All Data privacy stories

Government wants access to personal data while it pushes privacy

Illustration: Aïda Amer/Axios

Over the past two years, the U.S. government has tried to rein in how major tech companies use the personal data they've gathered on their customers. At the same time, government agencies are themselves seeking to harness those troves of data.

Why it matters: Tech platforms use personal information to target ads, whereas the government can use it to prevent and solve crimes, deliver benefits to citizens — or (illegally) target political dissent.

Study: Porn sites secretly track users

Photo: Thomas Jackson/Getty Images

A new study analyzed over 22,000 pornography sites, finding that 93% were sharing user data with at least 1 third party tracker.

Why it matters: Researchers said there needs to be "affirmative consent in all types of sexual activity." Sharing this type of private information can be invasive for users, with some sites' URLs indicating "specific gender and/or sexual preference, identity, or interest."

Facebook's privacy-scandal Groundhog Day

Photo: John Tlumacki/The Boston Globe via Getty Images

Tuesday's news (via Bloomberg) that Facebook had contractors listen to users' private recorded messages to provide transcription quality control was hardly surprising.

The big picture: Google and Apple had been doing the same thing until a couple of weeks ago, when they stopped after reports surfaced in public. In fact, Facebook says it stopped the practice when its rivals did, as well. What's surprising is how little Facebook's playbook around privacy violations has changed, even after 18 months of controversy and a recent $5 billion settlement over the issue with the Federal Trade Commission.

Facebook contractors transcribed voice messages

Facebook has paid outside contractors to transcribe some users' voice messages, Bloomberg's Sarah Frier reported.

Why it matters: Earlier this month both Apple and Google suspended similar programs aimed at providing quality control for automated voice transcription services, and Facebook says it has done the same. But Facebook's long record of privacy problems, culminating in a recent $5 billion settlement with the Federal Trade Commission, means that every misstep it makes in this area further frays public trust.

Face-aging app rejuvenates old privacy questions

Screenshot of FaceApp on the Google Play store

A viral photo-filter app that lets people see older versions of themselves is highlighting concerns about handing personal information to overseas-developed apps, as well as any app that has vague privacy policies.

What's new: FaceApp, which has gone viral before, has re-emerged as the most popular iPhone app as people flock to post their digitally aged selves on social media. The app, owned by Russia's Wireless Lab, has risen to the top of Apple's App Store and #FaceAppChallenge has exploded on social media.

Jul 11, 2019 - Technology

Hacking the vulnerabilities in privacy laws

Photo: Valery Brozhinsky/Getty Images

A researcher has demonstrated how to exploit Europe's privacy protection laws to violate other people's privacy — and new privacy rules on the way in the U.S. could be vulnerable in the same way.

The state of play: Privacy laws, including Europe's mammoth General Data Protection Regulation (GDPR) and California's recently passed regulations, often include provisions to allow people to request the personal information that companies have compiled on them.

Ina Fried, author of Login
Jul 10, 2019 - Technology

Why privacy still comes second for tech firms

While tech firms talk more about protecting personal information than they once did, a pair of recent controversies highlight the industry's longstanding habit of prioritizing convenience and new features over users' privacy.

Driving the news: Zoom, the popular video conferencing service, confirmed a researcher's finding that it installs a hidden Web server on Macs, speeding up the process for launching a video chat. Rather than apologize, the company initially defended the decision in a blog post, though it largely reversed course after significant outcry.

Email app's tracking tool raises privacy alarm

Email management app Superhuman made headlines last week for raising new venture capital, but now the by-invitation-only service has come under fire for its privacy practices around the use of pixel tracking.

The big picture: Pixel tracking allows senders to track emails by forcing a recipient to download a tiny, invisible graphic file when they open the message, explains Axios’ Joe Uchill. Once the image file is downloaded, the sender knows their email was opened — and can also harvest a slew of additional information about the reader. 

  • In the case of Superhuman, which aims to streamline inbox work for heavy email users, that includes location data about each time a recipient opened a message. (Update: Superhuman has removed location data following the controversy. More below.)
  • As Mike Davidson, former VP of design for Twitter, put it in a widely read critique, "Superhuman teaches its user to surveil by default."

The controversy centers on a persistent question that faces technology users: Are you okay with trading some (or all) of your privacy in exchange for services that are more convenient, better personalized, and less expensive? 

  • Per an IBM survey, 71% of people said it’s worth giving up privacy for the benefits of tech. And while 81% said they’re concerned about how their data is used, only 45% have actually changed settings in an app, and a mere 16% have stopped using a tool because of data misuse. 

Yes, but: In the case of Superhuman and email pixel tracking, the privacy equation is different. 

  • Pixel tracking is common in some apps, but it's usually a feature that users have to turn on.
  • With Superhuman, users are collecting information by default on the people to whom they're sending email messages, without alerting or warning those people.

Between the lines: Email has evolved its own cultural expectations, and Superhuman looks like it's pushing beyond some people's comfort zone.

  • Subscribers to email content and newsletters (even from Axios), particularly those containing ads, may be aware that the sender is tracking them for business purposes.
  • Many understand that sales inquiries are carefully monitored, too — pixel tracking is a basic feature in virtually all email tools for sales and marketing. 
  • But what about messages from friends, family, acquaintances, former romantic partners? Arguably, that’s where the expectation is different.
  • “Read receipt” functions in apps like iMessage are turned off by default, and it’s up to the recipient to decide whether to enable them.
  • Yes, email recipients can disable image downloading, which foils pixel tracking, but that also strips much of the look and feel of modern email use.

The bottom line: If Superhuman's aggressive push to spread pixel-tracking into new spheres doesn't spark significant public outcry, it could establish a new norm.

Go deeper: How email open tracking quietly took over the web (Wired)

Update: Following the controversy, Superhuman CEO Rahul Vohra announced that the company was immediately removing location tracking (and deleting the data), turning off the email tracking feature by default, and will build a feature to disable remote images.

Erica Pandey, author of @Work
Jun 29, 2019 - Technology

Cities are the new data guzzlers

Illustration: Rebecca Zisser/Axios

From getting a license to paying taxes, we routinely give cities granular data on who we are, where we live, what we do and how much we earn.

Why it matters: “City Hall has a treasure trove of information about you,” says Ann Cavoukian, a privacy expert at Ryerson University. “You have no choice but to give them information.”

Jun 27, 2019 - Technology

High-profile attempt to write a national privacy law snags

Photo: Bill Clark/CQ Roll Call

Concerns about how a possible bipartisan privacy bill in the Senate is being negotiated have complicated talks in recent days, according to multiple people familiar with the matter.

Why it matters: The talks between six members of the Senate Commerce Committee are seen as one of the more serious efforts to create a national privacy law that can address consumer concerns about data collection by companies like Google and Facebook.