Online privacy

The Federal Communications Commission and the Universal Service Administrative Company (USAC) are establishing a computer matching program to verify the eligibility of applicants to and subscribers of the Universal Service Fund (USF) Lifeline program. The categories of records involved in the matching program include, but are not limited to, a Lifeline applicant or subscriber’s full name; physical and mailing addresses; partial Social Security number or Tribal ID number; date of birth; qualifying person’s full name (if qualifying person is different from subscriber); qualifying person’s phy

In the last Weekly Digest, I presented a retrospective of a major policy story from 2018: The democratic harms of “Big Tech.” This week, a polar vortex accompanied a vortex of more privacy abuses from Big Tech, and further concerns about the very bigness of Big Tech.

Apparently, Facebook has become the target of at least three more state probes into the alleged mishandling of user data, expanding the number of government agencies investigating privacy-violation claims against the company. The state probes are coalescing into two main groups scrutinizing the social-media company’s data-protection practices. Pennsylvania Attorney General Josh Shapiro and Illinois counterpart, Kwame Raoul, have joined forces with Connecticut’s William Tong, apparently. That group is focused on investigating existing allegations.

It looks like Facebook was not the only one abusing Apple’s system for distributing employee-only apps to sidestep the App Store and collect extensive data on users. Google has been running an app called Screenwise Meter, which bears a strong resemblance to the app distributed by Facebook Research that has now been barred by Apple. In its app, Google invites users aged 18 and up (or 13 if part of a family group) to download the app by way of a special code and registration process using an Enterprise Certificate.

In general, we think the integration of Facebook Messenger, WhatsApp, and Instagram has the potential to be beneficial for consumers -- if done right. We still need more details from Facebook’s plan to monetize this move in order to fully understand its privacy implications. However, we believe that there’s a lot of positive potential in this move. Making WhatsApp-level end-to-end encryption the standard for Facebook Messenger and Instagram would in one simple move radically improve the privacy and security of the communications of millions of people.

In New York and other states across the country, authorities are acquiring technology to extract and digitize the voices of incarcerated people into unique biometric signatures, known as voice prints. Prison authorities have quietly enrolled hundreds of thousands of incarcerated people’s voice prints into large-scale biometric databases. Computer algorithms then draw on these databases to identify the voices taking part in a call and to search for other calls in which the voices of interest are detected.

Facebook has acknolwedged it has hired three veteran privacy law activists, including Nate Cardozo, an attorney formerly of the Electronic Frontier Foundation, who has been very publicly critical of the company in recent years. In 2015, Cardozo once wrote in an op-ed that Facebook's "business model depends on our collective confusion and apathy about privacy."  In addition to Cardozo, Facebook also hired attorney Robyn Greene, previously with the Open Technology Institute in Washington, DC, and Nathan White, who is set to leave his position at Access Now.

Apple announced that Facebook violated an agreement by distributing a data-collecting app to consumers, bypassing Apple’s normal review for an app intended for the public. Apple said it is cutting off Facebook’s ability to offer the app to consumers. The announcement comes after the revelation that Facebook has been paying some users (aged 13-35) $20 per month to install a research app on their phones that can collect intimate information about their online behavior and communications.

Desperate for data on its competitors, Facebook  has been secretly paying people to install a “Facebook Research” VPN that lets the company suck in all of a user’s phone and web activity, similar to Facebook’s Onavo Protect app that Apple banned in June and that was removed in August.

US District Judge Lucy Koh in San Jose (CA) has rejected a proposed settlement that would put an end to the years-long lawsuit over the company’s 2016 disclosure that it had been hit by nation-state hackers that exposed hundreds of millions of accounts. Judge Koh, who has presided over many tech-related cases, including the Apple v. Samsung trial, lambasted Yahoo for its lack of transparency over how it has handled the aftermath of the breach.