Follow us:
  1. Home
  2. News
  3. Tech News
  4. Privacy

Privacy

Consumers keep adding their names to the FTC’s Do Not Call Registry

The agency says it’s getting ready for any new technology challenges telemarketers may try and throw at it

The Federal Trade Commission (FTC) has handed Congress its latest National Do Not Call (DNC) Registry report, which focuses on how consumers and businesses alike have been impacted by unwanted sales pitches and robocalls. 

If you guessed that there are more and more people who want to be added to the list, you’d be right. There was an uptick of more than 4.1 million registrations from the previous fiscal year, bringing the DNC Registry close to 239 million consumer regis...

Not sure how to choose?

Get expert buying tips about Privacy delivered to your inbox.

    By entering your email, you agree to sign up for consumer news, tips and giveaways from ConsumerAffairs. Unsubscribe at any time.

    Thank you, you have successfully subscribed to our newsletter! Enjoy reading our tips and recommendations.

    Recent Articles

    Sort by:

    Laser pointers can trick smart speakers into following voice commands

    A team of researchers have found a vulnerability in the microphones of many popular smart speakers

    Researchers from Tokyo and the University of Michigan have found that laser pointers are capable of “hijacking” smart speakers. 

    In a paper titled “Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems,” the researchers said they found that voice-enabled devices could be tricked into following voice commands by beaming a laser at them. 

    The team tested the effect of laser pointers on smart speakers that included Google Assistant, Apple Siri, and Amazon Alexa. They found that these devices interpreted the light of the laser as sound. 

    “We have identified a semantic gap between the physics and specifications of MEMS (microelectro-mechanical systems) microphones, where such microphones unintentionally respond to light as if it was sound,” they wrote. “Exploiting this effect, we can inject sound into microphones by simply modulating the amplitude of a laser light.” 

    Privacy threat

    The effect produced “an attack that is capable of covertly injecting commands into voice-controllable systems” at distances of 230 to 350 away. In one instance, the team successfully commanded a Google Home device that was in a room in another building to open a garage door simply by shining a light that had the “OK Google” command encoded in it. 

    The list of devices that were tested and found to be vulnerable to light commands includes Google Home; Google Nest Cam IQ; multiple Amazon Echo, Echo Dot, and Echo Show devices; Facebook's Portal Mini; the iPhone XR; and the sixth-generation iPad.

    The researchers said they have already notified Tesla, Ford, Amazon, Apple, and Google about the weakness. They said that mitigating the flaw would require a redesign of most microphones. Lead author Takeshi Sugawara said one possible way to get rid of the vulnerability in microphones would be to create an obstacle that would block a line of sight to the microphone's diaphragm.

    Researchers from Tokyo and the University of Michigan have found that laser pointers are capable of “hijacking” smart speakers. In a paper titled “Ligh...
    Read lessRead more

    Report finds very little anonymity on the internet

    Most websites track your browsing habits

    If you’re doing anything online that you don’t want anyone to know about, you’re probably out of luck.

    The Washington Post reports a number of websites, from mainstream news outlets to porn sites, are using a hidden code to run a check to find out who you are. Accessing or deploying browsing features like “private browsing” may make no difference at all. In fact, because you’ve turned on a feature like “do not track” may make you more likely to be tracked, security experts say.

    Some of these programs that track you online don’t appear to be that intrusive at first glance. The programs extract mostly innocent-looking data about your computer, such as your screen resolution or the version of the operating system your device is running.

    It’s called “fingerprinting,” with the web taking a photograph of your browsing habits. With this information, a program can know what sites you’ve accessed in the past and create profiles of your behavior. It’s one of the reasons that ads seem to follow you around on the internet.

    The Post report says most of the sites it contacted said “fingerprinting” web users is now  industry standard practice. But one analyst told the Post that “fingerprinting” is user-hostile, with the fact that web users who ask not to be tracked become even more valuable tracking commodities.

    ‘Growing threat’

    According to the Post, Google, Apple, and Mozilla have all agreed that “fingerprinting” is a growing threat to consumers.

    It’s not that websites you’ve visited have your name, address, or any other personal information about you in a database. It’s all a matter of putting information into a pattern.

    As internet users access a website, the site’s code begins asking your computer for things that aren’t part of the usual process of pulling up a page. Knowing what operating system you’re running, what fonts you have installed or what your address is on your internal network distinguishing characteristics.

    If you have turned on “do not track” the site may take a special interest in you. Different websites use different data points to assemble your fingerprint, which is part of what makes it so hard to control. 

    Some websites say they use fingerprinting to protect their customers. They contend that fingerprinting lets them improve online security, such as fighting attempts to use stolen credit cards or passwords.

    If you’re doing anything online that you don’t want anyone to know about, you’re probably out of luck.The Washington Post reports a number of websites,...
    Read lessRead more

    Google, YouTube hit with $170 million penalty for violating children’s privacy law

    The video platform says it’s taking steps to address privacy concerns

    Federal regulators have slapped Google’s YouTube platform with a $170 million penalty for pulling in millions of advertising dollars through the improper collection of children’s personal information. 

    The settlement announced Wednesday requires that Google and YouTube pay $136 million to the Federal Trade Commission (FTC) and $34 million to New York for allegedly violating the Children’s Online Privacy Protection Act (COPPA). 

    “YouTube touted its popularity with children to prospective corporate clients,” wrote FTC Chairman Joe Simons. “Yet when it came to complying with COPPA, the company refused to acknowledge that portions of its platform were clearly directed to kids. There’s no excuse for YouTube’s violations of the law.”

    New York Attorney General Letitia James said that the companies “put children at risk and abused their power” through illegally monitoring and tracking kids’ behaviors in order to serve them targeted ads. James noted that the settlement is “one of the largest settlements for a privacy matter in U.S. history.”

    Settlement also requires reform

    Under the settlement, Google and YouTube are also required to “develop, implement, and maintain a system that permits channel owners to identify their child-directed content on the YouTube platform” in order to ensure compliance with COPPA.

    Additionally, YouTube must “obtain verifiable parental consent” before collecting personal information from children.

    YouTube said in a blog post that it’s working on developing ways to address the privacy concerns that have cropped up in conjunction with “a boom in family content and the rise of shared devices.” 

    In the coming months, YouTube said it will be restricting data collection on videos likely to be watched by children and treating data from anyone watching children’s content on the platform as “coming from a child, regardless of the age of the user.” 

    YouTube said it will also cease its practice of serving targeted ads on videos aimed at young audiences and turn off comments and notifications for those videos. The company has recommended that parents use its YouTube Kids app when letting children under 13 watch videos without adult supervision. 

    Federal regulators have slapped Google’s YouTube platform with a $170 million penalty for pulling in millions of advertising dollars through the improper c...
    Read lessRead more

    YouTube may stop serving targeted ads on videos aimed at children

    The site is trying to appease regulators following the FTC’s privacy violation charge

    YouTube is considering putting an end to its practice of allowing “targeted” ads on videos that are more likely to be viewed by children, Bloomberg reports, citing people “familiar with the discussion.”

    The video streaming platform was recently hit with a multimillion dollar fine after the FTC found that it had violated children’s privacy laws by collecting data on children under the age of 13. It’s not clear if YouTube’s changes -- which, at this point, may or may not be implemented -- are a direct result of the settlement, Bloomberg noted. 

    Doing away with targeted ads on videos aimed at children could have a significant impact on YouTube’s ad revenues. An industry analyst cited in the report said the platform could lose as much as 10 percent of its overall intake from kids’ videos, which works out to about $50 million annually. 

    However, this solution would be much smaller in scale than other proposed ways of complying with regulators. Last year, a coalition of advocacy groups suggested that the FTC require YouTube to migrate all of its kids’ content to its YouTube Kids app. FTC chairman Joseph Simons has suggested the possibility of disabling ads on videos likely to be watched by children. 

    Tracking still an issue

    Google hasn’t commented on YouTube’s reported decision to stop serving targeted ads on kids’ videos, and it’s still unclear how YouTube would determine which videos would count as kids’ videos. 

    Complainants have argued that the move would be hard to enforce. Josh Golin, from the Campaign for Commercial-Free Childhood, noted that shutting off the ad-targeting feature for select kids’ videos doesn’t mean YouTube will stop tracking their web habits. 

    “Is Google still going to be collecting all the data and creating marketing profiles?” he asked Bloomberg. “That wouldn’t be satisfactory either.”

    YouTube is considering putting an end to its practice of allowing “targeted” ads on videos that are more likely to be viewed by children, Bloomberg reports...
    Read lessRead more

    New York City bill would ban sales of mobile location data

    Companies wouldn’t be allowed to share users’ location info without their explicit permission

    A bill introduced Tuesday would make it illegal for cell phone and app companies to sell the location data of users in New York City, the New York Times reports

    Companies that break the law would be subject to a steep fine. Additionally, users within city limits would be legally allowed to sue companies that share their data without permission. 

    The Times notes that the bill is likely to face resistance from telecommunications companies because selling location data generates billions of dollars annually. But proponents of the bill say its passage would represent a small step toward mitigating the privacy concerns that stem from the practice of location data sharing.

    Reining in data sharing

    Currently, no law prohibits U.S. companies from selling location data. Earlier this year, FCC Commissioner Geoffrey Starks called for federal action to put an end to the practice. In an op-ed for the New York Times, Starks expressed frustration over the fact that the FCC has yet to use its authority to crack down on the practice of data sharing. 

    If passed, the bill proposed Tuesday would make New York City the first to establish its own set of location data rules. 

    Calling the behavior of selling location data a “dangerous breach of privacy,” Democratic City Council member Justin Brannan said New York City can “lead the way” in banning the practice.

    “Big telecom companies are making millions $$ by selling our location data without our knowledge -- forget about even asking our permission,” he said on Twitter. “It's time to put an end to Big Brother Big Business. And if the federal gov won't do it, NYC will.” 

    A bill introduced Tuesday would make it illegal for cell phone and app companies to sell the location data of users in New York City, the New York Times re...
    Read lessRead more

    NSA unlawfully collected additional call data last year

    The latest over-collection incident happened in October

    The National Security Agency (NSA) improperly collected phone call data just a few months after assuring the public that the glitch that had previously caused it to do so had been fixed, according to documents obtained by the American Civil Liberties Union (ACLU). 

    The agency’s first erroneous record-collection incident happened last May. Upon realizing its mistake, the NSA said it deleted more than 600 million of the call records it had collected from phone companies in error. Now, the ACLU has found that another over-collection incident occured in October 2018. 

    In its report, the ACLU said the NSA obtained information about U.S. consumers’ phone calls in a manner not authorized under section 215 of the Patriot Act. 

    The report said the agency unlawfully collected call record data three times in total: in November 2017, February 2018, and October 2018. The third violation suggests the underlying problem wasn’t mitigated in the first place, or perhaps that the NSA faced new problems that caused the issue to happen again.

    “These documents further confirm that this surveillance program is beyond redemption and a privacy and civil liberties disaster,” Patrick Toomey, staff attorney with the ACLU’s National Security Project, said in a statement. “The NSA’s collection of Americans’ call records is too sweeping, the compliance problems too many, and evidence of the program’s value all but nonexistent. There is no justification for leaving this surveillance power in the NSA’s hands.”

    NSA responds

    In a statement acknowledging its persistent over-collection problem, the NSA said the technical issues to blame for the earlier incidents were fixed. However, it found additional “data integrity and compliance concerns caused by the unique complexities of using company-generated business records for intelligence purposes.”

    “Those data integrity and compliance concerns have also been addressed and reported to NSA’s overseers, including the congressional oversight committees and the Foreign Intelligence Surveillance Court,” the agency added.

    The NSA is now considering shutting down its call data collection system because it “is now viewed by many within the intelligence community as more of a burden than a useful tool, in part due to the compliance issues,” the Wall Street Journal reported. 

    The National Security Agency (NSA) improperly collected phone call data just a few months after assuring the public that the glitch that had previously cau...
    Read lessRead more

    Facebook’s research app collected data on 187,000 users

    The company says 4,300 of that total were U.S. teens

    Facebook says its discontinued research app collected data from about 187,000 users who were paid $20 a month to allow the social media company observe how they used their phones.

    The app made news earlier this year when Apple blocked Facebook from offering the app to iPhone users. At the time, Facebook said it users were paid for their participation, it never tried to hide the program, and none of the information was shared.

    In a letter to members of Congress, Facebook disclosed it had collected data from 31,000 users in the U.S., 4,300 of whom were teenagers. The rest were consumers who lived in India.

    At the time, Facebook said the app was part of an effort to help the company better serve its users.

    “Since this research is aimed at helping Facebook understand how people use their mobile devices, we’ve provided extensive information about the type of data we collect and how they can participate,” a spokesperson said at the time.

    The information may or may not be relevant to the current debate about Facebook’s size and scale, and whether it is a monopoly in need of regulation. The company has defended its discontinued research app as transparent and non-intrusive.

    New research app

    This week, Facebook released a new Android app, available to users who are at least 18 years-old. Facebook says users who download the app will agree to let Facebook analyze the apps on the phone, looking at how much they are used and the device or network that is being used.

    The company says users who agree to participate will still receive compensation for sharing their data and can leave the program at any time.

    As for the new research app, at least one lawmaker thinks it is an ill-conceived move. Sen. Richard Bloomenthan (D-Conn.) told CNET he thinks Facebook should be emphasizing consumer privacy.

    "At a time when the company is under investigation for its data practices and anti-competitive actions, the Facebook Study app is at best tone-deaf and ill-considered," Bloomenthal told CNET.

    Facebook and other tech giants have come under closer government scrutiny in recent weeks and could face antitrust action. For its part, Facebook is attempting to settle a Federal Trade Commission action over its handling of user data.

    Facebook says its discontinued research app collected data from about 187,000 users who were paid $20 a month to allow the social media company observe how...
    Read lessRead more

    Is your cell phone provider selling your location to the highest bidder?

    Democrats claim there is a ‘black market’ in phone-location data

    Federal Communications Commission (FCC) Chairman Ajit Pai was grilled this week about the alleged sale of phone-location data to entities with no clear rights to possess it.

    Appearing before a House committee, the FCC chairman got a scolding and a warning that “lying to Congress is a federal crime.” Rep. Anna Eshoo (D-Calif.) warned Pai that what he told the panel was at odds with what she had heard elsewhere.

    Eshoo aimed pointed questions at Pai asking for details about what she had heard was an FCC probe into the apparently illegal sale of phone-location data to third-party individuals and organizations.

    The Congressional inquiry appeared to expose an intensely partisan divide within the FCC, where Republicans hold three seats and the Democrats control two. Democrats on the FCC board contend there is a “black market” in data that is being used to erode consumers’ privacy protections.

    Democratic lawmakers accused Pai of withholding information from their party members. During the hearing, Pai was noncommittal about whether he would share basic information about the investigation with the FCC’s two Democratic commissioners, Jessica Rosenworcel and Geoffrey Starks.

    Not aware of requests for information

    Pai said he had never withheld information from Democratic FCC commissioners. He said he was not aware of requests for information made by the Democratic commissioners.

    Pai said that in February, just after Starks had joined the FCC, he had offered the new commissioner control of the investigation into how location data was being used. He said the Democrat had turned down the offer.

    Consumers’ location data is extremely valuable knowledge. Advertisers pay handsomely for it because they have found if they can target an advertisement to a consumer who is close to the client’s location, that person is much more likely to become a customer.

    But critics say location information, in the wrong hands, could be dangerous. The technology site Motherboard reports it gave a bounty hunter $300 to track someone’s cell phone and he was able to pinpoint their location within a quarter-mile.

    If a law enforcement agency wants to track the location of a criminal suspect, it must get legal authorization. Last year the Supreme Court ruled 5-4 that law enforcement must obtain a search warrant to get access to cell phone location information.

    Federal Communications Commission (FCC) Chairman Ajit Pai was grilled this week about the alleged sale of phone-location data to entities with no clear rig...
    Read lessRead more

    FEMA wrongly shared personal information of millions of disaster survivors

    The agency has acknowledged the situation as a ‘major privacy incident’

    The Federal Emergency Management Agency (FEMA) inappropriately shared the personal information of more than 2 million survivors of hurricanes Harvey, Irma, and Maria and the California wildfires in 2017.

    The agency said it “provided more information than was necessary” while transferring survivor information to a third-party contractor that helps provide temporary housing to people affected by disasters under the Transitional Sheltering Assistance program.

    “We believe this oversharing has impacted approximately 2.5 million disaster survivors,” an unnamed Department of Homeland Security official told the Washington Post.

    Vulnerable to identity theft and fraud

    The error was recently discovered by the Department of Homeland Security’s Office of Inspector General and detailed in a report dated March 15. Individuals who had personal data shared could be vulnerable to identity theft and fraud, the Inspector General report said.

    However, FEMA has said that it’s “found no indicators to suggest survivor data has been compromised” and that it has taken “aggressive measures”  to correct the error.

    “FEMA is no longer sharing unnecessary data with the contractor and has conducted a detailed review of the contractor’s information system,” FEMA Press Secretary Lizzie Litzow said in a statement.

    The name of the contractor who wrongly received the information hasn’t been released, but the agency said it "worked with the contractor to remove the unnecessary data from the system."

    “FEMA’s goal remains protecting and strengthening the integrity, effectiveness, and security of our disaster programs that help people before, during, and after disasters,” Litzow said.

    The Federal Emergency Management Agency (FEMA) inappropriately shared the personal information of more than 2 million survivors of hurricanes Harvey, Irma,...
    Read lessRead more

    Health apps ‘routinely’ share user data, posing privacy risks

    A new study finds 79 percent of apps share consumer data with third parties

    Among health-related apps, the practice of sharing user data is “routine” and legal -- however, the lack of transparency about the practice puts consumers’ privacy at risk, the authors of a new study claim.

    The study looked at 24 popular, interactive medicine-related apps for Android devices. Of the apps sampled, 19 (or 79 percent) shared user data with third parties, which then shared it with "fourth parties."

    "Most health apps fail to provide privacy assurances or transparency around data sharing practices," said lead author Quinn Grundy.

    Lack of informed consent

    First and third parties shared the most user information with Amazon and Alphabet (the parent company of Google), with 24 unique transmissions.

    “Fourth parties” -- which included multinational technology companies, digital advertising companies, telecommunications corporations, and a consumer credit reporting agency -- received the most unique user data. Only three of the 216 fourth parties were identified as belonging to the health sector.

    The researchers point out that the identify of a user could be uncovered by looking at certain pieces of data, such as their device’s unique address.

    "The semi-persistent Android ID will uniquely identify a user within the Google universe, which has considerable scope and ability to aggregate highly diverse information about the user," the study authors wrote.

    The findings suggest a need on the part of privacy regulators to “consider that loss of privacy is not a fair cost for the use of digital health services," Grundy said.

    Health professionals "should be conscious of privacy risks in their own use of apps and, when recommending apps, explain the potential for loss of privacy as part of informed consent,” the researchers concluded.

    The full study has been published online in the BMJ.

    Among health-related apps, the practice of sharing user data is “routine” and legal -- however, the lack of transparency about the practice puts consumers’...
    Read lessRead more

    All hands on deck for National Consumer Protection Week

    The FTC is raising awareness about fraud, privacy, and other matters and invites consumers to take part

    It’s National Consumer Protection Week (NCPW) -- thank you, Federal Trade Commission (FTC) -- and it’s a great time to bone up on the rights and resources that you, as a consumer, have.

    “National Consumer Protection week is a time for all of us to focus on important consumer issues like ... debt collection, imposter fraud, misleading ads, education and outreach, and privacy,” commented Director of the Bureau of Consumer Protection, Andrew Smith, in the agency’s announcement video.

    The FTC is also putting forth some effort to acquaint consumers with two little-known resources: The Bureau of Consumer Protection (BCP), which places its focus on resources to “protect Americans from scams, identity theft, and other unfair, deceptive, and fraudulent business practices.”; and the Bureau of Competition, which protects the interests of consumers by promoting vigorous competition, which can deliver lower prices, enhance innovation, and increase quality and choice for consumers.

    Take the time to raise your awareness

    FTC Chairman Joe Simons went right to the heart of how the agency would like consumers to take part. “We encourage informed consumers to share their knowledge and help others avoid scams,” Simons said in a news release.

    During NCPW, the FTC is partnering with other agencies to produce live events on social media to heighten consumers’ awareness of scams, identity theft, and other business-related frauds.

    This year’s schedule of activities includes:

    Wednesday, March 6 at 3:00 p.m. ET: Twitter chat with Federal Student Aid

    The FTC (@FTC) and Federal Student Aid (@FAFSA) will co-host a Twitter chat discussion on how to avoid student loan repayment scams using the #NCPW2019 hashtag.

    Thursday, March 7 at 12:00 p.m. ET: Facebook Live with Social Security Administration

    FTC staff will join associates at the Social Security Administration (SSA) on Facebook Live to focus on scams that involve fraudsters pretending to be SSA officials. Consumers will learn about these imposter scams and how to avoid them.

    Friday, March 8 at 11:00 a.m. ET: Twitter chat with Identity Theft Resource Center

    The FTC (@FTC) and the Identity Theft Resource (@ITRCSD) will co-host a Twitter chat on how consumers can protect themselves against tax identity theft this tax season using the #NCPW2019 hashtag.

    Want to help spread the word?

    The FTC received 3 million reports in 2018 from American consumers who got hoodwinked by con artists -- racking up $1.48 billion in losses (an average of $375 per consumer).

    Whether or not you count yourself among the unlucky, it’s likely you know someone who has been victimized. If you do, the FTC would like your help in raising consumer awareness wherever you can.

    “During NCPW, partners and hundreds of community groups across the country host events to promote general consumer education or highlight a specific issue,” the agency writes. If you’re an interested consumer who would like to post and share NCPW graphics and messages, simply visit FTC.gov/NCPW and subscribe to Consumer Alerts.

    The Federal Trade Commission works to promote competition, and protect and educate consumers. You can learn more about consumer topics and file a consumer complaint online or by calling 1-877-FTC-HELP (382-4357).

    It’s National Consumer Protection Week (NCPW) -- thank you, Federal Trade Commission (FTC) -- and it’s a great time to bone up on the rights and resources...
    Read lessRead more

    Seatback cameras give airlines the ability to watch passengers

    Airlines say the cameras on the new entertainment systems aren’t turned on

    Whether you’re at home or cruising at 30,000 feet you could be in the range of a microphone or camera. Even if someone isn’t watching or listening, they could be.

    The latest potential encroachment on consumers’ privacy is contained in a new entertainment system being installed on major airlines. At least three major carriers -- American, United, and Singapore Airlines -- have installed new seatback entertainment systems that contain a camera.

    The camera was discovered by an observant passenger on a Singapore Airlines flight who tweeted: “Just found this interesting sensor looking at me from the seat back on board of Singapore Airlines. Any expert opinion of whether this a camera? Perhaps @SingaporeAir could clarify how it is used?”

    It turned out to be a camera. But why would an entertainment system on an airliner be equipped with a camera?

    According to American Airlines, there’s an innocent explanation. The manufacturer of the equipment has included the capability for passengers in different parts of the plane to video chat with each other.

    Cameras aren’t turned on

    All three airlines told the British newspaper The Independent they’ve never activated the seatback cameras and don’t plan to in the future. Even so, travelers on those three airlines might feel a little better if they carry a piece of tape on board the flight and place it over the lens.

    Consumers who have purchased smart speakers for their homes have gotten used to the idea that the speaker also has ears and is always listening. As we reported in 2017, hackers have found a way to exploit a vulnerability in the Amazon Echo that can turn it into a live microphone.

    Researcher Mark Barnes said at the time that the attack is limited because it requires physical access to the device. However, he pointed out that product developers shouldn’t take it for granted that customers won’t expose their devices to uncontrolled environments.

    Just forgot to mention

    Just last week, Google Nest Secure users were surprised to learn that the home security system has a built-in microphone which had not been disclosed in any of the product literature. The company said that it was not trying to keep the microphone a secret, it just neglected to mention it.

    As for the cameras on airplanes, it is possible that more carriers will have the seatback cameras if they install the new entertainment system on their aircraft. You can locate the camera lens by looking directly below the video screen. It is a small circular lens in the middle of a larger circle.

    Whether you’re at home or cruising at 30,000 feet you could be in the range of a microphone or camera. Even if someone isn’t watching or listening, they co...
    Read lessRead more

    Google Nest Secure users were surprised to learn it has a built-in microphone

    The tech giant said it wasn’t a secret, it just forgot to mention it

    Google Nest is a system of smart home products that can control thermostats, smoke detectors, and security systems. But it turns out the Nest Secure product has a built-in microphone, which was news to the consumers who had purchased it.

    That information came to light earlier this month when the company announced an update for Nest Secure that would allow users to enable its virtual-assistant Google Assistant by using voice commands.

    But Nest users were surprised to learn they could do that since they didn’t know there was a microphone connected to Nest Secure. Various technology publications scanned the product’s technical specs and found no mention of a microphone.

    Omission made in error

    In statements to the media, Google officials said the omission was made in error. The company said there was never any attempt to keep the microphone a secret.

    It also said that the microphone comes from the factory in the off position. It can only be turned on if the user enables it, and if the user was unaware of its existence, the microphone was not listening to private conversations.

    Why even have a microphone? Google says it was originally included on the Nest Guard to enable future updates, like the ability to listen for an intrusion into an otherwise unoccupied home.

    “Security systems often use microphones to provide features that rely on sound sensing,” Google said in a statement. “We included the mic on the device so that we can potentially offer additional features to our users in the future, such as the ability to detect broken glass.”

    Scrutiny over privacy

    Even if it’s an innocent omission, the news that Google failed to mention that one of its security devices has a built-in microphone is sure to ruffle privacy feathers. Google, along with other major tech companies, has come under increasing scrutiny for how it manages consumers’ private data.

    For its part, Google has long maintained that the internet is all about transparency. CEO Eric Schmidt famously remarked in 2009 that people who have things they don’t want people to know probably shouldn’t be doing them in the first place.

    Writing in Fortune in 2017, Joseph Turow, a professor at the University of Pennsylvania’s Annenberg School for Communication, maintained that “Google still doesn’t care about your privacy.”

    Turow said the bargain whereby consumers agree to give up personal information in exchange for seeing only relevant ads is a one-sided deal, suggesting that consumers have little understanding of what they’re giving up.

    Google Nest is a system of smart home products that can control thermostats, smoke detectors, and security systems. But it turns out the Nest Secure produc...
    Read lessRead more

    Facebook pays users to give it access to their cell phone data

    The company denies it tried to hide the program

    Facebook is defending an app that allows it to access user’s smartphone data, saying people were paid for that access and that none of the data was shared.

    A report by technology site TechCrunch says Facebook pays users between the ages of 13 and 35 up to $20 a month to install the app, called Facebook Research. The report said the app is similar to the social media giant’s Onavo Protect app that was discontinued in August after Apple declared it violated its privacy policy.

    The TechCrunch report maintains that the app gives Facebook a massive amount of information about the participating users’ online lives, including social media messages, emails, and what they looked at online.

    Facebook has not issued a formal statement, but it has defended the program and declared it was not trying to keep it a secret in various comments to media outlets. The company says it invites people to take part in research so that it can do things better.

    “Since this research is aimed at helping Facebook understand how people use their mobile devices, we’ve provided extensive information about the type of data we collect and how they can participate,” a spokesperson told CNBC.

    No longer available on the iPhone

    Because of potential issues with Apple’s privacy policy, Facebook is withdrawing the app from iOS phones, but it will continue to be available for Android users.

    Privacy has been a thorn in Facebook’s side for the last 10 months. In March, the government opened an investigation into Facebook privacy issues after the company revealed that a political marketing firm, Cambridge Analytica, had gained unauthorized access to Facebook user data and used it for political advertising in 2016.

    That revelation highlighted the issue of what data big tech collects and how it is used, and it garnered the attention of both U.S. and European regulators.

    In May, Europe enacted stringent privacy protections, called the General Data Protection Regulation (GDPR), and Facebook was among the early U.S. tech companies that announced plans to comply with the new set of privacy rules.

    Facebook is defending an app that allows it to access user’s smartphone data, saying people were paid for that access and that none of the data was shared....
    Read lessRead more