Security News

The next time you try to download an app from the App Store onto your iPhone or iPad, you may notice a new App Privacy section that seeks to clue you in on certain details. With the release of iOS/iPadOS 14.3 this past Monday, any new or updated app must include a privacy label, otherwise it won't be allowed on the App Store.

Apple has begun spelling out what kinds of personal information is being collected by the digital services displayed in its app stores for iPhones and other products made by the trendsetting company. Apple announced the changes were coming six months ago as part of an effort to help its customers gain a better understanding of how apps monitor their habits, tastes and whereabouts.

From a purely academic position, the new definitions of consent, dark patterns, and cross-context behavioral advertising indicate that the CPRA looks to the future of data collection technologies. What can we hypothesize about the direction CPRA takes data privacy and security?

To combat the COVID-19 outbreak, many companies and governments have deployed contact tracing apps that can alert you if someone with whom you've been in contact tests positive for the virus. The research included global contact tracing apps and apps from two US states and two US territories for a total of 52 Android apps and 43 iOS apps-95 apps in all.

Skyflow announced a $17.5 million Series A to drive growth of its data privacy vault. The zero-trust data vault with an elegant API allows developers to quickly build applications and workflows without worrying about data security, privacy or compliance.

Increasingly, it isn't just people using that data to influence us, it's robots-unthinking algorithms on e-commerce sites, search engines and social media are continually categorizing our behavior to where it seems they can read our minds. The algorithms on those platforms are working behind the scenes, all the time.

Apple is stepping up privacy for app users, forcing developers to be more transparent about data collection and warning they could be removed if they don't comply with a new anti-tracking measure, a company executive and regulators said Tuesday. Called App Tracking Transparency, it will require apps to clearly ask for users' permission before tracking them.

These include an updated secure DNS service that hides the identity of the client, a password protocol that means a password is never transmitted to the server, and an encrypted "Client hello" that does not leak server names. Peek, poke, now PAKE. Third up is OPAQUE password, the name being, it seems, some sort of pun on Oblivious Pseudo-Random Function combined with Password Authenticated Key Exchange.

Microsoft has announced what it calls a more privacy-friendly version of its Productivity Score enterprise feature, following backlash from security experts who condemned it as a "Full-fledged workplace surveillance tool." The Productivity Score feature, which was launched as part of the Microsoft 365 productivity suite on Oct. 29, aimed to provide enterprises with data about how employees were utilizing technology.

Microsoft's Productivity Score has put in a public appearance in Microsoft 365 and attracted the ire of privacy campaigners and activists. Melissa Grant, director of product marketing for Microsoft 365, told us that Microsoft had been asked if it was possible to use the tool to check, for example, that everyone was online and working by 8 but added: "We're not in the business of monitoring employees."