March 13, 2022
The Cat Herder
| |
| March 13 · Issue #171 · View online |
|
|
The world is full of stores of personal data and legions of chancers using any means possible to get their hands on it. That’s the message this week, same as every other week. 😼
|
|
|
|
|
There is so much in this article to be furious/horrified about, but I'm still extremely hung up on how dehumanizing it is that a company founded to monitor CATTLE was picked to monitor immigrants who are, and I cannot stress this enough, human beings.
https://t.co/LYqXLdoM6e
|
|
|
|
|
|
|
|
“This dragnet surveillance program from the Department of Homeland Security is illegal, and it is stunning that it was allowed to run for even a single day. Despite a total lack of individualized suspicion, and based only on the happenstance of living in a southwestern state, details of a huge number of people’s private financial transactions with family members and others were funneled straight to the government,” he said. “Courts have made clear that narrow subpoena authorities like the one DHS relied on cannot be stretched to enable indiscriminate bulk collection of Americans’ personal transactional data.”
|
ICE Conducted Sweeping Surveillance Of Money Transfers Sent To And From The US, A Senator Says
Sen. Ron Wyden is seeking an investigation into whether the program, which obtained about 6 million records from people in several Southwest states, was constitutional.
|
|
|
|
|
Workers in the location data industry told The Markup that data brokers are increasingly collecting data directly from app developers instead of relying on SDKs, which often leave a digital footprint. And it’s unclear how Apple and Google could even monitor how apps are sharing and selling data once they obtain it. “Looking at SDKs is one way to try and protect people’s privacy against data brokers. But you also have to look at all the other ways that it happens, including through commercial transactions, where Company A says to Company B, we’re going to sell you this dataset on people’s GPS location,” Sherman said.
|
Who Is Policing the Location Data Industry? – The Markup
Google and Apple have tried to crack down, but location data brokers are moving to a new way to collect your whereabouts that’s much harder to detect
|
|
|
“We’ve brainstormed and gathered ideas on how to safely use our platform during this heartbreaking crisis in the Ukraine,” the internal Citizen email reads, using the outdated Soviet reference for Ukraine. “Our mission is to protect the world, and at moments like these we must think creatively to determine how our technology can do just that.” The plan illustrates the company’s penchant for pushing itself into situations beyond its declared remit, and how Citizen now seemingly sees itself as not just being a tool for alerting people to crime, but to incidents on an international scale and during a war, too. As Motherboard has previously reported, sometimes the app’s push notifications can overwhelm users, and former employees allege they’re designed to increase engagement and encourage users to sign up for paid services. Now, Citizen is looking to take that app, in a different form, into a warzone. |
Neighborhood Crime App Citizen Is Trying to Expand to Ukraine
“Our mission is to protect the world, and at moments like these we must think creatively to determine how our technology can do just that.”
|
|
|
The Italian DPA fined Clearview AI €20 million and “imposed a ban on further collection and processing, ordered the erasure of the data, including biometric data, processed by the Company’s facial recognition system with regard to persons in the Italian territory and the designation of a representative in the territory of the European Union.” |
|
|
|
|
|
|
|
|
|
|
-
“Red Rocks, the famed amphitheater outside of Denver, Colorado, will no longer use Amazon’s palm-scanning technology following an artist-led protest that included Tom Morello and Kathleen Hanna. Denver Arts and Venues, the agency that operates Red Rocks and several other venues and theaters in the Colorado capital, confirmed its decision to the advocacy group, Fight for the Future. “We haven’t been in touch with Amazon in several months and this isn’t a planned activation at Red Rocks,” the Denver Arts and Venues communication director told the group in a letter. “I’m not sure what the future of this technology is, but at this point, it doesn’t involve our venues.” From ‘Red Rocks Abandons Amazon Palm-Scanning Tech After Artist-Led Protest’ by Jon Blistein for Rolling Stone.
-
"But the researchers also admit eye tracking can be used to create predictive systems that determine what catches a person’s attention—and potentially, infer deeply private details that they never intended to reveal. “Where you’re prioritizing your vision says a lot about you as a person,” wrote Maria Gorlatova, one of the study’s authors, in a statement released by Duke University. “It can inadvertently reveal sexual and racial biases, interests that we don’t want others to know about, and information that we may not even know about ourselves.” A previous study from 2019 goes further, concluding that tracking a person’s gaze “may implicitly contain information about a user’s biometric identity, gender, age, ethnicity, body weight, personality traits, drug consumption habits, emotional state, skills and abilities, fears, interests, and sexual preferences.” From ‘Eye-Tracking Tech Is Another Reason the Metaverse Will Suck’ by Janus Rose for VICE.
-
“In October 2021, I called a journalist based in Pakistan, who did not know me. Surprisingly, they greeted me by my name when they received the call. When asked how they identified me, they sent a screenshot of a notification received from the Truecaller app on their phone. The notification had my name, my former employer’s name, my designation at my former company, the state I was based in, and the name of my mobile operator. The journalist told me that they had recently installed the Truecaller app from the Google Play Store on an Android phone. “Humne aapko pehchaan liya. Humein toh yeh bhi pata hai ki aapka yeh number WhatsApp par registered hai” — I recognized you. I even know that this number is registered on WhatsApp, the journalist from Lahore giggled. They sent me another screenshot of a notification sent by Truecaller, which stated that my number was registered on WhatsApp. I was stunned, as I had never used Truecaller on this number or downloaded the app on the device I was using. Neither Truecaller nor Google had ever sought my consent to use or display my private number.“ From ‘TrueCaller exploited India’s weak data laws to build a caller ID empire’ by Rachna Kaira for Rest Of World.
—
|
|
|
|
|
If you know someone who might enjoy this newsletter do please forward it on to them.
|
|
Did you enjoy this issue?
|
|
|
|
In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
|
|
|
|
Privacy Kit, Made with 💚 in Dublin, Ireland
|
|
|
The world is full of stores of personal data and legions of chancers using any means possible to get their hands on it. That’s the message this week, same as every other week.
😼
The article in question: ‘Poor tech, opaque rules, exhausted staff inside the private company surveilling US immigrants’
Sen. Ron Wyden is seeking an investigation into whether the program, which obtained about 6 million records from people in several Southwest states, was constitutional.
Speaking of bulk collection of personal data, the CJEU judgment in the Graham Dwyer case is due on April 5th.
Google and Apple have tried to crack down, but location data brokers are moving to a new way to collect your whereabouts that’s much harder to detect
“Our mission is to protect the world, and at moments like these we must think creatively to determine how our technology can do just that.”
The Italian DPA fined Clearview AI €20 million and “imposed a ban on further collection and processing, ordered the erasure of the data, including biometric data, processed by the Company’s facial recognition system with regard to persons in the Italian territory and the designation of a representative in the territory of the European Union.”
—
WhatsApp made some changes to its data protection notice in response to the €225 million imposed on it by the DPC last year.
—
The ICO in the UK fined a law firm £98,000 for failing to secure sensitive personal data.
-
“Red Rocks, the famed amphitheater outside of Denver, Colorado, will no longer use Amazon’s palm-scanning technology following an artist-led protest that included Tom Morello and Kathleen Hanna. Denver Arts and Venues, the agency that operates Red Rocks and several other venues and theaters in the Colorado capital, confirmed its decision to the advocacy group, Fight for the Future. “We haven’t been in touch with Amazon in several months and this isn’t a planned activation at Red Rocks,” the Denver Arts and Venues communication director told the group in a letter. “I’m not sure what the future of this technology is, but at this point, it doesn’t involve our venues.” From ‘Red Rocks Abandons Amazon Palm-Scanning Tech After Artist-Led Protest’ by Jon Blistein for Rolling Stone.
-
"But the researchers also admit eye tracking can be used to create predictive systems that determine what catches a person’s attention—and potentially, infer deeply private details that they never intended to reveal. “Where you’re prioritizing your vision says a lot about you as a person,” wrote Maria Gorlatova, one of the study’s authors, in a statement released by Duke University. “It can inadvertently reveal sexual and racial biases, interests that we don’t want others to know about, and information that we may not even know about ourselves.” A previous study from 2019 goes further, concluding that tracking a person’s gaze “may implicitly contain information about a user’s biometric identity, gender, age, ethnicity, body weight, personality traits, drug consumption habits, emotional state, skills and abilities, fears, interests, and sexual preferences.” From ‘Eye-Tracking Tech Is Another Reason the Metaverse Will Suck’ by Janus Rose for VICE.
-
“In October 2021, I called a journalist based in Pakistan, who did not know me. Surprisingly, they greeted me by my name when they received the call. When asked how they identified me, they sent a screenshot of a notification received from the Truecaller app on their phone. The notification had my name, my former employer’s name, my designation at my former company, the state I was based in, and the name of my mobile operator. The journalist told me that they had recently installed the Truecaller app from the Google Play Store on an Android phone. “Humne aapko pehchaan liya. Humein toh yeh bhi pata hai ki aapka yeh number WhatsApp par registered hai” — I recognized you. I even know that this number is registered on WhatsApp, the journalist from Lahore giggled. They sent me another screenshot of a notification sent by Truecaller, which stated that my number was registered on WhatsApp. I was stunned, as I had never used Truecaller on this number or downloaded the app on the device I was using. Neither Truecaller nor Google had ever sought my consent to use or display my private number.“ From ‘TrueCaller exploited India’s weak data laws to build a caller ID empire’ by Rachna Kaira for Rest Of World.
—
Endnotes & Credits
Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.
If you know someone who might enjoy this newsletter do please forward it on to them.
