Data Digest № 010

Data Digest ¦ May 19th, 2019, 11:00 pm

Howdy and welcome to the wild ride that is this week’s edition of the Data Digest. Let’s jump into it:

Google Is Spying On Your Purchase History Through Gmail Receipts

Google’s recent attempts to overcome public scrutiny for their privacy policies, or lack thereof, involved the announcement of new tools for users to better view and control ad tracking in Chrome. In doing so, they’ve revealed new heights of staggering invasiveness with which they surveil their users. By doing so, they exposed the intimate depth of knowledge about their customers they continue to hold and profit off. Years of your purchase histories can be seen with this new tool, exposing Google’s greedy data paws by secretly pulling your purchase history data from Amazon. See for yourself. This certainly crosses the infamous “creepy line” once laid out as the final frontier of advancement by then Chairman and CEO, Eric Schmidt.

It’s a reminder to all that You’re Not Alone When You’re On Google — as pointed out in the latest opinion piece from NYT’s Privacy Project by Jennifer Senior.

“All of these situations contribute to a common theme: Google offers users a compromise that involves trading products and web services in exchange for data that the company will collect through a variety of means you may not know about and have little to no control over.”

Controversies over third-party app devs pulling the data from contents of Gmail messagessyncing web browsing with Gmail accounts and reports of Google supplementing its ad-targeting tools with Mastercards purchase history all reveal the questionable endeavours that Google chooses to prioritize over their users rights to privacy. Unfortunately, it’s these exact breaches of privacy laws that made Google so powerful.

Putting this into context of the recently announced data ‘auto-deletion’ that Google launched in an effort to purportedly provide users more control and privacy (which we covered right here), makes it very clear that Google has no ambition to preserve their users privacy and any gesture to suggest otherwise is simply a distraction from the bitter truth: Google has crossed the creepy line to profit from your data. That’s exactly why we need tools that genuinely give power to the users, rather than a fad publicity stunt created by the perpetrators to bolster their stance in privacy theater.

Google uses Gmail to track a history of things you buy — and it's hard to delete

Google collects the purchases you've made, including from other stores and sites such as Amazon, and saves them on a page called Purchases.

Amazon Facial Recognition Software Coming Under Scrutiny From Shareholders

Though nonbinding, the investors meeting for Amazon in Seattle on Wednesday pushed for two proposals. One, that the company prohibits sales of the software, called Amazon Rekognition, to government agencies. Two, that the company commissions an internal report examining the extent to which Rekognition may threaten civil, human and privacy rights, and the company’s finances. This comes a week after the banning of facial recognition surveillance in San Francisco.

Amazon Faces Investor Pressure Over Facial Recognition (Published 2019)

Shareholders are voting on whether to push the tech giant to examine the human rights and financial risks of the surveillance technology.

Russian Governmental Sites Leak Personal Data Of 2.25 Million Users

Government employees, high ranking politicians, and Russian citizens alike have all fallen victim to yet another data breach in Russia this week. Over 23 sites were found to be leaking social security numbers and 14 sites were found to breach passport information, uncovered by Ivan Begtin, co-founder of Informational Culture. Vulnerabilities associated with escalating data breaches and fraudulent activities are becoming more and more volatile with every attack.

As data grows exponentially and rises in value, our lack of control over these sensitive systems increases, specifically in the realm of governmental data. Contrary to private sector companies, we cannot simply request an opt-out from governmental institutions handling our data. Therefore, the secure handling of said data is all the more crucial. Unfortunately, the example of Russia makes it seem like there are only differing degrees of ‘bad’ between the data handling SOPs of government agencies and private companies.

Russian government sites leak passport and personal data for 2.25 million users | ZDNet

Passport data for high-ranking Russian politicians among the leaked information.

Your Car Knows More Than You Think

With data collected by vehicles being pegged at a value of $750 billion by 2030, it comes as no surprise that a lot of carmakers have little to no incentive to hand over control of their information to individuals. Data such as whether you wear your seatbelt, how fast you drive, how hard you break etc. is extremely valuable to insurance companies, and could significantly affect and limit how your insurance is handled. We often talk about the data we hand off through IoT devices to companies in exchange for their services such as Alexa. But what about the data that is taken without our knowledge and then used as evidence against us? Or possibly even withheld from the companies we do want to share it with? When we have no control over our data, or are unaware of who owns our information, we put ourselves into great unforeseen risks.

Opinion | Your Car Knows When You Gain Weight (Published 2019)

Vehicles collect a lot of unusual data. But who owns it?

More On The F.T.C. Facebook Battle

The latest news in the ongoing battle between the US government and Facebook Inc. suggests that Facebook could face penalties for up to 20 years of oversight in their consent agreement after (severe) privacy lapses. “In a letter to the FTC, Senators Richard Blumenthal, a Democrat, and Josh Hawley, a Republican, told the agency that even a $5 billion civil penalty was too little and that top officials, potentially including founder Mark Zuckerberg, should be held personally responsible.” When and whether this will take effect is still unknown with some sources saying that it could be up to a month before moving forward. As complex and laborious as the situation is, we shouldn’t lose sight of its importance in the privacy conversation.

Facebook facing 20-year consent agreement after privacy lapses: source

The social media giant Facebook Inc is headed toward an agreement with the U.S. government over its privacy policies and practices that would put it under 20 years of oversight, according to a source knowledgeable about the discussions.

What I'm Reading:

Prince Harry won a legal battle with the paparazzi using Europe's GDPR privacy law — and it gives the royals a powerful new weapon against the media

Prince Harry won a legal dispute with Splash News, a photo agency which used a helicopter to take pictures inside his home.

WhatsApp hack: have I been affected and what should I do?

Time to make sure WhatsApp is updated on your iPhone, Android or Windows device

Opinion | Throw Your Laptop Into the Sea, the Surveillance Economy Will Still Win (Published 2019)

Resistance is (currently) futile. Maybe it doesn’t have to be.

That wraps this week’s edition of the Data Digest.

See you next week for another fun ride.


Get the Data Digest in your inbox