Security News

Increasingly, it isn't just people using that data to influence us, it's robots-unthinking algorithms on e-commerce sites, search engines and social media are continually categorizing our behavior to where it seems they can read our minds. The algorithms on those platforms are working behind the scenes, all the time.

Apple is stepping up privacy for app users, forcing developers to be more transparent about data collection and warning they could be removed if they don't comply with a new anti-tracking measure, a company executive and regulators said Tuesday. Called App Tracking Transparency, it will require apps to clearly ask for users' permission before tracking them.

These include an updated secure DNS service that hides the identity of the client, a password protocol that means a password is never transmitted to the server, and an encrypted "Client hello" that does not leak server names. Peek, poke, now PAKE. Third up is OPAQUE password, the name being, it seems, some sort of pun on Oblivious Pseudo-Random Function combined with Password Authenticated Key Exchange.

Microsoft has announced what it calls a more privacy-friendly version of its Productivity Score enterprise feature, following backlash from security experts who condemned it as a "Full-fledged workplace surveillance tool." The Productivity Score feature, which was launched as part of the Microsoft 365 productivity suite on Oct. 29, aimed to provide enterprises with data about how employees were utilizing technology.

Microsoft's Productivity Score has put in a public appearance in Microsoft 365 and attracted the ire of privacy campaigners and activists. Melissa Grant, director of product marketing for Microsoft 365, told us that Microsoft had been asked if it was possible to use the tool to check, for example, that everyone was online and working by 8 but added: "We're not in the business of monitoring employees."

Google's Privacy Sandbox took another knock today as Marketers for an Open Web wrote to the UK's Competition and Markets Authority requesting a block on the technology's launch. Google is walking a tightrope with its Privacy Sandbox project.

Apple confirmed Thursday it would press ahead with mobile software changes that limit tracking for targeted advertising - a move that has prompted complaints from Facebook and others. The iPhone maker said it was moving ahead with updates to its mobile operating system to give users more information and control on tracking by apps on Apple devices.

Open Raven launched the Open Raven Cloud-Native Data Protection Platform to operationalize data security and privacy in the cloud. To prevent data breaches, it automates asset discovery and data classification, provides real-time mapping and policy-driven protection for Amazon Web Services and S3. The Open Raven Platform is generally available today.

Google this week announced an update to its Chrome store policies that requires all extensions to be explicit about the collection and use of user data. Now, Google is limiting what developers are allowed to do with the user data they collect, and the new policy requires developers to be clear about their extension's privacy practices, directly on the Chrome Web Store listing.

Starting January 2021, developers of Chrome extensions will have to certify their data use and privacy practices and provide information about the data collected by the extension(s), "In clear and easy to understand language," in the extension's detail page in the Chrome Web Store. "You'll need to provide information about your app's privacy practices, including the practices of third-party partners whose code you integrate into your app, in App Store Connect," Apple told app developers.