My Friend Cayla: la muñeca prohibida en Alemania que espía a tu familia

La línea de muñecas “My Friend Cayla” ha sido prohibida en Alemania, luego que el gobierno del país europeo descubriera que éstas eran utilizadas para grabar y guardar datos de sus usuarios sin su consentimiento.

Fuente: My Friend Cayla: la muñeca prohibida en Alemania que espía a tu familia


Las ciudades inteligentes y el problema de la vigilancia | Derechos Digitales

Las tecnologías inteligentes apuntan a mejorar las condiciones de vida en las ciudades. Sin embargo, son también capaces de poner en entredicho nuestra privacidad. ¿Cuál es el límite de lo smart?

Fuente: Las ciudades inteligentes y el problema de la vigilancia | Derechos Digitales


In Major Privacy Victory, Top EU Court Rules Against Mass Surveillance

The European Union’s top court has severely undermined the British government’s mass surveillance powers in a new ruling that could rein in police and spy agency investigations.In a judgment handed down in Luxembourg on Wednesday, the European Court of Justice declared that the “general and indiscriminate retention” of data about people’s communications and locations was inconsistent with privacy rights. The court stated that the “highly invasive” bulk storage of private data “exceeds the limits of what is strictly necessary and cannot be considered to be justified, within a democratic society.”

Fuente: In Major Privacy Victory, Top EU Court Rules Against Mass Surveillance


Fears raised over Google’s DeepMind deal to use NHS medical data

“DeepMind/Google are getting a free pass for swift and broad access into the NHS, on the back of persuasive but unproven promises of efficiency and innovation,” said Ms Powles. “We do not know——and have no power to find out——what Google and DeepMind are really doing with NHS patient data, nor the extent of Royal Free’s meaningful control over what DeepMind is doing.”

Fuente: Fears raised over Google’s DeepMind deal to use NHS medical data


Privacy experts fear Donald Trump accessing global surveillance network | World news | The Guardian

Privacy activists, human rights campaigners and former US security officials have expressed fears over the prospect of Donald Trump gaining access to the vast global US and UK surveillance network.

Fuente: Privacy experts fear Donald Trump accessing global surveillance network | World news | The Guardian


China’s new cybersecurity law sparks fresh censorship and espionage fears | World news | The Guardian

Legislation raises concerns foreign companies may need to hand over intellectual property and help security agencies in return for market access

Fuente: China’s new cybersecurity law sparks fresh censorship and espionage fears | World news | The Guardian


Don’t let WhatsApp nudge you into sharing your data with Facebook | John Naughton | Opinion | The Guardian

The popular messaging app built its reputation on putting users first. Now its corporate owners are looking for payback at our expense

Fuente: Don’t let WhatsApp nudge you into sharing your data with Facebook | John Naughton | Opinion | The Guardian


Los datos personales que quedan expuestos al jugar Pokémon GO – Universidad de Chile

Siendo un fenómeno, con más de un millón de usuarios activos en nuestro país, el juego para dispositivos móviles donde se busca capturar a los 151 pokémon genera preocupación no sólo por la integridad física de los jugadores, sino que también por el nivel de información que se accede a dar a la app, así como también por el desconocimiento de estas normas por gran parte de la gente.

Fuente: Los datos personales que quedan expuestos al jugar Pokémon GO – Universidad de Chile


¿Para qué necesitamos anonimato y por qué es importante defenderlo? | Derechos Digitales

En la medida en que nuestras vidas transcurren en internet de forma creciente e interactuamos cada vez más con tecnologías digitales, también se vuelve más sencillo identificarnos y recolectar información sobre nuestros hábitos, gustos, opiniones e incluso sobre nuestros cuerpos.

Fuente: ¿Para qué necesitamos anonimato y por qué es importante defenderlo? | Derechos Digitales


Russian telecoms groups mount fight against anti-terror law – FT.com

The bill, signed by Vladimir Putin, Russian president, last week requires telecoms companies to store all text and voice messages, as well as all images, sound and video, transmitted via Russia on servers in the country for up to six months. They are also required to store metadata — information about when and from where messages were sent — for three years.

Fuente: Russian telecoms groups mount fight against anti-terror law – FT.com


Facing Data Deluge, Secret U.K. Spying Report Warned of Intelligence Failure

A secret report warned that British spies may have put lives at risk because their surveillance systems were sweeping up more data than could be analyzed, leading them to miss clues to possible security threats.

Fuente: Facing Data Deluge, Secret U.K. Spying Report Warned of Intelligence Failure


La mitad de los ministros de telecomunicaciones europeos quiere que tus datos fluyan libremente

13 miembros de la UE, entre los que se encuentran Irlanda, Bélgica, Polonia, Suecia y Reino Unido se muestran partidarios de que los datos fluyan solo por territorio europeo

Fuente: La mitad de los ministros de telecomunicaciones europeos quiere que tus datos fluyan libremente


Vozpópuli – Para qué quieren pinchar tu teléfono, si tienen tus metadatos

Un nuevo estudio confirma que el análisis de los metadatos permite averiguar tu identidad, la de tus amigos más próximos, así como tu dirección, tu estado de salud o tu ideología.

Fuente: Vozpópuli – Para qué quieren pinchar tu teléfono, si tienen tus metadatos


Documents Reveal Secretive U.K. Surveillance Policies

NEWLY DISCLOSED DOCUMENTS offer a rare insight into the secretive legal regime underpinning the British government’s controversial mass surveillance programs.The London-based group Privacy International obtained the previously confidential files as part of an ongoing legal case challenging the scope of British spies’ covert collection of huge troves of private data.

Fuente: Documents Reveal Secretive U.K. Surveillance Policies


Drive towards strong encryption will end

What happens when the wave of encryption rippling through the personal technology world washes up against the realities of the data economy?Most of the recent debate over the spread of encryption has centred on the implications for personal privacy and national security. Less has been said about business: in particular, what a greater use of encryption will mean for the usability of tech products and services, and for the business models that rely on capturing and extracting value from data.

Fuente: Drive towards strong encryption will end


New Safe Harbor Data “Deal” May Be More Politicking Than Surveillance Reform

European privacy activists criticized a new Safe Harbor data agreement with the U.S. as a superficial political fix that fails to address NSA spying.

Fuente: New Safe Harbor Data “Deal” May Be More Politicking Than Surveillance Reform


The new way police are surveilling you: Calculating your threat ‘score’ – The Washington Post

Some local police departments scan social media, send drones aloft and monitor surveillance cameras.

Fuente: The new way police are surveilling you: Calculating your threat ‘score’ – The Washington Post


China: When big data meets big brother – FT.com

When browsing the internet in China, be sure to avoid logging on between 2am and 4am, steer clear of websites offering quick loans and beware of changing your mobile phone handset too often. A good rule of thumb is to order curtains for your office,

Fuente: China: When big data meets big brother – FT.com


The hype over metadata is a dangerous myth – FT.com

Communications data — and the government’s powers to collect them — are at the heart of the draft Investigatory Powers Bill introduced by Theresa May, UK home secretary, which is currently under scrutiny. Such metadata are the digital exhaust of our

Fuente: The hype over metadata is a dangerous myth – FT.com


New Zealand Spy Data Shared With Bangladeshi Human Rights Abusers – The Intercept

New Zealand Spy Data Shared With Bangladeshi Human Rights Abusers – The Intercept.

Featured photo - New Zealand Spy Data Shared With Bangladeshi Human Rights Abusers

Secret documents reveal New Zealand’s electronic eavesdropping agency shared intelligence with state security agents in Bangladesh, despite authorities in the South Asian nation being implicated in torture, extrajudicial killings and other human rights abuses.

Government Communications Security Bureau, or GCSB, has conducted spying operations in Bangladesh over the past decade, according to the documents. The surveillance has been carried out in support of the U.S. government’s global counterterrorism strategy, primarily from a spy post in Bangladesh’s capital, Dhaka, and apparently facilitated by the National Security Agency and the Central Intelligence Agency.

The Bangladesh spying, revealed on Wednesday by The New Zealand Heraldin collaboration with The Intercept, is outlined in secret memos and reports dated between 2003 and 2013. The files were obtained by The Intercept from NSA whistleblower Edward Snowden.

An NSA document that outlines the agency’s relationship with New Zealand, dated from April 2013, noted that “the GCSB has been the lead for the intelligence community on the Bangladesh CT [counter-terrorism] target since 2004.” The document added that the New Zealand agency had “provided unique intelligence leads that have enabled successful CT operations by Bangladesh State Intelligence Service, CIA and India over the past year.”


Data privacy: the tide is turning in Europe – but is it too little, too late? | Technology | The Guardian

Data privacy: the tide is turning in Europe – but is it too little, too late? | Technology | The Guardian.

Simultaneous legal cases suggest that the need to assert the digital rights of citizens over corporations and governments is finally being addressed

Max Schrems
Cases such as Max Schrems’ lawsuit against Facebook are asserting fundamental rights of privacy and data protection. Photograph: Max Schrems/Europe-V-Facebook.or/PA

Amazon Dash – the company’s single purpose internet-connected ordering button – may soon be blackening our skies with drones delivering loo rolls and detergent. And so, the relentless march of technology – not to mention cheap labour, unthinking consumerism and scandalous environmental devastation – goes on.

But while more convenient ordering of washing powder might have captured the headlines of late, Europe has been in the midst of a technological step change; a pivot in the world of data privacy.

Several notable events at the end of March, in Luxembourg, London and Geneva, show a glimmer of hope that those frail, beaten rights – privacy and data protection – might yet see their true worth in the digital age.

A moment, first, in defence of privacy – reports of whose death are, I hope, greatly exaggerated.

Privacy is a right for all – not just the filthy rich

Many fall into the trap of seeing privacy in an overly atomistic, individualistic, selfish way; the preserve of the filthy rich. And it is, if we see it as separable from collective freedom, or as absolute over other rights – of freedom of expression, opinion and association; freedom to protest; freedom to resist. But this is not privacy’s ask.

Privacy is about having decisional power, control, over which acts and events of our lives are disclosed and to whom, free from the prying eyes of states, corporations and neighbours. Privacy affords us the freedom to develop ourselves in the world.

The crux of the issue with digital technology is that our ability to make decisions and to control our personal information – the links and traces of our lives – is all but lost. Mostly without our knowledge, and certainly without informed consent, nation states sweep our data alleging ‘national security’ interests, whether legitimate or not. Corporations sweep our data, because they have powerful economic incentives to do so – and, with the capitalist lurch, no reason not to.

So what can be done to reclaim this systematic erosion; to reinstate rights over the long echo of our digital whispers and wanderings? In Europe, there are some rumblings of resistance. They are the rumblings of citizens, of regulators, of courts. And they are starting to find their voice.


Privacy fears over 'smart' Barbie that can listen to your kids | Technology | The Guardian

Privacy fears over ‘smart’ Barbie that can listen to your kids | Technology | The Guardian.

Hello Barbie toy
 Hello Barbie listens to children using cloud-based voice recognition technology, to understand them and talk back. Photograph: Mattel

A “smart” Barbie doll that can have “conversations” with children should not go on sale, privacy advocates have said.

Billed as the world’s first “interactive doll”, the toy uses voice recognition technology similar to that employed by Apple’s Siri and Google’s Now digital assistants to understand what a child is saying to Barbie and respond.

However, privacy advocates are worried about the use of voice recognition technology that sends recordings of children to third-party companies for processing, potentially revealing his or her intimate thoughts and details.

“If I had a young child, I would be very concerned that my child’s intimate conversations with her doll were being recorded and analysed,” said Professor Angela Campbell of Georgetown University law school.

“In Mattel’s demo, Barbie asks many questions that would elicit a great deal of information about a child, her interests, and her family. This information could be of great value to advertisers and be used to market unfairly to children.”


Diputados rechaza proyecto pyrawebs alegando inconstitucionalidad

Diputados rechaza proyecto pyrawebs alegando inconstitucionalidad.

Diputados rechaza proyecto pyrawebs alegando inconstitucionalidad

El proyecto debe retornar a la Cámara de Senadores. | Foto: www.siliconweek.es

La Cámara de Diputados rechazó el proyecto conocido como “pyrawebs” que obliga a los prestadores de Internet a almacenar los datos de conexión de los usuarios. Argumentaron violaciones de los derechos humanos garantizados en la Constitución Nacional.


Big data: Credit where credit’s due – FT.com

Big data: Credit where credit’s due – FT.com.

High quality global journalism requires investment. Please share this article with others using the link below, do not cut & paste the article. See our Ts&Cs and Copyright Policy for more detail. Email ftsales.support@ft.com to buy additional rights. http://www.ft.com/cms/s/0/7933792e-a2e6-11e4-9c06-00144feab7de.html#ixzz3QtYJk7Hp

 

Financial companies use technology to create ‘proxy’ credit profiles, raising concerns about the tactics

I

n late 2008, Kevin Johnson returned to his home in Atlanta, Georgia, after a honeymoon abroad to find the financial system imploding and a letter from his credit card company in his postbox.

American Express was cutting his credit limit from $10,800 to $3,800. The reason, according to the letter, was that Mr Johnson had been shopping at stores frequented by people deemed by the credit card company to have a poor repayment history.

For Mr Johnson, who prides himself on being a media and internet entrepreneur, the notion that he would be financially limited because of the supposed behaviour of his fellow shoppers did not sit well at all. At the time, says Mr Johnson, his FICO score — the standard measure of creditworthiness in the US — was about 760, solidly within good credit territory.

“It was a sort of wake-up call,” Mr Johnson says. “The financial crisis created a wonderful opportunity for companies to apply some of these insidious algorithms to deny credit to people who are deserving of credit.”

Mr Johnson, an African-American, went public with the letter, prompting a debate about whether such credit profiling was fair. Amex abandoned it, and a provision mandating further study of the practice was inserted into the Credit Card Act passed by President Barack Obama in 2009.

Six years later, financial companies have the option of using data-guzzling technologies that make the observation of shopping habits look downright primitive. A plethora of information gathered from social media, digital data brokers and online trails can be used to mathematically determine the creditworthiness of individuals, or to market products specifically targeted to them.

The degree to which such algorithms are utilised by mainstream banks and credit card companies is unclear, as are their inputs, calculations and the resulting scores. While many types of data-driven algorithms have been criticised for opacity and intrusiveness, the use of digital scorecards in finance raises additional issues of fairness. Using such information to make predictions about borrowers can, critics say, become self-fulfilling, hardening the lines between the wealthy and poor by denying credit to those who are already associated with not having access to it.

“You can get in a death spiral simply by making one wrong move, when algorithms amplify a bad data point and cause cascading effects,” says Frank Pasquale, a professor of law at University of Maryland and author of a book on algorithms called The Black Box Society.

Proponents of such technology argue that the ability to get a comprehensive view of prospective customers — based on their friends, their employer and even their exercise habits — can ultimately help expand the availability of credit to those who struggle to open bank accounts or obtain fair loans.


Canada Casts Global Surveillance Dragnet Over File Downloads – The Intercept

Canada Casts Global Surveillance Dragnet Over File Downloads – The Intercept.

Featured photo - Canada Casts Global Surveillance Dragnet Over File Downloads

Canada’s leading surveillance agency is monitoring millions of Internet users’ file downloads in a dragnet search to identify extremists, according to top-secret documents.

The covert operation, revealed Wednesday by CBC News in collaboration with The Intercept, taps into Internet cables and analyzes records of up to 15 million downloads daily from popular websites commonly used to share videos, photographs, music, and other files.

The revelations about the spying initiative, codenamed LEVITATION, are the first from the trove of files provided by National Security Agency whistleblower Edward Snowden to show that the Canadian government has launched its own globe-spanning Internet mass surveillance system.

According to the documents, the LEVITATION program can monitor downloads in several countries across Europe, the Middle East, North Africa, and North America. It is led by the Communications Security Establishment, or CSE, Canada’s equivalent of the NSA. (The Canadian agency was formerly known as “CSEC” until a recent name change.)

The latest disclosure sheds light on Canada’s broad existing surveillance capabilities at a time when the country’s government is pushing for a further expansion of security powers following attacks in Ottawa and Quebec last year.


Las fotos de tu gato en internet ponen en jaque tu privacidad

Las fotos de tu gato en internet ponen en jaque tu privacidad.

La web I know where your cat lives demuestra cómo los metadatos de nuestras fotografías online pueden ser utilizados para localizarnos geográficamente, con un margen de error inferior a 8 metros

El objetivo del creador de "I know where you cat lives" es despertar un debate público en torno a la privacidad online

El objetivo del creador de “I know where you cat lives” es despertar un debate público en torno a la privacidad online

Que los gatos han conquistado Internet, y en concreto las redes sociales, es un hecho probado. Si en alguna ocasión te has dejado llevar por la fiebre felina y has colgado una foto de tu minino en Instagram o Flickr, es probable que Owen Mundy sepa dónde vives y estés geolocalizado en el mapa de su web: I know where your cat lives (‘Sé donde vive tu gato’). Este profesor de Arte de la Universidad de Florida ha mapeado cerca de un millón de gatos, simplemente utilizando las coordenadas geográficas incluidas en los metadatos de las fotografías colgadas en los perfiles de los usuarios de estas aplicaciones –21.015 de esos gatos están en España.

No se trata, ni mucho menos, de una obsesión personal de Mundy por estos entrañables animalitos –”ni siquiera soy una persona de gatos” confiesa a eldiario.es— su objetivo es despertar un debate público en torno a la privacidad online y la utilización que corporaciones y gobiernos hacen de los metadatos que como usuarios de redes sociales y aplicaciones revelamos sin ser, muchas veces, conscientes de ello.

Así que en poco menos de un año, Mundy construyó su propio servidor backend, uno capaz de alojar un fenómeno viral como el que esperaba que fuera su experimento gatuno, y con ayuda del superordenador de la Universidad Politécnica de Florida –un ordenador de alto rendimiento, alta capacidad y velocidad—, el pasado mes de julio ponía en órbita este proyecto, a mitad de camino entre el arte digital y la concienciación social, con un irremediable toque kitsch. Tan solo en los primeros tres meses online, tuvo más de 500.000 visitas únicas y cada una de ellas visualizando una media de 50 fotos de gatos.


El iPhone 6 se blinda ante el espionaje | Internacional | EL PAÍS

El iPhone 6 se blinda ante el espionaje | Internacional | EL PAÍS.


Apple no facilitará las claves de sus clientes a la agencia de espionaje de EE UU

El bloqueo del nuevo teléfono inquieta a los servicios de seguridad

Un grupo de personas espera para poder comprar el iPhone6, en Berlín. / HANNIBAL HANSCHKE (REUTERS)

Enviar a LinkedIn39
Enviar a TuentiEnviar a Eskup

EnviarImprimirGuardar

El flamante iPhone 6, recién lanzado al mercado, es el primer teléfono inteligente a prueba de espías. Un algoritmo en su sistema operativo hace que solo el usuario tenga acceso a los contenidos protegidos, con lo que Apple no podría entregar información ni siquiera por orden judicial.

“Si no eres el cliente, eres el producto”, una máxima de Jan Koum, fundador de la aplicación de mensajería móvil WhatsApp, para defender la privacidad de los usuarios vuelve a estar de actualidad. Apple se ha sumado a este principio con iOS 8, el sistema operativo que viene por defecto en los nuevos modelos de iPhone, 6 y 6 Plus.

Tim Cook, consejero delegado de Apple, rompe así el axioma general de Internet. Lo ha explicado en una carta incluida en los cambios de su política de privacidad: “A diferencia de nuestros competidores, Apple no va a pasar por encima de tu contraseña y, en consecuencia, no puede acceder a esos datos. Técnicamente, ya no podremos asumir las peticiones del Gobierno para capturar datos de aparatos que estén en posesión, siempre que tengan instalado iOS8”. No habrá posibilidad, por tanto, de que Apple colabore con la Agencia Nacional de Seguridad (NSA) en caso de que se lo requiera.

En los aparatos de Apple habrá una única manera de descifrar los contenidos protegidos: la clave que da acceso a su identidad de usuario. Hasta ahora, solo el correo @me.com, la cuenta que ofrece a los clientes, seguía esta dinámica. Con el iOS 8 esta función se hace extensiva a mensajes (aplicación que une tanto SMS, WhatsApp…, pero solo entre dispositivos de Apple), calendarios, contactos y fotos.

El nuevo sistema pone la responsabilidad final en cada cliente individual. Antes de la actualización, Apple podía descifrar claves, contraseñas y códigos de bloqueo bajo petición judicial. Ahora ya no podrá hacerlo y derivará las peticiones a los dueños de los móviles.


Privacidad y derechos humanos en la era digital #HRC27 | Manzana Mecánica

Privacidad y derechos humanos en la era digital #HRC27 | Manzana Mecánica.

Carlos Castillo »

Un conjunto de organizaciones de la sociedad civil, coordinadas por Human Rights Watch, firman una Declaración Conjunta sobre Privacidad en la Era Digital. Esta declaración es una respuesta al informe sobre privacidad recientemente entregado a la Oficina del Alto Comisionado de las Naciones Unidas para los Derechos Humanos (A/HRC/27/37, versión en inglés/PDF, en castelano/DOC).

En su declaración remarcan un aspecto central de este informe y de otros anteriores relacionados con privacidad: “la legislación internacional sobre derechos humanos provee de un marco claro y universal para la promoción y protección del derecho a la privacidad, incluyendo el contexto de vigilancia doméstica y extra-territorial, intercepción de comunicaciones digitales y recolección de datos personales.” En otras palabras, el enfoque sugerido no está en crear una legislación específica para Internet, sino que está relacionado con que las libertades y derechos que ya existen off-line, se respeten en el contexto on-line.


California judge rules against privacy advocate and protects police secrecy | World news | theguardian.com

California judge rules against privacy advocate and protects police secrecy | World news | theguardian.com.

Man loses bid to access to police license plate records in case with repercussions on surveillance and government databases

  • theguardian.com
Ronald Reagan Freeway  california
Expanding networks of cameras mounted on stoplights and police cars are collecting license plate scans across the US. Photograph: David McNew/Getty Images

A California judge’s initial ruling against a tech entrepreneur, who seeks access to records kept secret in government databases detailing the comings and goings of millions of cars in the San Diego area, via license plate scans, was the second legal setback within a month for privacy advocates.

The tentative decision issued Thursday upheld the right of authorities to block the public from viewing information collected on their vehicles, by way of vast networks that rely on cameras mounted on stoplights and police cars.

The rapidly expanding systems and their growing databases have been the subject of a larger debate pitting privacy rights against public safety concerns in a new frontier over high-tech surveillance. A Los Angeles judge ruled in August that city police and sheriff’s departments don’t have to disclose records from the 3m plates they scan each week.

Michael Robertson, best known for creating the music website MP3.com, stepped into the discussion with a personal lawsuit, asking for access to only his information. He will still get to present his case Friday, despite the initial ruling from San Diego Superior Court Judge Katherine Bacal that went against him.

The ACLU of southern California and the Electronic Frontier Foundation had been seeking a week’s worth of data from databases that hold hundreds of millions of scans.


Police access to medical records will not help the vulnerable | Deborah Orr | Comment is free | theguardian.com

Police access to medical records will not help the vulnerable | Deborah Orr | Comment is free | theguardian.com.

The police are straying too far from their remit. The last thing they should do is take on responsibilities that belong to other agencies

Police want right to see medical records without consent

 

 

Woman filing medical records
‘If a person does not want the police involved, then in some cases that’s going to make them reluctant even to turn to their GP.’ Photograph: Sean Justice/Getty Images

 

The Greater Manchester chief constable, Sir Peter Fahy, has told the Guardian that the police want quick and easy access to medical and other confidential records without the consent of the individual concerned. In the light of other recent revelations about state incursion into private data, one is tempted to note that it’s nice of them to ask.

Before stating the obvious – that this sounds horribly Kafkaesque – it’s worth mentioning the positive side of all this. It’s a good thing the police now recognise that the majority of the people who come to their attention are vulnerable and find it hard to do what’s best for themselves, let alone what’s best for those around them. It was only 20 years ago, after all, that even Britain’s prime minister, John Major, was claiming “society needs to condemn a little more and understand a little less”. So this development signals a huge change in attitudes.

However, far from being an indication that the police need more power, it’s a sign that they are now straying too far from their remit, which is to maintain law and order. Fahy himself talks of having an ability “to solve the problem without a criminal justice system approach”.

On this, he’s dead right, even though his solution is an unwelcome one. The difficulty is that the police are already too embroiled in complex cases that may involve mental health problems, learning disabilities or addictions. That is the job of social workers. Fahy says the police do not have the manpower and resources they need to deal with the problems they are being asked to become involved in. The last thing we need is for them to have less clarity of purpose.

The issue is that other agencies – primarily mental health and social work services – are even more starved of investment than the police. Fahy, in essence, is allowing his thoughts to be guided by instincts of professional closure. He understands the police are involved in matters for which they are not equipped. But his answer is to equip them, not to call for others to become equipped. He does not see that his proposal would make the vulnerable even more so.

The dangers of this approach are most clear when considering Fahy’s most controversial example – that the police should be alerted to people suffering from domestic violence even if it isn’t what they want. If a person does not want the police involved, and the involvement of health professionals may trigger that anyway, then in some cases that’s going to make them reluctant even to turn to their GP.

That’s the trouble with passing on information without people’s consent. They become more reluctant to share any information at all, even when it is dangerous for them to keep things to themselves. On the contrary, people need to be able to get help before the police become involved. Too often, matters are allowed to reach a crisis before there is much in the way of societal intervention.


Australia quiere un impuesto para financiar la vigilancia en Internet – FayerWayer

Australia quiere un impuesto para financiar la vigilancia en Internet – FayerWayer.

(cc) j.e.mcgowan / Flickr

Serían los usuarios quienes pagaran para que los metadatos de sus comunicaciones sean almacenados por 2 años.

Cuando el Tribunal de Justicia de la Unión Europea invalidó la directiva de retención de datos vigente en aquél continente, fue muy claro: tales disposiciones infringen el derecho a la privacidad de los usuarios de servicios de telecomunicaciones. Sin embargo, naciones como el Reino Unido continúan recolectando este tipo de metadatos.

La influencia de estas medidas ha sido parcial. En países como México, la idea de contar con un registro de los datos de las comunicaciones móviles de todos los usuarios del país fue tan tentadora que decidieron incluirla en su nueva ley de telecomunicaciones. En Australia, el fiscal general, George Brandis, ha propuesto actuar de manera similar, según informa The Sydney Morning Herald.

Poco importa que el Tribunal Europeo ya no considere como válidas estas medidas. Tampoco que la Oficina de la Alta Comisionada de la ONU para los Derechos Humanos haya publicado un reporte que considere que la retención de datos no es necesaria ni proporcional. El argumento de ofrecer seguridad a cambio de eliminar la privacidad, ha seducido a muchos, a pesar de los riesgos que esto implica.

Técnicamente, el principal problema de la retención de datos se refiere a la infraestructura necesaria para almacenarlos de manera segura. Si la medida fuera implementada en Australia, tendría un costo anual que oscilaría entre los AUD $500 millones y AUD $700 millones, es decir, entre USD $465 millones y USD $650 millones. Para las operadoras de telefonía móvil australianas, esa es una cantidad que no piensan pagar.

Steve Dalby, director de regulación en iiNet -un ISP australiano-, estima que los consumidores podrían verse afectados por un aumento en los costos de AUD $5 a AUD $10 mensuales para cubrir los costos de recolección y almacenamiento de datos.

Claramente, una parte del problema se encuentra en los factores técnicos. Las operadoras también argumentan que no cuentan con personal especializado para un adecuado tratamiento de los datos, dado que no suelen emplear tácticas de vigilancia masiva. Por esto es que buscan que si tanta es su insistencia sea el gobierno quien se encargue de esta manipulación.


Puertas traseras que recuerdan a la NSA en 600 millones de dispositivos iOS

Puertas traseras que recuerdan a la NSA en 600 millones de dispositivos iOS.

Ciertos servicios de iOS, sobre todo en la versión 7 del sistema, permitirían el establecimiento de puertas traseras

A pesar de que hay una similitud con herramientas de la NSA, Apple defiende que estos servicios descubiertos en iOS solo obedecen a la necesidad de realizar tareas diagnósticas

600 millones de dispositivos iOS en riesgo

Jonathan Zdziarski, hacker experto en iPhone, conocido como NeverGas en la comunidad iOS, ha descubierto indicios de puertas traseras en los dispositivos iOS. El especialista en seguridad ha buceado en las capacidades disponibles en iOS para obtener datos y ha comprobado que unos 600 millones de dispositivos podrían estar en riesgo, sobre todo los que tienen instalada la versión iOS 7.

Zdziarski ha descubierto una serie de funciones no documentadas de iOS que permiten sortear el cifrado del backup en los dispositivos con el sistema operativo móvil de Apple, lo que permitiría robar datos personales de los usuarios sin introducir sus contraseñas, siempre que se den ciertas circunstancias. El atacante tendría que estar físicamente cerca del dispositivo en el que quiere penetrar, así como estar en la misma red WiFi que la víctima, quien para ello debería tener la conexión WiFi activada.

Las vulnerabilidades se han revelado en una conferencia de hackers en Nueva York y Zdziarski ha publicado las ha publicado en un PDF. El sistema iOS ofrece la posibilidad de proteger los mensajes, documentos, cuentas de email, contraseñas varias y otra información personal mediante el backup de iTunes, que se puede asegurar con un cifrado. Pero en lugar de introducir la contraseña para desbloquear todos estos datos, existe un servicio llamado com.apple.mobile.file_relay, cuyo acceso se puede lograr remotamente o a través de cable USB y permite sortear el cifrado del backup.

Así lo cuenta Zdziarski, quien señala que entre la información que se puede obtener de este modo se encuentra la agenda de contactos, las fotografías, los archivos de audio o los datos del GPS. Además, todas las credenciales de cuentas que se hayan configurado en el dispositivo, como los emails, las redes sociales o iCloud, quedan reveladas. El hacker ha señalado que con esta y otras herramientas se puede recopilar casi la misma información que hay en un backup completo.

También se han descubierto otros dos servicios potencialmente peligrosos, destinados en principio a usos por parte de los usuarios y desarrolladores, pero que pueden convertirse en armas de espionaje. Uno de ellos es com.apple.pcapd, que permitiría a un atacante monitorizar remotamente el tráfico que entra y sale de un dispositivo conectado a una red WiFi. El otro es com.apple.mobile.house_arrest, a través del cual iTunes puede copiar archivos y documentos sensibles procedentes de aplicaciones de terceros como Twitter o Facebook.

Puertas traseras que recuerdan a la NSA

Algunos de estos descubrimientos se parecen a las herramientas de la NSA, en concreto a DROPOUTJEEP, que en los dispositivos iOS permite a la agencia de espionaje estadounidense controlar y monitorizar remotamente todas las funciones de un iPhone. Zdziarski ha admitido que empezó a investigar a raíz de un informe de Der Spiegel sobre cómo la NSA había tomado como objetivo los dispositivos iOS y los sistemas a los que estaban asociados.

Por su parte Apple se ha apresurado a decir que estas puertas traseras no tienen relación alguna con ninguna agencia gubernamental. La compañía ha indicado que solo están orientadas a labores “diagnósticas” y a permitir a los departamentos de IT de las empresas gestionar los terminales de los empleados.

 “No me creo ni por un minuto que estos servicios estén pensados solo para diagnosticar. La información que filtran es de una naturaleza extremadamente personal. No hay notificación al usuario”, ha rebatido en su blog el hacker que descubrió las vulnerabilidades.


Privacy boom brings digital paranoia into the open – FT.com

Privacy boom brings digital paranoia into the open – FT.com.

High quality global journalism requires investment. Please share this article with others using the link below, do not cut & paste the article. See our Ts&Cs and Copyright Policy for more detail. Email ftsales.support@ft.com to buy additional rights. http://www.ft.com/cms/s/0/f970d000-0291-11e4-a68d-00144feab7de.html#ixzz36Vcdb6PE

The growing interest in secrecy should serve as a wake-up call
Cyber crime security ID©Dreamstime

There seems to be a booming market in paranoia. The Blackphone, which went on sale in the US this week, is purpose-built for the post-Snowden era: it encrypts all of a user’s data and comes preloaded with apps designed with secrecy in mind to block “information leakage”.

Then there is Wickr, a messaging system that boasts far more robust encryption than that available on other widely used services. It raised a hefty $30m in venture capital last week.

In a telling sign of the times, the Wickr investment was led by Jim Breyer, a Silicon Valley venture capitalist best known for making a killing on Facebook. The culture of secrecy-minded companies such as Wickr is far removed from the heightened transparency that fuels Facebook’s social network.

This is still a decidedly niche market. The vast audiences of companies such as Google and Facebook have not turned away because governments have sought to penetrate their systems or because of their periodic privacy gaffes.

For most internet users, the immediate gratification of using a search engine or social network – and the advantages of bringing their “real world” identities online – far outweighs any abstract concern about notional privacy trade-offs.

But the growing interest in secrecy should come as a wake-up call. The Snowden leaks have served as a reminder of the information-gathering practices of the internet companies. “Big data” has become an industry branding nightmare, conjuring images of vast pools of private information waiting to be tapped by spies or sold to the highest bidder.

Internet companies are only just beginning to combat this conflation of illicit surveillance and commercial data gathering.

The first response has been to try to show that they are serious about taking their users’ side against overreaching governments. That has meant greater use of encryption in their networks and a more robust rejection of official requests that stop short of legally binding orders.

But it is hard to mount a convincing argument that users’ interests always come first when one of the longest-running privacy debates – about the use of cookies to track users and send targeted advertising – remains unresolved. In the US, the failure of the online advertising industry to come up with an effective “do not track” system has been an enduring reminder of the contradiction that lies at the heart of advertising-driven services.

Mobile apps have become another sore point. They usually involve a take it or leave it choice: most require users to consent to them accessing a wide array of personal information while giving little idea about how it will be used.

Trusting the companies that hold data will require a leap of faith. That explains why Apple made much of privacy at its recent developers’ conference when it revealed the digital platforms it was building for the internet of things

The Blackphone’s default settings block apps that seek to tap into things such as a user’s location and contact lists. But given the data promiscuity of the average smartphone app, anyone opting for these settings would be barred from many of the most widely used smartphone services.

The internet of things – the coming mass of smartwatches, intelligent home thermostats and other connected gadgets – is about to present a new test.

Much of the information collected by these devices will have even greater personal sensitivity. In some cases it will involve health data, gathered from fitness trackers or from sensors around the body. In others, it will include intimate details of what is happening inside users’ homes, collected through things such as security cameras and other smart monitors.

Trusting the companies that hold this data will require a leap of faith. That explains why Apple made much of privacy at its recent developers’ conference when it revealed the digital platforms it was building for the internet of things.

Its HealthKit and HomeKit are intended to become two of the data hubs of the connected physical world. They will draw information from many devices to assemble a comprehensive, deeply personal picture of their users’ lives.

It also explains why chief executive Tim Cook broke with his normal tempered delivery to pour scorn on Google’s Android mobile operating system, quoting an article describing it as a “toxic hellstew of vulnerabilities”. Apple, with its reputation for managing a controlled, “closed” system, may start in a stronger position in this new world than Google, with its preference for more open platforms.

For now, convenience still trumps paranoia when it comes to the use of everyday digital services. But without a concerted effort to address the proliferating privacy issues, that won’t be something that can always be taken for granted.

Richard Waters is the Financial Times’ West Coast Editor

 


Trabajo policial usa cada vez más los datos de Facebook para atrapar delincuentes – LaSegunda.com

Trabajo policial usa cada vez más los datos de Facebook para atrapar delincuentes – LaSegunda.com.

“Empadronamiento digital” es parte de la labor habitual en la PDI y fiscalías.

por:  Patricio Meza S., La Segunda
lunes, 16 de junio de 2014

Hace algunos meses, la PDI y la Fiscalía Occidente investigaban a una banda por robos a cajeros automáticos y tuvieron en Facebook a un gran aliado.

La juventud e imprudencia de los implicados los llevó a hacer comentarios en sus perfiles que los vinculaban con los ilícitos, e incluso a publicar fotos “con torres de dinero”. Sus nexos en la red también desarmaron sus coartadas, que afirmaban que no se conocían entre sí.

En otras imágenes aparecían usando las mismas vestimentas con las que se veían robando en las cámaras de seguridad. Incluso la mesa donde posaban con el dinero fue encontrada en uno de los allanamientos a sus casas.

Otro caso ocurrió en Arica, donde el fiscal Mario Carrera logró condena por tráfico contra una mujer, luego de que una madre interceptara el diálogo en Facebook, en el que la hoy condenada ofrecía drogas a su hija.

Ambos casos son sólo una demostración de la importancia que han adquirido las redes sociales para las investigaciones policiales.


¿Por qué las redes sociales en Chile no son seguras para tus derechos? – ONG Derechos Digitales

¿Por qué las redes sociales en Chile no son seguras para tus derechos? – ONG Derechos Digitales.

por  25 de junio, 2014

Es cierto: poner en una misma frase “redes sociales” y “seguridad” es más bien un contrasentido, pero localmente, el problema de inseguridad de los datos personales de los usuarios de estas plataformas reviste una gravedad especial: la policía y la fiscalía chilena las tienen como objetivo de vigilancia, sin garantías para los derechos de privacidad y debido proceso de sus ciudadanos. Al menos, eso se puede concluir con las últimas noticias.

"“Con su explosivo crecimiento los últimos años en Chile, las redes sociales son hoy un “paso obligado” en cualquier investigación (policial". BY (stockdaledesigns)“Con su explosivo crecimiento los últimos años en Chile, las redes sociales son hoy un “paso obligado” en cualquier investigación (policial”. BY (stockdaledesigns)

En una noticia salida hace algunos días en La Segunda, la Brigada del Cibercrimen de la Policía De Investigaciones (PDI), explica cómo la vigilancia a Facebook se ha convertido en un elemento esencial para las investigaciones policiales. En la nota se afirma:

“Con su explosivo crecimiento en los últimos años en Chile, las redes sociales son hoy un “paso obligado” en cualquier investigación, afirman las autoridades. Al empadronamiento tradicional que los policías realizan en terreno se suma hoy un “empadronamiento digital” que puede arrojar resultados igual de valiosos”.

Según la nota, la policía efectivamente ha llegado a establecer la identidad y las relaciones de los delincuentes gracias a las pistas que estos dejan en Facebook. Pero los antecedentes que la policía y la fiscalía entregan en esta noticia, hacen pensar que el precio de ese hecho lo pagan los derechos de privacidad y al debido proceso de todos los chilenos. Dos hechos preocupantes:


Why online tracking is getting creepier | Ars Technica

Why online tracking is getting creepier | Ars Technica.

Online marketers are increasingly trying to track users offline as well.

The marketers that follow you around the Web are getting nosier.

Currently, many companies track where users go on the Web—often through cookies—in order to display customized ads. That’s why if you look at a pair of shoes on one site, ads for those shoes may follow you around the Web.

But online marketers are increasingly seeking to track users offline as well, by collecting data about people’s offline habits—such as recent purchases, where you live, how many kids you have, and what kind of car you drive.

Here’s how it works, according to some revealing marketing literature we came across from digital marketing firm LiveRamp:

  • A retailer—let’s call it The Pricey Store—collects the e-mail addresses of its high-spending customers. (Ever wonder why stores keep bugging you for your e-mail at the checkout counter these days?)
  • The Pricey Store brings the list to LiveRamp, which locates the customers online when the customers use their e-mail address to log in to a website that has a relationship with LiveRamp. (The identity of these websites is a closely guarded secret.) The website that has a relationship with LiveRamp then allows LiveRamp to “tag” the customers’ computer with a tracker.
  • When those high-spending customers arrive at PriceyStore.com, they see a version of the site customized to “show more expensive offerings to them.” (Yes, the marketing documents really say that.)

La NSA recolecta millones de imágenes de rostros de personas en Internet | Internacional | EL PAÍS

La NSA recolecta millones de imágenes de rostros de personas en Internet | Internacional | EL PAÍS.

Logotipo de la NSA, en su sede a las afueras de Washington DC. / PATRICK SEMANSKY (AP)

El serial sobre los largos tentáculos de la Agencia Nacional de Seguridad sigue creciendo. La NSA intercepta millones de imágenes de rostros de personas que circulan por Internet y que utiliza para programas de reconocimiento facial con fines de inteligencia, según publicó este domingo el diario The New York Times a partir de documentos de 2011 sustraídos por el exanalista de la agencia Edward Snowden. Se trata de la primera filtración desde que el miércoles la cadena NBC emitiera la primera entrevista concedida por Snowden a un canal de televisión, en la que se consideró un patriota por destapar el espionaje masivo de Estados Unidos.

Hace unos meses el diario The Guardian ya publicó que la NSA y su equivalente británica habían interceptado imágenes de usuarios de Yahoo! tomadas desde las cámaras frontales de ordenadores. La información del Times va mucho más allá y revela una práctica muy extendida en los últimos cuatro años en marco de los esfuerzos de la NSA de sacar provecho al enorme flujo de fotografías que circulan en correos electrónicos, mensajes de texto, redes sociales o videoconferencias; y que considera igual de relevantes que otros métodos de espionaje, como el escrutinio de llamadas telefónicas.

En 2011 la agencia interceptaba “millones de imágenes al día”, incluyendo unas 55.000 de reconocimiento facial de calidad, que generan un “tremendo potencial sin explotar”, según un documento filtrado, que destaca la oportunidad que aporta de conocer la vida diaria y la biografía de determinados individuos. El diario deja entrever que la mayoría de imágenes corresponderían a ciudadanos extranjeros obtenidas a través de Internet, satélites y líneas de cables.


Facial recognition: is the technology taking away your identity? | Technology | The Observer

Facial recognition: is the technology taking away your identity? | Technology | The Observer.

Facial recognition technology is being used by companies such as Tesco, Google and Facebook, and it has huge potential for security. Concerned? It may be too late to opt out
facial recognition

Facial recognition data points: ‘While facial recognition algorithms may be neutral themselves, the databases they are tied to are anything but.’

This summer, Facebook will present a paper at a computer vision conference revealing how it has created a tool almost as accurate as the human brain when it comes to saying whether two photographs show the same person – regardless of changes in lighting and camera angles.A human being will get the answer correct 97.53% of the time; Facebook’s new technology scores an impressive 97.25%. “We closely approach human performance,” says Yaniv Taigman, a member of its AI team.

Since the ability to recognise faces has long been a benchmark for artificial intelligence, developments such as Facebook’s “DeepFace” technology (yes, that’s what it called it) raise big questions about the power of today’s facial recognition tools and what these mean for the future.

Facebook is not the only tech company interested in facial recognition. A patent published by Apple in March shows how the Cupertino company has investigated the possibility of using facial recognition as a security measure for unlocking its devices – identifying yourself to your iPhone could one day be as easy as snapping a quick selfie.

Google has also invested heavily in the field. Much of Google’s interest in facial recognition revolves around the possibilities offered by image search, with the search leviathan hoping to find more intelligent ways to sort through the billions of photos that exist online. Since Google, like Facebook wants to understand its users, it makes perfect sense that the idea of piecing together your life history through public images would be of interest, although users who uploaded images without realising they could be mined in this manner might be less impressed when they end up with social media profiles they never asked for.

Google’s deepest dive into facial recognition is its Google Glass headsets. Thanks to the camera built into each device, the headsets would seem to be tailormade for recognising the people around you. That’s exactly what third-party developers thought as well, since almost as soon as the technology was announced, apps such as NameTagbegan springing up. NameTag’s idea was simple: that whenever you start a new conversation with a stranger, your Google Glass headset takes a photo of them and then uses this to check the person’s online profile. Whether they share your interest in Werner Herzog films, or happen to be a convicted sex offender, nothing will escape your gaze. “With NameTag, your photo shares you,” the app’s site reads. “Don’t be a stranger.”

While tools such as NameTag appeared to be the kind of “killer app” that might make Google Glass, in the end Google agreed not to distribute facial recognition apps on the platform, although some have suggested that is no more than a “symbolic” ban that will erode over time. That is to say, Google may prevent users from installing facial recognition apps per se on Glass but it could well be possible to upload images to sites, such as Facebook, that feature facial recognition. Moreover, there is nothing to prevent a rival headset allowing facial recognition apps – and would Google be able to stop itself from following suit?


Vigilancia de tráfico en Internet, una amenaza a la privacidad de los chilenos – ONG Derechos Digitales

Vigilancia de tráfico en Internet, una amenaza a la privacidad de los chilenos – ONG Derechos Digitales.

10 de abril, 2014
 Mientras que en Europa invalidaron la norma que forzaba a los prestadores de Internet a recolectar información de sus clientes, el registro de las IPs en Chile es obligatorio y pobremente regulado, amenazando el derecho a la privacidad de todos los ciudadanos.

Hace unos días, la Corte de Justicia de la Unión Europea decidió invalidar la directiva 2006/24 sobre retención de datos – que obliga a los proveedores de servicios de Internet a guardar información sobre sus clientes – debido a que amenaza los derechos fundamentales a la privacidad y a la protección de los datos personales con que cuentan los ciudadanos europeos.

La directiva declarada inválida data del año 2006 y obliga a que todos los datos de telecomunicaciones sean recolectados indiscriminadamente por los proveedores, quienes deben guardarlos por entre 6 meses y 2 años. Registros de llamadas telefónicas y de conexiones a Internet se encuentran entre esos datos.

Sin embargo, antes de alegrarnos por la buena noticia, cabe preguntarnos cuál es la realidad chilena en la materia, específicamente en el caso de la retención de datos sobre nuestras conexiones a Internet.