Category Archives: Privacy

Australian Border Force searched 822 phones in 2021 despite having no power to demand passcodes

Posted on by

Greens digital rights spokesperson says officers should be required to get a warrant before going through travellers’ mobile phones

Australian Border Force officials searched 822 travellers’ mobile phones in 2021, despite admitting it has no power to force arrivals to give them the passcode to their devices.

In January, Sydney software developer James told Guardian Australia that he and his partner were stopped on their return from Fiji by border force officials who asked them to write their phone passcodes on a piece of paper before taking the codes and their phones to another room to examine for half an hour. The phones were then returned and they were allowed to leave.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...

NHS Scotland Covid app rebuked for breaching data privacy laws

Posted on by

UK watchdog says app was not clear about how data is used and it may consider ‘further regulatory action’

The Scottish government and NHS Scotland have been rebuked for breaching data privacy laws on a Covid vaccine status app downloaded by millions of people.

The Information Commissioner’s Office, which polices the UK’s privacy laws, said it had warned the Scottish government and NHS last year that there were serious privacy problems with the app, but not all those problems were fixed before it was launched.

Continue reading...

Inquiry finds Israeli police used spyware against three people, report says

Posted on by

Initial investigation is said to have found NSO Group’s Pegasus tool was used against three of 26 alleged targets

An initial investigation into allegations that Israeli police targeted citizens with spyware has confirmed that the application was indeed used against three people, according to claims by a local news station.

The Israeli broadcaster Channel 12 said a police investigation ordered by Israel’s public security minister, Omer Barlev, had concluded that of 26 individuals named in recent reports as having been targeted using NSO Group’s Pegasus software, three named individuals were targeted, with the police successfully hacking only one of the phones.

Continue reading...

FBI confirms it obtained NSO’s Pegasus spyware

Posted on by

Bureau says sophisticated hacking tool was never used in support of any investigation

The FBI has confirmed that it obtained NSO Group’s powerful Pegasus spyware, suggesting that it bought access to the Israeli surveillance tool to “stay abreast of emerging technologies and tradecraft”.

In a statement released to the Guardian, the bureau said it had procured a “limited licence” to access Pegasus for “product testing and evaluation only”, and suggested that its evaluation of the tool partly related to security concerns if the spyware fell into the “wrong hands”.

Continue reading...

NSO offered US mobile security firm ‘bags of cash’, whistleblower claims

Posted on by

Israeli spyware firm denies doing business with Mobileum and co-founder ‘has no recollection of using the phrase’

A whistleblower has alleged that an executive at NSO Group offered a US-based mobile security company “bags of cash” in exchange for access to a global signalling network used to track individuals through their mobile phone, according to a complaint that was made to the US Department of Justice.

The allegation, which dates back to 2017 and was made by a former mobile security executive named Gary Miller, was disclosed to federal authorities and to the US congressman Ted Lieu, who said he conducted his own due diligence on the claim and found it “highly disturbing”.

Continue reading...

What your smart TV knows about you – and how to stop it harvesting data

Posted on by

Modern TVs gather data that can be monetised. How much of this surveillance can you avoid without turning your smart TV dumb?

Watching TV feels like a benign pastime, but as all TVs become “smart” – connected to the internet via your router – they are gaining the ability to watch you too. As soon as you switch them on, smart TVs made by the likes of LG, Samsung and Sony are gathering data from the TV itself, as well as from the operating system and apps. Then there are the devices you plug into your TV, such as Google’s Chromecast, Apple TV and Amazon’s Fire Stick.

A TV is no longer just a device for showing you content – it has become a two-way mirror allowing you to be observed in real time by a network of advertisers and data brokers, says Rowenna Fielding, director of data protection consultancy Miss IG Geek. “The purpose of this is to gather as much information as possible about your behaviour, interests, preferences and demographics so it can be monetised, mainly through targeted advertising.”

Continue reading...

A data ‘black hole’: Europol ordered to delete vast store of personal data

Posted on by

EU police body accused of unlawfully holding information and aspiring to become an NSA-style mass surveillance agency

The EU’s police agency, Europol, will be forced to delete much of a vast store of personal data that it has been found to have amassed unlawfully by the bloc’s data protection watchdog. The unprecedented finding from the European Data Protection Supervisor (EDPS) targets what privacy experts are calling a “big data ark” containing billions of points of information. Sensitive data in the ark has been drawn from crime reports, hacked from encrypted phone services and sampled from asylum seekers never involved in any crime.

According to internal documents seen by the Guardian, Europol’s cache contains at least 4 petabytes – equivalent to 3m CD-Roms or a fifth of the entire contents of the US Library of Congress. Data protection advocates say the volume of information held on Europol’s systems amounts to mass surveillance and is a step on its road to becoming a European counterpart to the US National Security Agency (NSA), the organisation whose clandestine online spying was revealed by whistleblower Edward Snowden.

Continue reading...

Hacking of activists is latest in long line of cyber-attacks on Palestinians

Posted on by

Analysis: while identity of hackers is not known in this case, Palestinians have long been spied on by Israeli military

The disclosure that Palestinian human rights defenders were reportedly hacked using NSO’s Pegasus spyware will come as little surprise to two groups of people: Palestinians themselves and the Israeli military and intelligence cyber operatives who have long spied on Palestinians.

While it is not known who was responsible for the hacking in this instance, what is very well documented is the role of the Israeli military’s 8200 cyberwarfare unit – known in Hebrew as the Yehida Shmoneh-Matayim – in the widespread spying on Palestinian society.

Continue reading...

The dawn of tappigraphy: does your smartphone know how you feel before you do?

Posted on by

Tech companies are seeking to analyse data on the way we tap, scroll, text and call to monitor our mental health – with potential consequences for privacy and healthcare

We all fear our smartphones spy on us, and I’m subject to a new type of surveillance. An app called TapCounter records each time I touch my phone’s screen. My swipes and jabs are averaging about 1,000 a day, though I notice that’s falling as I steer shy of social media to meet my deadline. The European company behind it, QuantActions, promises that through capturing and analysing the data it will be able to “detect important indicators related to mental/neurological health”.

Arko Ghosh is the company’s cofounder and a neuroscientist at Leiden University in the Netherlands. “Tappigraphy patterns” – the time series of my touches – can, he says, confidently be used not only to infer slumber habits (tapping in the wee hours means you are not sleeping) but also mental performance level (the small intervals in a series of key-presses represent a proxy for reaction time), and he has published work to support it.

Continue reading...

Chinese effort to gather ‘micro clues’ on Uyghurs laid bare in report

Posted on by

Authorities using predictive policing and human surveillance on Muslims in Xinjiang, thinktank says

Authorities in the Chinese region of Xinjiang are using predictive policing and human surveillance to gather “micro clues” about Uyghurs and empower neighbourhood informants to ensure compliance at every level of society, according to a report.

The research by the Australian Strategic Policy Institute (ASPI) thinktank detailed Xinjiang authorities’ expansive use of grassroots committees, integrated with China’s extensive surveillance technology, to police their Uyghur neighbours’ movements – and emotions.

Continue reading...

Apple’s plan to scan for child abuse images ‘tears at heart of privacy’

Posted on by

Security experts say technology on iPhones could open door to mass surveillance and be misused

Technology like that proposed by Apple to search iPhones for child sexual abuse images would open the door to mass surveillance and be vulnerable to exploitation, world-leading security and cryptography experts have said.

Client-side scanning (CSS) gives access to data on users’ devices, including stored data, which “brings surveillance to a new level”, according to analysis from academics at Harvard Kennedy school, Massachusetts Institute of Technology (MIT) and the University of Cambridge, among others.

Continue reading...

Child abuse: Apple urged to roll out image-scanning tool swiftly

Posted on by

Exclusive: privacy concerns ‘must not delay use of neuralMatch algorithm to protect victims of abuse’

Child protection experts from across the world have called on Apple to implement new scanning technologies urgently to detect images of child abuse.

In August, Apple announced plans to use a tool called neuralMatch to scan photos being uploaded to iCloud online storage and compare them to a database of known images of child abuse.

Continue reading...

Apple delays plans to scan cloud uploads for child sexual abuse images

Posted on by

Company says it will ‘collect input and make improvements’ after backlash from privacy groups

Apple will delay its plans to begin scanning user images for child sexual abuse material (CSAM) before uploading them to the cloud, the company says, after a backlash from privacy groups.

The company’s proposal, first revealed in August, involved a new technique it had developed called “perceptual hashing” to compare photos with known images of child abuse when users opted to upload them to the cloud. If the company detected enough matches, it would manually review the images, before flagging the user account to law enforcement.

Continue reading...

NSW police apologise for sending email with sensitive information to wrong person

Posted on by

Exclusive: Personal information about woman fined for lockdown breach emailed to man with same name as woman’s lawyer

When a sensitive email from New South Wales police landed in Richard McDonald’s inbox earlier this month, he could scarcely believe the irony.

The email, obviously not intended for him, contained confidential and personal information about a woman police had just fined for a Covid lockdown breach in questionable circumstances.

Continue reading...

Apple plans to scan US iPhones for child sexual abuse images

Posted on by

Security researchers fear neuralMatch system could be misused to spy on citizens

Apple will scan photo libraries stored on iPhones in the US for known images of child sexual abuse, the company says, drawing praise from child protection groups but crossing a line that privacy campaigners warn could have dangerous ramifications. The company will also examine the contents of end-to-end encrypted messages for the first time.

Continue reading...

Dominic Raab’s mobile number freely available online for last decade

Posted on by

Exclusive: Finding raises questions for security services weeks after similar revelations about PM’s number

The private mobile number of Dominic Raab, the UK foreign secretary, has been online for at least 11 years, raising questions for the security services weeks after the prime minister’s number was also revealed to be accessible to anyone.

Raab’s number was discovered by a Guardian reader using a Google search. It appears to have been online since before he became an MP in 2010, and remained after he became foreign secretary and first secretary of state – de facto deputy prime minister – in 2019.

Continue reading...

Apple’s new ‘private relay’ feature to be withheld in China

Posted on by

Privacy protection is latest effort by the company to cut down tracking of users by advertisers and other third parties

Apple’s new privacy feature designed to obscure a user’s web browsing from internet service providers and advertisers will not be available in China, Saudi Arabia or Belarus, the company has said.

It was one of a number of privacy protections Apple announced at its annual software developer conference on Monday, the latest in a years-long effort by the company to cut down on the tracking of its users by advertisers and other third parties.

Continue reading...

How private is your Gmail, and should you switch?

Posted on by

You might be surprised how much Google’s email service – and others – know about you. Here’s how to set some boundaries

Most people are aware of the cookies that track them across the web, and the privacy-invading practices of Google search, but did you know Google’s email service, Gmail, collects large amounts of data too?

This was recently put into stark focus for iPhone users when Gmail published its app “privacy label” – a self-declared breakdown of the data it collects and shares with advertisers as part of a new stipulation on the Apple App Store.

Continue reading...

Apple iOS 14.5 update includes ‘app tracking transparency’ feature

Posted on by

Setting means iPhone users can stop advertisers following their digital lives – to the ire of Facebook

Users of iPhones can now prevent advertisers tracking them across their apps, after the release of the latest software update from Apple introduced the controversial feature despite the protests of Facebook and the advertising industry.

The update, iOS 14.5, includes a setting called “app tracking transparency”, which for the first time requires applications to ask for users’ consent before they are able to track their activity across other apps and websites.

Continue reading...

Seeing stones: pandemic reveals Palantir’s troubling reach in Europe

Posted on by

Covid has given Peter Thiel’s secretive US tech company new opportunities to operate in Europe in ways some campaigners find worrying

The 24 March, 2020 will be remembered by some for the news that Prince Charles tested positive for Covid and was isolating in Scotland. In Athens it was memorable as the day the traffic went silent. Twenty-four hours into a hard lockdown, Greeks were acclimatising to a new reality in which they had to send an SMS to the government in order to leave the house. As well as millions of text messages, the Greek government faced extraordinary dilemmas. The European Union’s most vulnerable economy, its oldest population along with Italy, and one of its weakest health systems faced the first wave of a pandemic that overwhelmed richer countries with fewer pensioners and stronger health provision. The carnage in Italy loomed large across the Adriatic.

One Greek who did go into the office that day was Kyriakos Pierrakakis, the minister for digital transformation, whose signature was inked in blue on an agreement with the US technology company, Palantir. The deal, which would not be revealed to the public for another nine months, gave one of the world’s most controversial tech companies access to vast amounts of personal data while offering its software to help Greece weather the Covid storm. The zero-cost agreement was not registered on the public procurement system, neither did the Greek government carry out a data impact assessment – the mandated check to see whether an agreement might violate privacy laws.

Continue reading...