2020–present

Halfway through the second decade of the smartphone era, it’s now a “Privacy is important” period, as most people are starting to pay far more attention to such concerns than they did before. The change is partially due to the flood of news about privacy violations, starting with reports about unprecedented government access to personal data and moving on to the weaponization of data against individuals.

• 2020: A Wall Street Journal article (subscription required) sheds light on US government purchases of location data collected from apps for use in Department of Homeland Security immigration enforcement; a later investigation by the American Civil Liberties Union would detail the massive scope of this collection. It’s quickly revealed that other agencies are engaging in similar practices, including the Internal Revenue Service (as reported in The Wall Street Journal), the Drug Enforcement Administration, the Centers for Disease Control and Prevention, and the Defense Intelligence Agency. In addition, Vice reports that the US military is purchasing data from a Muslim-prayer app.

• 2020: Android 11 adds one-time permissions, mic and camera indicators, and, most notably, an auto-reset feature that revokes permissions for apps you haven’t opened in a while. iOS doesn’t offer a similar feature.

• 2020 and 2021: Apple launches privacy labels and the App Tracking Transparency feature, which shifts to an opt-in model for advertising tracking. These changes seem to have an impact on the ad-tracking industry, and Facebook predicts a $10 billion hit to its 2022 earnings.

• 2021: A Catholic news outlet obtains location data from the queer-dating app Grindr and uses it to out a priest, forcing him to resign. This is one of the clearest examples we can find of the weaponization of data against a specific person.

• 2022: Google launches its own privacy labels for Google Play, as well as the ability to block some ad tracking on Android.

• 2022: The United States Supreme Court overturns Roe v. Wade, the 1973 decision that previously guaranteed a constitutional right to abortion access; a call on social media to “delete your period-tracking app” quickly follows. Although there is genuine concern surrounding the privacy practices of some of these apps, another major worry mirrors that affecting other apps: They could collect and sell personally identifying location information (including visits to abortion clinics, as The Wall Street Journal reports).

Of course, the past 15 years haven’t been filled with mobile-app controversies exclusively. This decade and a half has seen Facebook gobbling up WhatsApp and Instagram, Google buying Waze, YouTube, and dozens of ad-tech companies, and countless stories of big-tech companies sidestepping privacy rules, cellular carriers repeatedly sharing customer data, and military spyware being installed on thousands of phones. And that’s not even touching on other impactful privacy violations such as the Facebook and Cambridge Analytica scandal or the simple fact that every company appears to be an ad company now.

It’s all, well, a lot.

Credit: Thorin Klosowski for NYTimes/Wirecutter

Link: https://www.nytimes.com/wirecutter/blog/protect-your-privacy-in-mobile-phones/

Biometric identification uses a person’s physical characteristics to identify them. Biometric identification is uniquely powerful because we often leave traces or expose biometric data when in public spaces, it is personally identifiable information, and it uses features that individuals generally cannot change to avoid surveillance. Biometric identifiers include:

• Face prints

• Fingerprints

• Palm prints

• Walking patterns (i.e. gait recognition)

• Iris features

• Voice prints

• DNA

Facial recognition is distinctly dangerous because it is a keystone technology in 21st century mass surveillance. Facial recognition uses algorithms to match a picture of an unknown individual to a gallery of identified images based on facial features like the distance between a person’s eyes. The proliferation of available digital images created by security cameras, added online via social media, or collected by the government for routine purposes (e.g. passport photo) has created a wealth of data to use for face surveillance. And there is a lack of legal protections against the use of images for facial recognition. The result is that the images used to create the underlying algorithms and databases are often collected surreptitiously and without consent.

Facial recognition makes it easy to identify anyone at any time without their consent and even without their knowledge to track the movements of that person or connect that person to the copious amounts of information collected by the government and private sector. The technology also greatly increases the ability to conduct mass surveillance of large crowds. The dangers of facial recognition are growing as its uses expand.

Facial recognition can be used in almost every dimension of life, from banking and commerce to transportation and communications. Law enforcement use of facial recognition is particularly dangerous because it exacerbates protest policing and political repression, over-policing of minority communities, and risk of wrongful identification and wrongful arrest. Commercial facial recognition products are often used by law enforcement, blurring the line between corporations and the government. Clearview AI, for example, stole billions of images from social media sites and built a powerful facial recognition system off those images it sells law enforcement access to.

Credit: Electronic Privacy Information Center

Link: https://epic.org/issues/surveillance-oversight/face-surveillance/