Tech Friday with Dave Hatter- March 19th 2021 - SPONSORED BY INTRUST IT


T-Mobile Customer? Opt Out to prevent the sale of your web browsing history:

  • Next month T-Mobile will start to automatically share customer's web browsing history with 3rd-party advertisers unless customers opt out
  • T-Mobile will begin including customers in the program on April 26 if they do not explicitly opt out
  • The Wall Street Journal found the new data-sharing plan in an update to T-Mobile's privacy policy
  • The apparent goal is to use customer data to offer more personalized advertising
  • Regarding your privacy and the shared data, T-Mobile says "we tie it to your mobile advertising identifier or another unique identifier"
  • They also said that precise location data will not be shared without the customer's explicit permission
  • Per the T-Mobile policy information shared includes "broadband information, network diagnostic data (Android users only), IP address, device and advertising IDs, mobile apps installed or used with your device, content interactions, like video and content viewing info, and web browsing data, device activity and attributes"
  • T-Mobile said "We only share Advertising IDs, which are pooled to create audience segments based on customer interests, like sports or entertainment. We do not share underlying customer broadband or device usage data with third parties"
  • Concerns about the data shared include 3rd-party advertisers combining T-Mobile data other data to de-anonymize users
  • The Wall Street Journal said other carriers including AT&T and Verizon have been enrolling customers into their own data-sharing programs
  • To opt out you need to manage the advertising preferences of your user account
  • T-Mobile customers can go to My account \ privacy and notifications \ advertising & analytics. Then turn the "use my data to make ads more relevant to me." off
  • You can also change this setting from the the T-Mobile app
  • T-Mobile told PCMag they will notify every customer about the pending policy change. They said "We’re notifying every impacted customer of this change and have made it easy for them to opt out if more relevant ads aren’t their thing. Customers can visit our Privacy Center for more info or to opt-out" T-Mobile
  • I advise you to opt out. And if you're not a T-Mobile customer, opt out for your carrier

Apple's privacy labels show it's time to dump Gmail:

  • For many years, "free" apps and services have meant that if you're not paying with money, you're paying with data, you are the product, NOT the customer
  • Apple’s mandatory new privacy consent requirements threaten to completely upend the surveillance capitalism model that powers much of the Internet
  • Apple wrote "The App Store is designed to be a safe and trusted place for users to discover apps created by talented developers around the world. Apps on the App Store are held to a high standard for privacy, security, and content because nothing is
  • The ATT essentially has two phases. In the first, app developers must provide Apple with accurate information that tells a potential user how the app tracks user data across properties owned by other companies as well as what their information is potentially linked to. The mandatory labels that are displayed prior to app download allows users to make an informed choice about the app
  • Phase one has recently been implemented and while app developers don't love it, the coming second phase has caused quite an uproar and is set to launch soon in iOS 14.5
  • Apple will requires apps to display a mandatory privacy consent notice that allows users to opt out of the use of the unique device ID to track them
  • There are some exceptions, apps are allowed to track a user without notice if the data is anonymized before leaving the device, or if it is used solely for security purposes that protect the end user
  • Apple also explicitly banned the implementation of workarounds for tracking based on device fingerprinting
  • Developers are permitted to explain why permission to track is being sought, but can't use dark patterns or incentives to con the user into allowing tracking. Such actions could get the app banned
  • This is yet another reason to switch to Apple if you haven't already
  • Hundreds of millions of people use the Gmail app on iPhone, it's the most popular productivity app in the Apple store
  • Like Facebook, Google makes a substantial amount of its revenue from your data
  • Google’s new data harvesting revelations, compliments of Apple, should make you stop using Gmail
  • Apple is ramping up its privacy claim, firing on all cylinders to keep their users’ data protected. With data firmly being the currency of the 21st century, Apple, as ever, is thinking outside the box with how it operates" - Jake Moore, ESET
  • Gmail’s privacy label is eye opening, especially in comparison to the Apple Mail app. Gmail captures virtually everything. Check it out here:https://apps.apple.com/us/app/gmail-email-by-google/id422689480
  • Of the 3 leading iOS email apps, Gmail is the only one that says is uses your ID and location data for third-party advertising
  • Ian Thornton-Trump from Cyjax said "the ‘collection’ of all these data points may be fed into an AI model which may spawn a host of ethical questions around your inbox. Purchase confirmations could indicate health, marital status, political and religious persuasion, births and deaths… Will AI make suggestions that are crass, inappropriate or even offensive?”
  • Andy Yen, CEO of ProtonMail, said “it shouldn’t come as a surprise to see how much personal data Gmail collects. Google's entire business model revolves around collecting as much private information on users as possible in order to benefit advertisers and other third parties.”
  • Ditch Gmail, try Protonmail for email.https://protonmail.com/
  • Even better dump everything from Google for privacy friendly alternatives!

Most of Alexa's "skills" have no privacy policy

  • So called "smart" speakers are a privacy dumpster fire
  • There are well known instances of these and other devices listening when they shouldn't be listening, one study found that some "smart" speakers activate by mistake, as often as 19 times each day on average
  • And concerns have been raised about how long recordings are stored and who has access to them
  • Last year, researchers exposed vulnerabilities around Alexa "skills". Alexa skills are like smartphone apps that enhance the capability of Alexa. They are built by developers from third-party companies
  • In a test last yet, researchers tried to upload 234 policy-breaking Alexa skills. All of them were approved
  • New research is pouring fuel on the dumpster fire, at least for Amazon's Alexa
  • Germany's Ruhr-University Bochum and North Carolina State reviewed 90,194 Alexa skills
  • Dr. Martin Degeling wrote "A first problem is that Amazon has partially activated skills automatically since 2017. Previously, users had to agree to the use of each skill. Now they hardly have an overview of where the answer Alexa gives them comes from and who programmed it in the first place"
  • Researchers raised serious concerns that skill developers can register themselves with any name and can easily impersonate well-known, trusted organizations
  • Researchers wrote "In an experiment, we were able to publish skills in the name of a large company. Valuable information from users can be tapped here"
  • While Amazon has a certification process for skills, "no restriction is imposed on changing the backend code, which can change anytime after the certification process" researchers said
  • Another disturbing fact that was reported is that "Only 24.2% of skills have a privacy policy"
  • The best thing you can do is D2, disconnect and discard these Orwellian spy machines