Previous month:
December 2012
Next month:
February 2013

18 posts from January 2013

DuckDuckGo: A Search Engine For Privacy

Last week, a reader suggested the search engine. Like most people, through the years I used a variety of search engines: first Yahoo, then Alta Vista, Google, and most recently Bing. DuckDuckGo has a very simple, easy-to-read privacy policy:

"DuckDuckGo does not collect or share personal information. That is our privacy policy in a nutshell..."

The DuckDuckGo privacy policy also explains why you should care about what other search engines do:

"... when you search for something private, you are sharing that private search not only with your search engine, but also with all the sites that you clicked on (for that search). In addition, when you visit any site, your computer automatically sends information about it to that site..."

Other search engines collect your search terms. And, the list of information your computer sends to them includes its operating system brand and version, screen size and resolution, your ISP, and your IP address. And that information may also be shared with affiliates or partner companies. doesn't do any of this.

ConsumerSearch lists the advantages and disadvantages of DuckDuckGo. In March 2012, PCWorld said:

"...[DuckDuckGo]t also doesn't track users: no personal information is collected, shared, or used to customize individual users' search results. So, anyone searching on a particular term in DuckDuckGo will get the same results... DuckDuckGo also offers benefits including the capability to use shortcuts to directly search many websites..."

And, there are DuckDuckGo mobile apps.

I ran several searches to see what DuckDuckGo retrieves. Its search results don't seem to missing any pages other search engines deliver. Besides the privacy benefits, I like the cleanness and lack of clutter at DuckDuckGo. A long time ago, the Google search engine used to be this way.

To learn more about, read about how it does not track your online usage. And, read this page about the Filter Bubble. Then, decide for yourself.

If you use DuckDuckGo, what's your opinion or experience with it?

Publishers Consider Ways To Further Use Data Collected By E-Readers

While listening to National Public Radio (NPR) in my car on Monday, I heard a very interesting report about how publishers are considering how to further use the data collected by e-readers (e.g., Amazon Kindle, Barnes & Noble Nook). Specifically, publishers are considering ways to use the data collected to give more detailed feedback to authors.

First some background for those who don't use e-readers, or who use them and haven't read the associated privacy policies. E-readers and e-books are increasing in popularity. Pew Research found:

"One-fifth of American adults (21%) report that they have read an e-book in the past year... 88% of those who read e-books in the past 12 months also read printed books... The average reader of e-books says she has read 24 books (the mean number) in the past 12 months, compared with an average of 15 books by a non-e-book consumer... 30% of those who read e-content say they now spend more time reading, and owners of tablets and e-book readers particularly stand out as reading more ... 72% of American adults had read a printed book and 11% listened to an audiobook in the previous year, compared with the 17% of adults who had read an e-book... E-book reading happens across an array of devices, including smartphones...."

About e-books and public libraries, Pew Research found:

"Some 12% of Americans ages 16 and older who read e-books say they have borrowed an e-book from a library in the past year... E-book borrowers say they read an average of 29 books in the past year, compared with 23 books for readers who do not borrow e-books from a library... more than three-quarters of the nation’s public libraries lend e-books... 58% of all library card holders say they do not know if their library provides e-book lending services... 46% of those who do not currently borrow e-books from libraries say they would be “very” or “somewhat” likely to borrow an e-reading device that came loaded with a book they wanted to read... 58% of Americans have a library card..."

Both surveys include plenty more results, but it is clear that consumers would read more e-books if they knew that their public library provided them. The benefits of e-readers are clear:

  • Convenient: can carry with you several books without the heavy weight,
  • Books don't take up shelf space in your home, and
  • E-reader providers can learn your reading habits and recommend similar books.

In 2012, the EFF compared the privacy policies of various e-readers. The disadvantages:

  • Loss of privacy: e-readers collect data about your reading habits and the online searches you performed to find e-books you want to read,
  • Some e-readers collect and track the annotations consumers may make on an e-book text,
  • The privacy policies of some e-readers are vague about exactly what data they collect (e.g., e-book purchases from other sources),
  • Selection may be limited if your e-reader requires a certain format (e.g., AZW, ePub, PDF, RTF, etc.),
  • Many books are not available in e-book format,
  • Most e-readers share your readhing habits with other companies, while some offer opt-out capabilities.

The obvious data collected by e-readers includes the types (e.g., genre) of books downloaded onto your e-reader, when you downloaded e-books, the books read, and your reading patterns (e.g., the types/genres of books read). Other data collected, that you may not be aware of, includes how fast you read a book, which portions of the book you actually read, what e-book you immediately purchased next after completing a specific book (e.g., this probably applies to books in a series), and any annotations you made on the e-book text.

Some consumers may abandon an e-book after reading the first few chapters or a few pages. Some consumers may skip the introduction. Other consumers may read the last chapter first. For a given book, many consumers may skip a common chapter. For example, the Wall Street Journal reported that an average consumer read the third book in the "Hunger Games" series in about 7 hours, or 57 pages per hour.

Now, publishers and authors can know all of this. Publishers consider this data collected an opportunity to provide more feedback to authors. Thankfully, many authors will ignore this feedback and keep the creative process first (e.g., write what they intended regardless). But the data collection continues.

The e-readers with WiFi capabilities (e.g., Kindles, mobile devices, tablets) can combine geolocation data with your reading habits to determine where you read certain books. Whether or not this data collection bothers you is probably a personal choice.

If your reading habits include books about a certain medical condition, then you might be concerned about the loss of privacy. If your reading habits include topics to research a new business venture you have to keep secret until launch, then you might be concerned about the loss of privacy.

One way to think about e-readers: reading a book was historically something you did alone and in private. Not anymore. What's your opinion of e-readers and e-books?

Want to learn more? Try some of these:

Microsoft Survey For Data Privacy Day 2013. What Internet Users Do To Protect Their Privacy

Today is Data Privacy Day, with celebrations in North America and Europe. To support this event, Microsoft released last week the results of a survey of Internet users about what consumers do to protect their privacy. I found some very interesting results:

  • 45% of respondents said they have little or no control over the personal information companies collect about them while browsing the Web.
  • 54% of respondents said they sometimes consider a company's privacy reputation, track record or policies when selecting which websites to visit.
  • 32% of respondents said they always consider a company’s privacy reputation, track record and policies when selecting which websites to visit
  • 24% of respondents said that they had little or not control over the personal information they share online
  • Regarding website privacy, 39% said they consult a family member or friend about a website, 39% check a company's website privacy policy, 29% check the company's privacy policy, 21% check an industry or consumer organization, and 15% do nothing. More men do nothing (17%) than women (12%).
  • The sources of privacy information respondents trust most are friends and family (33%), industry or consumers organizations (25%, a website's privacy statement (22%), a company's privacy statement (20%), government agencies (15%), and news media (10%). Younger adults are more likely to trust government agencies, while older adults are least likely (5%) to trust news sites.

In a blog post, Brendon Lynch, Microsoft's Chief Privacy Officer, said:

"... customers want and expect strong privacy protections to be built into our products, devices and services, and for companies to be responsible stewards of consumers’ data... People also need more information about their privacy options and help controlling their personal information online."

I agree with that. Consumers want and need more control over their sensitive personal information.

The survey included interviews of 1,015 adults aged 18 or older. The survey was conducted during November 2012 by Microsoft and Ipsos MediaCT. Some descriptive facts about the survey respondents:

  • 51% were female
  • Ages: 18 to 34 (31%), 35 to 54 (37%), and 55 or older (32%)
  • Household income: below $50K (42%), and $50K or higher (58%)
  • Education: high school or less (32%), some college (35%), college graduate (20%), and post graduate (13%)
  • Employment: full-time (39%), part-time (11%), retired (17%), unemployed (11%), homemaker (9%), student (6%), and other (10%)

5 Online Privacy Tips To Keep You And Your Family Safe

Monday will be Data Privacy Day (DPD), with celebrations in North America and Europe to raise awareness and provide consumers with education about privacy. DPD was started in 2008. This year's theme is, "Respecting Privacy, Safeguarding Data and Enabling Trust." This year's events will be started with a privacy forum at the George Washington University Law School in Washington, DC. Federal Trade Commissioner Maureen Ohlhausen is the keynote speaker. More events are scheduled nationwide throughout February.

To support this event, Anchorfree and the National Cyber Security Alliance have developed together a list of tips for consumers to maintain their privacy when connected to the Internet via your smart phone, tablet, or laptop/desktop computer:

"1. Risky business - Make sure all family members understand the public nature of the Internet and its risks. Any digital information they share -- emails, photos or videos -- can easily be copied and pasted elsewhere, and is almost impossible to take back. Anything that could damage their reputation, friendships, wallet or future prospects should not be shared electronically."

A recent study found that 30 percent of teenage girls meet in person strangers they met online. So, it is critical for parents and families to practice safe habits while connected to the Internet and in the physical world. If you are a parent, grandparent, or guarding who plans to buy a smart phone for a child, then you definitely should read this contract one smart parent created to help her manage her teen's online usage.

2. Keep it hidden, keep it safe - Make sure all family members are careful about sharing sensitive information such as birth date, addresses, phone numbers, location, financial information, social security numbers, passwords and vacation plans. Most reputable online services have privacy settings. Teach your kids how to use them, too."

3. Browse intelligently - Avoid using sketchy, unfamiliar websites, and delete suspicious emails, particularly those that ask for unnecessary personal information or request that you download something. These may be malware or phishing sites out to steal your personal data.

There are several products available to automatically delete browser HTTP cookies and other files (e.g., Flash Cookies, and other LSO's = Locally Shared Objects) websites use to track you while connected to the Internet. This blog has reviewed some of them, including the MAXA Cookie Manager. I use the BetterPrivacy plugin with the Firefox browser.

The next item is critical because smart phones and tablets save a ton of metadata with each photograph or video you take. The metadata with your photos include a lot of descriptive information, including but not limited to a photo description (e.g., title, subject, tags, comments), author, date and time created, copyright information, image description (e.g., dimensions, resolution, color details, compression), camera description (e.g., make, model, F-stop, exposure, flash mode, zoom setting, lens maker, lens model, serial number, EXIF version), and file information (e.g., date created, date modified, file type, file name, size, attributes, owner, computer name). From photo metadata combined with your GPS location, a company can tell a lot about you, your purchases, your lifestyle, plus what you did/spent when and where.

That metadata gets uploaded to your favorite social networking website whenever you upload photos. Some social networking sites collect, save, and share all of that metadata. Others use some of it. So, consumers should:

4. Turn off geolocation - Many apps' permissions include backdoor location trackers that are constantly streaming your location. If you're not actively using your phone to navigate, turn them off. The FTC recently noted that many apps aimed at children are disclosing location; make sure your kids are following this rule of thumb as well."

The last tip cannot be over emphasized. Public WiFi hotspots are everywhere. If you expect to perform sensitive tasks (e.g., online banking, access/use sensitive documents from your employer) while connected to a public WiFi hotspot, you should:

5. Get behind a shield - Use a VPN such as Hotspot Shield, which will help identify malware sites and provide a secure, encrypted connection to the Internet for desktop or mobile devices, protecting your browsing from hackers and snoops. This is particularly important when using public Wi-Fi or other unknown networks."

AnchorFree produces Hotspot Shield. There are other brands available. Take a look at Get Cocoon and PrivateWiFi.

The National Cyber Security Alliance is a nonprofit organization formed to educate and empower consumers about Internet privacy. It collaborates with government, corporate, other non-profit and academic entities. NCSA board members include: ADP, AT&T, Bank of America, EMC Corporation, ESET, Facebook, Google, Intel, McAfee, Microsoft, PayPal, Science Applications International Corporation (SAIC), Symantec, Trend Micro, Verizon and Visa.

Some of those board members have a ways to go regarding privacy in their products or services. As a business consultant, I regularly use VPN software to remotely and securely access my clients' networks and servers. This blog post is not an endorsement of Hotspot Shield, since I have not used it.

What's your opinion of this list of tips? What VPN software do you use?

Researchers Document Java Update With 'Foistware' And Ask Toolbar Limitations

If your Internet browser uses the Java plugin by Oracle (which it probably does), then you know that you must download the free updates. Some of the updates are required so you can view websites that use the Java plugin to present the latest interactive features. Some games and websites won't work without the Java plugin. Some updates are necessary to fix vulnerabilities which hackers could use to steal your identity information or money; or use your computer to generate spam email.

A ZDNet article by Ed Bott describes a joint investigation by the author Professor Ben Edelman of the Harvard Business School. as "foistware' - deceptively installing software on your computer you may not want nor need. Hence, the software is foisted upon you. Their research concluded:

"1. When you use Java’s automatic updater to install crucial security updates for Windows, third-party software is always included. The two additional packages delivered to users are the Ask Toolbar and McAfee Security Scanner.

2. With every Java update, you must specifically opt out of the additional software installations. If you are busy or distracted or naive enough to trust Java’s “recommendation,” you end up with unwanted software on your PC.

3. IAC, which partners with Oracle to deliver the Ask toolbar, uses deceptive techniques to install its software. These techniques include social engineering that appears to be aimed at both novices and experienced computer users, behavior that may well be illegal in some jurisdictions.

4. The search page delivers inferior search results and uses misleading and possibly illegal techniques to deceive visitors into clicking paid ads instead of organic search results.

The article explores in detail the Java update process and where users must opt out of installing the Ask Toolbar feature. Having used the Java plugin for many years, I can verify that the article accurately describes the situation. It is frustrating to have to un-check during every update the Ask Toolbar option,so it isn't installed on my computer.

It is frustrating to have to select during every update the option to notify me when a Java update is available, because the Java update automatically defaults every time to the "update automatically" option. (See #1 above.) A better user experience would be for the Java update installer to default to what I selected during for the last update. I guess this is Oracle being Oracle... intentionally user unfriendly.

Why Oracle built and manages its Java plugin updates in this manner:

"The reason, of course, is money: Oracle collects a commission every time that toolbar gets installed. And the Ask installer goes out of its way to hide its workings."

I don't use the Ask Toolbar, so I don't have experience with that or its installation process. After reading Bott's article I won't use it since the article describes in detail the severe shortcomings of both the Ask Toolbar installation process and the software itself. Bott concluded:

"This is sleazy stuff. If you have installed this software, it affects searches you run from the address bar in any browser, including Chrome. Installing the Java update on my main PC hijacked the default search provider in Chrome 24 (the current version) and redirected searches from the Google omnibox (the address bar) to At no point was I asked for permission to make these changes to the settings in Chrome."

I agree with Bott. This type corporate behavior -- foistware -- has to stop, and for all the reasons Bott and Edelman list. If you use the Java plugin and/or the Ask Toolbar, please share your experiences below.

Curious? You can learn more about Java, the research about the IAC Toolbars by Professor Ben Edelman at the Harvard Business School, and the company IAC. If you use the Firefox browser, visit here.

[Editor's note: in the interest of full disclosure, I worked at the Harvard Business School from 1992 to 1997 performing business and economics research at Baker Library.]

10 Tips For Consumers To Stay Safe During 2013

The Better Business Bureau (BBB) has released its list for 2013 of tips for consumers to stay safe during 2013. The list includes items you can use both online and in the physical world to protect your money and your identity information:

"1. Do your research. Whether it's a business you're looking to hire or a product you're looking to buy, take the time to do your research. Check out a business at to see its BBB Business Review. For product information, go to the Consumer Product Safety Commission.

2. Keep your computer safe. Install anti-virus software on your computer and regularly check for software and operating system updates. Don't open attachments or click on links in emails unless the email has been scanned for viruses or is from someone you know or trust.

3. Get it in writing. Don't just take a business's word for it. Get every verbal agreement in writing to limit miscommunication and misunderstandings."

Tip #1 applies especially to prepaid cards. I would modify tip #2 to also include your mobile devices, smart phones and tablets, since they are computers too. Some more tips:

"5. Protect your identity. Always shred paper documents that include sensitive financial data and dispose of computers, cell phones and digital data safely. Safely store all personal documents, such as your Social Security card, and look up your credit score at least once a year. Check your credit and debit card statements frequently.

6. Shop on trustworthy websites. Online shopping has increasingly become more popular, so before you provide any personal or banking information over the web, make sure you're using a trusted site. Look for the "s" in https:// in the URL for a secure site."

Read the entire list at the Boston BBB website.

New Terms Of Service And Privacy Policies Go Live At Instagram

On Friday, Instagram sent this letter to its users:

From: Instagram ([email protected])
Subject: Instagram Update
Date: January 18, 2013


Our community has grown by many millions of people since we wrote our original Terms of Service and Privacy Policy. As we announced in December, we have updated our Terms of Service and Privacy Policy. These policies also now take into account the feedback we received from the Instagram Community. We're emailing you to remind you that, as we announced last month, these updated policies will be in effect as of January 19th, 2013.

You can read our blog post that highlights some of the key updates. And remember, these updates don't change the fact that you own your photos that you post on Instagram, and our privacy controls work just as they did before.

Thank you,
The Instagram Team

The Instagram blog summaried the changes in its new policies:

"1. Nothing has changed about your photos’ ownership or who can see them.
2. Our updated privacy policy helps Instagram function more easily as part of Facebook by being able to share info between the two groups. This means we can do things like fight spam more effectively, detect system and reliability problems more quickly, and build better features for everyone by understanding how Instagram is used.
3. Our updated terms of service help protect you, and prevent spam and abuse as we grow.

In its blog post, Instagram reassures users that users own their photographs. While that is good, the bigger question is exactly what data dlements are collected, retained, manipulated, and shared? Some relevant portions from the new Terms of Service:

"Instagram does not claim ownership of any Content that you post on or through the Service. Instead, you hereby grant to Instagram a non-exclusive, fully paid and royalty-free, transferable, sub-licensable, worldwide license to use the Content that you post on or through the Service, subject to the Service's Privacy Policy, available here, including but not limited to sections 3 ("Sharing of Your Information"), 4 ("How We Store Your Information"), and 5 ("Your Choices About Your Information")... You acknowledge that we may not always identify paid services, sponsored content, or commercial communications as such... Content removed from the [Instagram] Service may continue to be stored by Instagram, including, without limitation, in order to comply with certain legal obligations, but may not be retrievable without a valid court order... Except as otherwise described in the Service's Privacy Policy, available at, as between you and Instagram, any Content will be non-confidential and non-proprietary and we will not be liable for any use or disclosure of Content. You acknowledge and agree that your relationship with Instagram is not a confidential, fiduciary, or other type of special relationship, and that your decision to submit any Content does not place Instagram in a position that is any different from the position held by members of the general public, including with regard to your Content."

Some interesting sections from the new Privacy Policy:

We collect the following types of information.
Information you provide us directly:
1. Your username, password and e-mail address when you register for an Instagram account.
2. Profile information that you provide for your user profile (e.g., first and last name, picture, phone number). This information allows us to help you or others be "found" on Instagram.
3. User Content (e.g., photos, comments, and other materials) that you post to the Service.
4. Communications between you and Instagram. For example, we may send you Service-related emails (e.g., account verification, changes/updates to features of the Service, technical and security notices). Note that you may not opt out of Service-related e-mails."

Metadata is usually technical data that is associated with User Content. For example, Metadata can describe how, when and by whom a piece of User Content was collected and how that content is formatted. Users can add or may have Metadata added to their User Content including a hashtag (e.g., to mark keywords when you post a photo), geotag (e.g., to mark your location to a photo), comments or other data. This makes your User Content more searchable by others and more interactive. If you geotag your photo or tag your photo using other's APIs then, your latitude and longitude will be stored with the photo and searchable (e.g., through a location or map feature) if your photo is made public by you in accordance with your privacy settings."

"We may also share certain information such as cookie data with third-party advertising partners. This information would allow third-party ad networks to, among other things, deliver targeted advertisements that they believe will be of most interest to you... We may remove parts of data that can identify you and share anonymized data with other parties. We may also combine your information with other information in a way that it is no longer associated with you and share that aggregated information."

The new policy does not seem to mention exactly how Instagram may manipulate (e.g., add, delete, merge) the metadata attached to your photographs with other data elements (e.g., mobile geolocation data). That is important to know given a recent lawsuit about alleged unannounced and unauthorized data collection, retention, and tracking involving its mobile apps.

The information in this blog post is not legal advice. If you are concerned about the new policies, get legal advice from an attorney. I am not an attorney.

California AG Issues Report With Privacy Guidelines For Mobile App Developers

Earlier this monthy, California Attorney General Kamala D. Harris issued privacy guidelines for mobile app developers and other companies in the mobile industry to better protect consumers. The new guidelines are part of the State's Privacy Enforcement and Protection Unit. Why the California AG devloped these guidelines:

"... 85 percent of American adults have a cell phone, 45 percent a smart phone, 61 percent a laptop, 25 percent a tablet computer, and 18 percent an e-book reader. Over half of adult cell phone owners use the Internet on their phones, twice the rate in 2009. And nearly one third of cell owners report that their phone is the primary, or only, way they access the Internet... there are more than a million apps available on the primary mobile platforms, and more than 1,600 new apps are added daily... many mobile apps did not provide users with privacy policy statements at all..."

And, experts expect millions of consumers will be affected by mobile threats and mobile malware. This is not a surprise since mobile devices uniquely combine several types of valuable information on a single computer: personal and business email, business documents, personal and business contacts, calling history, text messages, passwords for social networking sites, video, photos, audio, browser history, app history, and your GPS locations by date and time.

The general guidelines:

"For App Developers:
1. Start with a data checklist to review the personally identifiable data your app could collect and use it to make decisions on your privacy practices.
2. Avoid or limit collecting personally identifiable data not needed for your app's basic functionality.
3. Develop a privacy policy that is clear, accurate, and conspicuously accessible to users and potential users.
4. Use enhanced measures -- "special notices" or the combination of a short privacy statement and privacy controls -- to draw users' attention to data practices that may be unexpected and to enable them to make meaningful choices.

For App Platform Providers:
1. Make app privacy policies accessible from the app platform so that they may be reviewed before a user downloads an app.
2. Use the platform to educate users on mobile privacy.

For Mobile Ad Networks:
1. Avoid using out-of-app ads that are delivered by modifying browser settings or placing icons on the mobile desktop.
2. Have a privacy policy and provide it to the app developers who will enable the delivery of targeted ads through your network.
3. Move away from the use of interchangeable device-specific identifiers and transition to app-specific or temporary device identifiers.

For Operating System Developers:
Develop global privacy settings that allow users to control the data and device features accessible to apps.

For Mobile carriers:
Leverage your ongoing relationship with mobile customers to educate them on mobile privacy and particularly on children's privacy."

For each general guideline, the document contains specifics. California led the nation with data breach notification laws to inform and protect consumers. The new guidelines, while not legally binding, are consistent with this leadership.

Items I hoped the guidelines would have contained, but didn't:

  • Don't build apps that upload consumers' entire address books. You don't need all of their information. You may want it, but you don't need it. A small porton of their contacts use your app.
  • Data plan consumption estimates. Auto manufacturers provide consumers with mileage estimates (e.g., city, highway) for their products. App developers should provide similar estimates (e.g., low use, high use) if their apps are bandwidth hogs or operate frequently in the background
  • Use plain English whenever possible for privacy statements and terms of usage statements
  • Streamline and consolidate privacy statements whenever possible. Currently, consumers must read and wade through at least six privacy statements
  • Be transparent and explicit about how you treat metadata with documents, videos, and photos. Consumers have a right to know what metadata elements you use, delete, and add to their assets.
  • Be transparent and explicit with the list of affiliates or partners you share consumers' personal information with. That includes cloud vendors.
  • Be explicit about the assistance (if any) you provide uses when your app is hacked, or when the transacton flow that supports your app is hacked.
  • For additional services, consumers must opt in and register. Don't auto include consumers
  • Guidelines for banks. Some banks develop apps and are covered. Others are part of the transaction flow that enables the app (e.g., payments)

Download the "Privacy On The Go" report (Adobe PDF, 2.27 Mbytes) by the California Attorney General.

Study: 30 Percent Of Teen Girls Meet In Person Strangers They Met Online

This is a startling and terrifying statistic. Parents: what is your teenage daughter doing online? WFMJ reported the results of a recent pediatric study:

"... the study tracked online and offline activity among more than 250 girls aged 14 to 17 years and found that 30 percent followed online acquaintance with in-person contact..."

The study, funded by a grant from the National Institutes of Health (NIH), included a mix of girls with and without a history of risky behavior. The study's author is Jennie Noll, a professor of pediatrics at the University of Cincinnati. The NIH is part of the U.S. Department of Health and Human Services (DHHS).

I recommend that parents read the WFMJ article, since it includes additional information. Reportedly, the study appeared in the Journal of Pediatrics. I wished that the study had included younger girls, since many social networking sites allow youth aged 13 and older to register.

Lawsuit Claims Instagram Performed Data Collection, Retention, And Tracking Via Its Mobile App Without Notice Or Users Consent

While Instagram, the popular photo-sharing website, made a fast retreat last month after releasing new Terms of Service and Privacy policies, it appears that there are more issues. During the holidays last month, a class-action lawsuit was filed against Instagram claiming unauthorized data collection, retention, and tracking via the photo sharing site's mobile app.

The complaint alleges that Instagram uploaded via its mobile app users' entire address books, accessed and modified both the geolocation and metadata in users' photos uploaded, collected and stored users' fine geolocation data, accessed users' data stored within Amazon-provided cloud-based services, and distributed users' sensitive personal data to third-party companies without notice nor consent. The complaint alleged that Instagram:

"... used Plaintiff's and Class Members' computing devices to access, use, disclose, retain, and store personal information ("PI"), personal identifying information ("PII"), and/or sensitive identifying information ("SII") derived in whole, or part, from Plaintiff and Class members' computing devices' contact address book, aggregating such data derived from the unauthorized access to, and use of Plaintiff and Class members' photo metadata, for purposes not granted..."

There is more. The complaint also states that the plaintiffs:

"... were unaware of the harm that would be imposed... including use, retention, and storage of their computing devices contact address data, installation of geo-tags for tracking, the misappropriate of their Mobile Device resources and bandwith... [the plaintiffs] had not knowledge that contact book data was obtained and stored on Defendant's servers and/or third-party servers, such as on Amazon EC2's remote servers and was stored in an unreasonably insecure manner contrary to accepted standards... [the plaintiffs] did not consent to having their data collected by Defendant. Had [the plaintiffs} known of Defendant's practices, they would not have downloaded its app..."

Of course, mobile apps that consume large amounts of consumers' data plan minutes are undesirable, and consumers should be provided with warnings by these apps. The suit was filed December 27, 2012 in Northern California District Court by attorneys Parisi & Havens LLP, Strange and Carpenter LLP, and the Law Office of Joseph H. Malley, P.C.. Recently, Facebook purchased Instagram in 2012 for $1 billion.

While reading the complaint, I recognized Malley's name, since he is often referred to as a "Privacy Crusader." Malley was involved with class-action suits against Adzilla, NebuAd, Quantcast ("zombie cookies"), Ringleader, Facebook, and Apple. In 2010, Facebook settled its suit for $9.5 million. So, these attorneys know what they are doing.

Photo with geolocation metadata from Gutierrez et. al. v Instagram complaint For the lead plaintiff, Steven Gutierrez, the alleged data collection, retention, and tracking by Instagram affected his minor child and warnings weren't timely enough for consumers who registered and installed the Instagram app early on:

"... ignoring the intent of [the plaintiffs] that used Defendant's application to up upload and/or take photos using Defendant's application and also creating a digital dataset, link to their exact location, posted to a publicly accessible form that revealed their exact fine GPS settings, violating not only their privacy rights, but also posing a security risk, as evidenced by Plaintiff Steven Gutierrez, with his one year old daughter, pictured above, that included within the photo's metadata, the exact location where the picture was taken, his home, and a detailed map of the home's exact location... Defendant failed to adequately disclose, or obtain permission for such activities, evidenced by failing to provide a Terms of Service or Privacy Policy within its application or website for a period in excess of a year after its initial operation... Defendant's access to, deletion, modification, and use of Plaintiff and Class Members' metadata within their photos, was without notice or authorization, and is evidenced by an analysis of the photo metadata at various stages. In order to view such activity, a software program is required, such as the one at [Jeffrey's EXIF Viewer]... Defendant's alteration of the digital content's metadata, in addition to the inclusion of fine GPS actual coordinates, provided a Unique Identifier..."

Photo metadata includes a lot of descriptive information, including but not limited to a photo description (e.g., title, subject, tags, comments), author, date and time created, copyright information, image description (e.g., dimensions, resolution, color details, compression), camera description (e.g., make, model, F-stop, exposure, flash mode, zoom setting, lens maker, lens model, serial number, EXIF version), and file information (e.g., date created, date modified, file type, file name, size, attributes, owner, computer name). From photo metadata, a company can tell a lot about you, your purchases, and your lifestyle.

Photo with metadata listing from Gutierrez et. al. v Instagram complaint

If Instagram adds fine geolocation data to photos after upload, then this is very troubling. For privacy reasons and safety, many consumers turn off the camera setting on their smart phones that automatically adds GPS data to each photo and video taken. By re-adding this geolocaton data later to photos/videos uploaded, Instragram is overriding and ignoring users' privacy choices, and enabling tracking of consumers in the real world.

The complaint is rich with detail. Of course it provides background information on the Instagram service, its mobile apps, and usage terms/policy. The complaint also includes information about the public outcry about the new usage terms/policy which it later reversed, smart phone technologies, online tracking, cloud computing, photo metadata, and U.S. Congressional correspondence about app privacy. About the data collection, the complaint states:

"Defendant did not deny it had obtained Plaintiff's and Class Members' contact address data, but attempted to diminish the impact of its public relations nightmare by providing an immediate "Mea Culpa," of sorts, staying out of the press, and quietly adding a new pop-up requesting user authority to obtain contact address data information all users... Defendant's public response that it's activities were a common practice was without merit upon review of the app store guidelines..."

For consumers, letting mobile apps upload your entire address book is a bad idea for several reasons. First, the contact data is valuable to spammers and identity criminals because both issue fake messages (e-mail or text) pretending to be a relative or friend to trick consumers to making payments or disclosing other sensitive data. Second, many consumers use their smart phones for both business and pleasure. That means, the data collected contains valuable business contacts, useful to both advertisers and spies -- a corporate espionage risk.

I really like how the complaint describes in great detail the damages with specific dollar amounts for affected smart phone users. The lawsuit also highlights the issue of who ultimately controls image (e.g., photograph, video) metadata -- the consumer or the social networking service.

View the Gutierrez et. al. vs Instagram Inc. complaint (Adobe PDF, 1.8 Mbytes). Learn more about:

FTC Amends Rules Regarding Data Collection Of Personal Information Of Minors

Last month, the U.S. Federal Trade Commission (FTC) clarified and strengthened its rules regarding the collection of personal data of minors under the age of 13. In its announcement, the FTC stated:

"1. Modify the list of “personal information” that cannot be collected without parental notice and consent, clarifying that this category includes geolocation information, photographs, and videos;
2. Offer companies a streamlined, voluntary and transparent approval process for new ways of getting parental consent;
3. close a loophole that allowed kid-directed apps and websites to permit third parties to collect personal information from children through plug-ins without parental notice and consent;
4. Extend coverage in some of those cases so that the third parties doing the additional collection also have to comply with COPPA;
5. Extend the COPPA Rule to cover persistent identifiers that can recognize users over time and across different websites or online services, such as IP addresses and mobile device IDs;
6. Strengthen data security protections by requiring that covered website operators and online service providers take reasonable steps to release children’s personal information only to companies that are capable of keeping it secure and confidential
7. Require that covered website operators adopt reasonable procedures for data retention and deletion; and
8. Strengthen the FTC’s oversight of self-regulatory safe harbor programs.

The new rules become effective July 1, 2013. The rules are part of the Children's Online Privacy Protection Act (COPPA) enacted in 1998. The COPPA rules include personal information elements such as the child's full name, home address, email address, telephone number, or any other information that would allow someone to identify or contact the child. As they should, the new rules add more data elements. The FTC stated in its blog:

"The definition of personal information now includes geolocation information, as well as photos, videos, and audio files that contain a child’s image or voice. Also covered: persistent identifiers that can be used to recognize a user over time and across different websites or online services. But there’s a notable exception: COPPA’s parental notice and consent requirements don’t kick in if the identifier is used solely to support the internal operations of the site or service."

It strikes me that the above exception, or loophole, could be used to avoid and abuse consumer information. Those "persistent identifiers" are key since they are used by the online advertising networks, and enable both online tracking and behavioral advertising. Plus, there is a long history of repeated abuse of consumers' sensitive personal information by companies using zombie cookies, Flash cookies, zombie e-tags, search hijacking, and leaky apps on mobile devices. In September 2012, the FTC issued guidelines for mobile app developers.

Companies are advised to watch the FTC Children's Privacy page for additional updates.

In an ideal world, COPPA rules would not stop at age 13, but extend to age 18, the usual age of majority. It would have been better if the amended COPPA rules explicitly mentioned facial recognition.

Researchers Find Vulnerabilities in VOIP Phones And A New Possible Fix

According to Science Daily, computer scientists at Colombia University's Engineering department analyzed the firmware of VOIP (Voice Over Internet Protoccol) phones, found vulnerabilities, and identified a possible fix to the data breach risks. The researchers were Ang Cui, a Computer Science PhD candidate, and Salvatore Stolfo, a Computer Science Professor.

Their research was funded by the Defense Advanced Research Projects Agency (DARPA), the Intelligence Advanced Research Projects Activity (IARPA), and the Department of Homeland Security (DHS). The vulnerabilities increase the risk of corporate espionage and data breaches of sensitive corporate and personal information:

"At a recent conference on the security of connected devices, Cui demonstrated how they can easily insert malicious code into a Cisco VoIP phone (any of the 14 Cisco Unified IP Phone models) and start eavesdropping on private conversations -- not just on the phone but also in the phone's surroundings -- from anywhere in the world... It's not just Cisco phones that are at risk. All VoIP phones are particularly problematic... [the researchers] are particularly concerned with embedded systems that are widely used and networked on the Internet, including VoIP phones, routers, and printers..."

The vulnerability is not new as researchers in Australia raised the issue in May 2011. What is new is the possible fix identified by Cui and Stolfo:

"Software Symbiotes is designed to safeguard embedded systems from malicious code injection attacks into these systems, including routers and printers... The Symbiote is especially suitable for retrofitting legacy embedded systems with sophisticated host-based defenses..."

This is very important because VOIP phones are used by both corporations and consumers. For consumers, a hacked VOIP phone could mean more spam and phishing attacks via your VOIP phone. This data breach risk is troublesome also for SOHO businesses (e.g., attorneys, accountants) where privacy is critical.

Important research like this needs consistent and uninterrupted funding. Just as you are reading about this subject, so too are criminals. Let's hope that future tests confirm this new fix.

FTC Report On Mobile Apps For Children: Insufficient Privacy Disclosures

In February 2012, the U.S. Federal Trade Commission (FTC) published its first report on mobile apps for children, after surveying apps in both the Google Android and Apple app stores. That report found that apps provided little or no information for parents about privacy disclosures of the apps. It also called upon all companies in the children's app ecosystem -- app developers, app stores, and third parties -- to provide better disclosures regarding data collection and privacy practices.

In December 2012, the FTC published its second report, which went further than the first report by testing some apps against their state privacy policies. The FTC found:

"... many apps included interactive features or shared kids’ information with third parties without disclosing these practices to parents... Since the first kids’ app report was issued, the market for mobile apps has continued to grow at an explosive rate, providing many benefits and conveniences to consumers. As of September 2012, there were over 700,000 apps available in Apple’s App Store, a 40% increase since December 2011, and over 700,000 apps available in Google Play, an 80% increase since the beginning of 2012."

The survey found that apps still aren't providing sufficient privacy disclosures:

"... parents still are not given basic information about the privacy practices and interactive features of mobile apps aimed at kids. Indeed, most apps failed to provide any information about the data collected through the app, let alone the type of data collected, the purpose of the collection, and who would obtain access to the data. Even more troubling, the results showed that many of the apps shared certain information – such as device ID, geolocation, or phone number – with third parties without disclosing that fact to parents. Further, a number of apps contained interactive features – such as advertising, the ability to make in-app purchases, and links to social media – without disclosing these features to parents prior to download."

The survey methodology included a search in each app store for children's apps, a review of the first 480 pages of search results, and the random selection of 200 apps from each app store for a close evaluation. That evaluation included a review for privacy disclosures on each app's promotion page, within the app itself, and the app developer's website. The evaluation included a test of each selected app to determine:

"... whether they contained certain interactive features and whether they collected or transmitted any information from the mobile devices they were tested on... nearly 60% (235) of the apps reviewed transmitted device ID to the developer or, more commonly, an advertising network, analytics company, or other third party... only 20% (81) of the apps reviewed disclosed any information about the app’s privacy practices... 58% (230) of the apps reviewed contained advertising within the app, while only 15% (59) indicated the presence of advertising prior to download. Further, 22% (88) of the apps reviewed contained links to social networking services, while only 9% (36) disclosed such linkage prior to download. In addition, 17% (66) of the apps reviewed contained the ability to make purchases for virtual goods within the app, with prices for each purchase ranging from $0.99 in apps from both app stores, to $9.99 for Google Play apps and $29.99 for Apple store apps..."

An encouraging sign is that consumers and parents are getting the message and flexing their muscle in the marketplace:

"... a recent Pew study found that 54% of app users decided not to install an app once they discovered how much personal information the app would collect. The study also showed that 30% of app users have uninstalled an app that was already on their cell phone because they learned that the app was collecting personal information the users did not wish to share. Consistent with these findings, a recent study by the Berkeley Center for Law and Technology showed that most consumers consider the information on their mobile devices to be private..."

Actions that the FTC to address the lacka of privacy disclosures:

  1. Urge app developers to include privacy disclosures by design in mobild apps and provide guidelines,
  2. Provide consumers and parents with educational information to help them navigate the mobile app market,
  3. Starting investigations to determine if specific apps have violated the Childrens Online Privacy Protection Act (COPPA), and
  4. Conduct a third survey of the childrens mobile app market

Download the FTC report: Apps For Kids; Still Not Making The Grade (Adobe PDF, 1.1 Mbytes).

Twitter's Tailored Suggestions Program And Online Tracking

In May 2012, introduced a new program called Tailored Suggestions, which recommends other Twitter members to follow based upon your online usage:

"How tailored suggestions work: We determine the people you might enjoy following based on your recent visits to websites in the Twitter ecosystem (sites that have integrated Twitter buttons or widgets). Specifically, our feature works by suggesting people who are frequently followed by other Twitter users that visit the same websites."

The use of buttons or widgets to track social networking website users around the web  is not new. Facebook, LinkedIn, and Youtube have similar programs. Twitter users can easily opt out of this tracking by un-clicking the box next to "Personalization" in your Twitter Profile Settings page. (See image below.) Or, you can adjust the Do Not Track settings on your web browser.

Twitter Personalization setting on the Account Settings page

Last month, Forbes magazine reported about Twitter's expansion plans with its Tailored Suggestions program.

For me, Twitter is a wonderful resource, which I use primarily with this blog and to network with other privacy advocates and bloggers. I like and trust Twitter far, far more than Facebook. Twitter hasn't had the repeated privacy snafus which have happened at Facebook. As of January 1, 2013 about 560 people follow this blog via Twitter compared to about 120 via Facebook.

2 Teens Drug Parents' Milkshakes To Get More Internet Time

This is weird news.

According to the Sacramento Bee, two teenage girls were arrested on Wednesday after allegedly drugging one of the girl's parents, so the teens could use the Internet after a 10 pm curfew. The teens allegedly spiked milkshakes they'd bought for the parents with a prescription sleep aid. After waking up, the suspicious parents had the milkshakes tested and then notified local law enforcement.

It is unclear what the two teens were doing online.

The story has been picked up by many newspapers and news sources including the major television news networks.

The AAA Prepaid Card. A Good Deal?

Just before the Christmas holiday, I received in the postal mail my new AAA card for 2013. While reading the materials enclosed, I learned that my new AAA membership card is also an American Express Prepaid Card. To learn more, I visited the website and read the Cardmember Agreement.

AAA Prepaid Card website. Click to view larger image.

The website clearly states that the AAA Prepaid card is not a debit card, credit card, nor a gift card. You can use it wherever retail stores accept American Express Cards. AAA crafted the deal correctly: AAA members have to opt in or activate their AAA Prepaid card in order to use its prepaid features from American Express. If a member does nothing, then their AAA Membership card functions as it always has.

The AAA/American Express website pitches four major benefits of the AAA Prepaid Card:

  • World-class American Express benefits
  • A safer way to spend
  • Several ways to fund the AAA prepaid card
  • Manage spending easily

The American Express benefits include purchase protection, savings on tickets to entertainment events, assistance when traveling, and other special offers. The card seems beneficial as a payment method while traveling abroad when retail merchants don't accept credit card payment methods (e.g., MasterCard, Visa). A consumer could use the AAA Prepaid Card instead of American Express Travelers Cheques when traveling abroad.

The "safer way to spend" benefits include protections if the card is lost or stolen, and no overspending and no overdraft fees. The lost/stolen protection is helpful, but the no overspending/overdraft-fee benefits are dubious. There are no overdraft fees with cash. If I don't have the cash, I don't spend it.

There are several ways to add money to the AAA Prepaid Card: cash, bank account transfer, check, direct deposit, or an American Express(TM) Card. You have to load at least $25.00 on the AAA Prepaid card and a maximum monthly of $2,500 (or a $10,000 max with direct deposit). Each month, the first ATM withdrawal is free, and all other ATM withdrawals are $2 each.

If the AAA website has a link to the American Express ATM locator, I couldn't find it. Having that link would be helpful for consumers who anticipate using their AAA Prepaid Card for ATM withdrawals.

The website emphasizes no activation fee, no monthly fees, no reload fees, and no foreign currency transaction fees. This is good because prepaid cards often have lots of fees. However, the ATM withdrawal fees mean you have to pay to access your own money, and can only make withdrawals at ATM machines that accept American Express Cards. Not good, especially if you have a bank account of sufficient size where your bank or credit union waives ATM fees.

The Cardmember Agreement clearly states:

"The Card is a prepaid, reloadable payment device which must have funds loaded to it prior to use. The Card is not a gift, credit, debit or charge card, and does not constitute a checking, savings or other demand deposit or consumer asset account. The Card is not a payroll card and cannot be used to make payroll to anyone... Subject to the amount of Available Funds on the Card, we may allow you to use the Card to obtain cash from Automatic Teller Machines worldwide that accept the American Express Card..."

This means it is a "general-purpose reloadable" prepaid card and has the responsibilities and liabilites associated with any GPR prepaid card. The bank can raise fees or change terms at any time without notice. There are no Federal disclosure requirements, so you are at the good graces of AAA and/or American Express to promptly alert you with advance notice about any changes in fees or terms.

The AAA Prepaid Card is "paperless" (Adobe PDF) -- all disclosures statements are only online. You don't receive monthly statements, so you have to check your balances online. The Cardmember Agreement also has specific disclosures for residents of Alaska, Arizona, California, Indiana, Kentucky, New Hampshire, Oklahoma, Oregon, South Dakota, Texas, and Vermont.

I've Been Mugged blog readers know that this blog has covered prepaid card before. Wise consumers should understand their rights and responsibilities before registering any prepaid card. If you are looking for a prepaid card to avoid overdraft fees with your debit card, it is wise to shop around and compare first, so you don't get "mugged" by other fees. Both CNN Money and Consumer Reports found a wide variety of fees when it investigated prepaid cards: activation fees, monthly fees, reload fees, cash withdrawal fees, inactivity fees, online payment fees, paper statement fees, customer service phone call fees, and more.

If you need to build your credit history, then a prepaid card may not be right for you. If you already have checking and savings accounts, then you may find a prepaid card of little benefit. Wise consumers do the research to determine whether a prepaid card fits your lifestyle and spending habits. Read this FDIC comparison between debit cards, credit cards, and prepaid cards.

Is the AAA Prepaid card a good deal? Only you can decide for yourself. You know your lifestyle and spending habits best.

For me, I chose tol continue using my AAA membership card the traditional way, and not activate its prepaid card features. I'll continue to use my debit- and credit cards instead. My bank account balances are sufficiently high that my bank waives all ATM fees. My credit cards already provide rewards and special offers. Plus, I have not had any problems using my credit cards when traveling abroad. I simply don't buy that much when traveling abroad.

The new AAA Prepaid Card highlights the trend of many retail organizations to turn membership cards into prepaid cards. In my opinion, we consumers now see so many prepaid card offers because prepaid cards are a way for banks to avoid the newer rules governing debit- and credit cards that mandate certain disclosures and protections for consumers.

What do you think of the AAA Prepaid Card? If you use it as a prepaid card, what has been your experience?

6 States Now Ban Employers From Snooping On Your Social Networking Accounts

NBC News reported on Tuesday that six states now have laws making it illegal for employers to request login credentials (e.g., ID and password) to your social networking accounts. The states include California, Delaware, Illinois, Maryland, Michigan, and New Jersey.

The laws in California and Illinois went into effect on January 1, 2013. In the Spring of 2012, Maryland was the first state to ban employers from accessing consumers' social networking accounts.

Congratulations to lawmakers in these states for passing sensible legislation. If you live in a state doesn't have such a law, contact your elected officials today and demand action.