Category Archives: Privacy

Data mining enables many companies to discern your health conditions

Data brokers compile health and frailty profiles that have wide-ranging applications for drug companies, advertisers, insurers and other buyers.

Source: How bits of captured data paint a stealth portrait of your health

They do not need access to your protected[1] health care records. Instead, companies are data mining your credit card purchases, your public social media, your online purchase habits and a host of other data points to guess at your health situation and assign you a “health score”.

This secret health score could be used by insurance companies to change your life insurance premiums, or by a prospective employer to deny you a job because your health score is not good enough for them.

You have no idea what data they have collected and analyzed, nor what score they have assigned to you. The data itself is often incorrect (as I recently found) and their assumptions about you are often wrong too. But there is no way to correct their secret health score.

Continued: Venmo lies about their priority of privacy

Venmo declined to say why it makes full public disclosure the default setting, but a company spokesperson told CNNMoney that “the safety and privacy of Venmo users and their information is one of our highest priorities.”

Source: A researcher studied a year of public Venmo transactions. Here’s what she learned

That’a a lie, as I showed 5 weeks ago:

Someone entered my email address for their account at Venmo. Month’s ago. Apparently Venmo NEVER VERIFIED the email address. Consequently, I receive their emailed financial transaction correspondence – for several months. Guess their customer never noticed they were not receiving emails? (Or is Google broken and one email address is being delivered to different people? Anything is possible!)

I successfully changed the password on a Venmo account that was not mine.

Never, ever use Venmo for transactions if you care even the slightest about keeping your transactions private.

#Google’s #Android was developed first and foremost as a spying tool, may be sanctioned by the European Union

For Google, the consequences could prove vast. Packaging tools like search, and including them on Android devices, offers the company a way to capture data about users — and show them more ads. Eliminating that pathway for profits and insight could prompt Google to rethink the entire ecosystem for Android, which it licenses to device makers free in a bid to ensure its wide-scale adoption while warding off such competitors as Apple.

Source: Google could face record European Union antitrust fine for Android – The Washington Post

A long time ago I recognized that Android is an invasive surveillance system. You see this in that to use GPS for any app, you are required to disclose your location directly to Google too. Google uses machines to monitor your location, to read your email, take notes and analyze your correspondence, including purchases and financial transactions that result in emailed receipts to you. Google’s Chrome is free because its main purpose is to track your every web page visit across the web as part of the Google surveillance network.

Google’s system, however, is also prone to erroneous conclusions and assumptions about us. I frequently receive email intended for someone else but Google does not know that and the content of that email is integrated into their (false) dossier on me. Today, one of California’s largest health systems emailed to my GMail account a 101 page detailed medical history of a patient, clearly violating HIPAA. First, in 2018, how is this even possible to email a medical record with no security? Second, Google’s artificial intelligence without question read this record and deduced aspects of my health – even though this record has nothing to do with my own health. Google’s AI won’t know that however because the patient has the same name as me.

Bottom line: Google’s “free” Android, Chrome, Gmail and other services are designed specifically as surveillance tools to gather as much information as possible about each and everyone of us for the purposing of marketing something to us. When we think of marketing, we usually think of products or perhaps services. But often times, the goal is to market ideas – and effectively this becomes a mechanism for highly focused propaganda messaging encouraging us to adopt someone else’s agenda.

How your phone is used to track you as you move through a store

Ultrasound “beacons” are set up in various locations such as within stores. Apps that run on smart phones are constantly listening for ultrasound beacons (which are emitted above the audible range so we cannot hear them). Each beacon can encode a unique ID to be used to determine proximity to a specific location.

In some cases, ultrasound or other types of audible signals can be embedded in television or audio programming and apps can detect what you are listening to.

Two studies have examined the deployment and implications of ultrasonic beacons. Arp et al. measured the prevalence of ultrasonic beacons in the wild, and found them deployed on websites and in stores. Furthermore,they found 234 apps in the Google Play Store that were constantly, passively monitoring for these beacons, in order to track users’ online and offline browsing behaviors [28]. Mavroudis et al. consider various attacks against users that leverage ultrasonic beacons, including de-anonymizing Tor users [59].

Source (academic paper): Panoptisypy: Characterizing Audio and Video Exfiltration from Android Applications

Numerous apps are using access to the array of environmental sensors (including cameras, microphones and more) to assess the environment in which the phone is being carried.

Fascinating details: “The NSA’s Hidden Spy Hubs In Eight U.S. Cities”

These fortress-like AT&T buildings are central to a secret NSA program that has monitored billions of communications, documents and sources reveal.

Source: The NSA’s Hidden Spy Hubs In Eight U.S. Cities

Stephen Budiansky, in his book, Code Warriors, explains how the pre-cursor to the NSA tape recorded communications prior to and during WW II. As they worked to decrypt and interpret contemporary messages, access to older communications proved invaluable to understanding current events and why enemies were making the decisions they were making.

In a similar way, the NSA records and stores large quantities of communications in the event that a future situation will benefit from analysis of past communications. For this reason, the NSA built enormous data centers, such as the NSA Data Center near Provo, Utah, specifically to store enormous quantities of digital data including phone calls, radio signals, text messages, emails, and general Internet data traffic. Much of this data collection may never be accessed – except in time of national emergencies or war.

Consumers said to want more #IoT devices for security, protection and willing to share that data with insurance companies

Specifically, consumers say they’d share more data with their insurance company in exchange for smoke, fire and water alarm systems (and presumably also theft) that send data to their insurance company.

“Consumers appreciate the safety and security value propositions of smart home products”

Source: Report: Nearly half of broadband internet households interested in IoT-based insurance | Insurance Business

Everyone wants to be inside your bedroom now, from your smart phone, to your Amazon Alexa device, to your set-top-box (which logs everything you watch) to your home security systems (which, in some cases, log everyone in and out and share with a network provider).

HP computers and data privacy and spying

I have an older HP desktop computer. I’ve long observed significant slow downs as various background tasks were underway and I had assumed it was just anti-virus software running in the background. But it was not – instead, the HP Support Assistance was frequently scanning the entire system, using 55% of the CPU and hogging the disk input/output, tremendously slowing down the system. I finally disabled the HP software as I had never seen any value from it.

Then I went to read the HP Privacy policy (which may be different today from what it was when I bought the computer years ago).

(Click on any image to read the full size screen capture of the HP privacy policy).

In addition to the data collected by HP, HP also “deduces” attributes about you, and collects data when you use social media logins to access anything. This means when you log in to a site using your Facebook login, data about your visit is collected by Facebook and shared with Facebook’s partners (which is literally the entire world).

HP remotely spies on your use of HP printers, collecting a database of pages printed, type of print media used, what ink you are using, including what brand of ink, and the names of the applications from which you print.

HP also purchases information from third party data services, social media networks and advertising networks. Ad networks are used to track every web site you visit online. HP uses this, as they disclose, to get your name, address, “preferences, interests and certain demographic data”. Clearly, HP is buying data about us from Facebook, Google and Twitter.

This example illustrates the pervasive – and nasty – web of anti-privacy efforts underway by the high tech industry. The entire industry works together to intensely monitor, intercept and collect enormous quantities of data about every one of us. Further, they use automated software systems to analyze and interpret this data to then draw inferences about us.

A previous post on my SocialPanic.org blog found that inferences made by Facebook and Twitter were completely wrong – but there is no way to correct that. In most cases there is no way to know what inferences companies like HP have made about us.)

What Can You Do?

  • Delete the HP support assistant. I have found no value from having run it on this computer for many years. Optionally, disable it in the Windows Task Scheduler so it does not run.
  • Delete or disable other software that you do not need or us.
  • Do not use social media logins to web sites other than the social media web site.
  • Use privacy enhanced browsing to minimize tracking across the web. First, never use Chrome. Google logs every web site you visit. Use the Epic Privacy Browser or use Mozilla Firefox with the Privacy Badger and Ghostery plug ins. Use the Cookie-AutoDelete plugin to automatically remove tracking cookies when leaving a web site (you can optionally “white list” web sites so that cookies and logins remain active, if you wish).
  • The Epic Privacy Browser includes access to a proxy server to hide your IP address from web sites.
  • When using mobile phones, note that operating systems such as Android always track your location if Location Services is enabled (such as using mapping). Most people leave Location Services on all the time, and Google uses that to build a database of everywhere you travel and every place you visit. Google also records information about WiFi networks and Bluetooth devices within range of your phone. Even when location services is turned off, WiFi access points and even some Bluetooth devices can reveal your location anyway. Disabling WiFi and Bluetooth will reduce this data collection.

The tech industry has been operating in a free wheeling, Orwellian 1984 world of intense spying on everyone who uses online services including web sites, monitoring our email communications, our social media Likes, every where we travel, and even monitoring our use of home printers.

Automobiles are also now collecting information about our use of the vehicles, including our driving habits and locations visited.

They argue that if we don’t like this, then we should not use online services or we should not use printers or we should not drive a car. These arguments are wholly unrealistic.

Yet most people seem oblivious to this: Facebook has been widely exposed as a massive global surveillance network and propaganda platform – yet financial analysts say they see little harm to Facebook’s business as few seem to care.

Yahoo Email spies on people who do not give consent to their privacy policy

Yahoo spies on people who never consented to Yahoo’s privacy policy. They say this right in their new privacy policy.

“Oath analyzes and stores all communications content, including email content from incoming and outgoing mail.”

This means Yahoo is reading and storing the email of people who have sent email to you, and who themselves are not users of Yahoo nor have they agreed to Yahoo’s Privacy Policy as a condition of service.

When ever you send email to someone using a Yahoo email address, Yahoo is reading and storing your email without your permission.