The ugly truth: tech companies are tracking and misusing our data, and there’s little we can do

The ugly truth: tech companies are tracking and misusing our data, and there’s little we can do

While leaks and whistleblowers continue to be valuable tools in the fight for data privacy, we can’t rely on them solely to keep big tech companies in check. SHUTTERSTOCK
Suranga Seneviratne, University of Sydney

As survey results pile, it’s becoming clear Australians are sceptical about how their online data is tracked and used. But one question worth asking is: are our fears founded?

The short answer is: yes.

In a survey of 2,000 people completed last year, Privacy Australia found 57.9% of participants weren’t confident companies would take adequate measures to protect their data.

Similar scepticism was noted in results from the 2017 Australian Community Attitudes to Privacy Survey of 1,800 people, which found:

• 79% of participants felt uncomfortable with targeted advertising based on their online activities

• 83% were uncomfortable with social networking companies keeping their information

• 66% believed it was standard practice for mobile apps to collect user information and

• 74% believed it was standard practice for websites to collect user information.

Also in 2017, the Digital Rights in Australia report, prepared by the University of Sydney’s Digital Rights and Governance Project, revealed 62% of 1,600 participants felt they weren’t in control of their online privacy. About 47% were also concerned the government could violate their privacy.

The ugly truth

Lately, a common pattern has emerged every time malpractice is exposed.

The company involved will provide an “opt-out” mechanism for users, or a dashboard to see what personal data is being collected (for example, Google Privacy Checkup), along with an apology.

If we opt-out, does this mean they stop collecting our data? Would they reveal collected data to us? And if we requested to have our data deleted, would they do so?

To be blunt, we don’t know. And as end users there’s not much we can do about it, anyway.

When it comes to personal data, it’s extremely difficult to identify unlawful collections among legitimate collections, because multiple factors need to be considered, including the context in which the data is collected, the methodology used to obtain user consent, and country-specific laws.

Also, it’s almost impossible to know if user data is being misused within company bounds or in business-to-business interactions.

Despite ongoing public outcry to protect online privacy, last year we witnessed the Cambridge Analytica scandal, in which a third party company was able to the gather personal information of millions of Facebook users and use it in political campaigns.

Earlier this year, both Amazon and Apple were reported to be using human annotators to listen to personal conversations, recorded via their respective digital assistants Alexa and Siri.

Read more: What if the companies that profit from your data had to pay you?

More recently, a New York Times article exposed how much fine granular data is acquired and maintained by relatively unknown consumer scoring companies. In one case, a third-party company knew the writer Kashmir Hill used her iPhone to order chicken tikka masala, vegetable samosas, and garlic naan on a Saturday night in April, three years ago.

At this rate, without any action, scepticism towards online privacy will only increase.

History is a teacher

Early this year, we witnessed the bitter end of the Do-Not-Track initiative. This was proposed as a privacy feature where requests made by an internet browser contained a flag, asking remote web servers to not track users. However, there was no legal framework to force web server compliance, so many web servers ended up discarding this flag.

Many companies have made it too difficult to opt-out from data collections, or request the deletion of all data related to an individual.

For example, as a solution to the backlash on human voice command annotation, Apple provided an opt-out mechanism. However, doing this for an Apple device is not straightforward, and the option isn’t prominent in the device settings.

Also, it’s clear tech companies don’t want to have opting-out of tracking as users’ default setting.

It’s worth noting that since Australia doesn’t have social media or internet giants, much of the country’s privacy-related debates are focused on government legislation.

Are regulatory safeguards useful?

But there is some hope left. Some recent events have prompted tech companies to think twice about the undeclared collection of user data.

For example, a US$5 billion fine is on air for Facebook, for its role in the Cambridge Analytica incident, and related practices of sharing user data with third parties. The exposure of this event has forced Facebook to take measures to improve its privacy controls and be forthcoming with users.

Similarly Google was fined EU$50 million under the General Data Protection Regulation by French data regulator CNIL, for lack of transparency and consent in user-targeted ads.

Like Facebook, Google responded by taking measures to improve the privacy of users, by stopping reading our e-mails to provide targeted ads, enhancing its privacy control dashboard, and revealing its vision to keep user data in devices rather than in the cloud.

Read more: Imagine what we could learn if we put a tracker on everyone and everything

No time to be complacent

While it’s clear current regulatory safeguards are having a positive effect on online privacy, there is ongoing debate about whether they are sufficient.

Some have argued about possible loopholes in the European Union’s General Data Protection Regulation, and the fact that some definitions of legitimate use of personal data leave room for interpretation.

Tech giants are multiple steps ahead of regulators, and are in a position to exploit any grey areas in legislation they can find.

We can’t rely on accidental leaks or whistleblowers to hold them accountable.

Respect for user privacy and ethical usage of personal data must come intrinsically from within these companies themselves.

Read more: If you’ve given your DNA to a DNA database, US police may now have access to it The Conversation

Suranga Seneviratne, Lecturer – Security, University of Sydney

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Posted in Uncategorized | Leave a comment

Treasurer Frydenberg to announce $520 million fund for small businesses investment

Treasurer Frydenberg to announce $520 million fund for small businesses investment

The new fund will put up 10% to 40% of capital investments by businesses. Shutterstock
Michelle Grattan, University of Canberra

A new fund to provide small businesses with an alternative source of financing will be set up with a A$100 million contribution from the government.

The fund will have an initial investment capacity of more than $500 million, with the aim of that growing to $1 billion.

The government has agreed to terms with the four big banks – CBA, ANZ, NAB and Westpac – and HSBC to establish the fund, called the Australian Business Growth Fund. It will be formally announced by treasurer Josh Frydenberg at an Australian Chamber of Commerce and Industry dinner on Wednesday night.

Each bank will contribute $100 million and HSBC will put in $20 million. The government is also talking to other financial institutions to have them invest.

The fund was promised at the election.

It will offer established Australian small-to-medium enterprises in both metropolitan and regional areas patient capital and strategic support to help them grow.

Fund investment could be used, for example, by a small business to invest in equipment to expand its operations, or to extend into another state or region.

These businesses will be eligible for long term equity capital investments of between $5 million and $15 million, where they have generated annual revenue of between $2 million and $100 million and can show three years of revenue growth and profitability.

The fund’s investment stake will be between 10% and 40%.

This level is set to enable the business’s owners to maintain their controlling interest, while giving the fund adequate influence. The support provided will be non-financial as well as financial. The non-financial assistance will include strategic advice, mentoring, talent management and network referrals.

The fund will operate commercially and be independent of the government and the banks that participate. Investment decisions will be made by professional managers and performance will be assessed on a fully commercial basis.

Participating banks will be able to refer customers to the fund when equity financing might be more suitable than debt funding.

Frydenberg said: “Small businesses are the engine room of the Australian economy and access to a range of funding sources, including equity, is crucial for a thriving SME sector”.

The government sees the fund as filling a gap in the market for small and family businesses, which need better access to patient capital to grow. Patient equity capital funds in the United Kingdom and Canada have shown the benefits of this type of financing.

In his speech Frydenberg will say that “with nine out of every ten jobs being in the private sector, it is critical that government and business work effectively together.

“An area of key focus for the government is backing small and medium sized businesses who together employ more than seven million Australians. These businesses are central to every sector of the economy”.

“While there are many important issues affecting small business, including regulation, tax, skills and infrastructure, one that is also front of mind is access to the necessary capital to enable the business to innovate and grow.

“It is a point acknowledged by the Reserve Bank who has said of small business ‘it is not the absence of entrepreneurial spirit, it’s the absence of entrepreneurial finance that’s been the main factor holding that part of the economy back’.

“This is echoed by SMEs themselves, with 35% of respondents in November’s Sensis survey saying it is relatively difficult to access finance”.The Conversation

Michelle Grattan, Professorial Fellow, University of Canberra

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Posted in Business Investigations | Leave a comment

Does our child protection system cause young people to commit crimes? The evidence suggests so

Does our child protection system cause young people to commit crimes? The evidence suggests so

If a child commits an offence while in the care of the state, questions should be asked about the quality of care and supervision being provided. Shutterstock
Tamara Walsh, The University of Queensland

Removing a child from their home for their own protection should be an absolute last resort. Before we remove a child, we should be sure that we can offer them a safer, more nurturing alternative – their new home should improve their current circumstances and their life chances.

Yet, for a significant proportion of children who end up in out of home care, this is not happening. Many children are being charged with criminal offences while they are in the “care” of the state.

The Australian Institute of Health and Welfare recently reported that 50% of young people under youth justice supervision in Australia have also received child protection services.

The link is even more prevalent in Queensland – the Independent Review into Youth Detention reported in 2017 that 76% of children in the youth justice system are known to the child safety department.

The Northern Territory Royal Commission also found children on child protection orders are five times more likely to commit an offence than other children.

And my research has found the chain of causation goes in one direction in these matters: children come into the child protection system first and then commit offences, not the other way around.

Read more: Nothing to see here? The abuse and neglect of children in care is a century-old story in Australia

Does out of home care lead to offending?

If a child commits an offence while in the care of the state, questions should be asked about the quality of care and supervision being provided. Is the care environment somehow causing the criminal behaviour? Or is the association just coincidental?

It could be coincidental, in the sense that young people who interact with both the child protection and youth justice systems share certain characteristics.

Many suffer from mental health or behavioural conditions, are homeless or have experienced trauma or abuse. Indigenous children are also more likely to be known to child protection services, and more likely to appear before the criminal courts.

Yet, international research suggests the nature of a child’s placement influences their chances of offending. Research from the US has also found that children who are known to child protection services but remain at home are less likely to offend than those who are placed in out of home care.

Read more: The problem with child protection isn’t the money, it’s the system itself

It is all too easy to conclude these kids are just “troubled” or even “bad”. We might assume since they come from difficult homes, and they have psycho-social problems, this trajectory is inevitable.

But my research suggests there is more to this story. I interviewed 24 Brisbane-based lawyers and youth workers who deal with children who “cross over” between child protection and youth justice.

They overwhelmingly agreed the child protection system itself is leading many children to commit offences.

Charges for minor offences

The criminal charges these children receive appear to be unnecessary and avoidable. According to my interview subjects, many children who commit offences are driven by necessity.

For example, many children are charged with public transport fare evasion. Others are charged with shoplifting. These offences arise directly out of material disadvantage, but this is happening while they are supposed to be being in the care of the state. Why don’t they have transport cards? Why do they feel the need to steal food or clothing?

My participants said other charges result from the trauma or mental health conditions these children are dealing with. They described situations where their young clients had been charged with wilful damage for punching a wall, or assault for lashing out at a carer.

As one lawyer said,

This doesn’t happen in an ordinary family home – you don’t call the police because there’s a hole in the wall.

Other types of offending involved trivial incidents that really just amounted to “kids being kids”.

My participants described situations where children were charged with theft for taking food out of the fridge, assault for whacking each other with tea towels, wilful damage for knocking down a locked bathroom door to use the toilet, break and enter for “breaking into” their own house, and trespass for bringing in a friend.

Read more: How resilience can break the link between a ‘bad’ childhood and the youth justice system

Importantly, the lawyers and social workers I interviewed emphasised that most often, the children who are charged with offences are living in residential care settings, rather than foster care situations.

Residential care is a placement option where children live in share houses in the community that are staffed by youth workers around the clock. These units house some of Australia’s most vulnerable children. Yet, the youth workers who staff them are often young themselves, and under-skilled.

What these kids most often need is a nurturing, home-like environment, but the youth workers may lack the life experience necessary to provide this. Calling police becomes a fall-back option to deal with difficult situations.

Better environments for troubled children

These children have fallen through all the cracks of the systems that should have supported them: family, education and child protection. Often, every adult in their lives has let them down.

As the UK criminologist Claire Taylor has said, we need to be “ambitious” on behalf of these children. They need, and have a legal right to, the best possible start the community can give them.

If we remove them from an “unsafe” environment, we must ensure we are placing them into a safe one – one where they will not be vulnerable to offending or criminal charges but rather will be nurtured and supported.

As one youth worker told me,

it sounds a bit corny, but I reckon it all comes back to love – the offending and stuff is just a symptom.The Conversation

Tamara Walsh, Professor, The University of Queensland

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Posted in Uncategorized | Leave a comment

A handsome soldier with a ‘medical bill’: how romance scammers make you fall in love with them

A handsome soldier with a ‘medical bill’: how romance scammers make you fall in love with them

Natalie Gately, Edith Cowan University and James McCue, Edith Cowan University

Maria Exposto, a Sydney grandmother who fell victim to a romance scam and became an unwitting drug mule, couldn’t have known what was before her when she left Australia to sign documents for her fiancé so he could retire and marry her.

At 50-years-old, Exposto had fallen for a widowed special forces soldier doing his bit for his country.

They have never met, which was easily explained – he was deployed in Afghanistan. She described being “blindly in love” with a man who wooed her online, serenading her with love songs and long, deep conversations.

Exposto recently walked free after facing a death sentence in Malaysia for attempting to smuggle a kilogram of ice five years ago. Since she was caught, she has maintained she was a victim of a romance scam.

Read more: From catfish to romance fraud, how to avoid getting caught in any online scam

Sadly, Exposto’s story is not unique. Like Exposto, victims of romance scams tend to be between 45 to 54-years-old, impulsive, respond to elaborate stories and are well-educated.

Romance scammers prey on people to build a relationship and defraud their victims. They are clever, well organised and have a number of tried techniques that make them highly successful.

The extreme emotional ties formed can make victims easy to manipulate and leave them vulnerable to knowingly or unknowingly engaging in criminal activity.

More than 10 million Australians are exposed to at least one personal fraud scam each year.

And with more than 3.5 million Australians using Tinder alone, the opportunities for romance scammers is growing rapidly. In fact, online dating fraud rose by 150% in a year from 2011, with criminals recognising the opportunities to exploit those looking for a partner.

Scammers are in for the long haul

In Exposto’s case, the “relationship” had been ongoing for more than a year. This is not surprising, as romance scammers are in for the long haul and see the process as a long term investment to establish intimacy and trust. They often use teams of people to “hook” and “woo” the victim.

Scammers typically fake profiles with stolen photographs, often mimicking army officers, and frequently create a story of tragic or desperate circumstances. Armed force identities are common, as it easily explains their inability to meet in person.

Could the handsome military officer’s picture actually come from a stock image website? It’s a good idea to reverse image search the photo of your online partner. Shutterstock

It’s this willingness of the scammer to engage in a prolonged, sustained interaction that creates the belief the relationship is “real” and leading to something more permanent.

Eventually, the scammer has ensnared a person who has heavily invested in the relationship, has a strong emotional attachment and has been groomed to believe they “know and understand” their partner.

After the bond is established, scammers frequently request money to pay fictitious medical bills, help partners out of dangerous situations or pay for tickets.

Money mules

In some cases, victims can become involved in illegal activities including money laundering and bank fraud, and are at risk of being charged. These types of victims are often referred to as “money mules”.

Read more: How to get away with fraud: the successful techniques of scamming

And “mule recruitment” is when the scammer attempts to get a person to receive stolen funds and then transfer those funds to criminals overseas.

Many victims of fraud related crimes can also suffer their own financial loss, on top of facing the sudden loss of, what was to them, an important and significant intimate relationship – a “double hit”.

Victims have described the loss of the relationship as more devastating than their financial loss.

Shame and humiliation

Their experience is more psychologically damaging than other types of fraud, and is often compounded by a total lack of understanding from family and friends.

Some victims remain in denial and are unable to accept the scam or separate the fake identity with a criminal. Some realise they’ve exposed themselves or performed sexual acts online, and feel humiliated and violated. They report feeling depressed, and even suicidal.

Read more: More than just money: getting caught in a romance scam could cost you your life

And victims have said they lost trust in others, severed social ties, and suffered a lower sense of self-worth and confidence.

This social withdrawal and isolation can make victims vulnerable to a second wave of the scam, believing their online partners excuses or explanations that they really are “real”.

But victims don’t often receive social support, reporting that family, friends and colleagues thought they were stupid, or were angry with them because of the financial loss, such as losing inheritance.

Many victims keep their experience a secret or don’t disclose the entire story for fear of these types of reactions.

How can you avoid being duped?

There are ways you can avoid being scammed by a one-sided romance.

Read and take heed of the instructions on dating websites. Most have clear guidelines of how to avoid online fraud, such as being suspicious about early declarations of love, requesting or receiving money.

It’s also a good idea to use their photos to do some sleuthing online, and see what information pops up when you do a reverse image search on Google. Look for any inconsistencies, see if what they’ve told you about themselves adds up.

Read more: Why we need to do more for the victims of online fraud and scams

You can also run their email address through which lists names of known scammers.

And if you become aware a friend or family member has been victimised, remember it’s a time to provide support and understanding to break the isolation, allowing the victim to grieve over the lost relationship, rebuild their self-esteem, and try again.The Conversation

Natalie Gately, Criminology Courses Coordinator, Edith Cowan University and James McCue, Lecturer in Psychology and Criminology, Edith Cowan University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Posted in Private Investigations | Leave a comment

The ACCC is suing Google over tracking users. Here’s why it matters

Katharine Kemp, UNSW

The Australian Competition and Consumer Commission (ACCC) today announced it is suing Google for misleading consumers about its collection and use of personal location data.

The case is the consumer watchdog’s first move against a major digital platform following the publication of the Digital Platforms Inquiry Final Report in July.

The ACCC follows regulators in countries including the US and Germany in taking action against the way “tech giants” such as Google and Facebook harvest and exploit their users’ data.

What did Google do?

ACCC Chair Rod Sims said Google “collected, kept and used highly sensitive and valuable personal information about consumers’ location without them making an informed choice”.

The ACCC alleges that Google breached the Australian Consumer Law (ACL) by misleading its users in the course of 2017 and 2018, including by:

  • not properly disclosing that two different settings needed to be switched off if consumers did not want Google to collect, keep and use their location data

  • not disclosing on those pages that personal location data could be used for a number of purposes unrelated to the consumer’s use of Google services.

Some of the alleged breaches can carry penalties of up to A$10 million or 10% of annual turnover.

A spokesperson for Google is reported to have said the company is reviewing the allegations and engaging with the ACCC.

The two separate settings that users needed to change to disable location tracking. Android screenshots, Author provided

Turning off “Location History” did not turn off location history

According to the ACCC, Google’s account settings on Android phones and tablets would have led consumers to think changing a setting on the “Location History” page would stop Google from collecting, keeping and using their location data.

The ACCC says Google failed to make clear to consumers that they would actually need to change their choices on a separate setting titled “Web & App Activity” to prevent this location tracking.

Location data is used for much more than Google Maps

Google collects and uses consumers’ personal location data for purposes other than providing Google services to consumers. For example, Google uses location data to work out demographic information, target advertising, and offer advertising services to other businesses.

Digital platforms increasingly track consumers online and offline to create highly detailed personal profiles on each of us. These profiles are then used to sell advertising services. These data practices create risks of criminal data breaches, discrimination, exclusion and manipulation.

Read more: Here’s how tech giants profit from invading our privacy, and how we can start taking it back

Concealed data practices under fire around the world

The ACCC joins a number of other regulators and consumer organisations taking aim at the concealed data practices of the “tech giants”.

This year, the Norwegian Consumer Council published a report – Deceived by Design – which analysed a sample of Google, Facebook and Microsoft Windows privacy settings. The conclusion: “service providers employ numerous tactics in order to nudge or push consumers toward sharing as much data as possible”.

The report said some aspects of privacy policies can be seen as “dark patterns”, or “features of interface design crafted to trick users into doing things that they might not want to do”.

In Canada, an investigation into how Facebook gets consent for certain data practices by the Office of the Privacy Commissioner of Canada was highly critical.

It found that the relevant data use policy “contained blanket statements referencing potential disclosures of a broad range of personal information, to a broad range of individuals or organisations, for a broad range of purposes”. The result was that Facebook users “had no way of truly knowing what personal information would be disclosed to which app and for what purposes”.

Is Facebook next?

The ACCC was highly critical of the data practices of a number of large digital platforms when the Final Report of the Digital Platforms Inquiry was published in July this year. The platforms included included Facebook, WhatsApp, Twitter and Google.

The report was particularly scathing about privacy policies which were long, complex, difficult to navigate and low on real choices for consumers. In its words, certain common features of digital platforms’ consent processes

leverage digital platforms’ bargaining power and deepen information asymmetries, preventing consumers from providing meaningful consents to digital platforms’ collection, use and disclosure of their user data.

The report also stated the ACCC was investigating whether various representations by Google and Facebook respectively would “raise issues under the ACL”.

The investigations concerning Facebook related to representations concerning its sharing of user data with third parties and potential unfair contract terms. So far no proceedings against Facebook have been announced.

Read more: 94% of Australians do not read all privacy policies that apply to them – and that’s rational behaviour

Will this change anything?

While penalties of up to A$10 million or 10% of annual turnover (in Australia) may sound significant, last year Google made US$116 billion in advertising revenue globally.

In July, the US Federal Trade Commission settled with Facebook on a US$5 billion fine for repeatedly misleading users about the fact that personal information could be accessed by third-party apps without the user’s consent, if a user’s Facebook “friend” gave consent. Facebook’s share price went up after the FTC approved the settlement.

But this does not mean the ACCC’s proceedings against Google are a pointless exercise. Aside from the impact on Google’s reputation, these proceedings may highlight for consumers the difference between platforms which have incentives to hide data practices from consumers and other platforms – like the search engine DuckDuckGo – which offer privacy-respecting alternatives.The Conversation

Katharine Kemp, Senior Lecturer, Faculty of Law, UNSW, and Co-Leader, ‘Data as a Source of Market Power’ Research Stream of The Allens Hub for Technology, Law and Innovation, UNSW

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Posted in Private Investigations | Leave a comment