Facebook, phones, privacy, oh my!

Last year Facebook was dragged before a senate committee hearing regarding privacy. The founder Mark Zuckerberg was challenged with questions regarding how Facebook keeps user records private, and how Facebook is able to access personal data beyond it’s documented reach. What does this mean?

In several videos, and in independent tests, it appears that Facebook as an application installed on your phone was granted by default (unless the user changes the settings) ability to access the phone’s microphone and the camera. Per Facebook, this is for items such as auto tagging what a user is listening to while making a post. The videos where people test this show something far more nefarious though. By placing a phone with the Facebook app installed near them, people intentionally discuss an item that they have never discussed or searched for. As an example, “taking a trip to South Africa”. Note that the Facebook app is simply installed, not running as an application. Lo and behold, the users start getting advertising for flights to South Africa, tourism trips in South Africa, etc. This is disturbing enough, but add in the actual privacy practices of Facebook….

Facebook sold private data to Cambridge Analytics, and that data was leaked. While the data in this case was not worse than say, the Equifax breach, it still shows a disregard for data privacy.

If Facebook is recording your voice conversations if you are near your phone, and is capable of selling that data that they store, could you be at risk? Client confidentiality breach? Trade secrets? Even if you didn’t intend to reveal that data to Facebook, they have it. And if they intend to keep it private, they can’t guarantee it.

Want to know what other risks you are exposing your company to? Contact us today!

Privacy and what it means…

Privacy is a touchy topic. For some people, it means having control over what you don’t want others to know. For example, you want to keep your social security number private, or your bank account number. But there are other things that we care less about being private, such as photos of ourselves on vacation that we post to social media. What if what you think is “private” really is just slightly harder to get to?

The world news is full of stories where someone’s privacy was breached, from leaked celebrity iCloud photos to identity theft. We believe that these incidents are isolated, but in fact everyone has had some level of privacy breach in their lives whether or not they know it. Recent data breaches from major corporations were released here. You can search for yourself and find out if your usernames and passwords were published.

Take for example, you have an iPhone and you use Facebook. According to several “experiments”, Facebook may be collecting information about all of the texts and phone calls you have made from the iPhone, they track all of your locations where you “check in” and Google has already admitted that they send telemetry location data every time you use a Google app, even if your GPS is turned off.

For a typical user, someone with access to this data can know where you were, when and what you were doing all the time. Maybe you think “I don’t care if Facebook or the government knows I bought a shovel from Home Depot on Saturday morning at 11:14AM for $28.34 and I used my Visa card ####-####-####-#### for it.” And maybe that is true, but did you volunteer that information? If I can gather that, what else can I get?

This type of data collection when coupled with “Artificial Intelligence” or “Deep Learning” can come pretty close to predicting what you are likely to do in the future. It is this part of “privacy” that becomes scary.

What if I could detail out all of the daily activities of your employees? What information can I collect about your business? Bad actors have long know that the easiest way to get in a door, is to ask a person with a key to open it for you. This is usually called “Social Engineering”, but with machine learning, and organizations like Amazon, Microsoft, Google and Facebook collecting every aspect of your life, the issue of privacy goes beyond what you choose to share and enters the realm of inference.

Protecting yourself means being vigilant with what information about you is available. Many people choose not to post vacation photos while they are away because it tells robbers that they aren’t home. Beyond that, does Facebook NEED access to your camera? Photo Gallery? Text Messages? Microphone? Does Amazon Prime need to know your GPS location? All of these apps have permissions that they ask you about. If it doesn’t seem right (why would Candy Crush need access to my Voicemail? Or my camera?) then it probably isn’t.

Want to know more about how to protect yourself and your company? Contact us today!