and Muhereza decided to take action.

His company, Knownafrique, created an app to teach the public about local regulations and laws that they might not have heard about before. He wrote summaries of laws and crowdsourced helpful instructions from other lawyers and organizations who were eager to help people avoid minor crimes they may be stopped for. The third iteration of the legal helper now transfers you to a lawyer who can answer your questions on the spot. Available in the Google Play store, the app charges users for phone calls with lawyers by the minute.

Since December, the new version of the app has attracted more attention, with 400 downloads and 10 cases where lawyers were used.

"Lawyers in our app are to give information, they are not selfish, which is a niche for us because the callers are paying to make such calls," Muhereza said, adding that Haki has expanded to seven employees and recently received a grant from HiiL Justice Accelerator, an NGO based at The Hague.

Studies by the NGO have shown that nearly two thirds of all Kenyan adults have been in situations requiring a legal process, and an understanding of the rules on the books is needed to handle the most common disputes, like crime, land, family, employment and disagreements over money.

His hope is to continue expanding and offering more robust legal services to average people. He also wants to take it international, with apps for the legal codes in Nigeria, South Africa, Rwanda, Uganda, Ethiopia, Egypt and Ghana.

"For the things that can be done on phone, we believe they should be. Anyone owning or having access to a smartphone can simply find a lawyer using the mobile application the same way taxi hailing Apps like Uber work," he told the Daily Nation.

"People don't have to worry about unclear fees as they will know beforehand, how much they are likely to pay and in fact they will choose how much money to spend based on a preferred time slot."

*this article was featured on Download.com on August 8, 2018: https://download.cnet.com/blog/download-blog/a-legal-advice-app-helps-kenyans-grasp-local-laws/

You can now trade Bitcoin on your phone with Square Cash app (in New York) →

June 21, 2018 Jonathan Greig

The Empire State gave Square a "bitlicense" so users can trade cryptocurrency through the app.

Square's Cash App has officially been approved by the State of New York to handle cryptocurrency transfers after expanding the feature to other states last year.

Users will now be able to trade Bitcoin using the app, which is only the 9th company to receive a virtual currency license or "bitlicense" by the New York State Department of Financial Services. Only Xapo, Genesis Global Trading, bitFlyer USA, Coinbase, XRP II and Circle Internet Financial have received licenses and two more have gotten charters.

"DFS is pleased to approve Square's application and welcomes them to New York's expanding and well-regulated virtual currency market," said Financial Services Superintendent Maria Vullo.

"DFS continues to work in support of a vibrant and competitive virtual currency market that connects and empowers New Yorkers in a global marketplace while ensuring strong state-regulatory oversight is in place."

The Square Cash app is battling Venmo and PayPal for finance app supremacy, shooting to the top of the App Store rankings recently. In addition to payments between friends or colleagues, the app will now allow customers to buy and sell Bitcoin and other cryptocurrencies.

They are sure to gain more users following this recent announcement. Square, founded by Twitter CEO Jack Dorsey, has been a big backer of cryptocurrencies and announced back in January that the Cash App would soon be able to handle cryptocurrency transfers.

"The world ultimately will have a single currency, the internet will have a single currency. I personally believe that it will be Bitcoin," Dorsey told a newspaper in March.

Last fall, a Square spokesperson told Forbes that the company was looking into expanding access to cryptocurrencies and wanted to be able to facilitate all financial transactions, including those using digital currencies.

"We're always listening to our customers and we've found that they are interested in using the Cash App to buy Bitcoin. We're exploring how Square can make this experience faster and easier, and have rolled out this feature to a small number of Cash App customers," the spokesperson said. "We believe cryptocurrency can greatly impact the ability of individuals to participate in the global financial system and we're excited to learn more here."

Dorsey then officially announced the move in January, writing on Twitter, "Instant buying (and selling, if you don't want to hold) Bitcoin is now available to most Cash App customers. We support Bitcoin because we see it as a long-term path towards greater financial access for all. This is a small step." He also added in a link to a website explaining Bitcoin and its history.

The New York Department of Financial Services lauded the company for its efforts to help users "start, run, and grow their businesses." In addition to managing transactions, the company has both hardware and software that "manage inventory, locations, and employees; provide powerful business analytics; access financing; and utilize tools to engage with their customers."

"We are thrilled to now provide New Yorkers with Cash App's quick and simple way to buy and sell bitcoin," Head of Cash App Brian Grassadonia said.

"Square and the New York State DFS share a vision of empowering people with greater access to the financial system and today's news is an important step in realizing that goal."

*This article was featured on Download.com on June 21, 2018: https://download.cnet.com/blog/download-blog/you-can-now-trade-bitcoin-with-square-cash-app-in-new-york/