close

privacy

Google Street View fined $2500.00 for showing cleft of Canadian woman

Google Street View fined $2500.00 for showing cleft of Canadian woman

A Canadian court has ruled that Google had invaded the privacy of a Montreal woman by showing her sitting outside of her house with “part of her upper body exposed exposed,” and must pay her compensation. The Quebec Court Judge ordered the Google to pay Maria Pia Grillo $2,250 plus interest and an additional $159 in court costs.

In his judgement which is spread over 17 pages, the Judge held that Maria Pia Grillo had suffered shock and embarrassment when she looked up her house using Google Maps’ Street View feature in 2009 and discovered an image that shows her leaning forward and exposing upper part of her body to the entire world through Google’s Street View feature.

Google Street View had originally snapped Grillo seating in the porch of her house.  The photo was taken by one of Google’s camera equipped cars and was used in Street View feature.  However Google had blurred out her face, the rest of the image was enough identify her.

In its defence, Google agreed to blur out more of the image, but rejected her money claims on the grounds that Grillo was in a public place and, in any case, that there was not a connection between the Street View incident and Grillo’s subsequent emotional troubles.

The judge partly agreed to what the Google said but held that Google was liable for invading her privacy.  He also wondered why Grillo had waited for two years before seeking grievance redressal and held that the Street View image was not linked to her emotional distress as she claimed.

But the judge also rejected Google’s “public place” defense and said people do not forfeit their privacy rights simply by being in a location others can see them.  You can read the judgement below (French)

 

read more

Verizon Wireless tracking on its customers browsing habits

Verizon Wireless tracking on its customers browsing habbits

Verizon Wireless, the United State’s largest telecom operator, has moved into the mobile ad business. They have been serving ads since May 2014.  Whatever Verizon does to earn revenues is nobody’s business but it seems that Verizon is tracking the customer habits to publish their ads.

As per a research published by, Jonathan Mayer, a computer scientist  and lawyer at Stanford, who takes consumer privacy very strongly, Verizon is using the headers in the HTTP section to track its customers and gauge their spending habits.

Verizon Wireless is injecting a unique identifier (UID) into web requests, as data transits the network in each and every customer of Verizon Wireless Network (VZW).  Apparently Verizon is doing this in complete disregard to the federal laws as Verizon Wireless is injecting a UID into all HTTP requests made on the VZW network, regardless of whether or not the customer has opted out of their Customer Proprietary Network Information (CPNI) options.

As per the law only those who have opted for CPNI can be monitored through such methods.  Mayer himself checked out the method of injecting the UID in the header :

On my phone, for example, here’s the extra HTTP header.

X-UIDH: OTgxNTk2NDk0ADJVquRu5NS5+rSbBANlrp+13QL7CXLGsFHpMi4LsUHw

Mayer has made a brief infographic of how he feels the header is working :

verizon_header

In short, Verizon is packaging and selling subscriber information, acting as a data broker on real-time advertising exchanges which is questionable and against the law. By default, the information appears to consist of demographic and geographic segments. If a user has opted into “Verizon Selects,” then Verizon also shares behavioral profiles built by deep packet inspection.

Whatever the merits of Verizon’s new business model, the technical design substantial shortcomings.

  • First, the X-UIDH header functions as a temporary supercookie.
  • Any website can easily track a user, regardless of cookie blocking and other privacy protections.
  • No relationship with Verizon is required.

Second, while Verizon offers privacy settings, they don’t prevent sending the X-UIDH header.  If you have enabled the privacy settings all it does is prevent Verizon from selling information about a user.

Much better designs are possible. Verizon doesn’t need to supercookie its wireless subscribers to sell their advertising segments.6 And it certainly doesn’t need to send a supercookie if a user isn’t participating.

The customers of Verizon are not happy with this illegal monitoring and have been venting their disgust on Twitter

 

https://twitter.com/rammic/status/525360201361530880

An user on YCombinator has said that Verizon Wireless don’t appear to be doing this if you’ve opted out of “Relevant Mobile Advertising”, which is another option [separate from CPNI] on https://verizonwireless.com/myprivacy.
Here’s the setting you’re looking for:

However how far it will got disable the Verizon Wireless UID in headers and help protect Verizon customers privacy can only be answered at later time.  In the meanwhile you can check you UID in the Headers delivered by Verizon Wireless at this site https://uidh.crud.net/ courtexy @j4cob

read more

Whisper the Anonymous messaging App tracking its users

Whisper the Anonymous messaging App tracking its users

Whisper users tracked?

The so called safest place on the internet is reported to have tracked its anonymous users.  Guardian today reported that the anonymous messaging App was not so anonymous at all. In fact, beside gathering data from its users, has also shared on different occasions’ information with the US Department of Defense (DoD), FBI or MI5.

The unique thing about Whisper was that it guaranteed anonymity and privacy to its users. However now it seems that the provider of anonymity itself was gathering and disseminating user information to the law enforcement agencies.

Whisper

The App which was launched amidst much fanfare in March, 2012, claims to deliver message anonymously.  Whisper is a  iOS and Android mobile app which purports to allow users to send messages anonymously, and to receive replies. Users post messages which are displayed as text superimposed over an image, similar to greeting cards.

Currently, users of Whisper are publishing as many as 2.6m messages a day. Facebook is reportedly developing its own Whisper-style app for anonymous publishing. The trend toward anonymity in social media has some privacy experts concerned about security.

“When users have turned off their geolocation services, the company also, on a targeted, case-by-case basis, extracts their rough location from IP data emitted by their smartphone,” the article stated.

The Guardian found that Whisper is gathering location data during partnership talks last month. Whisper also seems to be monitoring specific, targeted individuals, even if they did not provide the Whisper app with permissions to use geolocation.

After it had researched the tracking abilities of Whisper, Guardian approached for comment last week, Whisper said it “does not follow or track users”. The company added that the suggestion it was monitoring people without their consent, in an apparent breach of its own terms of service, was “not true” and “false”.

But on Monday – four days after learning the Guardian intended to publish this story – Whisper rewrote its terms of service; they now explicitly permit the company to establish the broad location of people who have disabled the app’s geolocation feature.

Guardian article says that Whisper has developed an in-house mapping tool that allows its staff to filter and search GPS data, pinpointing messages to within 500 meters of where they were sent. To back its research, Guardian published the below mentioned images which showed the exact location of the sender.

Whisper the Anonymous messaging App tracking its users

Guardians blog states that its research also established the following facts.

  • User data, including Whisper postings that users believe they have deleted, is collated in a searchable database. The company has no access to users’ names or phone numbers, but is storing information about the precise time and approximate location of all previous messages posted through the app. The data, which stretches back to the app’s launch in 2012, is being stored indefinitely, a practice seemingly at odds with Whisper’s stated policy of holding the data only for “a brief period of time”.
  • A team headed by Whisper’s editor-in-chief, Neetzan Zimmerman, is closely monitoring users it believes are potentially newsworthy, delving into the history of their activity on the app and tracking their movements through the mapping tool. Among the many users currently being targeted are military personnel and individuals claiming to work at Yahoo, Disney and on Capitol Hill.
  • Whisper’s policy toward sharing user data with law enforcement has prompted it on occasions to provide information to both the FBI and MI5. Both cases involved potentially imminent threats to life, Whisper said, a practice standard in the tech industry. But privacy experts who reviewed Whisper’s terms of service for the Guardian said the company appeared to require a lower legal threshold for providing user information to authorities than other tech companies.
  • The company is cooperating with the US Department of Defense, sharing information with researchers investigating the frequency of mentions of suicide or self-harm from smartphones that Whisper knows are being used from US military bases. Whisper stressed that “specific user data” is not being shared with the DoD, adding that the company was “proudly working with many organisations to lower suicide rates and the US military is among them”.
  • Whisper is developing a Chinese version of its app, which received a soft-launch earlier this month. Companies like Google, Facebook and Twitter are banned in mainland China. Whisper executives said they had agreed to the demands China places on tech companies operating in its jurisdiction, including a ban on the use of certain words.

Whisper’s CTO Chad DePue refuted The Guardian’s allegations by claiming, “this is really bad reporting.” DePue claims that they only use a service called Maxmind GeoIP database which according to him is highly inaccurate.  “We just don’t have any personally identifiable information. Not name, email, phone number, etc,” DePue added. “I can’t tell you who a user is without them posting their actual personal information, and in that case, it would be a violation of our terms of service.”

However the Guardian article found many backers. Moxie Marlinspike, security researcher and developer behind RedPhone and Signal mobile applications, replied to DePue’s comment: “Based on your own comments here, it sounds like the [Guardian’s] reporting is entirely accurate.”

Buzzfeed, Whispers long standing partner has broken its collaboration deal with Whisper due to the above revelations. Buzzfeed in a statement said that, “We’re taking a break from our partnership until Whisper clarifies to us and its users the policy on user location and privacy.”

You can read the entire Guardian expose on Whisper here

read more

Microsoft’s Windows 10 has permission to watch your every move

Microsoft's Windows 10 has permission to watch your every move

Windows 10 Technical Preview

Microsoft launched its Windows 10 on Tuesday and is giving all members of its Windows Insider Programme a free look see at the new Windows 10.  Microsoft is giving the Windows 10 Technical Preview version as a gesture of openness and willingness to collaborate with developers and users and get their feedback on the ultimate Windows 10 that it may launch by the end of this year.

Backdoor?

As more and more users are jumping the queue to download the Windows 10 through the Windows Insider Program, almost all of them have forgotten to check the Privacy Policy and Terms and Conditions users accept while downloading the Windows 10.  If you study the privacy policy you will be startled at the amount of freedom you are giving Microsoft to spy on you.

“Microsoft collects information about you, your devices, applications and networks, and your use of those devices, applications and networks. Examples of data we collect include your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage.”

The above stuff may or may not be used against any user and forms the standard of any privacy policy by any Applications maker but study a bit further and you may get more and more surprised.  In a way by accepting the Windows 10 Technical Preview installation you are giving Microsoft unhindered access to your behavioural habits

“We may collect information about your device and applications and use it for purposes such as determining or improving compatibility” and “use voice input features like speech-to-text, we may collect voice information and use it for purposes such as improving speech processing.”

In simple words, Windows 10 Technical Preview is a collecting your voice, your chats, and your voice.  Albeit it is doing so with your permission.  The Privacy Policy also goes on to deliver further shocks.

 “If you open a file, we may collect information about the file, the application used to open the file, and how long it takes any use [of] it for purposes such as improving performance, or [if you] enter text, we may collect typed characters, we may collect typed characters and use them for purposes such as improving autocomplete and spell check features.”

The above said input recording methods are a classic keylogger malware features.  In absolute terms you are giving permission for Microsoft to screen your files and keep a log of your keyboard and other inputs.  Renowned Windows blogger Mary Jo Foley recently said, “I’ve heard Microsoft built a new real-time telemetry system codenamed ‘Asimov’ (yes, another Halo-influenced codename) that lets the OS team see in near real-time what’s happening on users’ machines.”

Microsoft has not yet commented on what it do with all the data it will generate from all the Windows 10 Technical Preview users but you are definitely signing on a spyware when you install the Windows 10 on your machine. Still, the service can be protected from WiFi and hacking with VPN for Windows but whether this is enough to offset the amount of data you would give to Microsoft depends largely on the user.

Users rarely read the EULA / Privacy Policy / Terms and Conditions.

It is a fact that 99 people out of 100 users downloading and installing a software rarely read the EULA / Privacy Policy / Terms and Conditions.  To prove this F-Secure, the security blog made a fascinating discovery on how exactly people react to the really dumb privacy policy.  Their second objective was to research on whether people would really sign up for a private open WiFi

They asked Finn Steglich of the German penetration testing company, SySS, to build a WiFi hotspot, take it out on the streets of London, and set it up and wait for folks to connect. With the free service they put up a very outlandish T & C which every user willing to use this free WiFi would have accept. F-Secure blog notes that,

“One of the terms stipulated that the user must give up their firstborn child or most beloved pet in exchange for WiFi use. In the short time the T&C page was active, six people agreed to the outlandish clause.

Herod Clause

The F-Secure experiment proves that humans are fallible to free goodies and would sign up for almost anything once they come to know it is free.  Though F-Secure would never take your first born child or your beloved pet, but technically you did be required to hand over the same once you sign up for the free WiFi.

Ditto for Windows 10 Technical Preview.  Once you sign up for the free download, there is no stopping Microsoft from using your chats, voice scans and other details though it may never use them.  But you have accepted and let them use it!!!

read more

Tor Anonymizer Network says they have unknown spies in NSA and GCHQ who give them information about the hacks being developed by the Government agencies

Tor Anonymizer Network says they have unknown spies in NSA and GCHQ who give them information about the hacks being developed by the Government agencies

It is well known in the tech circles and especially underground forums that the United States National Security Agency (NSA) and the Government Communications HeadQuarters (GCHQ) of United Kingdom are working on  various hacks and flaws in the ‘Dark Web’ Tor Anonymizer Network.  Hacking into the Tor is the easiest way for both the agencies to access the ‘hidden sites’ on the Dark Web. However today, Andrew Lewman of Tor Project said that Tor had anonymous spies in NSA and GCHQ how informed them regularly about the flaws and hacks being detected by NSA and GCHQ to undermine the anonymity of Tor.  
Tor Anonymizer Network says they have unknown spies in NSA and GCHQ who give them information about the hacks being developed by the Government agencies
Lewman made this allegations in an interview given to the BBC. He rather candidly admitted that both NSA and GCHQ had unknown leaks who informed them about the flaws being detected by the snooping agencies. The identity of the leak, which were sent  to the core software team were couldnt be identified due to Tor’s anonymity provisions, Lewman said.  However, Tor immediately worked on the flaws and patched and plugged the leaks.  

“There are plenty of people in both organisations who can anonymously leak data to us to say – maybe you should look here, maybe you should look at this to fix this,” he said. “And they have.


As said above, Lewman is part of a core team of software engineers responsible for the Tor Browser.  Tor, for uninitiated is a anonymizer network browser bundle that allows users to surf the net anonymously without leaving any trace of their internet activity. Tor is very useful for people living in highly censored countries like Iran, Turkey etc. to sidestep the censorship and surf the net without leaving any traces.  But Tor also has a very dark side to it. Due to its anonymity, the software also offer access to otherwise hard-to-reach websites.  Many of these websites are used for illegal purposes like drug trafficking etc.  It is also used by child abusers to post unwanted images which would normally earn them a prison sentence in the civilized world.    These sites are hosted,  far from the prying eyes of normal users, authorities, media etc. and that is the reason why it is called the dark web.
 
In the interview, Lewman said that his organisation received tips from sources embedded in both the security agencies on “probably [a] monthly” basis about bugs and design issues that potentially could compromise the Tor’s anonymity. He also acknowledged that because of the way the Tor Project received such information, he could not prove who had sent it.
 
“It’s a hunch,” he said. “Obviously we are not going to ask for any details. “You have to think about the type of people who would be able to do this and have the expertise and time to read Tor source code from scratch for hours, for weeks, for months, and find and elucidate these super-subtle bugs or other things that they probably don’t get to see in most commercial software.”
 
Lewman assessed that the Tor software group was informed by the spied because of the fact that they (leakers) couldnt be traced. “And the fact that we take a completely anonymous bug report allows them to report to us safely.”
 
He added that he had been told by William Binney, a former NSA official turned whistleblower, that one reason NSA workers might have leaked such information was because many were “upset that they are spying on Americans”.
 
NSA spokesperson gave a curt “We have nothing for you on this one” reply when asked for their comments on Lewman’s allegations.  You can watch the full interview of Andrew Lewman on BBC website here.
read more

‘NSA’ Surveillance-proof Blackphone gets hacked at Def Con 2014 in 5 Minutes

“Nothing is True, Everything is Permitted”– seem familiar with this line? If no, well this is what happened to the so called “Surveillance Proof” Blackphone when it got hacked as soon as it stepped into the Def Con Hacker Conference, 2014, going on in Las Vegas. For those who don’t know what Blackphone is,  it is a collaboration between security firm Silent Circle and Geeksphone to make a smartphone running the firm’s custom PrivatOS, which it touted as “the phone no-one has dared to make yet”.
'NSA' Surveillance-proof Blackphone gets hacked at Def Con 2014 in 5 Minutes
The Blackphone is centered around privacy, and the company is keen to point out that while Google’s Android mobile operating system is at its core, it’s much more secure than the present influx of smartphones running Android. This is fortunate, based on the latest Android security statistics, which reveal that it is the target for 98 percent of all mobile malware.

Hacker Jon “Justin Case” Sawyer, who is known as @TeamAndIRC, claimed to find three vulnerabilities and hack the phone on three separate occasions to gain root access, announcing his findings on Twitter.

“Black phone hack #1, USB debugging/dev menu removed, open via targeted intent”

Blackphone’s CSO Dan Ford responded to @TeamAndIRC in a blog post and said that he didn’t consider the debugging attack to be a vulnerability because the Android Debugging Bridge is part of Android.

“In the final days before manufacture, a bug was found with ADB on the Blackphones which could throw the phone into a boot loop when full device encryption was turned on,” Ford explained.

“Rather than miss the manufacturing window or cause user grief, the developer menu was turned off. Disabling ADB is not a security measure, and was never meant to be?-?it will be returning in an OTA to Blackphone in the future once the boot bug is resolved; the realities of getting a product manufactured and shipped within the available manufacturing window meant a quick fix was needed.”

Ford added that no root or other privilege escalation was required in order to perform this.
But @TeamAndIRC went ahead and did it again via what he claimed was a “remotewipe app” running as system, which he said “is debuggable, attach debugger get free system shell”.

However, Blackphone insisted that the hacks @TeamAndIRC found require user consent, as the vulnerabilities he found are not exploitable via a drive-by-download or other remote activities and will further require intentional user interaction.

“We are under the impression that this vulnerability affects many OEMs and not just Blackphone. When the vulnerability becomes public, we will implement the fix faster than any other OEM,” Ford responded.

“This would mean the user lost physical control of their Blackphone or they wanted to walk around with an exploitable smartphone. Nonetheless, we have a vulnerability and it is important to Blackphone to resolve this vulnerability fast.”

The third and final vulnerability @TeamAndIRC found he was not willing to discuss, but described it as “system user to root, many available”.

“I would like to thank him for not blowing the issue out of proportion and going back to the twittersphere for a little more transparency by explaining that direct user interaction is required and that we had already patched one of the vulnerabilities through the OTA update,” Ford added.

As a fun fact when someone from the Blackphone’s table handed him a T-Shirt(as they don’t have Bug Bounty Program) for the hacks he reported Sawyer refused to take the shirt and said he already got a T-shirt when he bought the phone and modified it with his own message.
 “The shirt was the most impressive part of the hack, considering I had it made in minutes,” Sawyer said. When Ford saw the shirt, Sawyer recounted, he laughed.
read more

Tor Anonymizer Project co-creator agrees that there is a bug in Tor and is working on rectifying it

Earlier this month two security researchers, Alexander Volynkin and Michael McCord had announced plans to reveal a way to de-anonymize users of Tor. The two security experts from Carnegie Mellon University’s computer emergency response team (Cert) were to reveal their findings at the Black Hat conference in Las Vegas in August 2014.  Basically Tor is build around the concept of anonymizing users so that the end landing page doesnt know where the request for that particular page has been initiated from.  If Volynkin and McCord had been proved right, it would have meant the death of anonymity for Tor users.   Both Volynkin and McCord were barred from further divulging the information about the research they had undertaken.
Tor Anonymizer Project co-creator agrees that there is a bug in Tor and is working on rectifying it
Now in a surprising twist, the co-creator of a system today agreed that there was indeed a bug in the Tor Anonymizer Network and  he is tackling the “bug” that threatened to undermine the facility. Roger Dingledine, one of Tor’s creators, subsequently posted a message to a mailing list confirming about the bug.  He added that the Tor Project had been informally shown what the two researchers were to divulge at the conference and he was taking action to tackle it. 

“I think I have a handle on what they did, and how to fix it,” he added in a follow-up post. “We’ve been trying to find delicate ways to explain that we think we know what they did, but also it sure would have been smoother if they’d opted to tell us everything. Based on our current plans, we’ll be putting out a fix that relays can apply that should close the particular bug they found. The bug is a nice bug, but it isn’t the end of the world.”

For the uninitiated the Tor (the onion router) network was built to allow people to visit webpages without being tracked and to publish sites whose contents would not show up in search engines.  It works on a simple principle of adding multiple layers of anonymizers in between the request and the landing page so that both dont know which had done what. 

Regarding the research papers to be published at the August Black Hat conference, a notice has been put up on the event’s website now states that the organisers had been contacted by the university’s lawyers to say the talk had been called off.

“Unfortunately, Mr Volynkin will not be able to speak at the conference since the materials that he would be speaking about have not yet [been] approved by Carnegie Mellon University/Software Engineering Institute for public release,” the message said.
read more

NSA workers often pass your NSFW photos around the office : latest Snowden leaks

How would you like your personal images taken infinite confidence for your partners eyes only are being seen and passed over to other employees of NSA.  In a shocking revelation, 31-year-old former US National Security Agency (NSA) contractor Edward Snowden has warned that during the global surveillance programs initiated by NSA, the NSA system administrators also intercepted and routinely passed the personal photos of people in “sexually compromising” situations among other NSA employees.

NSA workers often pass your nude photos around the office : latest Snowden leaks
The situation is similar to what you receive on your FB or WhatsApp/SnapChat chat.  When you find a good image, you often forward it to your friends.  Only in this case the images procured by the NSA were illegal and taken without the knowledge of the victims.  Passing such images which were often poses of victims compromising positions to other individuals is beyond morality and comprehension.
 
Snowden made this relevation in a video interview with the Guardian editor-in-chief Alan Rusbridger and reporter Ewen MacAskill in Moscow, which was then published by the Guardian on Thursday.  As per Edward Snowden, NSA employees regularly pass around intimate NSFW images that are intercepted, along with endless amounts of other data, as part of the US government’s vast surveillance efforts. 
 
Snowden made the claims during a seven-hour interview with The Guardian.  In the interview when he was asked about specific instances of power abuse he’d observed during his time as an NSA contractor. “You’ve got young enlisted guys, 18 to 22 years old. They’ve suddenly been thrust into a position of extraordinary responsibility where they now have access to all of your private records.
 
“THESE ARE SEEN AS SORT OF THE FRINGE BENEFITS OF SURVEILLANCE POSITIONS.”
 
Snowden told the interviewers that these individuals often “stumble across something that is completely unrelated to their work” — like a personal photo of someone in “a sexually compromising situation.” If the subject proves attractive enough, these workers are all too eager to let others in on the fun. “So what do they do? They turn around in their chair and they show their coworker.” That sets off a chain where the most raw and private types of content — assumed to be part of a private conversation — become water cooler topics at NSA HQ. “Sooner or later, this person’s whole life has been seen by all these people. It’s never reported. Nobody ever knows about it because the auditing of these systems is incredibly weak.” 
 
That NSA snoops on private individuals under the garb of national security is now well known but to deny the above allegations from Snowden, the NSA honchos will have build a huge cover up story to cover their employees misadventures. Because it would be impossible to deny the sexting part of the surveillance as it was done in private and there no security checks or an audit program in place.
read more

Vodafone network a listening post for government agencies all over the world

Vodafone, the world premier mobile services provider today dropped a bombshell information.  It today revealed the existence of secret wires that allow government agencies to listen to all conversations on its networks.  The company which is at number one position in most of the countries it operates, by subscriber numbers today said that these wiretaps had been widely used in as many as 29 countries it has its footprint in.  The government agencies in these 29 countries used this secret wire taps to listen to the communications between unsuspecting victims of this massive secret surveillance campaign.
Vodafone network a listening post for government agencies all over the world
It is not known why Vodafone chose to reveal this information at a critical juncture but some reports indicate that Vodafone may have been pushed into a corner into revealing this information due to the systematic pressure applied by different agencies in different countries to let it tap into communications on its network.  It said that it will publish its first Law Enforcement Disclosure Report on Friday. The report which is said to be about 40,000 words long will reveal how different governments monitor the conversations and whereabouts of their people.

The company said that the secret wires were connected directly to its network as well as those of many other telecom groups.  This secret wires allowed the government agencies to listen to or record live conversations between the unsuspecting victims and also allowed them to track the whereabouts of a customer without requiring any assistance/permission of Vodafone. World’s anti snooping and privacy campaigners said the revelations were a “nightmare scenario”  They also said that Vodafone has revealed that, which was known and spoken about in the forums but the extent of this wire taps surprised even them.

Vodafone is the premier mobile service provider in Europe, Americas, Russia, China, India and many other countries.  The image given below shows how large the Vodafone footprint is.
As per the report, Vodafone cannot make disclosures in Albania, Egypt, Hungary, India, Malta, Qatar, Romania, South Africa and Turkey as it is unlawful to disclose any information related to wiretapping or interception of the content of phone calls and messages but Vodafone will make full disclosures about the wire taps in Europe. 
“For governments to access phone calls at the flick of a switch is unprecedented and terrifying,” said the Liberty director, Shami Chakrabarti. “[Edward] Snowden revealed the internet was already treated as fair game. Bluster that all is well is wearing pretty thin – our analogue laws need a digital overhaul.”

This revelations will be the second bombshell after the Snowden leaks of June 2013, which provide the insights into how different governments treat snooping and wiretaps as a necessary government policy to keep track on its citizens.
read more

Google does a policy U-turn, halts student Gmail scanning for advertisement

Google today announced that it has stopped scanning millions of Gmail accounts linked to an educational scheme called Google Apps for Education (GAE).  The students who registered with gmail for Google Apps for Education had their emails scanned and ads served based on their email reading habits.  This email scanning cum advertisement serving has been targeted by many pro privacy activists around the world.  
Google does a policy U-turn,  halts student Gmail scanning for advertisement
Though it is not known exactly from which date Google has stopped scanning the student emails linked to the GAE accounts, it is known that the policy U-Turn from Google is due to the reports of that some these student email scans in the United States may have breached the US privacy law.  

As per the terms and conditions updated last month, Google was to continue service such targeted ads, “Our automated systems analyse your content (including emails) to provide you personally-relevant product features, such as customised search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored,” the terms read.

However Google had been fighting against odds to scan student emails and serve ads after it has already been sued in this matter by two students in California.  Commenting on the above, Education Week website said this data-mining activity might place the firm in breach of the US Family Educational Rights and Privacy Act.

As of now Google has more than 30 million students, teachers and administrators registered under the Google Apps for Education (GAE) initiative.  This move will mean that it will no longer scan these emails and serve ads.  

The GAE initiative provides teachers and students with access to free apps and storage, as well as customised @schoolname.edu email addresses.  The University of Westminster, the University of St Andrews and Southampton’s Oakwood Junior School, Nigeria’s Ladoke Akintola University of Technology and the American University in Cairo are its top clients.  

Bram Bout, Google for Eduction director said on its blog post “We’ve permanently removed all ads scanning in Gmail for Apps for Education, which means Google cannot collect or use student data in Apps for Education services for advertising purposes.”   The blog also added a similar scheme would be implement for current and legacy users of Google’s Apps for Government and Apps for Business services.

However, other Gmail users will still have their accounts scanned and ads served unless the users opt out.
read more