Archiv der Kategorie: Privacy

How Facebook Undermines Privacy Protections for Its 2 Billion WhatsApp Users

WhatsApp assures users that no one can see their messages — but the company has an extensive monitoring operation and regularly shares personal information with prosecutors.

 

Series: The Social Machine

How Facebook Plays by Its Own set of Rules

Clarification, Sept. 8, 2021: A previous version of this story caused unintended confusion about the extent to which WhatsApp examines its users’ messages and whether it breaks the encryption that keeps the exchanges secret. We’ve altered language in the story to make clear that the company examines only messages from threads that have been reported by users as possibly abusive. It does not break end-to-end encryption.

When Mark Zuckerberg unveiled a new “privacy-focused vision” for Facebook in March 2019, he cited the company’s global messaging service, WhatsApp, as a model. Acknowledging that “we don’t currently have a strong reputation for building privacy protective services,” the Facebook CEO wrote that “I believe the future of communication will increasingly shift to private, encrypted services where people can be confident what they say to each other stays secure and their messages and content won’t stick around forever. This is the future I hope we will help bring about. We plan to build this the way we’ve developed WhatsApp.”

Zuckerberg’s vision centered on WhatsApp’s signature feature, which he said the company was planning to apply to Instagram and Facebook Messenger: end-to-end encryption, which converts all messages into an unreadable format that is only unlocked when they reach their intended destinations. WhatsApp messages are so secure, he said, that nobody else — not even the company — can read a word. As Zuckerberg had put it earlier, in testimony to the U.S. Senate in 2018, “We don’t see any of the content in WhatsApp.”

 

WhatsApp emphasizes this point so consistently that a flag with a similar assurance automatically appears on-screen before users send messages: “No one outside of this chat, not even WhatsApp, can read or listen to them.”

Given those sweeping assurances, you might be surprised to learn that WhatsApp has more than 1,000 contract workers filling floors of office buildings in Austin, Texas, Dublin and Singapore. Seated at computers in pods organized by work assignments, these hourly workers use special Facebook software to sift through millions of private messages, images and videos. They pass judgment on whatever flashes on their screen — claims of everything from fraud or spam to child porn and potential terrorist plotting — typically in less than a minute.

The workers have access to only a subset of WhatsApp messages — those flagged by users and automatically forwarded to the company as possibly abusive. The review is one element in a broader monitoring operation in which the company also reviews material that is not encrypted, including data about the sender and their account.

Policing users while assuring them that their privacy is sacrosanct makes for an awkward mission at WhatsApp. A 49-slide internal company marketing presentation from December, obtained by ProPublica, emphasizes the “fierce” promotion of WhatsApp’s “privacy narrative.” It compares its “brand character” to “the Immigrant Mother” and displays a photo of Malala ​​Yousafzai, who survived a shooting by the Taliban and became a Nobel Peace Prize winner, in a slide titled “Brand tone parameters.” The presentation does not mention the company’s content moderation efforts.

WhatsApp’s director of communications, Carl Woog, acknowledged that teams of contractors in Austin and elsewhere review WhatsApp messages to identify and remove “the worst” abusers. But Woog told ProPublica that the company does not consider this work to be content moderation, saying: “We actually don’t typically use the term for WhatsApp.” The company declined to make executives available for interviews for this article, but responded to questions with written comments. “WhatsApp is a lifeline for millions of people around the world,” the company said. “The decisions we make around how we build our app are focused around the privacy of our users, maintaining a high degree of reliability and preventing abuse.”

WhatsApp’s denial that it moderates content is noticeably different from what Facebook Inc. says about WhatsApp’s corporate siblings, Instagram and Facebook. The company has said that some 15,000 moderators examine content on Facebook and Instagram, neither of which is encrypted. It releases quarterly transparency reports that detail how many accounts Facebook and Instagram have “actioned” for various categories of abusive content. There is no such report for WhatsApp.

Deploying an army of content reviewers is just one of the ways that Facebook Inc. has compromised the privacy of WhatsApp users. Together, the company’s actions have left WhatsApp — the largest messaging app in the world, with two billion users — far less private than its users likely understand or expect. A ProPublica investigation, drawing on data, documents and dozens of interviews with current and former employees and contractors, reveals how, since purchasing WhatsApp in 2014, Facebook has quietly undermined its sweeping security assurances in multiple ways. (Two articles this summer noted the existence of WhatsApp’s moderators but focused on their working conditions and pay rather than their effect on users’ privacy. This article is the first to reveal the details and extent of the company’s ability to scrutinize messages and user data — and to examine what the company does with that information.)

Many of the assertions by content moderators working for WhatsApp are echoed by a confidential whistleblower complaint filed last year with the U.S. Securities and Exchange Commission. The complaint, which ProPublica obtained, details WhatsApp’s extensive use of outside contractors, artificial intelligence systems and account information to examine user messages, images and videos. It alleges that the company’s claims of protecting users’ privacy are false. “We haven’t seen this complaint,” the company spokesperson said. The SEC has taken no public action on it; an agency spokesperson declined to comment.

Facebook Inc. has also downplayed how much data it collects from WhatsApp users, what it does with it and how much it shares with law enforcement authorities. For example, WhatsApp shares metadata, unencrypted records that can reveal a lot about a user’s activity, with law enforcement agencies such as the Department of Justice. Some rivals, such as Signal, intentionally gather much less metadata to avoid incursions on its users’ privacy, and thus share far less with law enforcement. (“WhatsApp responds to valid legal requests,” the company spokesperson said, “including orders that require us to provide on a real-time going forward basis who a specific person is messaging.”)

WhatsApp user data, ProPublica has learned, helped prosecutors build a high-profile case against a Treasury Department employee who leaked confidential documents to BuzzFeed News that exposed how dirty money flows through U.S. banks.

Like other social media and communications platforms, WhatsApp is caught between users who expect privacy and law enforcement entities that effectively demand the opposite: that WhatsApp turn over information that will help combat crime and online abuse. WhatsApp has responded to this dilemma by asserting that it’s no dilemma at all. “I think we absolutely can have security and safety for people through end-to-end encryption and work with law enforcement to solve crimes,” said Will Cathcart, whose title is Head of WhatsApp, in a YouTube interview with an Australian think tank in July.

The tension between privacy and disseminating information to law enforcement is exacerbated by a second pressure: Facebook’s need to make money from WhatsApp. Since paying $22 billion to buy WhatsApp in 2014, Facebook has been trying to figure out how to generate profits from a service that doesn’t charge its users a penny.

That conundrum has periodically led to moves that anger users, regulators or both. The goal of monetizing the app was part of the company’s 2016 decision to start sharing WhatsApp user data with Facebook, something the company had told European Union regulators was technologically impossible. The same impulse spurred a controversial plan, abandoned in late 2019, to sell advertising on WhatsApp. And the profit-seeking mandate was behind another botched initiative in January: the introduction of a new privacy policy for user interactions with businesses on WhatsApp, allowing businesses to use customer data in new ways. That announcement triggered a user exodus to competing apps.

WhatsApp’s increasingly aggressive business plan is focused on charging companies for an array of services — letting users make payments via WhatsApp and managing customer service chats — that offer convenience but fewer privacy protections. The result is a confusing two-tiered privacy system within the same app where the protections of end-to-end encryption are further eroded when WhatsApp users employ the service to communicate with businesses.

The company’s December marketing presentation captures WhatsApp’s diverging imperatives. It states that “privacy will remain important.” But it also conveys what seems to be a more urgent mission: the need to “open the aperture of the brand to encompass our future business objectives.”


 

I. “Content Moderation Associates”

In many ways, the experience of being a content moderator for WhatsApp in Austin is identical to being a moderator for Facebook or Instagram, according to interviews with 29 current and former moderators. Mostly in their 20s and 30s, many with past experience as store clerks, grocery checkers and baristas, the moderators are hired and employed by Accenture, a huge corporate contractor that works for Facebook and other Fortune 500 behemoths.

The job listings advertise “Content Review” positions and make no mention of Facebook or WhatsApp. Employment documents list the workers’ initial title as “content moderation associate.” Pay starts around $16.50 an hour. Moderators are instructed to tell anyone who asks that they work for Accenture, and are required to sign sweeping non-disclosure agreements. Citing the NDAs, almost all the current and former moderators interviewed by ProPublica insisted on anonymity. (An Accenture spokesperson declined comment, referring all questions about content moderation to WhatsApp.)

When the WhatsApp team was assembled in Austin in 2019, Facebook moderators already occupied the fourth floor of an office tower on Sixth Street, adjacent to the city’s famous bar-and-music scene. The WhatsApp team was installed on the floor above, with new glass-enclosed work pods and nicer bathrooms that sparked a tinge of envy in a few members of the Facebook team. Most of the WhatsApp team scattered to work from home during the pandemic. Whether in the office or at home, they spend their days in front of screens, using a Facebook software tool to examine a stream of “tickets,” organized by subject into “reactive” and “proactive” queues.

Collectively, the workers scrutinize millions of pieces of WhatsApp content each week. Each reviewer handles upwards of 600 tickets a day, which gives them less than a minute per ticket. WhatsApp declined to reveal how many contract workers are employed for content review, but a partial staffing list reviewed by ProPublica suggests that, at Accenture alone, it’s more than 1,000. WhatsApp moderators, like their Facebook and Instagram counterparts, are expected to meet performance metrics for speed and accuracy, which are audited by Accenture.

Their jobs differ in other ways. Because WhatsApp’s content is encrypted, artificial intelligence systems can’t automatically scan all chats, images and videos, as they do on Facebook and Instagram. Instead, WhatsApp reviewers gain access to private content when users hit the “report” button on the app, identifying a message as allegedly violating the platform’s terms of service. This forwards five messages — the allegedly offending one along with the four previous ones in the exchange, including any images or videos — to WhatsApp in unscrambled form, according to former WhatsApp engineers and moderators. Automated systems then feed these tickets into “reactive” queues for contract workers to assess.

Artificial intelligence initiates a second set of queues — so-called proactive ones — by scanning unencrypted data that WhatsApp collects about its users and comparing it against suspicious account information and messaging patterns (a new account rapidly sending out a high volume of chats is evidence of spam), as well as terms and images that have previously been deemed abusive. The unencrypted data available for scrutiny is extensive. It includes the names and profile images of a user’s WhatsApp groups as well as their phone number, profile photo, status message, phone battery level, language and time zone, unique mobile phone ID and IP address, wireless signal strength and phone operating system, as a list of their electronic devices, any related Facebook and Instagram accounts, the last time they used the app and any previous history of violations.

The WhatsApp reviewers have three choices when presented with a ticket for either type of queue: Do nothing, place the user on “watch” for further scrutiny, or ban the account. (Facebook and Instagram content moderators have more options, including removing individual postings. It’s that distinction — the fact that WhatsApp reviewers can’t delete individual items — that the company cites as its basis for asserting that WhatsApp reviewers are not “content moderators.”)

WhatsApp moderators must make subjective, sensitive and subtle judgments, interviews and documents examined by ProPublica show. They examine a wide range of categories, including “Spam Report,” “Civic Bad Actor” (political hate speech and disinformation), “Terrorism Global Credible Threat,” “CEI” (child exploitative imagery) and “CP” (child pornography). Another set of categories addresses the messaging and conduct of millions of small and large businesses that use WhatsApp to chat with customers and sell their wares. These queues have such titles as “business impersonation prevalence,” “commerce policy probable violators” and “business verification.”

Moderators say the guidance they get from WhatsApp and Accenture relies on standards that can be simultaneously arcane and disturbingly graphic. Decisions about abusive sexual imagery, for example, can rest on an assessment of whether a naked child in an image appears adolescent or prepubescent, based on comparison of hip bones and pubic hair to a medical index chart. One reviewer recalled a grainy video in a political-speech queue that depicted a machete-wielding man holding up what appeared to be a severed head: “We had to watch and say, ‘Is this a real dead body or a fake dead body?’”

In late 2020, moderators were informed of a new queue for alleged “sextortion.” It was defined in an explanatory memo as “a form of sexual exploitation where people are blackmailed with a nude image of themselves which have been shared by them or someone else on the Internet.” The memo said workers would review messages reported by users that “include predefined keywords typically used in sextortion/blackmail messages.”

WhatsApp’s review system is hampered by impediments, including buggy language translation. The service has users in 180 countries, with the vast majority located outside the U.S. Even though Accenture hires workers who speak a variety of languages, for messages in some languages there’s often no native speaker on site to assess abuse complaints. That means using Facebook’s language-translation tool, which reviewers said could be so inaccurate that it sometimes labeled messages in Arabic as being in Spanish. The tool also offered little guidance on local slang, political context or sexual innuendo. “In the three years I’ve been there,” one moderator said, “it’s always been horrible.”

The process can be rife with errors and misunderstandings. Companies have been flagged for offering weapons for sale when they’re selling straight shaving razors. Bras can be sold, but if the marketing language registers as “adult,” the seller can be labeled a forbidden “sexually oriented business.” And a flawed translation tool set off an alarm when it detected kids for sale and slaughter, which, upon closer scrutiny, turned out to involve young goats intended to be cooked and eaten in halal meals.

The system is also undercut by the human failings of the people who instigate reports. Complaints are frequently filed to punish, harass or prank someone, according to moderators. In messages from Brazil and Mexico, one moderator explained, “we had a couple of months where AI was banning groups left and right because people were messing with their friends by changing their group names” and then reporting them. “At the worst of it, we were probably getting tens of thousands of those. They figured out some words the algorithm did not like.”

Other reports fail to meet WhatsApp standards for an account ban. “Most of it is not violating,” one of the moderators said. “It’s content that is already on the internet, and it’s just people trying to mess with users.” Still, each case can reveal up to five unencrypted messages, which are then examined by moderators.

The judgment of WhatsApp’s AI is less than perfect, moderators say. “There were a lot of innocent photos on there that were not allowed to be on there,” said Carlos Sauceda, who left Accenture last year after nine months. “It might have been a photo of a child taking a bath, and there was nothing wrong with it.” As another WhatsApp moderator put it, “A lot of the time, the artificial intelligence is not that intelligent.”

Facebook’s written guidance to WhatsApp moderators acknowledges many problems, noting “we have made mistakes and our policies have been weaponized by bad actors to get good actors banned. When users write inquiries pertaining to abusive matters like these, it is up to WhatsApp to respond and act (if necessary) accordingly in a timely and pleasant manner.” Of course, if a user appeals a ban that was prompted by a user report, according to one moderator, it entails having a second moderator examine the user’s content.


 

*£%#£$&@+*&+@@@£#+@&§_$£&£@_§##*$#$§+&+@&&%_$$@@

In public statements and on the company’s websites, Facebook Inc. is noticeably vague about WhatsApp’s monitoring process. The company does not provide a regular accounting of how WhatsApp polices the platform. WhatsApp’s FAQ page and online complaint form note that it will receive “the most recent messages” from a user who has been flagged. They do not, however, disclose how many unencrypted messages are revealed when a report is filed, or that those messages are examined by outside contractors. (WhatsApp told ProPublica it limits that disclosure to keep violators from “gaming” the system.)

By contrast, both Facebook and Instagram post lengthy “Community Standards” documents detailing the criteria its moderators use to police content, along with articles and videos about “the unrecognized heroes who keep Facebook safe” and announcements on new content-review sites. Facebook’s transparency reports detail how many pieces of content are “actioned” for each type of violation. WhatsApp is not included in this report.

When dealing with legislators, Facebook Inc. officials also offer few details — but are eager to assure them that they don’t let encryption stand in the way of protecting users from images of child sexual abuse and exploitation. For example, when members of the Senate Judiciary Committee grilled Facebook about the impact of encrypting its platforms, the company, in written follow-up questions in Jan. 2020, cited WhatsApp in boasting that it would remain responsive to law enforcement. “Even within an encrypted system,” one response noted, “we will still be able to respond to lawful requests for metadata, including potentially critical location or account information… We already have an encrypted messaging service, WhatsApp, that — in contrast to some other encrypted services — provides a simple way for people to report abuse or safety concerns.”

Sure enough, WhatsApp reported 400,000 instances of possible child-exploitation imagery to the National Center for Missing and Exploited Children in 2020, according to its head, Cathcart. That was ten times as many as in 2019. “We are by far the industry leaders in finding and detecting that behavior in an end-to-end encrypted service,” he said.

During his YouTube interview with the Australian think tank, Cathcart also described WhatsApp’s reliance on user reporting and its AI systems’ ability to examine account information that isn’t subject to encryption. Asked how many staffers WhatsApp employed to investigate abuse complaints from an app with more than two billion users, Cathcart didn’t mention content moderators or their access to encrypted content. “There’s a lot of people across Facebook who help with WhatsApp,” he explained. “If you look at people who work full time on WhatsApp, it’s above a thousand. I won’t get into the full breakdown of customer service, user reports, engineering, etc. But it’s a lot of that.”

In written responses for this article, the company spokesperson said: “We build WhatsApp in a manner that limits the data we collect while providing us tools to prevent spam, investigate threats, and ban those engaged in abuse, including based on user reports we receive. This work takes extraordinary effort from security experts and a valued trust and safety team that works tirelessly to help provide the world with private communication.” The spokesperson noted that WhatsApp has released new privacy features, including “more controls about how people’s messages can disappear” or be viewed only once. He added, “Based on the feedback we’ve received from users, we’re confident people understand when they make reports to WhatsApp we receive the content they send us.”


 

III. “Deceiving Users” About Personal Privacy

Since the moment Facebook announced plans to buy WhatsApp in 2014, observers wondered how the service, known for its fervent commitment to privacy, would fare inside a corporation known for the opposite. Zuckerberg had become one of the wealthiest people on the planet by using a “surveillance capitalism” approach: collecting and exploiting reams of user data to sell targeted digital ads. Facebook’s relentless pursuit of growth and profits has generated a series of privacy scandals in which it was accused of deceiving customers and regulators.

By contrast, WhatsApp knew little about its users apart from their phone numbers and shared none of that information with third parties. WhatsApp ran no ads, and its co-founders, Jan Koum and Brian Acton, both former Yahoo engineers, were hostile to them. “At every company that sells ads,” they wrote in 2012, “a significant portion of their engineering team spends their day tuning data mining, writing better code to collect all your personal data, upgrading the servers that hold all the data and making sure it’s all being logged and collated and sliced and packed and shipped out,” adding: “Remember, when advertising is involved you the user are the product.” At WhatsApp, they noted, “your data isn’t even in the picture. We are simply not interested in any of it.”

Zuckerberg publicly vowed in a 2014 keynote speech that he would keep WhatsApp “exactly the same.” He declared, “We are absolutely not going to change plans around WhatsApp and the way it uses user data. WhatsApp is going to operate completely autonomously.”

In April 2016, WhatsApp completed its long-planned adoption of end-to-end encryption, which helped establish the app as a prized communications platform in 180 countries, including many where text messages and phone calls are cost-prohibitive. International dissidents, whistleblowers and journalists also turned to WhatsApp to escape government eavesdropping.

Four months later, however, WhatsApp disclosed it would begin sharing user data with Facebook — precisely what Zuckerberg had said would not happen — a move that cleared the way for an array of future revenue-generating plans. The new WhatsApp terms of service said the app would share information such as users’ phone numbers, profile photos, status messages and IP addresses for the purposes of ad targeting, fighting spam and abuse and gathering metrics. “By connecting your phone number with Facebook’s systems,” WhatsApp explained, “Facebook can offer better friend suggestions and show you more relevant ads if you have an account with them.”

Such actions were increasingly bringing Facebook into the crosshairs of regulators. In May 2017, European Union antitrust regulators fined the company 110 million euros (about $122 million) for falsely claiming three years earlier that it would be impossible to link the user information between WhatsApp and the Facebook family of apps. The EU concluded that Facebook had “intentionally or negligently” deceived regulators. Facebook insisted its false statements in 2014 were not intentional, but didn’t contest the fine.

By the spring of 2018, the WhatsApp co-founders, now both billionaires, were gone. Acton, in what he later described as an act of “penance” for the “crime” of selling WhatsApp to Facebook, gave $50 million to a foundation backing Signal, a free encrypted messaging app that would emerge as a WhatsApp rival. (Acton’s donor-advised fund has also given money to ProPublica.)

Meanwhile, Facebook was under fire for its security and privacy failures as never before. The pressure culminated in a landmark $5 billion fine by the Federal Trade Commission in July 2019 for violating a previous agreement to protect user privacy. The fine was almost 20 times greater than any previous privacy-related penalty, according to the FTC, and Facebook’s transgressions included “deceiving users about their ability to control the privacy of their personal information.”

The FTC announced that it was ordering Facebook to take steps to protect privacy going forward, including for WhatsApp users: “As part of Facebook’s order-mandated privacy program, which covers WhatsApp and Instagram, Facebook must conduct a privacy review of every new or modified product, service, or practice before it is implemented, and document its decisions about user privacy.” Compliance officers would be required to generate a “quarterly privacy review report” and share it with the company and, upon request, the FTC.

Facebook agreed to the FTC’s fine and order. Indeed, the negotiations for that agreement were the backdrop, just four months before that, for Zuckerberg’s announcement of his new commitment to privacy.

By that point, WhatsApp had begun using Accenture and other outside contractors to hire hundreds of content reviewers. But the company was eager not to step on its larger privacy message — or spook its global user base. It said nothing publicly about its hiring of contractors to review content.


 

IV$ “W+ Kill P_op%§ Base@%On$Met§data”

Even as Zuckerberg was touting Facebook Inc.’s new commitment to privacy in 2019, he didn’t mention that his company was apparently sharing more of its WhatsApp users’ metadata than ever with the parent company — and with law enforcement.

To the lay ear, the term “metadata” can sound abstract, a word that evokes the intersection of literary criticism and statistics. To use an old, pre-digital analogy, metadata is the equivalent of what’s written on the outside of an envelope — the names and addresses of the sender and recipient and the postmark reflecting where and when it was mailed — while the “content” is what’s written on the letter sealed inside the envelope. So it is with WhatsApp messages: The content is protected, but the envelope reveals a multitude of telling details (as noted: time stamps, phone numbers and much more).

Those in the information and intelligence fields understand how crucial this information can be. It was metadata, after all, that the National Security Agency was gathering about millions of Americans not suspected of a crime, prompting a global outcry when it was exposed in 2013 by former NSA contractor Edward Snowden. “Metadata absolutely tells you everything about somebody’s life,” former NSA general counsel Stewart Baker once said. “If you have enough metadata, you don’t really need content.” In a symposium at Johns Hopkins University in 2014, Gen. Michael Hayden, former director of both the CIA and NSA, went even further: “We kill people based on metadata.”

U.S. law enforcement has used WhatsApp metadata to help put people in jail. ProPublica found more than a dozen instances in which the Justice Department sought court orders for the platform’s metadata since 2017. These represent a fraction of overall requests, known as pen register orders (a phrase borrowed from the technology used to track numbers dialed by landline telephones), as many more are kept from public view by court order. U.S. government requests for data on outgoing and incoming messages from all Facebook platforms increased by 276% from the first half of 2017 to the second half of 2020, according to Facebook Inc. statistics (which don’t break out the numbers by platform). The company’s rate of handing over at least some data in response to such requests has risen from 84% to 95% during that period.

It’s not clear exactly what government investigators have been able to gather from WhatsApp, as the results of those orders, too, are often kept from public view. Internally, WhatsApp calls such requests for information about users “prospective message pairs,” or PMPs. These provide data on a user’s messaging patterns in response to requests from U.S. law enforcement agencies, as well as those in at least three other countries — the United Kingdom, Brazil and India — according to a person familiar with the matter who shared this information on condition of anonymity. Law enforcement requests from other countries might only receive basic subscriber profile information.

WhatsApp metadata was pivotal in the arrest and conviction of Natalie “May” Edwards, a former Treasury Department official with the Financial Crimes Enforcement Network, for leaking confidential banking reports about suspicious transactions to BuzzFeed News. The FBI’s criminal complaint detailed hundreds of messages between Edwards and a BuzzFeed reporter using an “encrypted application,” which interviews and court records confirmed was WhatsApp. “On or about August 1, 2018, within approximately six hours of the Edwards pen becoming operative — and the day after the July 2018 Buzzfeed article was published — the Edwards cellphone exchanged approximately 70 messages via the encrypted application with the Reporter-1 cellphone during an approximately 20-minute time span between 12:33 a.m. and 12:54 a.m.,” FBI Special Agent Emily Eckstut wrote in her October 2018 complaint. Edwards and the reporter used WhatsApp because Edwards believed the platform to be secure, according to a person familiar with the matter.

Edwards was sentenced on June 3 to six months in prison after pleading guilty to a conspiracy charge and reported to prison last week. Edwards’ attorney declined to comment, as did representatives from the FBI and the Justice Department.

WhatsApp has for years downplayed how much unencrypted information it shares with law enforcement, largely limiting mentions of the practice to boilerplate language buried deep in its terms of service. It does not routinely keep permanent logs of who users are communicating with and how often, but company officials confirmed they do turn on such tracking at their own discretion — even for internal Facebook leak investigations — or in response to law enforcement requests. The company declined to tell ProPublica how frequently it does so.

The privacy page for WhatsApp assures users that they have total control over their own metadata. It says users can “decide if only contacts, everyone, or nobody can see your profile photo” or when they last opened their status updates or when they last opened the app. Regardless of the settings a user chooses, WhatsApp collects and analyzes all of that data — a fact not mentioned anywhere on the page.


 

V. “Opening the Aperture to Encompass Business Objectives”

The conflict between privacy and security on encrypted platforms seems to be only intensifying. Law enforcement and child safety advocates have urged Zuckerberg to abandon his plan to encrypt all of Facebook’s messaging platforms. In June 2020, three Republican senators introduced the “Lawful Access to Encrypted Data Act,” which would require tech companies to assist in providing access to even encrypted content in response to law enforcement warrants. For its part, WhatsApp recently sued the Indian government to block its requirement that encrypted apps provide “traceability” — a method to identify the sender of any message deemed relevant to law enforcement. WhatsApp has fought similar demands in other countries.

Other encrypted platforms take a vastly different approach to monitoring their users than WhatsApp. Signal employs no content moderators, collects far less user and group data, allows no cloud backups and generally rejects the notion that it should be policing user activities. It submits no child exploitation reports to NCMEC.

Apple has touted its commitment to privacy as a selling point. Its iMessage system displays a “report” button only to alert the company to suspected spam, and the company has made just a few hundred annual reports to NCMEC, all of them originating from scanning outgoing email, which is unencrypted.

But Apple recently took a new tack, and appeared to stumble along the way. Amid intensifying pressure from Congress, in August the company announced a complex new system for identifying child-exploitative imagery on users’ iCloud backups. Apple insisted the new system poses no threat to private content, but privacy advocates accused the company of creating a backdoor that potentially allows authoritarian governments to demand broader content searches, which could result in the targeting of dissidents, journalists or other critics of the state. On Sept. 3, Apple announced it would delay implementation of the new system.

Still, it’s Facebook that seems to face the most constant skepticism among major tech platforms. It is using encryption to market itself as privacy-friendly, while saying little about the other ways it collects data, according to Lloyd Richardson, the director of IT at the Canadian Centre for Child Protection. “This whole idea that they’re doing it for personal protection of people is completely ludicrous,” Richardson said. “You’re trusting an app owned and written by Facebook to do exactly what they’re saying. Do you trust that entity to do that?” (On Sept. 2, Irish authorities announced that they are fining WhatsApp 225 million euros, about $267 million, for failing to properly disclose how the company shares user information with other Facebook platforms. WhatsApp is contesting the finding.)

Facebook’s emphasis on promoting WhatsApp as a paragon of privacy is evident in the December marketing document obtained by ProPublica. The “Brand Foundations” presentation says it was the product of a 21-member global team across all of Facebook, involving a half-dozen workshops, quantitative research, “stakeholder interviews” and “endless brainstorms.” Its aim: to offer “an emotional articulation” of WhatsApp’s benefits, “an inspirational toolkit that helps us tell our story,” and a “brand purpose to champion the deep human connection that leads to progress.” The marketing deck identifies a feeling of “closeness” as WhatsApp’s “ownable emotional territory,” saying the app delivers “the closest thing to an in-person conversation.”

WhatsApp should portray itself as “courageous,” according to another slide, because it’s “taking a strong, public stance that is not financially motivated on things we care about,” such as defending encryption and fighting misinformation. But the presentation also speaks of the need to “open the aperture of the brand to encompass our future business objectives. While privacy will remain important, we must accommodate for future innovations.”

WhatsApp is now in the midst of a major drive to make money. It has experienced a rocky start, in part because of broad suspicions of how WhatsApp will balance privacy and profits. An announced plan to begin running ads inside the app didn’t help; it was abandoned in late 2019, just days before it was set to launch. Early this January, WhatsApp unveiled a change in its privacy policy — accompanied by a one-month deadline to accept the policy or get cut off from the app. The move sparked a revolt, impelling tens of millions of users to flee to rivals such as Signal and Telegram.

The policy change focused on how messages and data would be handled when users communicate with a business in the ever-expanding array of WhatsApp Business offerings. Companies now could store their chats with users and use information about users for marketing purposes, including targeting them with ads on Facebook or Instagram.

Elon Musk tweeted “Use Signal,” and WhatsApp users rebelled. Facebook delayed for three months the requirement for users to approve the policy update. In the meantime, it struggled to convince users that the change would have no effect on the privacy protections for their personal communications, with a slightly modified version of its usual assurance: “WhatsApp cannot see your personal messages or hear your calls and neither can Facebook.” Just as when the company first bought WhatsApp years before, the message was the same: Trust us.

Correction

Sept. 10, 2021: This story originally stated incorrectly that Apple’s iMessage system has no “report” button. The iMessage system does have a report button, but only for suspected spam (not for suspected abusive content).

https://www.propublica.org/article/how-facebook-undermines-privacy-protections-for-its-2-billion-whatsapp-users

DuckDuckGo’s Quest to Prove Online Privacy Is Possible

illustration of orange tool box with tools and green bowtie in it
This year, DuckDuckGo plans to significantly expand its privacy offerings.Illustration: Sam Whitney; Getty Images

I was driving up through Pennsylvania last summer, somewhere along US Route 15 between Harrisburg and Williamsport, when I saw a familiar face: a goofy cartoon duck wearing a green bowtie. It was the logo for DuckDuckGo, the privacy-focused search engine, along with a message: “Tired of Being Tracked Online? We Can Help.”

The sight of a tech company on a billboard in rural Pennsylvania was surprising enough to lodge in my memory. Highways in and out of Silicon Valley may be lined with billboards advertising startups, where they can be easily spied by VCs and other industry influencers, but the post-industrial communities hugging the Susquehanna River will never be confused with Palo Alto. Far more typical are road signs advertising a fireworks store, a sex shop, or Donald Trump. I found it hard to imagine that the other drivers on the road were really the audience for an internet company that occupies a very specific niche.

It turns out DuckDuckGo—itself based in Valley Forge, PA, about 90 miles east of Route 15—knew something I didn’t. According to the company’s market research, just about every demographic wants more data privacy: young, old, male, female, urban, rural. Public polling backs that up, though the results vary based on how the question is asked. One recent survey found that “93 percent of Americans would switch to a company that prioritizes data privacy if given the option.” Another reported that 57 percent of Americans would give up personalization in exchange for privacy. Perhaps most telling are the early returns on Apple’s new App Tracking Transparency system, which prompts iOS users to opt in to being tracked by third-party apps rather than handing over their data by default, as has long been standard. According to some estimates, only a tiny minority of users are choosing to allow tracking.

The problem for a company like DuckDuckGo, then, isn’t making people care about privacy; it’s convincing them that privacy is possible. Many consumers, the company has found, have basically thrown up their hands in resignation, concluding that there’s no way out of the modern surveillance economy. It’s easy to see why. Each new story about data privacy, whether it’s about the pervasiveness of tracking, or a huge data breach, or Facebook or Google’s latest violation of user trust, not only underscores the extent of corporate surveillance but also makes it feel increasingly inescapable.

DuckDuckGo is on a mission to prove that giving up one’s privacy online is not, in fact, inevitable. Over the past several years, it has expanded far beyond its original search engine to provide a suite of free privacy-centric tools, including a popular browser extension, that plug up the various holes through which ad tech companies and data brokers spy on us as we browse the internet and use our phones. This year it will roll out some major new products and features, including a desktop browser and email privacy protection. And it will spend more money than it ever has on advertising to get the word out. The long-term goal is to turn DuckDuckGo into an all-in-one online privacy shield—what Gabriel Weinberg, the company’s founder and CEO, calls “the ‘easy button’ for privacy.”

“People want privacy, but they feel like it’s impossible to get,” Weinberg says. “So our main challenge is to make the idea that you can get simple privacy protection credible.”

Whether that mission succeeds could have consequences far beyond DuckDuckGo’s bottom line. DuckDuckGo is operating to some extent in the shadow of Apple, which has already made privacy a core part of its pitch to customers. But DuckDuckGo’s ambition is to provide a suite of protections that are even more extensive and intuitive than Apple’s. And it is offering them to the millions of people who don’t want or can’t afford to use Apple products: Google’s Android operating system accounts for about 50 percent of the mobile market in the US and more than 70 percent worldwide. Perhaps most important, if DuckDuckGo succeeds at bringing simple privacy to the masses, it will mean that the future of privacy might not depend on the relative benevolence of just two corporate overlords.

Founded in 2008, DuckDuckGo is best known for its search engine. Which means that it has always been defined as a challenger to Google. It has not shied away from the comparison. In 2011, Weinberg, then the company’s sole employee, took out an ad on a billboard in San Francisco that declared, “Google tracks you. We don’t.” That branding—Google, but private—has served the company well in the years since.

“The only way to compete with Google is not to try to compete on search results,” says Brad Burnham, a partner at Union Square Ventures, which gave DuckDuckGo its first and only Series A funding in 2011. When the upstart launched, Google already controlled 90 percent of the market and was spending billions of dollars, and collecting data on billions of users, to make its product even better. DuckDuckGo, however, “offered something that Google couldn’t offer,” Burnham says: “They offered not to track you. And Google’s entire business model is, obviously, built on the ability to do that, so Google couldn’t respond by saying, ‘OK, we won’t track you either.’”

Neither DuckDuckGo nor anyone else came close to stopping Google from dominating search. Today, Google’s market share still hovers around the 90 percent range. But the pie is so enormous—advertisers spent $60 billion on search advertising in the US alone last year, according to eMarketer—that there’s quite a bit of money in even a tiny slice. DuckDuckGo has been profitable since 2014.

Like Google Search, DuckDuckGo makes money by selling ads on top of people’s search results. The difference is that while the ads you see when searching on Google are generally targeted to you in part based on your past searches, plus what Google knows about your behavior more broadly, DuckDuckGo’s are purely “contextual”—that is, they are based only on the search term. That’s because DuckDuckGo doesn’t know anything about you. It doesn’t assign you an identifier or keep track of your search history in order to personalize your results.

This non-creepy approach only protects you, however, while you’re on DuckDuckGo. “You’re anonymous on the search engine, but once you click off, now you’re going to other websites where you’re less anonymous,” Weinberg says. “How can we protect you there?”

DuckDuckGo’s first answer to that question rolled out in 2018, with the launch of a desktop browser extension and mobile browser that block third-party trackers by default wherever a user goes on the internet. It was good timing: 2018 was a banner year for raising privacy awareness. Facebook’s Cambridge Analytica scandal broke that spring. The GDPR took effect in Europe, throwing into relief how little the US regulates data collection. That summer, the Associated Press revealed that many Google services were storing your location data even if you explicitly opted out. Data collection and privacy were firmly in the national conversation. Since then, congressional inquiries, antitrust lawsuits, Netflix documentaries, and a growing feud between Apple and Facebook have kept it there.

“One of the funny things about DuckDuckGo is that the single best marketing we’ve ever had has been the gaffes that Google and Facebook have made over the years,” says Burnham. “Cambridge Analytica, for instance, was a huge driver of adoption for DuckDuckGo. There is an increasing awareness of how this business model works and what it means—not just in terms of the loss of privacy and agency over our own data, but also what it means for the vibrance and success of an open marketplace.”

Man looking at his computer being surrounded by eyes that represent data snatchers

Awareness is one thing, action another. DuckDuckGo was in position to capitalize on the rising tide of scandal because it has a reputation for building products that work. In 2019, for instance, it added a feature to its extension and browser that directs users to encrypted versions of websites whenever possible, preventing would-be hackers or ISPs from, say, looking over your shoulder as you type a password into a web page. While other encryption tools work by manually creating lists of tens of thousands of websites in need of an upgrade, DuckDuckGo crawled the internet to automatically populate a list of more than 12 million sites. The Electronic Frontier Foundation recently announced that it would incorporate DuckDuckGo’s dataset for its own HTTPS Everywhere extension. Similarly, Apple uses DuckDuckGo’s Tracker Radar dataset—a continuously updated, publicly available list of trackers assembled using open-source code—for Safari’s tracking prevention.

Weinberg is particularly proud of DuckDuckGo’s tracker prevention. Surveillance is so built into the infrastructure of the web that many sites will stop functioning if you block all cookies. Take Google Analytics, which is found on the vast majority of websites. “If you just straight-up block Google Analytics, you’ll break sites,” Weinberg says. As a result, mainstream browsers with tracking prevention, like Safari and Firefox, allow trackers to load, then try to restrict the data they can gather.

“They’re more inclined to err on the side of not breaking websites,” explains Bennett Cyphers, a technologist at the Electronic Frontier Foundation. “They will try and do this middle ground thing where they’ll load resources but restrict what Google can do once it’s in your browser.”

The problem is that even allowing a tracker to load in the first place can allow it to gather highly specific data about the user, including their IP address. So DuckDuckGo, like some other privacy extensions, works differently. It simply prevents the cookie from loading at all. To avoid the broken-site problem, it replaces some trackers with a dummy that essentially tricks the site into thinking the cookie has loaded, a technique called “surrogates” pioneered by the ad blocker uBlock Origin.

Ultimately, DuckDuckGo probably owes its success less to the technical aspects of its tracker prevention, which very few people are in any position to understand, than to the fact that the company does a pretty good job honoring its slogan: “Privacy, simplified.” Its products don’t require a user to toggle any elaborate settings. They simply include encryption, tracker blocking, and private search automatically.

Since their launch, the extension and mobile browser have experienced rapid user growth. According to DuckDuckGo, the extension and browser have together been downloaded more than 100 million times since 2018, and more than half of those downloads took place over the past twelve months. That growth has in turn helped juice the use of the original search engine, which is built into mobile app. The company estimates that its search user count doubled over the past year to between 70 and 100 million. (It’s an estimate because they don’t track users.) According to StatCounter, DuckDuckGo now has the second highest share of the US mobile search market, edging out Bing and Yahoo. (A distant second, that is: 2 percent to Google’s 94 percent.) DuckDuckGo says its annual revenue is over $100 million.

This year, the company plans to significantly expand its privacy offerings. It is introducing a desktop browser, incorporating the same features as the existing mobile app. Currently, even someone with the DuckDuckGo privacy extension can’t stop Google from gathering some data on them if they’re using Chrome, for example.

DuckDuckGo is also adding two new features to its existing extension and mobile app. The first is email privacy protection. Weinberg says that his company’s researchers found that some 70 percent of emails have some sort of tracker embedded in them. That includes not just corporate promotional emails, but just about any newsletter or fundraising email that’s sent using an automated service. In nearly a third of those cases, Weinberg says, the trackers are sending users’ plaintext email addresses over the internet, potentially exposing them to any number of marketers, data brokers, and shadier actors. The email tool is designed to thwart that by forwarding messages through a DuckDuckGo email address, which will remove the trackers before sending them along to inboxes. It also will allow people to generate random email addresses whenever they have to use email to sign up for something.  (Apple recently announced a similar feature for the Mail app on iOS.) In theory, DuckDuckGo could have created its own email client, but Weinberg recognizes getting users to switch their email providers is prohibitively difficult.

“Our goal is simplicity, right?” he says. “We want to make privacy simple and seamless without sacrifice for users.”

The final new tech DuckDuckGo is unveiling this year operates on a similar principle. A new feature within its Android app will operate in the background, even when the app itself is not in use, to block third parties from tracking you through any other app on your phone. It does that by using the phone’s VPN permission to route all traffic through DuckDuckGo, so that, as with the email trackers, it can block requests from anyone on its tracker list before they have an opportunity to gather any user data. (Again, this is somewhat analogous to Apple’s App Tracking Transparency on iOS. It will not stop first-party data collection, meaning the app you’re using can still collect your data. But it won’t be able to pass that data through to other companies, including Facebook, which currently tracks users through a vast number of unrelated apps.)

Taken together, the new features, which the company says will be available in beta this summer, represent DuckDuckGo’s evolving mission to create what Weinberg calls “the privacy layer of the internet.”

“The ideal case for that from a user perspective is, you download DuckDuckGo and you’re just protected wherever you go online,” he says. “We’re obviously not there yet, but that’s the product vision.”

So, about those billboards.

The company’s reliance on old-school advertising mediums—in addition to billboards, DuckDuckGo is partial to radio ads—is partly of necessity: As a privacy-focused business, it refuses to do any microtargeted online advertising. (Even when it advertises on a social media site like Twitter, Weinberg says it doesn’t set any demographic targeting parameters.) But the strategy also stems from the company’s market research, which has found that precise targeting would be a waste of money anyway.

“People who care about privacy, who act on privacy, who would adopt a DuckDuckGo product—they’re actually not a very niche audience,” says Zac Pappis, head of the company’s user insight team. “People who act and care about privacy don’t fall into a particular age group or demographic or have a particular psychographic background, so that makes them easier to reach.”

To put it in advertising parlance, this means DuckDuckGo spends its marketing budget on brand awareness. Ordinary people around the country don’t need to be convinced to care about privacy, the theory goes—they just need to learn that a solution exists. “Our current top business priority is to be the household name for simple online privacy protection,” Weinberg says. “So when you think about privacy online, we want you to turn to DuckDuckGo.”

To that end, the company is investing in its biggest marketing blitz to date this year, devoting tens of millions to an advertising push—so expect more billboards and more radio ads during those summer road trips. Weinberg believes the time is ripe. He points out the fact that tech giants like Apple, Facebook, and Google have all been raising the salience of privacy through very public battles over their policies and products. Plus, the ongoing antitrust lawsuits against the tech giants will draw more attention to those companies’ business practices, including around user privacy. One of the cases, brought by the Department of Justice, could even give DuckDuckGo a direct boost by preventing Google from being set as the default search engine on phones.

DuckDuckGo has competition. Companies like Ghostery offer tracking protection. Brave has a well-regarded privacy browser. The Netherlands-based Startpage offers search without tracking. But in the US, at least, DuckDuckGo has a strong position in the privacy market. In a sector where users have to trust that your product works the way you say it does, a decade-long track record without any privacy scandals establishes important credibility. “They’re probably the biggest name right now, probably because of the popularity of their search engine,” says Jon Callas, director of technology products at the Electronic Frontier Foundation.

But being the biggest name among people with a special interest in online privacy still amounts to being a big fish in a small pond. Weinberg believes DuckDuckGo can change that. He is convinced that the pond is actually huge. It just doesn’t know it yet.

Source: https://www.wired.com/story/duckduckgo-quest-prove-online-privacy-possible/

It’s time to ditch Chrome

It’s time to ditch Chrome

As well as collecting your data, Chrome also gives Google a huge amount of control over how the web works
Its time to ditch Chrome
Kheat / GOOGLE / WIRED
 

Despite a poor reputation for privacy, Google’s Chrome browser continues to dominate. The web browser has around 65 per cent market share and two billion people are regularly using it. Its closest competitor, Apple’s Safari, lags far behind with under 20 per cent market share. That’s a lot of power, even before you consider Chrome’s data collection practices. 

Is Google too big and powerful, and do you need to ditch Chrome for good? Privacy experts say yes. Chrome is tightly integrated with Google’s data gathering infrastructure, including services such as Google search and Gmail – and its market dominance gives it the power to help set new standards across the web. Chrome is one of Google’s most powerful data-gathering tools.

Google is currently under fire from privacy campaigners including rival browser makers and regulators for changes in Chrome that will spell the end of third-party cookies, the trackers that follow you as you browse. Although there are no solid plans for Europe yet, Google is planning to replace cookies with its own ‘privacy preserving’ tracking tech called FLoC, which critics say will give the firm even more power at the expense of its competitors due to the sheer scale of Chrome’s user base.

Chrome’s hefty data collection practices are another reason to ditch the browser. According to Apple’s iOS privacy labels, Google’s Chrome app can collect data including your location, search and browsing history, user identifiers and product interaction data for “personalisation” purposes. Google says this gives you the ability to enable features such as the option to save your bookmarks and passwords to your Google Account. But unlike rivals Safari, Microsoft’s Edge and Firefox, Chrome links this data to devices and individuals.

Although Chrome legitimately needs to handle browsing data, it can siphon off a large amount of information about your activities and transmit it to Google, says Rowenna Fielding, founder and director of privacy consultancy Miss IG Geek. “If you’re using Chrome to browse the internet, even in private mode, Google is watching everything you do online, all the time. This allows Google to build up a detailed and sophisticated picture about your personality, interests, vulnerabilities and triggers.”

When you sync your Google accounts to Chrome, the data slurping doesn’t stop there. Information from other Google-owned products including its email service Gmail and Google search can be combined to form a scarily accurate picture. Chrome data can be added to your geolocation history from Google Maps, the metadata from your Gmail usage, your social graph – who you interact with, both on and offline – the apps you use on your Android phone, and the products you buy with Google Pay. “That creates a very clear picture of who you are and how you live your life,” Fielding says.

As well as gathering information about your online and offline purchases, data from Google Pay can be used “in the same way as data from other Google services,” says Fielding. “This is not just what you buy, but also your location, device contacts and information, and the links those details provide so you can be identified and profiled across multiple datasets.”

Google’s power goes even further than its own browser market share. Competitor browsers such as Microsoft’s Edge are based on the same engine, Chromium. “So under the hood they are still a form of Chrome”, says Sean Wright, an independent security researcher.

Google’s massive market share has allowed the internet giant to develop web standards such as AMP in Google mobile search, which publishers must use in order to appear at the top of search results. And more recently, Chrome’s FLoC effectively gives Google control over the ad tracking tech that will replace third-party cookies – although this is being developed in the open and with feedback from other developers.

Google’s power allows it to set the direction of the industry, says Wright. “Some of those changes are good, including the move to make HTTPS encryption a default, but others are more self-serving, such as the FLoC proposal.”

Google says its Ads products do not access synced Chrome browsing history, other than for preventing spam and fraud. The firm outlines that the iOS privacy labels represent the maximum categories of data that can be gathered, and what is actually collected depends on the features you use in the app, and how you configure your settings. It also claims its open-source FLoC API is privacy-focused and will not give Google Ads products special privileges or access.

Google says privacy and security “have always been core benefits of the Chrome browser”. A Google spokesperson highlighted the Safe Browsing features that protect against threats such as phishing and malware, as well as additional controls to help you manage your information in Chrome. In recent years the company has introduced more ways you can control your data. “Chrome offers helpful options to keep your data in sync across devices, and you control what activity gets saved to your Google Account if you choose to sign in,” the spokesperson says.

But that doesn’t change the level of data collection possible, or the fact that Google has so much sway, simply through its market dominance and joined up ad-driven ecosystem. “When you are a company that has the majority share of browsers and internet search, you suddenly have a huge amount of power,” says Matthew Gribben, a former GCHQ cybersecurity consultant. “When every web developer and SEO expert in the world needs to pander to these whims, the focus becomes on making sites work well for Google at the expense of everything else.”

And as long as people use Chrome and other services – many of which are, admittedly, more user friendly than those of rivals – then Google’s power shows no signs of diminishing. Chrome provides Google with “enormous amounts of behavioural and demographic data, control over people’s browsing experience, a platform for shaping the web to Google’s own advantage, and brand ‘capture’”, Fielding says. “When people’s favourite tools, games and sites only work with Chrome, they are reluctant to switch to an alternative.”

In theory, competition and data protection laws should provide the tools to keep Google from getting out of control, says Fielding. But in practice, “that doesn’t seem to be working for various reasons – including disparities of wealth and power between Google and national regulators”. Fielding adds that Google is also useful to many governments and economies and it is tricky to enforce national laws against a global corporation.

There are steps you can take to lock down your account, such as preventing your browsing data being collected by not syncing Chrome, and turning off third-party cookie tracking. But note that the more features you use in Chrome, the more data Google needs to ensure they can function properly. And as Google’s power and dominance continues to surge, the other option is to ditch Chrome altogether.

If you do decide to ditch Chrome, there are plenty of other feature-rich privacy browser options to consider, including Firefox, Brave and DuckDuckGo, which don’t involve giving Google any of your data.

source: https://www.wired.co.uk/article/google-chrome-browser-data

Google increasingly complicates the balance between the privacy its users deserve and the targeted advertising that drives its business.   

Abstract: Android has come a long way in enhancing its security features and building out privacy controls for users, including with its Android 12 innovations. But as Apple continues to crack down on ad-tracking in an iOS 14 feature, the bar is higher than ever—and in ways that increasingly complicate Google’s balance between the privacy its users deserve and the targeted advertising that drives its business. 

Android 12 Lets You See What Your Apps Are Getting IntoA new privacy dashboard and “app hibernation” are coming to Google’s mobile operating system.man on phoneGoogle’s new privacy dashboard breaks down app activity by category— like “Location,” “Camera,” and “Microphone”—and then shows you which apps accessed those mechanisms, and for how long.Photograph: Getty Images

Google: Marketers assign your Google device an ID and then monitor your web and in-app behavior across different platforms to generate composite profiles of demographic information, purchasing habits, and life events

The New iOS Update Lets You Stop Ads From Tracking You—So Do It

Facebook and other advertisers fought the move, but App Tracking Transparency is finally here.
apple logo
The long-awaited iOS 14.5 update gives you superpowers over cross-platform tracking.Photograph: MLADEN ANTONOV/Getty Images

If you’re sick of opaque ad tracking and don’t feel like you have a handle on it, a new iOS feature promises to give you back some control. With the release of Apple’s iOS 14.5 on Monday, all of your apps will have to ask in a pop-up: Do you want to allow this app to track your activity across other companies‘ apps and websites? For once, your answer can be no.

A lot of the biggest data privacy crises of the past few years have come not from breaches but from all the opaque policies around how companies share user data and track those users across services for targeted advertising. Marketers assign your device an ID and then monitor your web and in-app behavior across different platforms to generate composite profiles of demographic information, purchasing habits, and life events. Apple has already taken a strong stand to disrupt ad tracking in its Safari browser; this iOS update brings the showdown to mobile. But while the step may seem like a no-brainer to iOS users, it’s been deeply controversial with companies built on ad revenue, including and especially Facebook.“This is a significant and impactful move,” says Jason Kint, CEO of the digital publishing trade organization Digital Content Next. (WIRED parent company Condé Nast is a member.) “The digital advertising business has been mostly built off of micro-targeting audiences. Facebook, as an example, has code embedded in millions of apps to collect data to target audiences wherever it wants as promptly as possible—and this cuts that off.”iOS already gave its users the option to turn off ad ID sharing completely, essentially zeroing out the unique identifier on your phone, known as IDFA, that iOS gives developers for in-app and cross-service tracking. iOS 14.5’s new requirements, though, compel each app to put the question to users individually through Apple’s AppTrackingTransparency framework, so you have more granular control. This allows you to grant the privilege to certain apps if, for example, you would rather see tailored ads on a particular service. But it also will simply expose how many apps participate in cross-service ad tracking, including some you may not have suspected.“We believe tracking should always be transparent and under your control,” Katie Skinner, an Apple user privacy software manager, said at Apple’s Worldwide Developers Conference last June. „So moving forward, App Store policy will require apps to ask before tracking you across apps and websites owned by other companies.“

iphone screenshot

After you install iOS 14.5, you’ll see this pop-up when you open any app that tracks you across the web.

Photograph: Apple
Though the tracking changes in iOS 14.5 are significant, they don’t extend beyond the walled garden that is iOS. Kint likens the immediate impact to squeezing one part of a water balloon: The liquid just expands to the other side. Platforms like Android and the web on most browsers will still allow tracking, and marketers may focus even more strongly there. But Apple’s step with ATT could ultimately spark broader change.

For now, though, just download iOS 14.5 if you have an iPhone, and get ready to start tapping “Ask App not to Track” whenever you see it. Especially in places you never saw coming.

Source: https://www.wired.com/story/ios-app-tracking-transparency-advertising/

A Guide to Apple’s New App-Tracking Controls (ATT) in IOS 14.5

It’s the biggest lie of our time: “I have read the terms and conditions and privacy policy.”Read a bajillion words of legalese before hitting “agree” to use an app? Surrre.Yet I have one request for you when iOS 14.5 arrives on your iPhone and privacy pop-upalooza begins: Read them. Lucky for you, they’re short and crucial to understanding how your most personal info is used.

As for how you choose to answer these prompts, I have some advice on that, too.

On Monday, after many months of anticipation, Apple AAPL -0.24% released iOS 14.5. The update isn’t as big as the full-digit release that typically arrives each September, but it does have a few useful upgrades.Siri has some new, more realistic voices. If you’re setting up a new device, the virtual assistant no longer defaults to a female voice —something I’ve long advocated for. Then, there’s the new mask-unlock trick. If you’re wearing a mask and want to unlock your iPhone without punching in a passcode, you can use your Apple Watch to confirm it’s you. Oh, and there’s a redesigned syringe emoji. No sore arm included.But the most important and most controversial update? App Tracking Transparency—abbreviated to ATT. The privacy feature requires any app that wants to track your activity and share it with other apps or websites to ask for permission.“We really just want to give users a choice,” Craig Federighi, Apple’s senior vice president of software engineering, told me in an exclusive video interview. “These devices are so intimately a part of our lives and contain so much of what we’re thinking and where we’ve been and who we’ve been with that users deserve and need control of that information.” He added, “The abuses can range from creepy to dangerous.”

Many apps on your phone will begin showing pop-ups like these.

PHOTO: JOANNA STERN/THE WALL STREET JOURNAL

App developers, advertisers and social networks dependent on ad revenue don’t see it as such a humanitarian decision. For years, they’ve relied on this sort of tracking and sharing your info with data brokers to build a dossier on your digital habits to serve you highly personalized ads. Facebook has been vocal about Apple’s move, calling it “harmful to small businesses,” “anticompetitive” and “hypocritical.”“It’s people opting out without understanding the impact,” said Graham Mudd, Facebook’s vice president of Ads & Business Product Marketing. “If you look at Apple’s language and the lack of explanation, we’re concerned that people will opt out because of this discouraging prompt, and we will find ourselves in a world where the internet has more paywalls and where far fewer small businesses are able to reach their customers.”

“It wasn’t surprising to us to hear that some people were going to push back on this, but at the same time, we were completely confident that it’s the right thing,” Mr. Federighi said. While the feature’s rollout has been delayed, Mr. Federighi said that was caused not by backlash but because Apple had to make sure app developers could comply when a user opted out of tracking. Mr. Federighi said Apple worked hard on the clarity of the prompts and has created privacy-respecting ad tools for developers.After years of writing about the need for more privacy control, I’m grateful for the choice. But this is much more than just some eeny-meeny-miny-moe decision. This is a choice about who you think deserves your personal information, and how targeted you want the marketing in your feeds to be. When presented with a pop-up, here’s what to consider.

Option 1: Ask App Not to Track

This is your hands-off-my-data choice.Tapping this tells the system not to share something you probably never knew you were sharing, called an IDFA—Identifier for Advertisers. For years all iPhones have had this invisible string of numbers used for tracking and identifying you and your activity in and across apps. (Android has something similar.)Here’s an example of how it works: You download a free, ad-supported sleep app. A few hours later you start seeing ads for adult onesies in your Facebook feed. You also start seeing ads in the sleep app pertaining to other interests of yours—potentially as innocent as dish soap or as personal as fertility treatments.Behind the scenes the sleep app and Facebook were communicating about you using that identifier. And since most apps use it, the data attached to yours can include the apps you’ve downloaded, your search history, your purchase history, your recent locations and more.Tapping this option will restrict the app from accessing that tracking number (which your device no longer shares by default), but it also tells that app you don’t want to be tracked using sneakier means. That’s why it says “Ask App Not to Track” rather than “Do Not Track,” Mr. Federighi explained.Apps that might ignore the policy and continue to track through other means could be punished in the App Store, he added. “They might not be able to provide updates or their app could even be removed from the store.” Translation: Follow the rules or get out.The appeal of this option doesn’t need my explanation: Stop the tracking and the “surveillance capitalism,” as some call it, that’s been happening behind the scenes all these years.Those who prioritize privacy—or just don’t like pop-ups—can opt out of tracking altogether with a universal setting that tells all apps, “No.” On your iPhone go to Settings > Privacy > Tracking. You’ll see “Allow Apps to Request to Track.” Turn it off and apps won’t ask—and they won’t have access to your identifier.

If you want to stop tracking across all apps, and prevent future pop-ups, go to Settings and turn off ‚Allow Apps to Request to Track.‘

PHOTO: JOANNA STERN/THE WALL STREET JOURNAL

If an app doesn’t have a pop-up, it doesn’t have your identifier and it shouldn’t be tracking and sharing your info with other apps. Apple’s own apps won’t have pop-ups, Mr. Federighi said. Google has also announced that many of its iOS apps will no longer use the IDFA.

Option 2: Allow Tracking

Tap this option and your data flows like the Mississippi—at least among the apps that get your consent. App makers have two opportunities to explain how they will use the data and convince you they’re worthy.When you get the pop-up, under the question “Allow [app] to track your activity across other companies’ apps and websites?” you’ll see a message from the app maker in small text. Most are short and tend to explain the need to track for “relevant” or “personalized” ads. Still, read them—you may be surprised by what’s said.Others go a step further. Before you get to that official pop-up, some will show a full screen explaining the benefits of advertising and how they use personal data.Merriam-Webster sure got my attention: “The Collegiate Dictionary and Thesaurus with hundreds of thousands of entries are free, but we couldn’t do that without ads.” That’s one way to pull at the heartstrings of a professional writer. The McDonald’s app offering more ads for “food you love”? Not as compelling.

Before you see the official iOS prompt, apps may show a full screen encouraging you to opt into tracking.

PHOTO: JOANNA STERN/THE WALL STREET JOURNAL

When I asked business owners and execs in the ad industry and social media to explain why people should tap “Allow,” their answers boiled down to the following:

  • You want relevant ads. Many tracking pleas mentioned the days when our social-media feeds were full of pointless ads. “I don’t have a baby. I don’t even like babies! Why are you trying to sell me diapers?” But remember tapping this won’t make all ads—and not even all relevant ads—go away. There are still ways to deliver targeted ads without this sort of tracking.
  • You want to support small businesses. “As a consumer and mother, I get it. As a business owner, this sucks,” Erin LaCkore, a 35-year-old owner of LaCkore Couture, a small jewelry brand, told me. “There are so many more people I would be able to reach.” Facebook’s ad tools allow her and many other small businesses to carefully target people who would be interested in their products.

“When people go to make this decision, I want them to A) think of their safety but B) what you might have missed out on that you might have loved as a consumer,” she added. (My colleague Christopher Mims explored the impact on small businesses in a recent column.)

  • You want the internet to remain free. Facebook argues this move threatens the ability for apps to remain free and ad-supported. Mr. Federighi said that there was a similar response years back when Apple introduced privacy features in Safari, yet ads still appear on websites viewed in Safari.

Unsurprisingly, the vast majority of people will likely say no to tracking. AppsFlyer is a measurement firm that helps businesses evaluate ad-campaign performance. According to the company’s data, based on the early use of ATT in iOS, the opt-in rate was an average of 26% per app across nearly 550 apps. People are more likely to allow tracking with nongaming apps and brands that they trust.Whatever you decide, you can always change your mind. In that Tracking section of your Privacy settings, you can adjust your choice for each app.“People have their own sense of privacy and how important it is to them,” Mr. Federighi said. “So we will all make our personal decisions.”His personal decision? Oh, he’ll be opting out. I plan to do the same for many apps—especially ones that handle my most personal information—but I will consider it case by case, and read each pop-up with care.

Apple vs. Facebook: Why iOS 14.5 Started a Big Tech Fight
YOU MAY ALSO LIKE
UP NEXT
0:00 / 8:51
0:00
Apple vs. Facebook: Why iOS 14.5 Started a Big Tech Fight
Apple vs. Facebook: Why iOS 14.5 Started a Big Tech Fight
A new privacy feature in Apple’s iOS 14.5 requires apps to request permission to track you. And Facebook isn’t happy about it. WSJ’s Joanna Stern put Facebook CEO Mark Zuckerberg and Apple CEO Tim Cook into the ring to explain why this software update has kicked off a tech slugfest. Photo illustration: Preston Jessee for The Wall Street Journal

How This Apple IOS Feature Will Change Your iPhone Forever

Apple’s biggest mid cycle operating system update ever, iOS 14.5, is due to launch over the next few days, the iPhone maker has confirmed. The iOS 14.5 ugrade includes a barrage of cool new features, but the most outstanding by far is App Tracking Transparency (ATT)—and it will change your iPhone forever.

ATT has ruffled many feathers across the advertising industry because it effectively spells the end of the IDFA (identifier for advertisers), a unique device code that companies use to track your activity across iPhone apps and services. The iOS 14.5 privacy change hurts companies such as Facebook the most, and the social network has been protesting against ATT for months.

What exactly is ATT?

ATT is a feature that requires app makers to ask for your permission to track you across iPhone apps and services. In reality, that means after upgrading to iOS 14.5, you will see a pop-up box (see picture below), which reads: “Allow X to track your activity across other companies’ apps and websites?”You can then choose “Ask App not to Track” or “Allow.”

In iOS 14.5, if you ask the app not to track, it will lose access to the IDFA, the unique device code I mentioned earlier. Apple has also stipulated that app makers must not track iPhone users in other ways using data such as email addresses.

Why has Facebook kicked up such a fuss about ATT?

Facebook has been very vocal in its opposition to ATT since the feature was delayed from the initial launch of iOS 14.5 last year. The social network even took out full page newspaper ads to criticize Apple’s privacy move, saying it would hurt small businesses the most.It’s true the iOS 14.5 privacy change will impact small advertisers, but it is the likes of Facebook who will be impacted the most. Unlike Apple, whose business model is based around the hardware and services it sells, Facebook’s is based around advertising. Access to the IDFA has helped data-hungry Facebook to demonstrate the effectiveness of ad campaigns. You might see an ad on Facebook, then Google the company’s website and make a purchase. If you allow iPhone IDFA tracking, this data can be collected and used to measure the success of ad campaigns to improve personalized ads.Facebook says iOS 14.5’s ATT is being used by Apple to push its own business model for profit, at the expense of Facebook’s and others. Indeed, a recent Financial Times report detailed how the iPhone maker is due to dip its own toes back into mobile ads, via an expansion of its App Store ads business. There is also the argument that Apple is trying to force app developers to charge more for things such as in app purchases and subscriptions, and the iPhone maker of course takes a cut.

What does ATT mean for me and my iPhone? 

In reality, ATT is good for you and privacy on your iPhone. The reason? Transparency. Even if you choose to allow tracking, at least you have done so with the full knowledge that it is happening. Apple’s iOS 14.5 is game-changing for mobile advertising more widely too. It’s thought Google’s Android will bring in something similar, which ultimately would see internet advertising changed, for the better, forever. So the implications of ATT are great for the privacy of iPhone users, and internet and smartphone users more broadly too. Privacy experts approve of Apple’s iOS 14.5 move. Sean Wright, SME application security lead at Immersive Labs says ATT’s “a good move by Apple.”As well as making things more transparent to users, he hopes it will force app developers “to seriously consider all the data they are attempting to collect, and if they really require it.”

How do I use ATT?

Once you’ve downloaded iOS 14.5, which is coming at some point during the next week, using ATT is easy. You simply wait for the pop up to appear in each app you use and allow, or don’t allow, tracking on a per app basis.Another cool tip that you might find useful is, you can also go to your settings in iOS 14.5 and turn off tracking altogether. Just go to Settings > Privacy > Tracking > Allow Apps to Request to Track.This will be automatically toggled to “on,” but you can toggle off the ability to track altogether here. That will stop a potentially annoying pop up appearing in each iOS app you open. You can also control the apps you have allowed to track here, if you want to turn them off, or enable them to track you.

Is there anything else I need to know?

The iOS 14.5 move is massive for iPhone privacy, but you need to be aware that apps do still collect your data. Apple’s privacy labels made that clear—they were a stark reminder that Facebook owned WhatsApp collects vast amounts of information and way more than its rivals. There is a decision you make when you use free apps and services and that’s whether to give them your data. If you are not paying for the product, you are the product, after all. At the same time, Apple does say ATT applies to its own apps, and we will hopefully see this in action in iOS 14.5.Experts have pointed out that like Cookie notices, the pop up to allow tracking may get annoying, so it’s important not to just “Allow” in a bid to speed things up. If you don’t want tracking at all, you can toggle it off in the settings as I described. Jake Moore, cybersecurity specialist at ESET says: “ATT should not be ignored and viewed as yet another pop up which gently forces you to agree and accept it. This is a perfect time to allow people to reflect on their personal data and what the large corporations are doing with it. Companies such as Facebook heavily rely on iPhone users to consent to data sharing and such intrusion shouldn’t be taken lightly.” 

Should I turn iPhone IDFA tracking off for all apps?

IOS.14.5’s ATT really is an outstanding new feature and to track, or not to track, is the key question here. If you care about privacy on your iPhone, and you are uncomfortable about the data being collected about you online, ATT now gives you the means to turn that off. In iOS 14.5, the choice, as they say, is yours—and that’s the truly important thing.

Source: https://www.forbes.com/sites/kateoflahertyuk/2021/04/24/ios-145-how-this-outstanding-new-feature-will-change-your-iphone-forever/

Signal Founder May Have Been More Than a Tech Adviser to MobileCoin

  • Signal founder Moxie Marlinspike, whom MobileCoin previously described as a technical adviser, may have been more deeply involved in the cryptocurrency project.

  • An earlier, nearly identical white paper found online, which MobileCoin CEO Joshua Goldbard called „erroneous,“ lists Marlinspike as the project’s original CTO.

The founder and CEO of encrypted messaging app Signal, Moxie Marlinspike may have been the former CTO of MobileCoin, a cryptocurrency that Signal recently integrated for in-app payments, early versions of MobileCoin technical documents suggest.

MobileCoin CEO Joshua Goldbard told CoinDesk this 2017 white paper is “not something [he] or anyone at MobileCoin wrote,” though it is very nearly a verbatim precursor to MobileCoin’s current white paper. Additionally, snapshots of MobileCoin’s homepage from Dec. 18, 2017, until April 2018, list Marlinspike as one of three members of “The Team,” though his title is not given there. He is not listed as an adviser until May 2018.

The team for the self-described privacy coin has always acknowledged Marlinspike as an adviser to the project, but neither the team nor Marlinspike has ever disclosed direct involvement through an in-house role, much less one so involved as Chief Technical Officer.

If Marlinspike actually was involved as a CTO in MobileCoin’s early days, the recent Signal integration raises questions of MobileCoin’s motivation for associating itself with the renowned cryptographer, along with his own motive for aligning with the project, given the MOB team has historically downplayed this involvement.

“Signal sold out their user base by creating and marketing a cryptocurrency based solely on their ability to sell the future tokens to a captive audience,” said Bitcoin Core developer Matt Corallo, who also used to contribute to Signal’s open-source software.

A screenshot of MobileCoin’s website frontpage on Dec. 18, 2017. Marlinspike is listed as a team member until May 2018.
(Wayback Machine)

Goldbard shared another document dated Nov. 13, 2017, same as the other white paper, which does not list a team for the project. He claimed that this white paper was the authentic one and the other was not.

“Moxie was never CTO. A white paper we never wrote was erroneously linked to in our new book, ‘The Mechanics of MobileCoin.’ That erroneous white paper listed Moxie as CTO and, again, we never wrote that paper and Moxie was never CTO,” Goldbard told CoinDesk.

This book is actually the most recent “comprehensive, conceptual (and technical) exploration of the cryptocurrency MobileCoin” posted on the MobileCoin Foundation GitHub, which Goldbard describes as project’s “source of truth” and serves as the most up-to-date technical documentation for the project.

This ”real” version of the paper is nearly identical to the “erroneous” white paper except there is no mention of team members or MobileCoin’s pre-sale details. (Both white papers and current MobileCoin technical documents are embedded at the end of this article for reference.)

Goldbard said the “erroneous” white paper was accidentally added as a footnote to this latest collection of technical documents compiled by Koe, a pseudonymous cryptographer who recently joined MobileCoin’s team. That footnote also lists Marlinspike as a co-author of the paper along with Goldbard.

“He just googled it, like everyone on the internet seems to be doing today, and put [it in] as a footnote. It was an oversight. I did not notice it in my review of the book prior to publishing,” Goldbard told CoinDesk.

A metadata analysis of the papers run by CoinDesk shows that the “erroneous” paper was generated on Dec. 9, 2017, while the “real” paper was generated two days later. 

A meta analysis of MobileCoin’s disputed white paper.
(Colin Harper)
A meta analysis of MobileCoin’s „real“ white paper.
(Colin Harper)

Marlinspike declined to comment on the record about his professional relationship with MobileCoin.

A tale of two papers

In a December 2017 Wired article titled “The Creator of Signal Has a Plan to Fix Cryptocurrency,” Marlinspike went on the record as a “technical adviser,” a title CoinDesk has also used to describe his relationship with MobileCoin in the past.

“There are lots of potential applications for MobileCoin, but Goldbard and Marlinspike envision it first as an integration in chat apps like Signal or WhatsApp,” the article reads. 

It also states that “Marlinspike first experimented with [Software Guard Extensions (SGX)] for Signal.” These special (and expensive) Intel SGX chips create a “secure enclave” within a device to protect software, and MobileCoin validators require them to function (validators, as in other permissioned databases, are chosen by the foundation behind MobileCoin).

In the 2017 white paper that Goldbard disavows, Marlinspike is listed under the “team” section as CTO, with experience including being “the lead developer of Open Whisper Systems, [meaning] Moxie is responsible for the entirety of Signal,” which had just over 10 million users at the time. This same white paper describes MobileCoin’s Goldbard as a “high school dropout who thinks deeply about narratives and information systems.”

Signal’s code has historically been open source, though this changed about a year ago; code for the MobileCoin integration was added in Signal’s last beta. The nonprofit, which has five full-time employees, subsists largely on donations and has no clear revenue model, though Whatsapp co-founder Brian Acton injected $50 million into the app in 2018. A 2018 tax filing shows revenue of just over $600,000 for the fiscal year and over $100,000,000 in assets and $105,000,000 in liabilities.

MobileCoin supply and other details

The disavowed white paper also shows details of MobileCoin’s proposed distribution, which the paper says included selling 37.5 million MOB tokens (out of a 250 million supply) in a private presale at a price of $0.80 each for a total of $30 million. 

Indeed, in the spring of 2018, MOB raised $30 million from crypto exchange Binance and others in such a private presale, TechCrunch’s Taylor Hatmaker reported. Goldbard referred to the TechCrunch article when discussing MobileCoin’s financing with CoinDesk.

In a MobileCoin forum on Jan. 8, one user asked for details about MOB’s circulating supply.

“Supply: 250mill MOB; Circulating supply: impossible to know (‘circulating’ is pretty hard to define anyway),” Koe responded. MobileCoin does not currently have online tools such as a blockchain explorer to search the network for data.

One user chimed in to say that because all 250 million MOB were generated from a “premine,” or creation of maximum supply before launch, there’s no way for users to earn them through staking or mining.

“I suppose you could request donations,” Koe replied. 

Perhaps summing up the sense of betrayal the Signal community feels, one post simply reads, ‚Et tu, Signal?‘

MobileCoin’s consensus model copies Stellar’s, meaning only MobileCoin Foundation-approved nodes, which must run on a machine that uses the aforementioned Intel SGX chips, can partake in consensus. The white paper makes no references to rewards or payouts to validators from MOB supply.

MobileCoin Token Services, an affiliate of the MobileCoin Foundation, is currently selling MOB (presumably the remaining coins that did not sell in the presale) to non-U.S. investors by taking orders over email. 

MOB, for now, trades on FTX  and Bitfinex, two popular crypto exchanges, and a few smaller venues.

When the coin began trading in January, it first listed for around $5. Now, it’s worth about $55 (which, assuming a supply of 250 million MOB, gives the coin roughly the same market cap as Chainlink or Litecoin, the 10th and 9th most value cryptoassets by market cap). The coin clocked over $15 million in volume over the past 24 hours between FTX and Bitfinex, according to exchange data.

Speaking to the coin’s design, the founder of privacy coin monero (XMR, +2.85%), Richard Spagni, claimed that MobileCoin uses the privacy building blocks of his project’s source code for its own design without giving credit.

Who is Moxie Marlinspike?

Something of a legend in cryptography circles, Marlinspike began working on Signal in 2014 after founding Open Whisper Systems in 2013. Before this, he served as Twitter’s head of security after his 2010 startup, Whisper Systems, was acquired by the social network in 2011.

His only on-the-record professional relationship with MobileCoin comes from his technical advisory role, which he took on in late 2017 at the height of bitcoin’s last bull market and its accompanying initial coin offering bubble. 

Reporting on the project in 2019, the New York Times’ Nathaniel Popper and Mike Isaac originally wrote that “Signal … has its own coin in the works” before amending the article to clarify that “MobileCoin will work with Signal, but it is being developed independently of Signal.” The correction seems to typify the shifting narrative of Marlinspike’s and MOB’s relationship across various records. (Wired’s 2017 coverage, for example, says that “The Creator of Signal Has a Plan to Fix Cryptocurrency.”)

“I think usability is the biggest challenge with cryptocurrency today,” Marlinspike told Wired in the December 2017 article. “The innovations I want to see are ones that make cryptocurrency deployable in normal environments, without sacrificing the properties that distinguish cryptocurrency from existing payment mechanisms.”

Signal’s own users are less convinced.

The app’s Reddit page is plastered with submissions complaining about the decision to add MOB, with many confused as to why Signal would integrate a coin in the first place, let alone one that isn’t very well known (and which only went live this year).

“Using your messenger service to sit on the blockchain hype for no good reason, bloat a clean messenger app and introduce privacy concerns was more than unnecessary,” one post reads.

Perhaps summing up the sense of betrayal the Signal community feels, one post simply reads, “Et tu Signal?”

Speaking on Moxie’s involvement and the app’s decision to add MOB, Anderson Kill partner Stephen Palley said, “I can’t speak to the discrepancy between investor materials and what you’re being told, but I don’t necessarily judge them for wanting to make a buck after years of providing great open-source software basically for free.”

Signal first out the gate (but tripping)

Other messaging apps like Telegram and Kik have tried and failed to launch in-app cryptocurrency payments by rolling their own coins. Both attempts were promptly quashed by regulators. Encrypted messaging app Keybase was the first messaging app to add cryptocurrency payments when it integrated Stellar’s XLM (+14.33%) in 2018.

Given Facebook’s ownership of WhatsApp, its involvement in the Libra coin project (now known as Diem) may be seen as a similar attempt.

Oddly, Signal’s addition of MobileCoin is the first instance of a messaging app actually pulling off a crypto integration. 

The question now is how many of Signal’s 50 million users, many of whom aren’t crypto enthusiasts, will use it.

Read the official and disputed MobileCoin white papers below:

https://www.scribd.com/embeds/502074292/content?start_page=undefined&view_mode=undefined&show_recommendations=undefined

https://www.scribd.com/embeds/502074632/content?start_page=undefined&view_mode=undefined&show_recommendations=undefined

https://www.scribd.com/embeds/502244393/content?start_page=undefined&view_mode=undefined&show_recommendations=undefined

Source: https://www.coindesk.com/signal-founder-may-have-been-more-than-tech-adviser-mobilecoin

Marlinspike argues, Signal didn’t enable those criminals, but instead simply made their tools available to more casual, non-criminal users.

Source: https://www.wired.com/story/signal-mobilecoin-payments-messaging-cryptocurrency/

 

Signal Adds a Payments Feature—With a Privacy-Focused CryptocurrencyThe encrypted messaging app is integrating support for MobileCoin in a bid to keep up with the features offered by its more mainstream rivals.

Money goes into one phone and out another.MobileCoin will bring payments to Signal, but also added complexity and potential regulation. Illustration: Elena Lacey

To try to tame that volatility problem, Marlinspike and Goldbard say they imagine adding a feature in the future that will automatically exchange users‘ payments in dollars or another more stable currency for MobileCoin only when they make a payment, and then exchange it back on the recipient’s side—though it’s not yet clear if those trades could be made without leaving a trail that might identify the user. „There’s a world where maybe when you receive money, it can optionally just automatically settle into a pegged thing,“ Marlinspike says. „And then when you send money it converts back out.“The mechanics of how MobileCoin works to ensure its transactions‘ privacy and anonymity are—even for the world of cryptocurrency—practically a Rube Goldberg machine in their complexity. Like Monero, MobileCoin uses a protocol called CryptoNote and a technique it integrates known as Ring Confidential Transactions to mix up users‘ transactions, which makes tracing them vastly far more difficult and also hides the amount of transactions. But like Zcash, it also uses a technique called zero-knowledge proofs—specifically a form of those mathematical proofs known as Bulletproofs—that can guarantee a transaction has occurred without revealing its value.On top of all those techniques, MobileCoin takes advantage of the SGX feature of Intel processors, which is designed to allow a server to run code that even the server’s operator can’t alter.

MobileCoin uses that feature to ensure that servers in its network are deleting all lingering information about the transactions they carry out after the fact and leave only a kind of cryptographic receipt that proves the transaction occurred. Goldbard compares the entire process of a MobileCoin transaction to depositing a check at a bank, but one in which the check’s amount is obscured and it’s mixed up in a bag with nine other checks before it’s handed to a robotic bank teller. After handing back a deposit slip that proves the check was received, the robot shreds all 10 checks. „As long as SGX is working as promised, you can prove every robot cashier is working the same way and shredding every check,“ Goldbard says. And even if Intel’s SGX fails—security researchers have found numerous vulnerabilities in the feature over the last several years—Goldbard says that MobileCoin’s other privacy features still reduce any ability to identify users‘ transactions to low-probability guesses.If MobileCoin’s privacy promises hold true, Marlinspike says he hopes the cryptocurrency can help Signal reverse a troubling trend toward financial surveillance. If successful, Signal’s use of MobileCoin will also face the same hurdles and critiques that surround all privacy-preserving cryptocurrencies. Any technology that offers a way to anonymously spend money raises the specter of black market uses—from drug sales to money laundering to the evasion of international sanctions—along with the accompanying crush of financial regulations. And that means integrating MobileCoin could expose Signal to new regulatory risks that don’t apply to mere encrypted communications.

„I think it’s phenomenal from a civil liberties perspective,“ says Marta Belcher, a privacy-focused cryptocurrency lawyer who serves at special counsel at the Electronic Frontier Foundation. But Belcher points to a coming wave of regulation to control exactly the sort of anonymous cryptocurrency transactions Signal hopes to enable, including a new „enforcement framework“ the Justice Department published last fall and new regulations from FinCEN that could force more players in the cryptocurrency industry to collect identification details of users. „Anyone who’s dealing with cryptocurrency transactions, especially private cryptocurrency transactions, should be really concerned about all of these proposals and the government pushing financial surveillance to cryptocurrency,“ Belcher says.Matt Green, a cryptographer at Johns Hopkins University, puts it in starker terms.

„I’m terrified for Signal,“ says Green, who helped develop an early version of Zcash and now sits on the Zcash Foundation board as an unpaid member. „Signal as an encrypted messaging product is really valuable. Speaking solely as a person who is really into encrypted messaging, it terrifies me that they’re going to take this really clean story of an encrypted messenger and mix it up with the nightmare of laws and regulations and vulnerability that is cryptocurrency.“But Marlinspike and Goldbard counter that Signal’s new features won’t give it any control of MobileCoin or turn it into a MobileCoin exchange, which might lead to more regulatory scrutiny. Instead, it will merely add support for spending and receiving it. „The regulatory landscape is complicated, but there are ways to do privacy-protecting payments safely,“ says Goldbard. „To be frank, there’s a moral imperative to do so, because Signal has to offer payments in order to remain competitive with the world’s top messaging apps.“As for the possibility of enabling dangerous criminals and money launderers, Marlinspike offers an answer that mirrors one he’s long given for encrypted communications. Just as criminals used encryption for decades before Signal, they’ve used anonymous cryptocurrencies for years before Signal added MobileCoin payments as a feature.

For those criminals, the threat of law enforcement made using even clunky, tough-to-use tools necessary. By making those secure communications and payments easier, Marlinspike argues, Signal didn’t enable those criminals, but instead simply made their tools available to more casual, non-criminal users.“With Signal, we didn’t invent cryptography. We’re just making it accessible to people who didn’t want to cut and paste a lot of gobbledegook every time they sent a message,“ Marlinspike says. „I see a lot of parallels with this. We’re not inventing private payments…Privacy preserving cryptocurrencies have existed for years and will continue to exist. What we’re doing is just, again, a part of trying to make that accessible to ordinary people.“

 

How you farewell a Facebook account. And what you can do next

If the lack of news is a deal-breaker for your use of Facebook, how can you delete your account – and what are the consequences?

 

With Facebook blocking all news pages and links from its Australian service, some people will be weighing up how they’ll continue to use the social media platform.

Facebook is ubiquitous, and for many of us serves as a link to our friends, family, events, photos and memories. After Facebook’s snap decision on Thursday to block Australians from seeing news articles on its platform, some users began experimenting with loopholes to continuing sharing news, even resorting to breaking up the text in creative ways or using pictures of cats when posting news stories, to throw Facebook off the scent. But in the hours since, those loopholes appear to have been closed.

Is the lack of news a deal-breaker for your use of Facebook? If so, how will you go about deleting your account – and what are the consequences? And are there good alternatives for services that serve news to you?

How will I get my news?

If you previously relied mostly on Facebook for news it’s time to find an alternative, and the service(s) you choose will depend on how you like to consume your content.

If you’re moving to a new social media network, Twitter is an obvious choice. On Twitter, as with Facebook, you get to pick your friends, companies, personalities and outlets, and see their updates in a feed. A lot of news outlets post the same stories to Facebook and Twitter, and may even be more active on the latter now Facebook is out. One advantage of Twitter is you can follow a wide variety of news without crowding your feed too much. For example, you can save curated lists of people and outlets, say, by topic or friend group, to keep things separated. Or you can save specific searches so you’re always up to date on a specific topic or hashtag (those little phrases starting with # that people use to categorise comments, like #auspol for Australian politics).

 

You could also try Reddit or Discord, if you’re more into discussing the news with a like-minded community.

If you’re sticking with Facebook to keep up with friends, you might just want a straight news service or aggregator to get the latest headlines. Google News is available on every type of device and is good for either skimming the headlines or diving deep into a topic. It has curated “top stories”, suggestions based on your tastes, and you can save favourite sources and topics to a custom feed. On mobile phones, a News Showcase feature lets you read some usually paywalled stories for free. Apple News is similar if you solely use Apple devices, though its premium offering Apple News+ is more curated and you need to pay for it.

For a more DIY option you can collect things called RSS Feeds, which show you every article published on a given website, but they can be messy. Some more advanced RSS reading services, like Feedly, make it easier to create your own news service.

Finally, you can always go directly to the outlets you like. Bookmark the topic pages on websites you’re interested in, or many news outlets also offer newsletters, podcasts and apps to make accessing news more convenient.

What happens to my photos and posts if I delete Facebook?

If you’ve been on the social network for years you might wonder what the repercussions would be if you deleted that app and nuked your account. And the truth is, depending on how you’ve used it, there can be consequences.

 

Completely deleting your Facebook account will delete all the posts and photos you’ve shared on the service, and remove you from conversations and posts on other people’s Facebook feeds. You will no longer be able to use Facebook Messenger or access any conversations you had there.

If you used Facebook to sign up to other services, such as Spotify or Instagram, you may find it difficult to access them once your account is deleted. Facebook hardware products, such as Portal smart displays and Oculus VR (virtual reality) headsets, require a Facebook account for most functions. In the case of Oculus, you could lose any games you paid for if you delete Facebook.

After 30 days your Facebook account data becomes unrecoverable, although Facebook says it may take 90 days until all your data is gone from its servers.

So how do I do it without losing all my stuff?

For a less nuclear option you can “deactivate” your account; in which case the company keeps your data and you can still use Messenger. Other apps and websites can still log you in with Facebook, and you can reinstate your account in the future.

So if you’re removing yourself from Facebook, you first have to decide whether you’d like the option to come back later. If you do, you should choose a deactivation. If not, you want a deletion. Either way you will go to the same place.

How do you delete or deactivate a Facebook account?

On a computer:

  1. Log in to Facebook and hit the triangle at the top right of the page.
  2. Click on Settings and Privacy, and then Settings.
  3. Click on Your Facebook Information, and then Deactivation or Deletion.

On the mobile app:

  1. Tap the three horizontal lines at the bottom (iPhone) or top (Android) right of the screen.
  2. Scroll down and tap Settings and Privacy, and then Settings.
  3. Scroll down and tap Account Ownership and Control, then Deactivation and Deletion. See below for how to recoup your old posts, including photos.

Deactivation is as simple as entering your password and confirming a few times, but if you’re deleting your account and want to keep your stuff there are a few loose ends to tie up first.

When leaving Facebook, you have a choice of a deactivation where Facebook keeps all your data, or a total deletion that locks you out for good.

When leaving Facebook, you have a choice of a deactivation where Facebook keeps all your data, or a total deletion that locks you out for good.

Facebook can send your photos and videos directly to another service, such as Dropbox or Google Photos. Or, alternatively, you can download and store any or all information from your Facebook account. This can take some time if you want to keep everything, as it might include years of posts, photos, videos, comments, messages, event details and group discussions, marketplace listings, location information and advertising data. To do either of these things, follow the steps above but at step three choose Transfer a Copy of Your Photos, or Download Your Information.

How do you access Instagram if you’ve ditched Facebook?

Next, you’ll want to make sure you can still access other services. You can keep using Instagram after a Facebook deletion but you may need to make some changes. Before deleting Facebook go to Instagram’s settings, hit Accounts Center, then Logging in Across Accounts, and make sure it’s turned off. If you originally signed up to Instagram via Facebook, this will prompt you to create a password. Now your Instagram and Facebook accounts are separated – but be aware they are the same company and do share your data.

 

As for non-Facebook apps and services you used Facebook to sign up for, most will have an option in their settings to choose a different login or unlink from Facebook. If you’re unsure if this applies to any services you use, go to Facebook’s settings and hit Apps and Websites to see a list of services you’ve linked to Facebook.

What are some other services for sharing photos?

Google Photos and Apple iCloud are services you may already be using to back up pics from your phone. But you can also use them to share pictures with others, tag people and make comments. If you’re specifically wanting to share photos of the kids you can set up shared folders in Google Photos that do this automatically. Tinybeans is another good app specifically made for sharing photos of kids with family members and friends.

If you’re deleting Facebook entirely and want a Messenger replacement, Signal is probably closest since it’s secure and has seamless integration between mobile and web. You could say the same for WhatsApp, but if you’re completely expunging Facebook from your life that’s a no-go. If you need all the goofy stickers and video chat features, your phone’s default iMessage or Android Messenger is as good as you may get.

Groups and events are the hardest Facebook features to replace, as it can feel like you’re going to miss out if you’re not on Facebook. But there are alternatives, just make sure you have a phone number and/or active email for each of your friends before you leave. Paperless Post is a good service that lets you create events, send invites and track RSVPs, and you can always create a group chat on your messaging platform of choice.

Source: https://www.smh.com.au/technology/how-you-farewell-a-facebook-account-and-what-you-can-do-next-20210219-p573wy.html