Kenya Insights

Tag: Privacy

  • Apple To Scan U.S iPhones For Images Of Child Pornography

    Apple To Scan U.S iPhones For Images Of Child Pornography

    Apple unveiled plans to scan U.S. iPhones for images of child sexual abuse, drawing applause from child protection groups but raising concern among some security researchers that the system could be misused by governments looking to surveil their citizens.

    Apple said its messaging app will use on-device machine learning to warn about sensitive content without making private communications readable by the company. The tool Apple calls “neuralMatch” will detect known images of child sexual abuse without decrypting people’s messages. If it finds a match, the image will be reviewed by a human who can notify law enforcement if necessary.

    But researchers say the tool could be put to other purposes such as government surveillance of dissidents or protesters.

    Matthew Green of Johns Hopkins, a top cryptography researcher, was concerned that it could be used to frame innocent people by sending them harmless but malicious images designed designed to appear as matches for child porn, fooling Apple’s algorithm and alerting law enforcement — essentially framing people. “Researchers have been able to do this pretty easily,” he said.

    Tech companies including Microsoft, Google, Facebook and others have for years been sharing “hash lists” of known images of child sexual abuse. Apple has also been scanning user files stored in its iCloud service, which is not as securely encrypted as its messages, for such images.

    Some say this technology could leave the company vulnerable to political pressure in authoritarian states such as China. “What happens when the Chinese government says, ‘Here is a list of files that we want you to scan for,’” Green said. “Does Apple say no? I hope they say no, but their technology won’t say no.”

    The company has been under pressure from governments and law enforcement to allow for surveillance of encrypted data. Coming up with the security measures required Apple to perform a delicate balancing act between cracking down on the exploitation of children while keeping its high-profile commitment to protecting the privacy of its users.

    Apple believes it pulled off that feat with technology that it developed in consultation with several prominent cryptographers, including Stanford University professor Dan Boneh, whose work in the field has won a Turing Award, often called technology’s version of the Nobel Prize.

    The computer scientist who more than a decade ago invented PhotoDNA, the technology used by law enforcement to identify child pornography online, acknowledged the potential for abuse of Apple’s system but said it was far outweighed by the imperative of battling child sexual abuse.

    “It possible? Of course. But is it something that I’m concerned about? No,” said Hany Farid, a researcher at the University of California at Berkeley, who argues that plenty of other programs designed to secure devices from various threats haven’t seen “this type of mission creep.” For example, WhatsApp provides users with end-to-end encryption to protect their privacy, but employs a system for detecting malware and warning users not to click on harmful links.

    Apple was one of the first major companies to embrace “end-to-end” encryption, in which messages are scrambled so that only their senders and recipients can read them. Law enforcement, however, has long pressured for access to that information in order to investigate crimes such as terrorism or child sexual exploitation.

    “Apple’s expanded protection for children is a game changer,” John Clark, the president and CEO of the National Center for Missing and Exploited Children, said in a statement. “With so many people using Apple products, these new safety measures have lifesaving potential for children who are being enticed online and whose horrific images are being circulated in child sexual abuse material.”

    Julia Cordua, the CEO of Thorn, said that Apple’s technology balances “the need for privacy with digital safety for children.” Thorn, a nonprofit founded by Demi Moore and Ashton Kutcher, uses technology to help protect children from sexual abuse by identifying victims and working with tech platforms.

  • Facebook Suspends Data Mining Apps

    Facebook Suspends Data Mining Apps

    The world App giant Facebook has purged tens of thousands of apps involved in data mining from its platform. According to facebook insiders, the decision was arrived at after the company being slapped with thousands of privacy glitch summons and legal suits.

    Facebook co-founder Mark Elliot Zuckerberg, an American technology entrepreneur, and philanthropist stated that the removals come as part of an ongoing investigation into how developers use data, which the company started after the Cambridge Analytica scandal in March 2018.

    The Cambridge Analytica scandal, which uncovered how information from millions of Facebook profiles was used to influence opinion during Kenyan elections, Brexit and the 2016 US election, resulted in political fallout, investigations and a record fine of $5bn imposed against Facebook by the Federal Trade Commission in July 2019.

    Under that agreement Facebook will also be held to a new set of requirements to bring oversight to app developers, requiring them to comply with policies and undergo annual certifications. The news also reveals that the platform is home to more problematic apps than previously thought.

    “App developers remain a vital part of the Facebook ecosystem.  They help to make our world more social and more engaging. But people need to know we’re protecting their privacy.” Facebook said. 

    Facebook said on its official blog on Friday that tens of thousands of apps Facebook that have been removed come from just 400 developers, and millions more have been investigated. The review is ongoing and comes from hundreds of contributors, including attorneys, external investigators, data scientists, engineers, policy specialists, and teams within Facebook.

    “We promised then that we would review all of the apps that had access to large amounts of information before we changed our platform policies in 2014. It has involved hundreds of people: attorneys, external investigators, data scientists, engineers, policy specialists, platform partners and other teams across the company. Our review helps us to better understand patterns of abuse in order to root out bad actors among developers.”  Ime Archibong Facebook’s VP of Product Partnerships said.

    According to the blog, Facebook banned an app called myPersonality that refused to comply with the company’s audit and reportedly shared information with researchers and companies with only limited protections in place.

    They, Facebook, also took legal action against the data analytics company Rankwave, filing a lawsuit in California after the South Korean firm failed to comply with its investigation.

    Facebook also filed legal action against companies LionMobi and JediMobi, companies that used apps to infect users phones with malware to generate profit and against two Ukrainian men for using quiz apps to scrape user data from Facebook.

    The increased scrutiny comes after the record FTC fine and as dozens of US states have announced they will launch antitrust and privacy investigations into Google and Facebook. Several presidential candidates have also called for Facebook to be broken up.

    “In a few cases, we have banned apps completely. That can happen for any number of reasons including inappropriately sharing data obtained from us, making data publicly available without protecting people’s identity or something else that was in clear violation of our policies. We have not confirmed other instances of misuse to date other than those we have already notified the public about, but our investigation is not yet complete. We have been in touch with regulators and policymakers on these issues. We’ll continue working with them as our investigation continues.” Facebook said.

    The company said it is far from finished investigating and that it has expanded the team dedicated to investigating these violations, restricted the APIs used to connect to Facebook and set more specific policies around developing on Facebook.

    “As each month goes by, we have incorporated what we learned and re-examined the ways that developers can build using our platforms. We’ve also improved the ways we investigate and enforce against potential policy violations that we find. We have clarified that we can suspend or revoke a developer’s access to any API that it has not used in the past 90 days. And we will not allow apps on Facebook that request a disproportionate amount of information from users relative to the value they provide.” Ime Archibong Facebook’s VP of Product Partnerships said.

  • YouTube Fined Sh17Billion For Breaching Children Privacy

    YouTube Fined Sh17Billion For Breaching Children Privacy

    YouTube has been slapped with a fine of $170 million an equivalent of Ksh.17 billion over allegations of collecting personal information about children. YouTube was accused of tracking viewers of children’s channels using cookies without parental consent.

    The Google-owned giant video sharing platform which is also under the parent company Alphabet Inc, has been accused of breaching children privacy by using the cookies tracked to deliver billions in targeted advertisements to those viewers.

    Federal Trade Commission (FTC) announced the fine on Wednesday, that will reportedly see about $34 million (Ksh.3.4 billion) of the amount sent to the New York attorney general’s office.

    “YouTube touted its popularity with children to prospective corporate clients. Yet when it came to complying with, the federal law banning collecting data on children, the company refused to acknowledge that portions of its platform were clearly directed to kids,” FTC Chairman Joe Simons said in a statement.

    “Google and YouTube knowingly and illegally monitored, tracked, and served targeted ads to young children just to keep advertising dollars rolling in,” said New York Attorney General Letitia James.

    The fine was in accordance with a law banning the collection of information about children under 13 years old which was first introduced in 1998 before later being revised in 2013 to include cookies.

    Responding in a statement posted on its blog, YouTube said it would:

    “limit data collection and use on videos made for kids only to what is needed to support the operation of the service.”

    Image result for youtube for kids

    The video streaming service has also been forced to introduce YouTube Kids for children according to their age brackets and where disturbing videos would be excluded.