Data Digest № 017
Hi there, and welcome to the 17th edition of the Data Digest, where I offer a weekly summary of the most important happenings in the data industry. This week in review: Facebook’s PR barrage, the ethics of not sharing your data, state-backed disinformation campaign in Hong Kong confirmed, Apple rattles it’s App creators with location sharing changes, Google stops sharing user data with network carriers, a staggering report of 4.1 billion records breached in the first half of 2019 alone, and more. Enjoy!
‘Off-Facebook’ Tool, Data Abuse Bounties and Pop-Up Cafés
On Tuesday, Facebook introduced a tool providing greater transparency into the information gathered on users’ browsing habits outside the social network. ‘Off-Facebook Activity’ lets users view the apps and sites sharing data and personal information with Facebook. Even more progressive, the users are able to disconnect the data from their accounts. While Facebook’s initial ambitions included allowing users to delete the entire repository of data, they later backed out of such drastic measures, claiming their research revealed users would rather have greater control and visibility over their data. Conveniently for Facebook, this means the company will continue to harvest all browsing data of users on Facebook, Instagram and Messenger. It’s a step in the right direction, but it doesn’t fulfil their original intentions with the ‘delete’ tool, and is therefore a minor enhancement.
Following further scrutiny against Instagram and Facebook due to apps that were caught illicitly scraping user data, Facebook has decided to extend its data abuse bounty program to Instagram. And in other more obscure PR, they’re setting up new Pop-Up Cafés in response to the numerous data scandals. While sipping on a free coffee, you can get tips on how to change your privacy settings. I’m not sure a free drink is going to solve this one Zuck.
Facebook’s New Tool Lets You See Which Apps and Websites Tracked You (Published 2019)
Ethical Data Hiding
“The need for our data is never again going to diminish. If anything, it’s going to rapidly expand, like an unquenchable maw, a Sarlacc pit of appetite, searching for more information to examine and consume,” a point very well put by Molly Wood in a highly enjoyable read from Wired. The question of ethics, when it comes to data sharing is going to become increasingly difficult when we start relying on Artificial Intelligence to offer personalized medical treatments from researchers and doctors, to power self-driving cars, to predict the effects of climate change and in some cases to save lives. While it is understandable we want stricter legislations and company policies to limit the tracking and hoovering of personal information everywhere we go for the digital ad ecosystem, it doesn’t mean that we should be put off from ever sharing our data again. People need to have the choice to willingly opt in for data sharing to companies that they want to give their data to. And maybe give even more than they would usually for a cause they are particularly impassioned by. However, Wood makes a good counter argument, what happens to all our data when companies sell out? And that’s exactly why we need tools that are free from company allegiance like Datawallet and that give us options on how data should be stored, used, and possibly deleted. If a company sells on to someone else, you should have the option to remove your data assets from them. Furthermore, if you permission data to a company and later change your mind, you should have the option to quickly, and painlessly, delete it. Hence Datawallet.
The Ethics of Hiding Your Data From the Machines
Facebook and Twitter Confirmed State-Backed Disinformation Campaigns targeted at Hong Kong Protests
After post in the Data Digest, both, Facebook and Twitter confirmed taking money from Chinese governmental agencies to spread propaganda about Hong Kong protestors. State-backed publications, such as China Daily, placed ads that implied the protesters were sponsored by Western interests and were becoming violent. Since then, Facebook eliminated seven pages, three Facebook Groups and five accounts that were involved. Twitter deleted 936 accounts and stated it would ban state-backed media from promoting tweets. Twitter stated, “These accounts were deliberately and specifically attempting to sow political discord in Hong Kong, including undermining the legitimacy and political positions of the protest movement on the ground…Based on our intensive investigations, we have reliable evidence to support that this is a coordinated state-backed operation.”
Facebook and Twitter Say China Is Spreading Disinformation in Hong Kong (Published 2019)
Apple’s Anti-Competitive Location Tracking Changes
Several disgruntled App creators who make Apps for iOS devices, decided to write an email to Apple’s CEO Tim Cook about the recent changes Apple made for enhancing user privacy. The changes included swapping the “Always Allow” geotracking button with for a selection limited to “Allow While Using the App,” “Allow Once,” or “Don’t Allow,”. The app developers claim that “[t]he changes also have the added effect of removing critical geolocation functionality while simultaneously not applying to Apple’s own apps, some of which compete with the products we develop.” Apple responded, “nothing is more important than maintaining the trust of our users. Users trust Apple — and that trust is critical to how we operate a fair, competitive store for developer app distribution.” While Apple’s stance for users’ data rights is laudable, their position ought not to be hypocritical and extend to their very own services as well. Anything else is “privacy washing.” Guess we have to be even quicker to get to Web 3.0 where you run all applications locally on your own Datawallet. Then these issues won’t come up in the first place.
App Developers Claim Apple's iOS 13 Location Tracking Changes Are Anti-Competitive
Google Stops Helping Carriers With User Data
Google has recently ended a service that shared Android data with wireless carriers to help them understand their network coverage. The free service provided networks with signal strengths and connection speeds globally. However, as Google is currently undergoing its first probe from GDPR regulators, they’ve decided to err on the side of caution. Facebook offers a similar service under the guise of “Actionable Insights”, sharing similar connectivity data to 100 different carriers in 50 countries. Their service appears to be much more invasive as it also offers to share demographic data and personal interests. As data privacy legislation in the EU approaches its second year, and with CCPA taking effect on January 1st, 2020, the data practices of tech are now under strict inspection to make sure they adhere to new and changing data privacy legislation. Google appears to be reassessing its own behavior internally before the regulators get to them. Whether Facebook will make similar changes is still undecided. The bottom line is that it’s shocking how many questionable business practices related to personal data these companies have been/are involved in and that it takes regulatory scrutiny for them to change anything at all.
Google stops sharing Android user data that helped carriers plan coverage
4.1 Billion Records Breached in First Six Months of 2019
In just eight attacks, the first half of 2019 has seen over 3,800 publicly disclosed breaches, exposing a staggering 4.1 billion compromised pieces of data. With passwords and emails in over 60% of the data, this clearly isn’t something to gloss over. Figures from the UK Information Commissioner’s Office claim that 60% of the 4856 personal data breaches reported to the ICO in the first half of 2019 were the result of human error. Data security is something companies of all sizes need to be vigilant about, and should be enforced throughout the organization. The figures suggest that organizations need to be investing in technology that works alongside the user in mitigating the insider threat to avoid further attacks. If they don’t, they will simply become increasingly vulnerable to attacks as they acquire more people and more data.
Data Breaches Expose 4.1 Billion Records In First Six Months Of 2019
City Councils Rethink Data Privacy Efforts
Cities across the U.S. are considering how best to deploy sensors and other Internet of Things technologies, focusing on how data should be held and protected. Published guidelines from New York Cities government “have since been endorsed by more than 35 cities across the world,” said John Paul Farmer, New York’s chief technology officer. In the wake of malicious cyber attacks against data used in the public and private sectors, Governmental officials are beginning to worry about cyber-warfare campaigns from different antagonists due to the significant amount of data that’s already been breached. To minimize risk, cities are limiting what data they can collect and how they can use the data they gather. Therefore, removing the potential risk to leak sensitive information. Ironically, governmental bodies are borrowing tactics from tech companies who are being regulated for stricter data privacy policies such as the General Data Protection Regulation, or the California Consumer Privacy Act. Corporate measures to minimize risks could be equally as valuable to the city councils trying to protect citizens data.
U.S. Cities Rethink Data Relationship With Residents
What I'm Reading:
These Videos Show How Palantir Tracks Leakers, Protesters, and Prisoners
The People Paid to Dox Airbnb Addresses
Council Post: What Is Self-Service Data Science?
SerafinData Digest CCPAConsumer PrivacyIndustry Trends Data Breaches Data Misuse Regulatory Updates