AXEL.org

data harvesting

Projects We Love: PrivacyWall

This is part of our series highlighting startups who share our mission of trying to bring data privacy back to users.

You’ve had a rough week, maybe it’s a relationship or health problem, but either way, you’re feeling down. Fortunately, your family is there for you, and reach out to console you through a few private messages on social media.

Mom: “I know it’s expensive, I’m sorry your health care doesn’t cover it, we’ll do what we can to help you pay.”

Dad: “Don’t worry sport, she’s just going through a phase, I’m sure you guys will work through it.”

Friend: “Hey man, let’s meet up for a drink this weekend, cheer up!”

After reading your messages, you lay down in bed to rest and start scrolling through social media to pass the time until you fall asleep, and you’re astounded by what you find.

Ads.

But not just the usual ads for food, or some new tech gadget.

“Lower your healthcare costs now! Save 20% off market rate plans!”

“Relationship trouble? Local family counseling is available!”

“Cheapest beer in town, and half-price shots on Fridays!”

Maybe it’s just coincidence, or maybe every single thing you say or do online is being tracked and sold to advertisers… That “free” social media website has to make money somehow.

And that’s where PrivacyWall comes in- a startup that is returning data privacy and security to users. By blocking unwanted data collection by everyone from Facebook to Google, PrivacyWall puts you back in the driver’s seat.

Why PrivacyWall?

Every website you visit, every search you type in, every message you send and photo you post, it’s all tracked, recorded, and monitored. PrivacyWall is the “off” switch we’ve been waiting for.

By blocking over 3,000+ trackers from many of the largest tech companies in the world you can once again browse the internet without fear of being tracked like the target of a CIA investigation. We expect privacy in our homes, and we should get the same treatment on the internet.

PrivacyWall even blocks Facebook Connect from building a shadow profile of your online activity when you are not on Facebook. If you didn’t know, that convenient “log-in with Facebook” turns that account you just signed up for into another data collection point for Facebook to build a profile on you.

If you didn’t know that, you aren’t alone. And that’s exactly why PrivacyWall blocks threats you don’t even know about yet. Because you shouldn’t have to become a security expert and worry about your private information being leaked just because you used Facebook to sign-up for a food delivery app, or a dating site, or anything.

You deserve privacy, and PrivacyWall is a step towards a more private world.

Do Your Apps Know Too Much About You?

Two years ago something incredible happened.

A simple computer game brought the world together and got gamers out and about into the big wide world. But after the immediate rush of excitement about “catching ‘em all”, users started to realize something a little more sinister about the Pokemon Go app.

As well as letting them throw imaginary Pokeballs in real-life locations, the iOS version of the app was caught accessing almost all of users’ Google account information – everything from emails down to photos.

Two years later, Mark Zuckerberg made a statement about the vague data collection techniques apps were using through Facebook. He was keen to iterate that Facebook does use sound clips from videos recorded directly onto Facebook to serve relevant ads after questions around this became louder and louder.

But his statement wasn’t exhaustive enough in covering what exactly our apps know about us.

This is because of the ambiguous nature of app permissions.

They tend to be oversimplified so as not to overwhelm the user, but below the simple sentences and soothing reassurances they can gather a huge amount of data with every single interaction.

Of course, some data collected is absolutely necessary for the apps to work in the first place. For example, a photo app won’t work if it can’t access your photos, and Uber needs your location information so it can pick you up in the right place – duh.

But once you give apps that need information access to your data, they can start to worm their way under the surface to dig out more and more information about you and your behavior.

Take location access as an example.

Once you give away your location, app makers are then able to use that information to figure out what floor of a high-rise you live on or the places you visit the most.

Why Apps Want Your Data

Data is gold for app makers. With information about their user base, apps can perform all sorts of other actions, like:

  • This is the key activity app makers do with the data they’ve gathered. Knowing everything about you means they can serve up relevant ads and charge advertisers more and more for being so highly targeted.
  • Curated content. This keeps users sticking around for more. If they’re seeing more of what they like, they’re more likely to engage with the content and keep coming back for more.
  • App development. Data can be really useful for knowing what users do and don’t like, which can be used in the future to improve the app or make another app altogether.

A whopping one-third of consumers don’t think advertisers collect data from them.

App Permissions: What Do Your Apps Know About You?

Now you know why your apps might want to scrape together the digital breadcrumbs of you, let’s take a look at what they actually know about you, because it can be easy to jump to conclusions and envision a Big Brother type scenario which often isn’t the case.

Your smartphone is actually packed full of sensors which can decipher your whereabouts, what speed you’re traveling at (including what form of transport you’re traveling on), and which way up you’re using your phone.

But you’re not completely powerless.

This is where app permissions come in, a.k.a. the “barrier” between app makers and the data stored in your phone. When a pop-up shows up on your phone with a permission request, it’s up to you to decide how much data you pour into the hands of the app maker.

However, this is easier said than done, and that’s because very few apps give detailed explanations about what information they’re going to collect and use.

Many app makers do this in the interest of their users; they don’t want to overwhelm them with technical drivel, so they keep it simple. But this means that a lot of users don’t actually know the full extent of what they’ve agreed to.

If you want to know exactly what an app can and can’t see about you, there’s a way.

On an Android device:

  • Open the settings app
  • Go to the Apps & Notifications center
  • Choose an app and click Permissions

On an iOS device:

  • Go to the Settings app
  • Choose an app
  • See the Permissions that are listed

On both kinds of devices, you can usually switch off permissions with a toggle button to pick and choose what data can and can’t be collected (though bear in mind that some apps need certain permissions in order to run).

And, though this is a good starting point to find out what your apps know about you, it doesn’t always give you the full story.

Take the incident with Uber recently, where it was discovered that the app was secretly recording screen activity on iPhones. The company hit back that this was to improve functionality with the Apple Watch app, but it just goes to show that even if you think you know what an app can find out about you, there might be something more sinister going on.

How Are Things Changing When It Comes to Apps and Data?

Phone providers are now cracking down on what app makers can and can’t do when it comes to permissions – particularly location permissions.

When requesting location access, app makers now have to adhere to the “only when using the app” rule, which means they can’t track users when they’re not inside the app.

But while control settings are getting tighter, they’re also getting more and more convoluted. App makers are starting to bundle permission choices together and still aren’t quite there with letting their users know exactly what they’ll be using data for.

Apps that require users to “unlock” a particular permission in order to use the app as it’s supposed to be used are doing so without giving away whether they might share it with marketers and advertisers too.

What it boils down to is this: people have every right to choose what they do and don’t want apps to access, but there’s not much they can do if the app in question needs their location or access to their photos to work as they’re supposed to.

In these instances, it’s up to the user to decide whether they want to continue to use the app or give it up entirely.

And, until app makers get clearer with what they use data for, many users will remain in the dark about what data app companies are collecting about them and what they’re doing with that information.

A Beginner’s Guide to Staying Safe Online

Every week it seems a new security breach is hitting the headlines so we can be forgiven for thinking the online world is a dangerous place.

Earlier this year, Facebook was lambasted for sharing user data with third party apps, while those with Androids were shocked to learn that their mobile was tracking their every move thanks to built-in location tracking tacked onto Maps and Photos.

And then there was the Amazon Echo incident, where customers realized their every interaction was being gathered together to build a case about who they are and their shopping habits.

So yes, we’d be forgiven for thinking the online world is a scary place.

Sure, the internet has impacted our lives in amazing ways, but there is a dark side just like with everything else.

But because we’ve been so eager to dip our toes into the countless benefits that the internet brings (being able to communicate with anyone, anywhere is pretty priceless), we’ve lost some of our personal privacy along the way. It’s kind of an exchange – we let you do this in exchange for this information about yourself.

This isn’t about to stop anytime soon.

We like the freedom to contact someone on the other side of the world with the click of a button. We like being able to next-day-deliver something we’ve coveted for all of five minutes. We like being able to read our favorite news stories without having to shell out for a hard copy.

Handing over our data for online freedom is the price we pay. Everything we do on the web leaves a digital trail that can be swept up and used by corporations and governments.

The problem is in the transparency of it all. Legalese in tiny fonts that are unreadable with the naked eye pull the wool over users’ eyes. We want to sign up to Twitter so we can see what everyone’s saying about the latest celebrity scandal, so we blindly tick the “yes” box without really agreeing to have our data scraped through and sold on for who knows what purpose.

Giving away even the tiniest snippets of data about yourself can leave you at risk from less-than-stellar companies, but there are steps you can take to limit how much data is siphoned from your internet activity.

If you’re not tech savvy and don’t know how to navigate the ins and outs of the World Wide Web, let us help you out.

Encrypt Your Email

Email is not going anywhere anytime soon. In 2017, more than 270 billion emails were sent, a number that’s set to increase to 320 billion by 2020.

We hear all the time about email accounts getting hacked, and this form of online communication has been hailed as the absolute worst for security. This is because a single email message gets passed around several different servers before it reaches its final destination.

You can keep the content of your messages private with encryption. Some email providers already offer this as standard, but for others you might need to download an add-on or a plugin. When it comes to the metadata that accompanies your emails though (the sender, receiver, time stamps etc), there’s nothing you can do as the internet routing system needs this information to do its job.

Hide Your History

We often get sucked into a wormhole on the internet and find ourselves knee deep in cute cat videos when all we wanted was to find a review for the new washing machine we’ve got our eye on.

It’s hard to believe that anyone would be interested in the meandering trail we took to get to the cat videos, but this information can be used by companies to know what sites we visit the most and how we get from one to the other.

This log of sites you visit is known as your “clickstream”, and you can take a look right now at the online journey you’ve taken over the past day by simply clicking “History” and then “Full Browsing History” when your browser is open.

This information isn’t private unless you always browse the web in Incognito mode so the sites don’t retain your Cookies (watch the video below to understand what Cookies are), or to download a free tool that obscures your clickstream.

Video:

Get Savvy with Your Social

It always seems to be social media sites hitting the headlines with privacy concerns (we’re looking at you, Facebook), and that’s because social channels are filled with a bounty of information about their users; from date of birth to restaurants you regularly check into and your closest friends, these sites literally have an incredible low-down on you.

But again, it’s the price we pay to stay in the loop and to share filtered pics with our nearest and dearest.

The best advice here for eliminating any chance of your data being scraped and used elsewhere is to delete all of your social media accounts.

If that seems too drastic, give yourself peace of mind by having your accounts on the highest security settings possible (here’s a great guide to help you do that) and leaving out any identifying information like your date of birth or your home town.

We can’t control what others post on social media (and sometimes they’ll post stuff about us that disappears into the ether), but we can control what we hand over to the grasping hands of big corporations.

Leave Your Location Out of It

There’s something thrilling about checking into a new place, whether we’re humblebragging about visiting the latest high-end restaurant or simply want people to know that we’re Out There Having Fun.

But location data can be incredibly valuable if it falls into the right hands.

Think about it: not only are you providing information about where you are and what you’re doing there, you’re handing over data like what time of day you like to do that activity, and you’re even giving nearby locations the chance to target you with ads while you’re in the vicinity.

The answer here is simple: turn off your location when you don’t need it and avoid using sites that require you to “check in” or need location information.

Other Things You Can Do

Encrypting your email, being elusive with your social media information, and avoiding the lure of “checking in” are good starting points for protecting your online data privacy.

But, taking it further, you can ensure that your password across everything is not something that can easily be guessed. Instead of having a password, go for a passphrase that is made up of multiple words, numbers, and symbols.

And, when it comes to your search engine habits, be ruthless.

Many of the big search engines make a note of your searches and build a profile of you to serve up relevant ads. If you want to avoid this, you need to avoid the big guys and instead use a search engine that doesn’t track your every search term (the oddly-named DuckDuckGo is good for this).

Protecting online data is a big concern for most internet users, but for the tech-phobic it can be truly terrifying, especially if you don’t even know how to start protecting yourself.

Hopefully these tips will point you in the right direction and help you get your privacy back under control, pronto.

Why Free Will Cost You a Fortune

Everyone loves a good deal. Whether it’s an amazing discount or a sale, we experience an endorphin rush when we get a good deal. Things only get better when we hear those magic words we love…“free.”

Nothing gets people more excited than when something is offered for free. If you’ve ever seen a store offering something for free then you know what to expect… a lineup around the corner.

This philosophy gets amplified when we talk about anything offered on the Internet. It is commonly accepted that any services offered through the Internet should be free.

And many websites are happy to oblige. Facebook is free, YouTube is free, Twitter is free…you get the idea.

The thing that no one seems to be asking anymore is “what’s the catch?”

In the real world we usually have an idea about why something is being offered for “free”; maybe they want to get you into the store to buy something else or they want to get you hooked onto the product, but there is always a reason.

Unfortunately we aren’t so inclined to look for a catch when it comes to “free” services online. It’s understandable that people expect online services to be free but it’s important to know why it’s being offered for free.

There is always an ulterior motive for something to be offered for “free” and there is always something that is being compromised in exchange for the “free” service. The level of compromise involved will depend on the service being offered.

Some compromises will be harmless, such as when a service is offered with limited features. However, often, the compromises made are more than the user bargained for when they signed up in the first place.

Ultimately the more we understand about why a service is being offered for “free” online, and the compromises that come with it, the better we can make a decision on whether to proceed with becoming a user.

Awareness is the best defense to ensure that we don’t end up in a situation where something we thought was going to cost nothing (“free”) ends up costing us an arm and a leg (and some other important body parts).

Let’s cover some of the reasons a product or service is being offered online for “free”, along with their level of harm:

  • Trial Versions/Upgrade Incentives: No different than when a product is offered for “free” in a real life setting, the company wants you to continue using the service (at a cost, naturally) once the trial period is over or upgrade to a paid tier. This is relatively harmless unless the company asks for your credit card to start the “free” trial and will charge you automatically. Then you need to have a good memory or set your calendars to not get charged.
  • Advertising: Similar to watching TV, a website may offer you a “free” service in order to ratchet up the hits and collect ad revenue. Unlike TV, ads on the internet are ridiculously annoying (TV ads are just mildly annoying). Between popups and flashing banners, some websites are just not worth visiting. This category falls into the “harmless but frustrating” section.
  • Micropayments: Typically with a service that relies on micropayments, the base tier is “free” but has very limited features and in order to expand the features you have to make some sort of minimal payment (think .99¢) that seems insignificant…at first. However there are many features that need to be unlocked and each one of them will require its own micropayment. In a way micropayments are like a faucet that has a drip. At first you might not think it’s so bad since you only see a drop of water falling at a time, but then you get your monthly water bill and see that it’s triple the usual amount. This is definitely one of those categories that can get out of hand very quickly and cost more than you expect if you aren’t too careful.
  • Data Mining: Now we’re getting into some bad territory. Data mining is when the service you’re using is harvesting information about you to use for other purposes. Have you ever booked a flight to a city and then seen a bunch of ads for hotels in that same city?…it’s not a coincidence. Sometimes data mining is used only for advertising (relatively harmless) but other times the company wants to collect a profile on you based on the websites you’ve visited, who you interact with, and even your spending habits. Needless to say, depending on the level of privacy you crave, this can be pretty harmful.
  • Malice: I did say the motives may not be sinister in nature, but sometimes they are. As a wise man once said “some people just want to watch the world burn”. I would be doing you a disservice if I didn’t mention that some “free” online products/services come with lovely add-ons such as viruses, worms, spyware, and malware or they might be used to extract personal information from you, such as your online banking login information. Needless to say, this is the most harmful form of “free” you get online and a good reason of why you need to be very careful about who you trust.

As you can see, not everything that is being offered for “free” is actually without any cost to you. It’s important to take a step back and ask yourself why the provider is offering it for “free”. What’s in it for them?

Do appropriate research and make sure that you aren’t putting yourself in a situation that can be harmful to you or cause you to expose more about yourself than you want.

So, yes, we all love to get something for free…just make sure it doesn’t end up costing you a ton in the end!