RadioShack Plans To Sell Customer Data

RadioShack plans to keep moving forward with its plan to sell its customer data, despite opposition from a number of states.

The company has asked a bankruptcy court for approval for a second auction of its assets, which includes the consumer data.

The state of Texas, which is leading the action by the states, opposed the sale of personally identifiable information (PII), citing the online and in-store privacy policies of the bankrupt consumer electronics retailer.

The state claimed that it found from a RadioShack deposition that the personal information of 117 million customers could be involved. But it learned later from testimony in court that the number of customer files offered for sale might be reduced to around 67 million.

In the first round of the sale, RadioShack sold about 1,700 stores to hedge fund Standard General, which entered into an agreement to set up 1,435 of these as co-branded stores with wireless operator Sprint. Some other assets were also sold in the auction.

The sale of customer data, including PII, was withdrawn from the previous auction, though RadioShack did not rule out that it could be put up for sale at a later date.

The case could have privacy implications for the tech industry as it could set a precedent, for example, for large Internet companies holding consumer data, if they happen to go bankrupt.

Texas has asked the U.S. Bankruptcy Court for the District of Delaware for a case management order to ensure that in any motion for sale of the PII, RadioShack should be required to provide information on the kind of personal data that is up for sale and the number of customers that will be affected.

On Monday, Texas asked the court that its motion be heard ahead of RadioShack’s motion for approval to auction more assets.

The court had ordered in March the appointment of a consumer privacy ombudsman in connection with the potential sale of the consumer data including PII. RadioShack said in a filing Friday that it intends to continue working with the ombudsman and the states with regard to any potential sale of PII, but did not provide details.

Source

Twitter To Track Mobile Users

Twitter Inc has plans to start tracking what third-party apps are installed on users’ mobile devices so the social media company can deliver more tailored content, including ads, the company has revealed.

The feature, called “app graph,” will allow the company to see what other applications users may have installed on phones or other devices.

“To help build a more personal Twitter experience for you, we are collecting and occasionally updating the list of apps installed on your mobile device so we can deliver tailored content that you might be interested in,” the company said on its site.

The posting also included instructions on how to turn the feature off. Twitter is not collecting data from within the applications, the posting noted.

Twitter, whose main service allows users to broadcast 140-character messages, has been searching for ways to re-invigorate user engagement and drive growth. As part of that effort, the company is considering creating additional mobile applications beyond its core messaging service.

Source

Should Encryption Be The Norm?

Encryption should be a matter of priority and used by default. That’s the message from the Internet Architecture Board (IAB), the worldwide body in charge of the internet’s technology infrastructure.

The IAB warned in a statement that “the capabilities and activities of attackers are greater and more pervasive than previously known”.

It goes on to say: “The IAB urges protocol designers to design for confidential operation by default. We strongly encourage developers to include encryption in their implementations, and to make them encrypted by default.

“We similarly encourage network and service operators to deploy encryption where it is not yet deployed, and we urge firewall policy administrators to permit encrypted traffic.”

The purpose, the IAB claims, is to instill public trust in the internet after the myriad high-profile cases in which computer traffic has been intercepted, ranging from bank details to email addresses and all points in between.

The news will be unwelcome to the security services, which have repeatedly objected to initiatives such as the default encryption in iOS8 and Android L, claiming that it is in the interest of the population to retain the right to intercept data for the prevention of terrorism.

However, leaked information, mostly from files appropriated by rogue NSA contractor Edward Snowden, suggests that the right of information interception is abused by security services including the UK’s GCHQ.

These allegations include the collection of irrelevant data, the investigation of cold cases not in the public interest, and the passing of pictures of nude ladies to colleagues.

Source

Adobe Eases Privacy Concerns

Tests on the latest version of Adobe System’s e-reader software reveals the company is now collecting less data following a privacy-related row last month, according to the Electronic Frontier Foundation.

Digital Editions version 4.0.1 appears to only collect data on e-books that have DRM (Digital Rights Management), wrote Cooper Quintin, a staff technologist with the EFF. DRM places restrictions on how content can be used with the intent of thwarting piracy.

Adobe was criticized in early October after it was discovered Digital Editions collected metadata about e-books on a device, even if the e-books did not have DRM. Those logs were also sent to Adobe in plain text.

Since that data was not encrypted, critics including the EFF contended it posed major privacy risks for users. For example, plain text content could be intercepted by an interloper from a user who is on the same public Wi-Fi network.

Adobe said on Oct. 23 it fixed the issues in 4.0.1, saying it would not collect data on e-books without DRM and encrypt data that is transmitted back to the company.

Quintin wrote the EFF’s latest test showed the “only time we saw data going back to an Adobe server was when an e-book with DRM was opened for the first time. This data is most likely being sent back for DRM verification purposes, and it is being sent over HTTPS.”

If an e-book has DRM, Adobe may record how long a person reads it or the percentage of the content that is read, which is used for “metered” pricing models.

Other technical metrics are also collected, such as the IP address of the device downloading a book, a unique ID assigned to the specific applications being used at the time and a unique ID for the device, according to Adobe.

Source

Will Facebook Enter The Healthcare Arena?

Facebook Inc already can tell who your friends are and the what types of things grabs your attention. Soon, it could also know the state of your health.

On the heels of fellow Silicon Valley technology companies Apple Inc and Google Inc, Facebook is plotting its first steps into the fertile field of healthcare, said three people familiar with the matter. The people requested anonymity as the plans are still in development.

The company is exploring creating online “support communities” that would connect Facebook users suffering from various ailments. A small team is also considering new “preventative care” applications that would help people improve their lifestyles.

In recent months, the sources said, the social networking giant has been holding meetings with medical industry experts and entrepreneurs, and is setting up a research and development unit to test new health apps. Facebook is still in the idea-gathering stage, the people said.

Healthcare has historically been an area of interest for Facebook, but it has taken a backseat to more pressing products.

Recently, Facebook executives have come to realize that healthcare might work as a tool to increase engagement with the site.

One catalyst: the unexpected success of Facebook’s “organ-donor status initiative,” introduced in 2012. The day that Facebook altered profile pages to allow members to specify their organ donor-status, 13,054 people registered to be organ donors online in the United States, a 21 fold increase over the daily average of 616 registrations, according to a June 2013 study published in the American Journal of Transplantation.

Separately, Facebook product teams noticed that people with chronic ailments such as diabetes would search the social networking site for advice, said one former Facebook insider. In addition, the proliferation of patient networks such as PatientsLikeMe demonstrate that people are increasingly comfortable sharing symptoms and treatment experiences online.

Chief executive Mark Zuckerberg may step up his personal involvement in health. Zuckerberg and his wife Priscilla Chan, a pediatric resident at University of California San Francisco, recently donated $5 million to the Ravenswood Health Center in East Palo Alto.

Any advertising built around the health initiatives would not be as targeted as it could be on television or other media. Pharmaceutical companies, for instance, are prohibited from using Facebook to promote the sale of prescription drugs, in part because of concerns surrounding disclosures.

Source

Salesforce Goes Healthcare

Salesforce Inc, one of the first cloud-computing companies, is turning its focus towards healthcare with new software and services aimed at the largest hospitals.

Salesforce has announced a strategic alliance with Amsterdam-based medical technology company Philips, which it envisions as the first of many partnerships. These companies will announce two new medical applications later in the summer, called Philips eCareCoordinator and Philips eCare Companion.

The software is designed to improve health and cut costs. The apps are intended to be used by physicians to monitor chronically ill patients between doctor visits.

Salesforce said the goal is to make it easier for hospitals to collect and analyze data from medical devices, which patients with chronic conditions often use at home.

“In the United States, care providers are facing increasing demands and decreasing reimbursement,” said Michael Peachey, a senior director of solutions and product marketing at Salesforce.

“We want to improve efficiency for physicians by transmitting patient data in real time.”

Peachey said the Salesforce software meets security and privacy rules under the Health Insurance Portability and Accountability Act, known as HIPAA.

In the short term, Peachey said Salesforce intends to develop additional apps with other partners to help doctors and nurses monitor patients from the comfort of their homes.

“It’s an open platform,” he said.

Source

Lavaboom Offers To Encrypt

A new webmail service named Lavaboom promises to provide easy-to-use email encryption without ever learning its users’ private encryption keys or message contents.

Lavaboom, based in Germany and founded by Felix MA1/4ller-Irion, is named after Lavabit, the now defunct encrypted email provider believed to have been used by former NSA contractor Edward Snowden. Lavabit decided to shut down its operations in August in response to a U.S. government request for its SSL private key that would have allowed the government to decrypt all user emails.

Lavaboom designed its system for end-to-end encryption, meaning that only users will be in possession of the secret keys needed to decrypt the messages they receive from others. The service will only act as a carrier for already encrypted emails.

Lavaboom calls this feature “zero-knowledge privacy” and implemented it in a way that allows emails to be encrypted and decrypted locally using JavaScript code inside users’ browsers instead of its own servers.

The goal of this implementation is to protect against upstream interception of email traffic as it travels over the Internet and to prevent Lavaboom to produce plain text emails or encryption keys if the government requests them. While this would protect against some passive data collection efforts by intelligence agencies like the NSA, it probably won’t protect against other attack techniques and exploits that such agencies have at their disposal to obtain data from computers and browsers after it was decrypted.

Security researchers have yet to weigh in on the strength of Lavaboom’s implementation. The service said on its website that it considers making parts of the code open source and that it has a small budget for security audits if any researchers are interested.

Those interested in trying out the service can request to be included in its beta testing period, scheduled to start in about two weeks.

Free Lavaboom accounts will come with 250MB of storage space and will use two-way authentication based on the public-private keypair and a password. A premium subscription will cost a!8 (around US$11) per month and will provide users with 1GB of storage space and a three-factor authentication option.

Source

Web Pioneer Calls For Bill of Rights

The inventor of the world wide web, Tim Berners-Lee, voiced his support for bill of rights to protect freedom of speech on the Internet and users’ rights after leaks about government surveillance of online activity.

25 years since the London-born computer scientist invented the web, Berners-Lee said there was a need for a charter like England’s historic Magna Carta to help guarantee fundamental principles online.

Web privacy and freedom have come under scrutiny since former U.S. National Security Agency contractor Edward Snowden last year leaked a raft of secret documents revealing a vast U.S. government system for monitoring phone and Internet data.

Accusations that NSA was mining personal data of users of Google, Facebook, Skype and other U.S. companies prompted President Barack Obama to announce reforms in January to scale back the NSA program and ban eavesdropping on the leaders of close friends and allies of the United States.

Berners-Lee said it was time for a communal decision as he warned that growing surveillance and censorship, in countries such as China, threatened the future of democracy.

“Are we going to continue on the road and just allow the governments to do more and more and more control – more and more surveillance?” he told BBC Radio on Wednesday.

“Or are we going to set up something like a Magna Carta for the world wide web and say, actually, now it’s so important, so much part of our lives, that it becomes on a level with human rights?” he said, referring to the 1215 English charter.

While acknowledging the state needed the power to tackle criminals using the Internet, he has called for greater oversight over spy agencies such Britain’s GCHQ and the NSA, and over any organizations collecting data on private individuals.

He has previously spoken in support of Snowden, saying his actions were “in the public interest”.

Berners-Lee and the World Wide Web Consortium, a global community with a mission to lead the web to its full potential, have launched a year of action for a campaign called the Web We Want, urging people to push for an Internet “bill of rights” for every country.

Source

NSA Developing System To Crack Encryption

The U.S. National Security Agency is working to develop a computer that could ultimately break most encryption programs, whether they are used to protect other nations’ spying programs or consumers’ bank accounts, according to a report by the Washington Post.

The report, which the newspaper said was based on documents leaked by former NSA contractor Edward Snowden, comes amid continuing controversy over the spy agency’s program to collect the phone records Internet communications of private citizens.

In its report, The Washington Post said that the NSA is trying to develop a so-called “quantum computer” that could be used to break encryption codes used to cloak sensitive information.

Such a computer, which would be able to perform several calculations at once instead of in a single stream, could take years to develop, the newspaper said. In addition to being able to break through the cloaks meant to protect private data, such a computer would have implications for such fields as medicine, the newspaper reported.

The research is part of a $79.7 million research program called “Penetrating Hard Targets,” the newspaper said. Other, non-governmental researchers are also trying to develop quantum computers, and it is not clear whether the NSA program lags the private efforts or is ahead of them.

Snowden, living in Russia with temporary asylum, last year leaked documents he collected while working for the NSA. The United States has charged him with espionage, and more charges could follow.

His disclosures have sparked a debate over how much leeway to give the U.S. government in gathering information to protect Americans from terrorism, and have prompted numerous lawsuits.

Last week, a federal judge ruled that the NSA’s collection of phone call records is lawful, while another judge earlier in December questioned the program’s constitutionality. The issue is now more likely to move before the U.S. Supreme Court.

On Thursday, the editorial board of the New York Times said that the U.S. government should grant Snowden clemency or a plea bargain, given the public value of revelations over the National Security Agency’s vast spying programs.

Source

Is Skype Involved In Spying?

Luxembourg’s data protection authority is investigating Microsoft-owned Skype for its alleged cooperation with the U.S. NSA’s Prism spying program, according to the agency.

Luxembourg’s data protection authority, CNPD, is investigating Skype’s links to NSA spying programs after receiving several complaints, said Tom Kayser, a spokesman for the authority. “I can’t really talk about the details of the investigation because it is still ongoing,” he said.

Skype, which has its European headquarters in Luxembourg, allegedly cooperates with the NSA through a program exploring the legal and technical issues involved in making customer calls available to intelligence and law enforcement agencies. The Guardian newspaper first reported the investigation.

The CNPD has powers to ensure that multinational companies based in Luxembourg respect national law, and often receives complaints from the data protection authorities of other European Union member states.

Privacy campaign group Europe-v-Facebook filed one of the complaints in June. That filing was part of a barrage of complaints filed in various countries against European subsidiaries of tech companies that are allegedly involved in the NSA’s spying program, including Facebook, Apple, Microsoft and Yahoo.

Under Luxembourg data protection law service providers and operators are required to ensure the confidentiality of communications and related traffic data.

“No person other than the user concerned may listen to, tap or store communications or the traffic data relating thereto, or engage in any other kinds of interception or surveillance thereof, without the consent of the user concerned,” reads the law’s unofficial English translation.

Violators can face up to a year in prison and/or a fine up to a!125,000 ($170,000). The court dealing with the matter can also order companies like Skype to stop any processing that conflicts with the law on pain of a periodic monetary penalty determined by the court.

“We regularly engage in a dialogue with data protection authorities around the world and are always happy to answer their questions,” a Microsoft spokeswoman said in an email. “It has been previously widely reported that the Luxembourg DPA was one of the DPA’s that received complaints from the ‘Europe v Facebook’ group so we’re happy to answer any questions they may have.”

Source

« Previous Page — Next Page »