Surveillance

“I thought it would be really funny if a stranger came over asking to do a poo,” explained Will. They never did, and about a year ago Will moved out.

Recently, Will had a look to see if Big Dumpers was still marked on Google Maps. It was. He was getting monthly emails about the performance of his business with information on how many people had viewed it or clicked to see its phone number.

But looking at the app’s listing for the “business”, Will spotted something that he didn’t find as funny. Like many other businesses, Google Maps showed a “Popular times” graph depicting how popular the location is using information provided by Google users who’ve agreed to let the app access their geolocation data. 9AM on Thursday was a busy time for Big Dumpers, according to Google Maps, but completely empty later in the day. 

What clicked in Will’s mind is that he had inadvertently created a public tracker of when people were in his share house — almost certainly without their knowledge. Will quickly voluntarily “closed” his business on Google but the listing remained up afterwards.

After being informed of the exploit by Crikey, founder of Australian information security company DVULN Jamieson O’Reilly said that his review of Google’s technical material corroborated Will’s understanding of the situation.

“My gut tells me you could list any place as a business then if the residents had opted in to location services you could totally use it to measure someone’s patterns,” he said.

A few years ago, I was surprised to find out that my friend Peter Eckersley — a very privacy conscious person who is Technology Projects Director at the EFF — used Gmail. I asked him why he would willingly give Google copies of all his email. Peter pointed out that if all of your friends use Gmail, Google has your email anyway. Any time I email somebody who uses Gmail — and anytime they email me — Google has that email.

Since our conversation, I have often wondered just how much of my email Google really has. This weekend, I wrote a small program to go through all the email I have kept in my personal inbox since April 2004 (when Gmail was started) to find out.

SAN FRANCISCO — Google has agreed to settle a $5 billion privacy lawsuit alleging that it spied on people who used the "incognito" mode in its Chrome browser — along with similar "private" modes in other browsers — to track their internet use.

The class-action lawsuit filed in 2020 said Google misled users into believing that it wouldn't track their internet activities while using incognito mode. It argued that Google's advertising technologies and other techniques continued to catalog details of users' site visits and activities despite their use of supposedly "private" browsing.

Just don't buy these cursed machines. Get a nice, big, dumb, computer monitor.

If you bought a new smart TV during any of the holiday sales, there’s likely to be an uninvited guest watching along with you. The most popular smart TVs sold today use automatic content recognition (ACR), a kind of ad surveillance technology that collects data on everything you view and sends it to a proprietary database to identify what you’re watching and serve you highly targeted ads. The software is largely hidden from view, and it’s complicated to opt out. Many consumers aren’t aware of ACR, let alone that it’s active on their shiny new TVs. If that’s you, and you’d like to turn it off, we’re going to show you how.

Last month the government’s tender website, AusTender, published a contract between the Australian Signals Directorate (ASD) and ShadowDragon Holdings, LLC. The contract runs for two years and is valued at $563,040.

ShadowDragon Holdings is an American company that sells software collecting “open source intelligence software, unique datasets and training” to organisations, including the United States Immigration and Customs Enforcement agency as well as state police forces in New York and Michigan.

ShadowDragon’s products pull data from a range of public online platforms — reportedly more than “200 unique sources and datasets” — to make them searchable for its users.

The full list of places isn’t published but its promotional material lists places including Facebook, Instagram, Telegram, YouTube, X, Google, Amazon, Tumblr, WhatsApp, LinkedIn, Reddit, 4Chan, Skype, Spotify, Twitch, Xbox network, PornHub, SoundCloud, Gab, Foursquare, Tripadvisor, Tinder, Etsy, PayPal, Flickr, Imgur, Disqus, eBay, GitHub, DeviantArt, Blogger, FetLife, BitChute, parenting forum BabyCenter, social network for Black people BlackPlanet and more.