Security News
Google has been hit by a lawsuit alleging that it violates user privacy by collecting location data via various means - and claiming that Google makes it nearly "Impossible" for users to opt out of such data tracking. The lawsuit, filed by Arizona Attorney General Mark Brnovich, alleges that Google uses "Deceptive and unfair conduct" to obtain Android users' location data via various applications, services and technologies, which is then used for advertising purposes.
The US state of Arizona filed a lawsuit Wednesday accusing Google of committing fraud by being deceptive about gathering location data. Arizona attorney general Mark Brnovich said the suit resulted from an investigation launched two years ago after a media report that Google had ways of knowing where users were even if they opted not to share location information with the internet firm.
Utah, North Dakota and South Dakota were the first U.S. states to launch voluntary phone apps that enable public health departments to track the location and connections of people who test positive for the coronavirus. Nearly a month after Utah launched its Healthy Together app to augment the state's contact-tracing efforts by tracking phone locations, state officials confirmed Monday that they haven't done any contact tracing out of the app yet.
Privacy pressure group Noyb has filed a legal complaint against Google on behalf of an Austrian citizen, claiming the Android Advertising ID on every Android device is "Personal data" as defined by the EU's GDPR and that this data is illegally processed. The complaint against Google, which was filed with the Austrian Data Protection Authority, is based on the claim that Google's Android operating system generates the advertising ID without user choice as required by GDPR. "In essence, you buy a new Android phone, but by adding a tracking ID they ship you a tracking device," said Noyb lawyer Stefano Rossetti.
The latest release of the Vivaldi web browser includes one of the easiest to use tracker blockers on the market.
Governments and organizations are unleashing new technologies to fight the spread of the coronavirus, adding to privacy and data collection concerns. A new Pew Research poll takes a look at the current sentiment regarding these new contact tracing applications and data collection.
Developers who create contact tracing apps using a joint technology from Apple and Google will not be able to track the location of users. The guidelines specifically state: "A Contact Tracing App may not use location-based APIs, may not use Bluetooth functionality, and may not collect any device information to identify the precise location of users. In addition, Contact Tracing Apps are prohibited from using frameworks or APIs in the Apple Software that enable access to personally identifiable information, unless otherwise agreed by Apple."
Apple and Google will ban location-tracking by apps using their new coronavirus contract-tracing API, newly renamed ExposureNotification. In a set of guidelines [PDF] for the API released today, the companies said that developers will not be able to access or even seek permission to access location data using the app.
Germany on Sunday pulled an about-face regarding the best way to use smart phones to trace people's contacts with those infected by COVID-19, embracing a decentralized Bluetooth-based approach instead of the more invasive location tracking proposed in other approaches. Apple and Google first announced their contact tracing collaboration two weeks ago, on 10 April.
The design of Australia's COVIDSafe contact-tracing app creates some unintended surveillance opportunities, according to a group of four security pros who unpacked its. The first-addressed is the decision to change UniqueIDs - the identifier the app shares with other users - once every two hours and for devices to only accept a new UniqueID if the app is running.