3 min read

ICYMI: Sept 14 - Sept 20

ICYMI: Sept 14 - Sept 20

ICYMI is posted every Monday recapping privacy news over the last week from around the web.

WhatsApp-tracking apps are letting people figure out when you're sleeping and who you're talking to on the Facebook-owned app

But the user data that the Facebook-owned messaging app shares publicly is allowing dozens of outside apps to track aspects of WhatsApp users' online activity — including whom they're likely talking to, when they're sleeping, and when they're using their devices.

These apps and services use the "online" signaling feature within WhatsApp to enable their users to monitor the digital habits of anyone using WhatsApp without their knowledge or consent, Business Insider has found.
[...] So how, exactly, do the apps work?

When someone has WhatsApp open, they are displayed as "online" to their contacts — indicating that they're actively using the messaging service and may reply to a message more promptly. The user of a tracking app enters the phone number of the person they want to track, and the app then constantly checks to see if the target is "online" or not, creating a 24/7 record of their activity. This data can then be displayed visually, allowing the user to monitor their target's online habits, including the times they use their device regularly and when they're sleeping, over a period of days and weeks.

Metadata can tell you a lot without needing access to any actual content.

Companies Can Track Your Phone’s Movements to Target Ads

Most smartphones have internal components that record data on their movements. If you’ve ever used the compass on your phone, it’s thanks to internal sensors like the accelerometer (which can tell the direction you’re facing) and magnetometer, which is drawn to magnetic poles. These and other sensors also power features like “raise to wake,” where your phone powers on when you pick it up, or rotating to horizontal orientation to watch a movie.

Companies like NumberEight, or competitors Sentiance and Neura, use sensor data to categorize users. Instead of building a profile to target, say, women over 35, a service could target ads to “early risers” (as indicated by sensors noting when the phone is picked up after hours of rest) or adapt its user interface for after-work commuters (as indicated when sensors note riding a train after 5 pm). The feedback from the sensors provides “context” on the user’s physical behavior.

Sen says NumberEight restricts how clients can collect and combine user data. For example, a gaming app may already know which of its users makes the most in-app purchases. It can use NumberEight to determine if these people are, say, heavy runners or long-distance commuters. A music app may use the service to determine when users are most likely to skip certain songs, based on whether they are jogging or home. They can personalize the app based on real-time information on people’s activities.

A good eye opener.  I don't think many people think about things like this since we don't interact with sensors in the same way we do with an app.  

Facebook Accused of Watching Instagram Users Through Cameras

The lawsuit springs from media reports in July that the photo-sharing app appeared to be accessing iPhone cameras even when they weren’t actively being used.

Facebook denied the reports and blamed a bug, which it said it was correcting, for triggering what it described as false notifications that Instagram was accessing iPhone cameras.

Isn't it weird that all these bugs happen to be incredibly invasive to your privacy?

Update on Firefox Send and Firefox Notes

Firefox Send was a promising tool for encrypted file sharing. Send garnered good reach, a loyal audience, and real signs of value throughout its life.  Unfortunately, some abusive users were beginning to use Send to ship malware and conduct spear phishing attacks. This summer we took Firefox Send offline to address this challenge.

In the intervening period, as we weighed the cost of our overall portfolio and strategic focus, we made the decision not to relaunch the service. Because the service is already offline, no major changes in status are expected. You can read more here.

Firefox Notes was initially developed to experiment with new methods of encrypted data syncing. Having served that purpose, we kept the product as a little utility tool For Firefox and Android users. In early November, we will decommission the Android Notes app and syncing service. The Firefox Notes desktop browser extension will remain available for existing installs and we will include an option to export all notes, however it will no longer be maintained by Mozilla and will no longer be installable. You can learn more about how to export your notes here.

Always sucks when a few bad apples ruin it for everyone.

Privacy-focused search engine DuckDuckGo is growing fast

DuckDuckGo saw over 2 billion searches and 4 million app/extension installations, and the company also said that they have over 65 million active users. DuckDuckGo could shatter its old traffic record if the same growth trend continues.

Good to see a more privacy focused search engine consistently growing in users

Want to join the discussion?  Check out this post, and others, over at the CupWire subreddit and leave a comment.