Link: I Gave a Bounty Hunter $300. Then He Located Our Phone

Motherboard: I Gave a Bounty Hunter $300. Then He Located Our Phone

Motherboard’s investigation shows just how exposed mobile networks and the data they generate are, leaving them open to surveillance by ordinary citizens, stalkers, and criminals, and comes as media and policy makers are paying more attention than ever to how location and other sensitive data is collected and sold. The investigation also shows that a wide variety of companies can access cell phone location data, and that the information trickles down from cell phone providers to a wide array of smaller players, who don’t necessarily have the correct safeguards in place to protect that data.

“People are reselling to the wrong people,” the bail industry source who flagged the company to Motherboard said. Motherboard granted the source and others in this story anonymity to talk more candidly about a controversial surveillance capability.

Your mobile phone is constantly communicating with nearby cell phone towers, so your telecom provider knows where to route calls and texts. From this, telecom companies also work out the phone’s approximate location based on its proximity to those towers. 

Although many users may be unaware of the practice, telecom companies in the United States sell access to their customers’ location data to other companies, called location aggregators, who then sell it to specific clients and industries. Last year, one location aggregator called LocationSmart faced harsh criticism for selling data that ultimately ended up in the hands of Securus, a company which provided phone tracking to low level enforcement without requiring a warrant. LocationSmart also exposed the very data it was selling through a buggy website panel, meaning anyone could geolocate nearly any phone in the United States at a click of a mouse.

Joseph Cox on Motherboard

Put another way, privacy continues to be a myth in our new connected world. Location data should be sacred, but the complete lack of meaningful oversight with our carriers means they can capitalize on any and all data they can.

Facebook Container for Firefox

Mozilla: Facebook Container Add-on for Firefox

What does it do?
Facebook Container works by isolating your Facebook identity into a separate container that makes it harder for Facebook to track your visits to other websites with third-party cookies.

How does it work?
Installing this extension deletes your Facebook cookies and logs you out of Facebook. The next time you navigate to Facebook it will load in a new blue colored browser tab (the “Container”).

You can log in and use Facebook normally when in the Facebook Container. If you click on a non-Facebook link or navigate to a non-Facebook website in the URL bar, these pages will load outside of the container.

Clicking Facebook Share buttons on other browser tabs will load them within the Facebook Container. You should know that using these buttons passes information to Facebook about the website that you shared from.

Taking Control of Your Facebook Privacy

The Verge: How to Use Facebook While Giving It the Minimum Amount of Personal Data

Facebook has found itself embroiled in yet another colossal controversy related to how its sprawling, multibillion-person social network has been abused by bad actors. This time, the culprit is Cambridge Analytica, a data analytics firm used by President Donald Trump’s campaign during the 2016 US election to target election ads on Facebook. It turns out, Cambridge Analytica misused the user data of as many as 50 million Facebook users via its affiliated behavior research firm Strategic Communication Laboratories, which violated Facebook’s terms of service by acquiring said data from a third-party app and reportedly lying about when that data was deleted and how it was used.

…

So now is as good a time as ever to remind you that — beyond deleting your Facebook account for good — there are some precautions you can take to protect your privacy and make use of Facebook as a utility without compromising your personal data. No single user can prevent a company like Cambridge Analytica from lying to the public and lying to Facebook about where its data came from and how it’s using it. But you can make sure that a significant chunk of your data is never out there in the first place.

Since I help manage a couple of business pages, it’s impractical for me to delete my Facebook account. These tips are helpful for increasing privacy while still using the platform.

Facebook Collecting Call Data on Android

The Verge: Facebook Has Been Collecting Call History and SMS Data from Android Devices

Facebook has been collecting call records and SMS data from Android devices for years. Several Twitter users have reported finding months or years of call history data in their downloadable Facebook data file. A number of Facebook users have been spooked by the recent Cambridge Analytica privacy scandal, prompting them to download all the data that Facebook stores on their account. The results have been alarming for some.

…

While the recent prompts make it clear, Ars Technica points out the troubling aspect that Facebook has been doing this for years, during a time when Android permissions were a lot less strict. Google changed Android permissions to make them more clear and granular, but developers could bypass this and continue accessing call and SMS data until Google deprecated the old Android API in October. It’s not yet clear if these prompts have been in place in the past.

…

The same call record and SMS data collection has not yet been discovered on iOS devices. While Apple does allow some specialist apps to access this data in limited ways like blocking spam calls or texts, these apps have to be specifically enabled through a process that’s similar to enabling third-party keyboards. The majority of iOS apps cannot access call history or SMS messages, and Facebook’s iOS app is not able to capture this data on an iPhone.

This is compounded by the fact that there are still a lot of phones out there running older versions of Android with its less strict app permissions. I think Android has a lot of things going for it, but it’s still a bit of a mess when it comes to privacy and security. And Facebook has surpassed creepy.

 

Advertisers Don’t Like Privacy

Adweek: Every Major Advertising Group Is Blasting Apple for Blocking Cookies in the Safari Browser

Apple’s unilateral and heavy-handed approach is bad for consumer choice and bad for the ad-supported online content and services consumers love. Blocking cookies in this manner will drive a wedge between brands and their customers, and it will make advertising more generic and less timely and useful. Put simply, machine-driven cookie choices do not represent user choice; they represent browser-manufacturer choice. As organizations devoted to innovation and growth in the consumer economy, we will actively oppose any actions like this by companies that harm consumers by distorting the digital advertising ecosystem and undermining its operations.

Put another way, Apple’s approach to cookies is bad because it makes it harder for products and brands to stalk you online. And there is nothing “innovative” about making sure the highest bidder is always what’s most visible to consumers.

It takes a special level of evil to take something that’s universally acknowledged as bad (like perpetual online behavior tracking) and try to sell the idea that this is good for consumers. I guess it’s just marketing. This is where the ad industry is.