When internet users visit Walgreens.com, a software company may record every keystroke, mouse movement, and scroll, potentially exposing medical conditions such as alcohol dependence, or the names of drugs a user has been prescribed, according to Princeton researchers.
Companies like Walgreens deploy these analytics software providers to see how people use their website or to identify broken or confusing web pages. The analytics companies place “scripts” on their clients’ websites that record individual browsing sessions for later viewing or a “replay session.”
In effect, the researchers say, software companies are “looking over your shoulder” as you navigate certain websites. The extent of the data collected “far exceeds user expectations,” including recording what you type into a text box before you submit it, “all without any visual indication to the user,” according to a study released Wednesday.
In response to questions from WIRED, Walgreens said Wednesday it would stop sharing data with the software company FullStory. “We take the protection of our customers’ data very seriously and are investigating the claims made in the article that was published earlier today,” Walgreens said in a statement. “As we look into the concerns that were raised, and out of an abundance of caution, we have stopped sharing data with FullStory.” A Walgreens spokesperson said FullStory’s software “essentially has an ‘on/off’ switch,” which the retailer has now turned off.
On Thursday a second retailer said that it, too, had stopped working with FullStory in light of the study's findings. Bonobos, a men's clothing retailer owned by Walmart, said in a statement, "We eliminated data sharing with FullStory in order to evaluate our protocols and operations with respect to their service. We are continually assessing and strengthening systems and processes in order to protect our customers’ data." The Princeton researchers had found that FullStory captured credit-card details, including the cardholder’s name and billing address, the card’s number, expiration, and security code on Bonobos' website.
Just seen this and I thought there may be other people here on FIO that may have been targeted with spam when providing their own, main email address.
My recommendations:
Before giving out your real email address to internet entities (such as trading vendors, brokers but also anything else unrelated to trading) make sure they are reputable. In today's world many shady companies will just sell your email address to marketers and you end up in limitless spam lists.
Check what their privacy policy is. Usually the shorter the better, but they do need to have one.
If you are not sure if the people who you are thinking of giving your email address to, are trustworthy, there are great free services such as Mailinator or 10minutemail where you give them an email address from a temporary mailbox. This way you are not endlessy spammed on your mailbox.
The following 5 users say Thank You to xplorer for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,034 since Dec 2013
Thanks: 3,340 given,
7,955
received
Excellent idea. I have very mixed thoughts on this. Use of data makes our lives better in so many ways but at the same time we all hate the ways its miss-used. Unfortunately I'm not sure there is an easy answer for non-anonymous data.
The following 3 users say Thank You to SMCJB for this post:
We're at a point where we can do things with data and data accumulation that were unheard-of and unthought-of just a few years ago. It's opening up entirely new and not well-understood vistas, just as everything in the computer and data-access/data-sharing world is doing.
They may not all be great, but some may be.
There will be rules, laws, practices and understandings that will bring order into all this chaos; it's just that we don't yet know what they will be. But like everything else, eventually what makes sense is what wins out. The only problem is that "eventually" can take a long time to get here.
I think the issue is real, and that bringing it up will be a part of the solution(s), and that, right now, it is hard to see what those solutions will be.
These are part of the broader concerns regarding communication and connectivity in a digital age. For instance, who would have said that something like Twitter or other social media would be important, or even possible, 20 years ago? Back then (not really a long time ago) news and opinion were always filtered though professional journalism. Whether that was better or worse is beside the point, because it's gone now.
This is not unlike the onset of the printing press, which very suddenly allowed almost anyone to put out a printed pamphlet expressing a point of view, without needing scribes or monks in monasteries. The social upset was remarkable. And good, ultimately. But "ultimately" can take a long time, too.
This is not exactly the original issue, but they are part of the same thing, I would say. Essentially, where is the control, and where are the limits? Too much control is bad, but so is too little.
Not offering solutions, just a comment on the relevancy of the questions.
Bob.
The following 5 users say Thank You to bobwest for this post:
Hi S - no question about how data is helping us make our lives better - there's a great documentary called "The Human Face of Big Data" from PBS which talks quite extensively about it.
As for answers, first of all I second the very thoughtful post Bob wrote - the problem with legislation is, it tends to lag behind in technology areas and, worse, people who make law about it tend to do so not understanding the very technology they are meant to regulate. They get advisers who are ill-advised themselves and prefer generally a political solution to a common sense one. My 2 cents.
There's a lot of companies today that say they do anonymize data. Having seen this first hand, I know that the current system is prone to human error, which means on occasion batches of data meant to be anonymized are not, and so an honest mistake can turn your or my data over to unintended people, for unintended consumption.
I'm not proposing a solution either, but I do know that, thanks to social media, we are more interconnected than ever which means our collective voice matters. So many cases of corporate policy breakdowns that have been reported by the public and have been corrected thanks to the global outrage of social media which I bet would have not been addressed otherwise, or not as quickly.
So my point is, we can take action when we see wrongdoing. We can make our voice heard by taking our business elsewhere when we see data malpractice. And we can get others to do the same. The speed of response by which certain companies address the problem is unprecedented too, thanks to social media.
EDIT:
The following 5 users say Thank You to xplorer for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,034 since Dec 2013
Thanks: 3,340 given,
7,955
received
Great points @bobwest and @xplorer. I'm not sure that the "global outrage of social media " has actually fixed anything, but it has in some cases gotten people fired and at least in theory 'policies changed'.
The following 4 users say Thank You to SMCJB for this post:
Well to me policy changes means the corporate machine, which is very sensible to shareholders' opinion, is listening more to its client base. Why wouldn't they? The public perception, which in today's world can be strengthened via YouTube/FB/Twitter etc., is a huge incentive not to leave problems unaddressed. After all showing that I care about my customers tends to pay off.
Some cases that come to mind: United Airlines incidents (chiefly the David Dao one for which UA CEO's had to apologize), Apple's batterygate situation and the Weinstein sexual assault saga are all recent examples where public opinion has steered corporate policy, hopefully in the right direction, that may have otherwise been treated as isolated incidents (and thus forrgotten by each corporation) without the amplification of social media.
The following 4 users say Thank You to xplorer for this post:
This showed the CIA
1. Turned Smart TV into listening devices
2. Backdoors built into Windows and Apple OS
3. Backdoors built into iPhones
4. Computer chips built with backdoors.
This information showed that these …
and it includes a post on twitter's invasion.
Vault 7 showed a huge storehouse of spying software to be used on the general public. They not only built-in backdoors to monitor everything on your machine and control it they even make chip makers put backdoors in their chips.
These tools are now out in cybercrime's hands. So it isn't the CIA - it's all the criminals as well, including large companies with less than moral uprightness and anyone who wants to download the tools.
Recently Equifax had a breach of its extensive databases which cover not only at least 130 million Americans but many individuals in other countries. Though they are required to report a breach immediately they waited months.
Identity theft strikes millions of Americans each year (30 m?)
Equifax gathers the info without your consent. It did not encrypt the databases. It does not use file separation.
Most companies don't care about the harm they cause you - just their profits.
..........
peace, love and joy to you
.........
The following 3 users say Thank You to aquarian1 for this post:
I had not seen your Vault7 posts from March 2017. I think the "news and current events" section of the forum is excluded for some reason from the site's indexing system. I kinda stopped posting myself in there.
I didn't know what you mentioned above.
If there are any ideas from the thread you feel of value to include in this thread please feel free to cut and paste.
I think your thread is VERY important and people vastly underestimate the extent of the problem.
..........
peace, love and joy to you
.........
The following user says Thank You to aquarian1 for this post:
Thanks again. I think the Vault 7 thread tackles a slightly different matter, i.e. covert surveillance, which is also a very serious issue.
In this thread I try to focus on the personal data people are giving up voluntarily, although sometimes unwittingly.
As for the fact that people underestimate the issue, my take is that some people care more about privacy, others care less, and that's fine, as long as everyone is aware of what they are giving up, which is not always the case.
The following user says Thank You to xplorer for this post:
There are many examples of people giving up information with and without their consent.
For example few people have read Gxxgle's user agreement and in the Gxxmail one they say they read all your emails.
(Now understand what "read" means - we record them and keep them forever.)
Of course, there is always an excuse.
As in "make your experience more enjoyable
"drive ads you are interested in."
Why do I say this?
If it was you would be given a choice -
a = let us read and record them and give you a better "user experience"
b= no thanks
So I never accepted there terms and conditions and never established an account with them.
Do you think they play fair and do not collect information about me?
Of course not they continue to collect information illegally.
Can I stop them? - Not practically
------------------------------------------------------
---Imagine a fictious company called "G"
Me: I want to be sure you don't have a file on me.
"G": Ok prove who you are
Me; you mean give you the information about me I don't want you to have so you can have it and record it and then tell me you didn't collect it?
"G": By using our services or communicating with us you have agreed to allow us to collect the inoformation on you, even your communication asking that we make sure we don't have a file.
Me; that's a catch 22!
"G": That's why we are we and you are mud.
..........
peace, love and joy to you
.........
The following user says Thank You to aquarian1 for this post:
INSURGE INTELLIGENCE, a new crowd-funded investigative journalism project, breaks the exclusive story of how the United States intelligence community funded, nurtured and incubated Google as part of a drive to dominate the world through control of information. Seed-funded by the NSA and CIA, Google was merely the first among a plethora of private sector start-ups co-opted by US intelligence to retain ‘information superiority.’
The origins of this ingenious strategy trace back to a secret Pentagon-sponsored group, that for the last two decades has functioned as a bridge between the US government and elites across the business, industry, finance, corporate, and media sectors. The group has allowed some of the most powerful special interests in corporate America to systematically circumvent democratic accountability and the rule of law to influence government policies, as well as public opinion in the US and around the world.
The results have been catastrophic: NSA mass surveillance, a permanent state of global war, and a new initiative to transform the US military into Skynet.
Until a year ago I had been using a plugin called Web Of Trust in my browser. Its function was to tell me in advance which websites may be untrustworthy (carrying malware, privacy issues, etc.) before I visited them.
Little did I know, the company called Web Of Trust was ironically selling my browsing data to 3rd parties.
Guys, apologies for the seemingly random/off-topic post, but TSJ has high visibility and I think it's best that this reaches as many people as possible.
If you are using WOT (also known as Web Of Trust, a.k.a. myWOT) you may want to consider removing …
The following user says Thank You to xplorer for this post:
Now, this is less evil than actually handing over non-anonymous data, but it's still not something that the users knew was going to happen. Maybe they didn't want Uber to gain an advantage over Lyft. Maybe they just wouldn't want their data making money for someone else. Maybe they thought what was in their inbox was nobody else's business, period.
The company gave themselves a legal out, by including language in their privacy policy that explicitly stated they could do that. Since no one ever reads either privacy policies or End User Agreements, they knew that no one was going to object, or even know.
Thank you Bob. A very good and informative article.
This unroll.me situation confirms once more that nothing is ever completely free online - if it is appears as free, one seriously needs to question what you may be giving up in return.
The following user says Thank You to xplorer for this post:
I saw this article and thought it ought to go in this thread.
It seems that China is testing and/or implementing the use of facial recognition combined with wide use of monitoring cameras to identify people who, for instance:
1. (As an innocent usage) live in an apartment building so the door will open without their using an entry key card
2. Do not belong in a particular area, such as an apartment building or neighborhood, and who are suspicious characters
3. Are wanted criminals (and/or troublemakers)
4. ??? Fill in the blank for your own Orwellian nightmare
Now, this is China, which has, let's say, its own form of government. Also, it's still limited, although apparently growing. Also, the success rate, so far, of facial recognition, as the article states, is not all that good for some of these uses.
But we know that facial recognition is a hot thing now, in the West as well. Apple has it in their new iPhones. I'm sure businesses would like to use it, and some probably are now, instead of key cards. The article mentions Western law-enforcement usage as well It's obviously a useful technology. Also, incredibly dangerous.
Thanks Bob. I think since 2013 and the Snowden whistleblowing we all know how state security agencies have been exploiting technology to improve their efficiency in combating crime. At least this is the official narrative.
The problem, as Snowden pointed out, occurs when the state powers are abused.
He highlighted how in the US the privacy of people who had done nothing wrong were routinely breached by NSA employees, in some occasions just for fun. At least the NSA is meant to be an intelligence agency.
In the UK it's much worse, whereby you have local government councils using similar snooping powers (e.g. through CCTV surveillance) to catch people who may be fly-tipping or using normal garbage bins when they should have been recycling.
In democratic countries the remedy for the people is, in theory, getting their representatives to change legislation. In practice this is proving far harder than it sounds, when it comes to tech surveillance, especially when politicians play the terrorism card (9/11 over there, all the other ones over here in Europe) to justify the butchering of encryption and other nonsense (again, this is people who have no understanding of technology whatsoever): my take is, when certain governments were caught red-handed in breaking the law, all they did was passing legislation to ensure that whatever they were doing illegally would now be legal.
In countries where democracy is seen as a more abstract concept, I don't think people have even the ability to question their government.
But I am digressing! Yes we started seeing face recognition here with the iPhone X and I think that's what you wanted to point out, i.e. the implications of the individual thinking it's cool to unlock the phone with your face, not realizing that Apple shares face id data with their 3rd party developers.
Quoting the article:
In previous posts here we've seen already the potential for this to turn out ugly. All it takes is a less than scrupolous app developer and your biometric data is out in the open.
It sort of reminds me of the movie Minority Report and similar sci-fi stuff which, more and more, resembles where we seem to be headed...
The following 4 users say Thank You to xplorer for this post:
@xplorer, I had not known about Apple's use of face data before reading your post and the linked article. I was just thinking of the iPhone X as an example of the use of face recognition technology, not of its misuse!
But that makes the point more strongly: this stuff is highly useful, and highly dangerous.
Once again, there will, eventually, be rules and effective limitations on what can be done in this area, but it will take time to figure them out, and first we will probably have to get a lot of abuses before we can understand where digital technology, of any sort, can go wrong.
Bob.
The following 2 users say Thank You to bobwest for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,034 since Dec 2013
Thanks: 3,340 given,
7,955
received
I saw it in action for the first time this weekend. It was kind of freaky. Everytime my friend picked up their iPhone X it opened automatically without him doing anything as it read his face!
The following 4 users say Thank You to SMCJB for this post:
I think I read somewhere that you can disable face recognition and go back to fingerprint ID. (I'm too lazy to research it right now .)
I think that the face recognition thing, if there were no way to turn it off, would be enough to dissuade me from the new iPhone X. I wonder if Apple will stick to its guns and tell the customer to just get used to it?
Bob.
The following 2 users say Thank You to bobwest for this post:
Trading: The one I'm creating in the present....Index Futures mini/micro, ZF
Posts: 2,285 since Nov 2011
Thanks: 7,247 given,
4,433
received
Just a side note: wife and I bought iPhone X’s on a contract with Sprint. Seems like a good deal. $25/mo for each plus the plans price of $100/mo for two lines. Mine was $150 more up front because I choose 256GB.
Real nice device easy to use great looking too and fast. Face ID works well.
Trading: All Micros, especially the ones that move
Posts: 2,399 since Feb 2017
Thanks: 16,566 given,
9,078
received
Great post. I don't take selfies and I put a little piece of electrical tape over the front facing camera on all of my devices LOL... seriously. No fingerprint ID either, if they want that they'll have to check in with the local constabulary
People used to make fun of my tinfoil hat...
The following 3 users say Thank You to Rrrracer for this post:
A situation I was not aware of, but which is apparently common enough to be flagged as a problem.
Original tweet
Apparently the matter was being minimized, until this was posted on Twitter: further confirmation that companies tend to act quickly when visibility becomes an issue.
The following 4 users say Thank You to xplorer for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,034 since Dec 2013
Thanks: 3,340 given,
7,955
received
I wonder when she complained, what did she expect to happen, especially if you she considers any offer of compensation as insulting, and didn't want to complain to the restaurant because of potential repercussions? Is it illegal to text someone? I doubt it. Did he break a law getting her number? Probably not - he was probably given it in case it was needed in the course of the delivery. Is sending here a text a violation of her privacy if he has her number legally? Is it creepy and scary? Hell yes.
On a related subject, a large industry participant who I deal with, recently did a "deal" with another large industry participant who i have, and never have had, any relationship with. I immediately started getting marketing emails from the second company. Obviously being concerned for your safety and getting unwanted email are two very different things, but don't they violate our privacy in exactly the same way? I'm not being critical of her, or her actions. Just highlight how difficult it would be to regulate something like this effectively.
Finally I use uBer a lot, and regularly get calls from the driver, so they definitely have your phone number as well, and if they pick you up from home, know your home address as well.
The following 3 users say Thank You to SMCJB for this post:
I think that the person delivering the service or driving the car is legitimately given a contact phone number in these cases, because, as stated, they may need to get in touch with you. Maybe you don't answer at your door, for instance.
I also think that the potential for weird stuff happening is enormous. I also do not know how to "regulate something like this effectively" -- although I do think that, ultimately, we need to.
More examples of the fact that these are not easy questions for us to figure out now. Eventually, we will, and probably will have to.
Bob.
The following 2 users say Thank You to bobwest for this post:
Privacy safeguards in the US are considerably different from those in the EU.
As for the legality of what the guy did, again I think it depends on jurisdiction, but the Information Commissioner in the UK (they are the privacy watchdog) said that if the customer's phone number was being used for a purpose other than the original purpose for which it was provided, she may have a case for reporting it to the police.
The following 2 users say Thank You to xplorer for this post:
just like old time post agencies: if you write some mail it is like a postcard where every participant in the delivery system could read all your romantic phrases.
In fact as a longtime pioneer who established back in 95 a internet provider company - I am aware of things to be sent open and about things to better hide:
Today i am using a reliable mail service (proton.com - which I have no connection with other than using it) to send "more important mail" with attached files. The good thing - you only can login via browser. Everything is encoded. There is no download like normal mail providers. You can login and download immediately the attachments to your machine and then you may log out. The service is in Switzerland and the usage is free up to 500MB. From there some real low cost scheme is available. Great about this: No ADS, no SPAM no bugs. It just works.
I had it installed for friends as a circumvent of the sniffing large companies, scanning ALL files. And as a emergency exit for difficult mail management. You can be alerted on every device when new mails are running in.
Just to summarize - some data management for privacy needs to be installed - family first - then for the company too.
GFIs1
The following 3 users say Thank You to GFIs1 for this post:
I heard of Proton Mail - Switzerland based and they do not allow any type of snooping in their servers. For the privacy conscious it's a very worthwhile service.
While none of this is technically wrong in a legal sense, it is an enormous misuse of information that the original people involved did not know would happen, and did not expect, and almost certainly would not have agreed to.
The fact that Facebook users made it publicly available just shows how trustingly naive people are. But they should be able to do so without someone who is cynically exploitative taking advantage of them.
While Facebook obviously was initially naive as well, thinking that all sharing of information is good (also profitable to themselves), they have also been careless and unconcerned about the damage caused to their customers, and to the larger society. Clearly, at some point it simply was not in their interests to become concerned about it, so they made the choice not to.
There are a lot of occasions where people will say something like "there oughta be a law," and usually it's pretty superficial. But in this case, there really ought to be a law, and an entire body of law, to prevent this kind of abuse.
Also, frankly, some lawsuits. If it's no longer in the interests of social media companies to be unconcerned about the use of their data, then suddenly, magically, the issues will get addressed and dealt with.
Bob.
The following 2 users say Thank You to bobwest for this post:
EU GDPR becomes active on 25th May 2018. Violation fines are supposedly able to be levied at 4% of turnover. But for anybody who knows the Snowden story it's all probably irrelevant and far too late.
In the meantime even pub chains are worried about lists of customers kept locally by managers - from the sublime slime to the ridiculous indeed.
Travel Well
The following 2 users say Thank You to ratfink for this post:
Well, of course I don't really have any idea about the laws on the matter in either the US or the EU. I was just assuming that there is no law against it. The article is not written as if there is, but I don't really know.
I would be happy to be wrong. I do think there should be a law or laws that prohibit anything like this.
I did scan the article and didn't see any mention of actual illegality, just of a serious invasion of digital privacy. I hope this is illegal, at least somewhere.
Bob.
The following 2 users say Thank You to bobwest for this post:
More on the Facebook data thing. I am sure there will be much more. I think the general free pass implicitly given to tech is going to be revoked, and a lot more scrutiny will be given to it.
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,034 since Dec 2013
Thanks: 3,340 given,
7,955
received
Not supporting Facebook here (I don't have an account and am amazed people do what they do!) and obviously there are things they could and should have done once they discovered this. But... always a But... in this case are they responsible for what happened? Sure they did grant the access, but they granted the access under the proviso that it was for research purposes not commercial purposes. Is it their responsibility now to verify intent? Making an exaggerated point should Home Depot start coming to your house to make sure you use fertilizer on your plants and not for nefarious activities?
The following 2 users say Thank You to SMCJB for this post:
Another tipster told TechCrunch she had one email address compromised but noted she cannot figure out how the email was even obtained by Facebook as it appears to be for a former work place, is no longer valid and was never directly associated by her with her account — suggesting Facebook is automatically harvesting contact data from other Facebook users and associating it with other accounts.
....
If Facebook is harvesting data on its users from other site users then not personally posting a piece of your contact information does not guarantee it won’t end up in Facebook’s databanks — and therefore be at risk of being exposed via this type of security breach — because Facebook might simply be harvesting your contact data from someone else you have corresponded with.
..........
peace, love and joy to you
.........
The following 2 users say Thank You to aquarian1 for this post:
This is a good point. I don't think they were responsible for the eventual use the data was put to, obviously. Also, the "researcher" who got the data was lying to them about what he was doing, also not their fault.
But the thing is that FB does have a huge amount of data, and they do make it available more widely and much more routinely than their users have any idea about.
I have read that a common app that is available to developers puts a button to "Sign in via Facebook" on a web page. If the web owner wishes (and I'm not saying anything about whether some particular web site does this, only that they can), when a user clicks on that link, it enables the site designer to download all the information on that person's FB page, and all the information on all of that person's friends, greatly magnifying the amount of data gleaned. And, although there is some legally dense language on the FB terms of use agreement that says they can do this, I am positive that not one person who is on Facebook knows about it or expects it to happen, or thinks they have agreed to it. (Don't make me look up the link. I'm not making this up, and there is a fatigue factor with all this Facebook stuff anyway . Google will help anyone find out if I'm wrong about this or am exaggerating.)
One of the ways that the Cambridge guy got so much data was that he put up a survey that was answered by a few hundred thousand FB users, but he then was also able to access all their data -- meaning, everything on their FB page -- and all their friends' data on their pages (unbeknownst to the friends), netting information on 50 million individuals. Yes, he was misleading FB as well as the respondents to his survey. But this is frightening. Under certain conditions, which this guy did violate, FB makes all of this available, regardless of the users' privacy settings, usually for a fee and not for a bogus "research project." But they do it.
It is possible to discuss all this one way or another, but there is something deeply wrong with this. The basic philosophy of FB and Mark Zuckerberg has always been the standard tech industry mantra that information wants to be free -- that wide exchange of information is a good thing that needs to be encouraged. I agree, as an abstract principle, but then we see instances of essentially involuntary sharing that the persons involved didn't know about and didn't consent to (aside from the legalese in the terms of use agreement that they didn't read, and that the authors of the agreement knew they wouldn't read.)
We can go too far in either direction about this, but we need to do something, and the present status quo is not right in a very deep sense.
Today's Washington Post has an editorial that I didn't think I would like when I saw the title ("Let’s take a deep breath about Facebook’s ‘breach of trust’ "), since I think they did breach some trust here. But I did read the editorial and I think there's something to it. In other words, there's a balanced way to look at this whole thing -- and still, something needs to change.
Reading that Cambridge Analytica used for their Facebook scam Proton Mail.
Proton Mail allows to automatically "kill" a crypto mail just after opening and reading.
So Cambridge Analytica could operate out of the dark.
Well - things will not change easily to the better.
A coin has 2 sides.
GFIs1
The following 4 users say Thank You to GFIs1 for this post:
There several other articles - but mainly the same content.
GFIs1
PS: I am using Proton Mail since a long time - it is free to start. A very strong web based mail provider with encryption and decryption - very fast - even for attached documents.
The following 4 users say Thank You to GFIs1 for this post:
Elon Musk was asked to delete his platforms "SpaceX" and "Tesla" on Facebook "if you are the man!". And he did within 37 minutes after the tweet. Many millions of followers find now a page 404.
WOW - the worth of FB is on a steep path down...
Wealth built on sand - one would say!*
GFIs1
*but why Zuckerberg sold such a lot shares of his company right at the beginning of the scandal?
Think about
The following 6 users say Thank You to GFIs1 for this post:
In fact my post was sort of imprecise: FB/WU were logging all calls with date/time, dito SMS - all with MetaData...
but if I see such behind the scenes collecting - then I must assume that the contents were flowing also with
GFIs1
The following user says Thank You to GFIs1 for this post:
Thanks - I heard about metadata collection, which is one thing - but recording actual content (i.e. actual calls and text messages) would put FB in the NSA/PRISM category - I don't believe FB would even have the capability to do that, let alone the legal ramifications.
The following user says Thank You to xplorer for this post:
Well said @xplorer
In fact FB is publishing zillions of new posts and advertising every day.
Why is/WAS there no thread / official information about the collecting activities of those scammers?
Does one need to read the AGB in detail to even not find a hint what they are doing with one Client's Data?
Even a user wants to shut down all his activity there he is "guided" lol to the "pause action" where FB
can use the collected data for the future...
Questions over questions.
Legal action though will get off now really fast - in some countries with dramatic fines.
We will hopefully see how bad the FB guys will show themselves at the legal hearing in Berlin / Germany tomorrow.
Will let you know.
GFIs1
The following 3 users say Thank You to GFIs1 for this post:
Some FB users stated after having downloaded a copy of their FB account data that they found
whole SMS content as well as phone calls recorded since years...
As there are some examples - they will be posted here.
GFIs1
The following 6 users say Thank You to GFIs1 for this post:
The mere fact that Facebook allowed so much nominally private data to leak to third parties would be embarrassing enough. The larger concern for Facebook is that the company signed a deal with the Federal Trade Commission in 2011 that was specifically focused on enforcing user privacy settings. Two former FTC officials told The Washington Post this week that allowing user data to be disclosed to third parties may have violated the terms of that 2011 agreement, which could potentially expose Facebook to large fines.
years ago individuals who were stalkers downloaded an app that turns on someone's smartphone's mic and camera and they could hear what was being said and see what the camera shows. This is people with zero tech skills and some were arrested by police for stalking.
Not only could the content of calls be recorded but also voice of what is happening in the room and the location and the time.
Of am only speaking of technical capability not what some company might or might not have done.
..........
peace, love and joy to you
.........
The following 2 users say Thank You to aquarian1 for this post:
The collecting and sharing of information as a social good is almost an article of faith among many in the technology industry. And it did sound good. Zuckerberg is being honest when he calls Facebook an "idealistic company." He does believe in it. He also has made some money with it, which is not bad in itself.
But it really is not that they simply "didn't focus enough" on safeguarding the information they collected -- they didn't really understand who it belongs to, and that having the users click on "I Accept" to a long End User License Agreement, which they know that no one is going to read, is just not enough to give the company the right to do with it whatever they choose.
Bob.
The following 5 users say Thank You to bobwest for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,034 since Dec 2013
Thanks: 3,340 given,
7,955
received
Anybody can scrape data with or without the website approval. If it's available on the internet without authentication it can be scrapped easily. Just like people scrape twitter I would assume that every facebook account in existence has been scrapped by at least somebody.
The following 4 users say Thank You to SMCJB for this post:
Well, given 'idealistic' and 'opportunistic' are practically antonyms, this would make for a very good politics piece, à la Bill Clinton's "I did not have sexual relations with that woman"
The following 4 users say Thank You to xplorer for this post:
Trading: All Micros, especially the ones that move
Posts: 2,399 since Feb 2017
Thanks: 16,566 given,
9,078
received
All I'm asking is, is this not simply the canned reply for such intrusions on our privacy these days? Is it the first time? No. Last time? No way.
In a manner, we are already accepting of this sort of thing as a global society. We have come to expect Experian/Facebook/Whoeveritis.com to eventually compromise our sensitive information, and in that regard we are de-sensitized to it. For the masses, it's really no big deal.
Elf on a shelf, anyone?
The following 5 users say Thank You to Rrrracer for this post:
You're right about this: screen scraping is simple. You just capture the screen and have an automated process to pull off the data.
But there's more to it. The referenced article in the Post has been significantly revised, for the better. The point is that by default essentially all the user data is publicly available, which may not have been what the average user believed. If it had not been publicly available, it could not have been scraped.
Also, this is not the same as what Cambridge Analytica used, which was a targeted data mining program (and which is a tool that FB does make available, for a fee, to others.)
The point I am making is not that FB was wicked, just careless. But this is bad enough. Yes, it's the users' fault too. They were too trusting. But apparently harvesting user data this way is what exposed essentially everyone on FB, and the issue is that FB made it easy.
It is worth reading the whole thing. Here is an excerpt of the revised article, expanding on what was done:
I was trying to make a point about a Silicon Valley mindset, which is summed up in the now-old slogan, "Information wants to be free."
What this means is that there should be no restrictions on the flow and exchange of information. This has been the mantra of social media during its period of explosive growth.
Now, do I think Zuckerberg is "honest"? Not in every sense of the word, no. But in the sense that he really does think that everyone benefits from the fullest sharing of information, yes. I think he is being honest about that simply because he does really believe it, and has said so. It's the whole idea behind Facebook. He also does believe that it's an idealistic idea, which will make the world better.
I think this idea is wrong, because it is irresponsible. It also has made Zuckerberg rich, which is not at all incidental. People do believe, and try to justify, what makes them money.
My point is that there have to be restrictions on the sharing of information, and unlimited openness is not better, when the people involved, whose information it is, discover that the sharing has exposed more than they wanted.
(It's easy to say that it's just the dumb users' fault. Well, it is in part. But FB made it very easy for them to put all this data out there, because that's what FB wanted, and also put to use.)
Bob.
The following 4 users say Thank You to bobwest for this post:
Thx for clarifying. I still believe Zuckerberg's goal is not really 'world's connectedness', as much as FB repeats it as a mantra. He said it of course, because he must say it. I do believe corporations must be answerable to their investors whom, after all is said and done, care about only one thing: profits. If any CEO does not serve their investors base by pursuing growth which in turns translates into greater shareholder value they would be derelict in their duty.
Still, as you rightly pointed out, anyone's agenda needs a motto (which must serve as a justification to the cause) and FB's motto is the one you quoted about world's being connected and all.
The following 3 users say Thank You to xplorer for this post:
But I want to slam on the brakes about connecting the world. It's a good thing, and will happen, but it's not an unconditional good unless there are safeguards too.
Of course, Zuckerberg knows how he makes his money. He should be criticized for how he does that, if/when he oversteps the line with other peoples' data.
But basically, I'm against the motto.
Bob.
The following 3 users say Thank You to bobwest for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,034 since Dec 2013
Thanks: 3,340 given,
7,955
received
The huge difference in those two (Experian vs Facebook) is that one you signed up for and while you hoped you weren't comprised you knew there was a risk you would be, while the other is somebody collecting data on you that you can not stop. While people seem so much more upset about Facebook, I'm a lot more upset about Experian, but maybe thats just because I don't use social media at all.
The following 5 users say Thank You to SMCJB for this post:
Thx Bob. I wanted to elaborate on my earlier post and expand on the feeling of distrust I have always had for platforms who insist on the fact that you should register your own details under your real name, (which I typically never do), FB being on top of the list:
I don't know how many people know this but Zuckerberg, in FB's infancy stage, defined a group of about 4,000 users who had trusted him with their own data as - and I quote - "dumb f*cks". This is not something unconfirmed, as I remember reading back then that, when confronted, he admitted as much and he said he was very young and now he had grown (but then, when caught red-handed with information you simply cannot refute, what could one in his position say, really). Details of the story here, or simply google "mark zuckerberg dumb f*cks".
There's links there to other quite disturbing stuff such as this, which has never been substantiated and chances are never will. That does not make it less worrying, in my mind.
The point I wanted to make is that in my opinion he was well aware from the start that the more FB's users would give up their privacy the more he stood to profit as FB's business model is based almost entirely on targeted advertisement. They have been intentionally careless in their lack of data privacy awareness to the public for this very reason, as any corporation that, throughout history, has been found negligent in some aspect or other in the name of profit. That's my view anyway.
The following 6 users say Thank You to xplorer for this post:
I am way more concerned about Experian, and the other rating agencies.
The rating guys stay in the background, unnoticed unless they mess up your data -- report things wrong-- or get hacked, which they have and will again. Also, credit issuers use them, and you don't have a choice about whether they will. Which is also a concern.
Bob.
The following 4 users say Thank You to bobwest for this post:
True, it is all about human pschyology, most want to be known, liked, supported and FB taps into these basic human emotions. Most the kids today want to be social media stars also
It is one of the reasons FB is so valuable to advertise on. 2 billion and growing users sharing their information. The value of FB is evident in the last month, with all the negative press it is still holding strong around $158.
Volatility is good for the market and trading.
Preservation of capital is the most important concept for those who want to stay in the trading game for the long haul. - Van Tharp
The following 2 users say Thank You to blb014 for this post:
Trading: The one I'm creating in the present....Index Futures mini/micro, ZF
Posts: 2,285 since Nov 2011
Thanks: 7,247 given,
4,433
received
I read this the other day.... I’m afraid it’s a good idea.
Don’t get me wrong..... I’m constantly polishing my mirror, or at least trying to.... pregnant with my soul, as I am, working hard to foster growth of my “limbs and organs” ...namely truthfulness... trustworthiness ... honesty... integrity.....
I don't have a WSJ subscription but if the first few lines of the article are anything to go by,
I totally support this, in fact it's kinda the point of the whole thread.
What I mean is this: after the boom that Big Data carried with it, to me it was obvious that, sooner or later, data breaches were going to happen; some worse than others (in fact, I fear we have not seen the worst by far, yet).
When you do business transactions online (such as shopping, paying for goods or services, etc.) you of course must provide your true details. The same goes for government correspondence, for instance; or financial related organizations.
But there isn't much else - in my view - that the average online user should trust.
I keep reading scary stories in the press about ways how data are mishandled.
Today's apps and systems give you the option to link
multiple email addresses
your YouTube account
your Twitter account
your Facebook account
your LinkedIn account
....and many more
In other words, by providing these apps with real details, one is gift-wrapping a set of online fingerprints which is very easily distinguishable from others to, potentially, being able to identify quite precisely an individual.
Just for fun, a couple of times I tried to look up names of people on several social media platforms. I am talking here about common people, like you and me, and it's so damn easy to find the same individual on all these systems.
The NSA already has systems that are able to link these platforms together.
How simple would that be for somebody with more nefarious purposes to do the same?
The following 4 users say Thank You to xplorer for this post:
Thanks Ron. I support the ideas in the article, except in some cases. For example, I would never intentionally misspell my real name when giving it to an airline company. I have heard of cases where travellers have had problems for a single letter out of place. It may be less stringent in the US when one travels domestically (I don't know), but better not risk it, IMO.
In other words, when intentionally misleading people could get you in trouble, that's where I draw the line.
The following user says Thank You to xplorer for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,034 since Dec 2013
Thanks: 3,340 given,
7,955
received
And the information Google keeps on you, makes Facebook look amateurish.
This is a twitter thread by Dylan Curran whose bio says he's a privacy consulatant. If you have twitter I would recommend you read the thread itself as there are dozens of interesting graphics.
If you don't have twitter then this is the text
Want to freak yourself out? I'm gonna show just how much of your information the likes of Facebook and Google store about you without you even realising it
1. https://www.google.com/maps/timeline?pb … Google stores your location (if you have it turned on) every time you turn on your phone, and you can see a timeline from the first day you started using Google on your phone
2. This is every place I have been in the last twelve months in Ireland, going in so far as the time of day I was in the location and how long it took me to get to that location from my previous one
3. https://myactivity.google.com/myactivity Google stores search history across all your devices on a separate database, so even if you delete your search history and phone history, Google STILL stores everything until you go in and delete everything, and you have to do this on all devices
4. https://adssettings.google.com/ Google creates an advertisement profile based on your information, including your location, gender, age, hobbies, career, interests, relationship status, possible weight (need to lose 10lbs in one day?) and income
5. Google stores information on every app and extension you use, how often you use them, where you use them, and who you use them to interact with (who do you talk to on facebook, what countries are you speaking with, what time you go to sleep at) https://security.google.com/settings/security/permissions …
6. [yt]https://www.youtube.com/feed/history/search_history[/yt] … Google stores ALL of your YouTube history, so they know whether you're going to be a parent soon, if you're a conservative, if you're a progressive, if you're Jewish, Christian, or Muslim, if you're feeling depressed or suicidal, if you're anorexic...
7. Google offers an option to download all of the data it stores about you, I've requested to download it and the file is 5.5GB BIG, which is roughly 3 MILLION Word documents https://www.google.com/settings/takeout
8. https://www.google.com/settings/takeout This link includes your bookmarks, emails, contacts, your Google Drive files, all of the above information, your YouTube videos, the photos you've taken on your phone, the businesses you've bought from, the products you've bought through Google...
9. Your calendar, your Google hangout sessions, your location history, the music you listen to, the Google books you've purchased, the Google groups you're in, the websites you've created, the phones you've owned, the pages you've shared, how many steps you walk in a day...
10. Facebook offers a similar option to download all your information, mine was roughly 600mb, which is roughly 400,000 Word documents
11. This includes every message you've ever sent or been sent, every file you've ever sent or been sent, all the contacts in your phone, and all the audio messages you've ever sent or been sent
12. Facebook also stores what it think you might be interested in based off the things you've liked and what you and your friends talk about (I apparently like the topic 'Girl')
13. Somewhat pointlessly, they also store all the stickers you've ever sent on Facebook (I have no idea why they do this, it's just a joke at this stage)
14. They also store every time you log into Facebook, where you logged in from, what time, and from what device
15. And they store all the applications you've ever had connected to your Facebook account, so they can guess I'm interested in politics and web and graphic design, that I was single between X and Y period with the installation of Tinder, and I got a HTC phone in November...
16. Side-note, if you have Windows 10 installed, this is a picture of JUST the privacy options with 16 different sub-menus, which have all of the options enabled by default when you install Windows 10
17. This includes tracking where you are, what applications you have installed, when you use them, what you use them for, access to your webcam and microphone at any time, your contacts, your e-mails, your calendar, your call history, the messages you send and receive...
18. The files you download, the games you play, your photos and videos, your music, your search history, your browsing history, even what RADIO stations you listen to
19. This is one of the craziest things about the modern age, we would never let the government or a corporation put cameras/microphones in our homes or location trackers on us, but we just went ahead and did it ourselves because fuck it I want to watch cute dog videos
20. I got the Google Takeout document with all my information, and this is a breakdown of all the different ways they get your information
21. Here's the search history document, which has 90,000 different entries, even showing the images I downloaded and the websites I accessed (I showed ThePirateBay section to show much damage this information can do)
22. Here's my Google Calendar broken down, showing all the events I've ever added, whether I actually attended them, and what time I attended them at (this part is what I went for an interview for a Marketing job, and what time I arrived at)
23. This is my Google Drive, which includes files I EXPLICITLY deleted including my resume, my monthly budget, and all the code, files, and websites I've ever made, and even my PGP private key, which I deleted, which I use to encrypt e-mails
24. This is my Google Fit, which shows all of the steps I've ever taken, any time I walked anywhere, and all the times I've recorded any meditation/yoga/workouts I've done (I deleted this information and revoked Google Fit's permissions)
25. This is all the photos ever taken with my phone, broken down by year, and includes metadata of when and where I took the photos
26. Every e-mail I've ever sent, that's been sent to me, including the ones I deleted or were categorised as spam
27. And now my Google Activity, this has thousands of files, so I'll just do a short summary of what they have
28. Firstly every Google Ad I've ever viewed or clicked on, every app I've ever launched or used and when I did it, every website I've ever visited and what time I did it at, and every app I've ever installed or searched for
29. Every image I've ever searched for and saved, every location I've ever searched for or clicked on, every news article I've ever searched for or read, and EVERY SINGLE google search I've made since 2009
30. And then finally, every YouTube video I've ever searched for or viewed, since 2008
31. I'm probably on an FBI watch-list now, so if I die in the next few months IT WASN'T AN ACCIDENT, IT WAS A SET-UP
32. This information has millions of nefarious uses and violates multiple human rights, you're not a terrorist? Then how come you were googling ISIS? Work at Google and you're suspicious of your wife? Perfect, just look up her location and search history for the last ten years
33. Manage to gain access to someone's Google account? Perfect, you have a chronological diary of everything that person has done for the last ten years
35. I have also taken a few days off work to partake in any interviews, podcasts, or radio shows that people may want me to do to spread information awareness
The following 7 users say Thank You to SMCJB for this post:
After the two hearings with Mr. Z I want to show where FB has clearly crossed several red lines:
If you are a member of FB you are "officially" willing (by accepting THEIR rules) to give a away your singular right to direct where your data goes. This is ok - if one reads the fine print and accepts.
I never did - and am still angry. Why?
Mr. Z said to the congress that any data of FB members are sniffed out. So they get the "friends" and all other contacts of a member like e-Mail, phone numbers and addresses. Then FB starts a fake virtual account of everyfriendor contact to sniff out anything they do while traveling or when online. Means FB SEES every move you do on your computer even if you are NOT a FB member. Every page you visit... you say it!
Scandal!
I think the fines - especially in USA - will be harsh when first NON-FB members will get to the judges.
Such "free" data collection is not wanted, nor will it be in the sense of any internet user. Today and tomorrow.
GFIs1
PS: for this I am using protonmail.com to get end to end encryption for mail and files sended. No more sniffing
The following 3 users say Thank You to GFIs1 for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,034 since Dec 2013
Thanks: 3,340 given,
7,955
received
Did he? I watched 7 of the 8 hours and didnt get that impression.
In order to sue FB wouldn't you need proof that they have this information? Without a FB account how do you know what they have on you?
While obviously some people do care, I think the majority do not. If you watched the hearings, the questions where people seemed the most passionate (annoyed?) was when they were accusing FB of being liberal biased and censoring Right Wing Christian Values and not the data loss. In fact I'm surprised how little focus there was on privacy and the data loss.
The following 3 users say Thank You to SMCJB for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,034 since Dec 2013
Thanks: 3,340 given,
7,955
received
Sorry for second post - hadn't seen this earlier...
I suspect if your reading this thread, then this won't be news to you, but just like the Google info I posted earlier was probably scary and surprising, you might also find this surprising. If you read it, watch the 3.5 min video, its different content than the article - for example the Geofeedia*/Police comment at 2:50!
NYTimes :- I Downloaded the Information That Facebook Has on Me. Yikes.
Really worthwhile read, but some snippets for the TLDR crowd
When I downloaded a copy of my Facebook data last week, I didn’t expect to see much. My profile is sparse, I rarely post anything on the site, and I seldom click on ads. (I’m what some call a Facebook “lurker.”)
But when I opened my file, it was like opening Pandora’s box.
...
One surprising part of my index file was a section called Contact Info. This contained the 764 names and phone numbers of everyone in my iPhone’s address book. Upon closer inspection, it turned out that Facebook had stored my entire phone book because I had uploaded it when setting up Facebook’s messaging app, Messenger.
...
But what bothered me was the data that I had explicitly deleted but that lingered in plain sight. On my friends list, Facebook had a record of “Removed Friends,” a dossier of the 112 people I had removed along with the date I clicked the “Unfriend” button. ... and also ... More important, the pieces of data that I found objectionable, like the record of people I had unfriended, could not be removed from Facebook, either.
...
What Facebook retained about me isn’t remotely as creepy as the sheer number of advertisers that have my information in their databases.
...
Facebook said unfamiliar advertisers might appear on the list because they might have obtained my contact information from elsewhere, compiled it into a list of people they wanted to target and uploaded that list into Facebook. Brands can upload their customer lists into a tool called Custom Audiences, which helps them find those same people’s Facebook profiles to serve them ads.
...
Using tracking technologies like web cookies and invisible pixels that load in your web browser to collect information about your browsing activities. There are many different trackers on the web, and Facebook offers 10 different trackers to help brands harvest your information, according to Ghostery, which offers privacy tools that block ads and trackers. The advertisers can take some pieces of data that they have collected with trackers and upload them into the Custom Audiences tool to serve ads to you on Facebook.
...
Knowing this, I also downloaded copies of my Google data with a tool called Google Takeout. The data sets were exponentially larger than my Facebook data. For my personal email account alone, Google’s archive of my data measured eight gigabytes, enough to hold about 2,000 hours of music. By comparison, my Facebook data was about 650 megabytes, the equivalent of about 160 hours of music. Here was the biggest surprise in what Google collected on me: In a folder labeled Ads, Google kept a history of many news articles I had read, like a Newsweek story about Apple employees walking into glass walls and a New York Times story about the editor of our Modern Love column. I didn’t click on ads for either of these stories, but the search giant logged them because the sites had loaded ads served by Google.
The highlighted point in red is interesting. Google can track you through their advertisements, which lets face it, as the 800lb Gorilla in online advertising, they are everywhere.
* According to Wikipedia Geofeedia is a social media intelligence platform that associates social media posts with geographic locations.
The following 5 users say Thank You to SMCJB for this post:
means much more than in USA - as you know @SMCJB "smalltalk" does not really exist in Europe. The privacy of a human is more important than gossip for the public.
Now to the news: The EU parliament has decided to invite Mark Zuckerberg to give answers to several groups inside the European Parliament very soon.
For this EU head of justice Vera Jourova had a call yesterday with Sheryl Sandberg (CEO FB) and discussed the data scandal of FB / Cambridge Analytica and others. So it is important to get some distinct answers about privacy from MZ.
The EU parliament is discussing right now to strip some "non-given rights" to use data of internet users in Europe.
That might have strong impact for jurisdiction of bigger scale.
About the data that was collected by FB or Whatsapp or others: I will find out. Sheryl Sandberg said in the telephone call that there are "MORE" apps that were collecting data from members and nonmembers of FB. So the truth will come out to light
GFIs1
The following user says Thank You to GFIs1 for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,034 since Dec 2013
Thanks: 3,340 given,
7,955
received
And imagine what happens when you start throwing in facial recognition software! All you people out there with iphone 10s - all these app developers now have your face as well!
The following 3 users say Thank You to SMCJB for this post:
Trading: All Micros, especially the ones that move
Posts: 2,399 since Feb 2017
Thanks: 16,566 given,
9,078
received
I may have mentioned this before, but this is why every device I own with a front facing camera has a little square of electrical tape strategically placed over it. And fingerprint unlock? I don't think so.
Make fun of my tinfoil hat now, punks!
The following 3 users say Thank You to Rrrracer for this post:
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
Posts: 4,034 since Dec 2013
Thanks: 3,340 given,
7,955
received
I'm confident that the average American, probably even the majority of American's do not have a clue what GDPR is, even after getting 20 odd emails last week referencing it. I also believe that the average American has already shown they do not care in anyway about data privacy (or net neutrality) as long as their Facebook images load quickly. But maybe I'm cynical. TV news in this country isn't like news in Europe. It's nothing other than sensationalized local stories about toddlers losing their mothers in grocery stores, the occasional person getting shot, and any other potentially emotion generating story. Things like national events, never mind world events are ignored - unless of course there is a strong emotion generated which they can sensationalize.
The following 5 users say Thank You to SMCJB for this post: