While many technology companies continue to step up their privacy game by adopting best practices to protect sensitive customer information when the government demands user data, telecommunications companies are failing to prioritize user privacy when the government comes knocking, an EFF annual survey shows. Even tech giants such as Apple, Facebook, and Google can do more to fully stand behind their users.
EFF’s seventh annual “Who Has Your Back” report, released today, digs into the ways many technology companies are getting the message about user privacy in this era of unprecedented digital surveillance. The data stored on our mobile phones, laptops, and especially our online services can, when aggregated, paint a detailed picture of our lives—where we go, who we see, what we say, our political affiliations, our religion, and more.
“This information is a magnet for governments seeking to surveil citizens, journalists, and activists. When governments do so, they need to follow the law, and users are increasingly demanding that companies holding their data enact the toughest policies to protect customer information,” said EFF Activism Director Rainey Reitman, in a statement.
EFF evaluated the public policies at 26 companies and awarded stars in five categories. This year EFF included two new categories: “promises not to sell out users,” and “stands up to NSL gag orders.” The first reflects our concern about the stated goal of several members of government to co-opt tech companies to track people by their immigration status or religion. We awarded stars to companies that prohibit developers and third parties from capturing user data to assist governments in conducting surveillance.
We also awarded stars to companies that exercise their right to make the government initiate judicial review of gag orders that prohibit them from publicly disclosing they have received a National Security Letter (NSL). NSLs—secret FBI demands for user information issued with no oversight from any court—permit the FBI to unilaterally gag recipients, a power EFF believes is unconstitutional. Facebook, Google, and Microsoft have failed to promise to step up and exercise the right to have the government put NSL gag orders before a court.
Nine companies earned stars in every category this year: Adobe, Credo, Dropbox, Lyft, Pinterest, Sonic, Uber, Wickr, and WordPress. Each has a track record of defending user privacy against government overreach and improved on their practices to meet the more stringent standards in this year’s Who Has Your Back.
MacDailyNews Note: MacDailyNews is a WordPress VIP site.
Two tech companies lagged behind in the industry: Amazon and WhatsApp, both of which earned just two stars. EFF’s survey showed that while both companies have done significant work to defend user privacy—EFF especially lauds WhatsApp’s move to adopt end-to-end encryption by default for its billion users around the world—their policies still lag behind. Online retail giant Amazon has been rated number one in customer service, yet it hasn’t made the public commitments to stand behind its users’ digital privacy that the rest of the industry has.
AT&T, Comcast, T-Mobile, and Verizon scored the lowest, each earning just one star. While they have adopted a number of industry best practices, like publishing transparency reports and requiring a warrant for content, they still need to commit to informing users before disclosing their data to the government and creating a public policy of requesting judicial review of all NSLs.
“The tech industry as a whole has moved toward providing its users with more transparency, but telecommunications companies—which serve as the pipeline for communications and Internet service for millions of Americans—are failing to publicly push back against government overreach,” said EFF Senior Staff Attorney Nate Cardozo, in a statement. “Both legacy telcos and the giants of Silicon Valley can and must do better. We expect companies to protect, not exploit, the data we have entrusted them with.”
For the full report: https://www.eff.org/who-has-your-back-2017
Source: Electronic Frontier Foundation
MacDailyNews Note: In the report, EFF states:
Apple earns four stars in this year’s report. This is Apple’s sixth year in Who Has Your Back, and it has adopted a number of industry best practices, including publishing a transparency report, requiring a warrant for content, and publishing its guidelines for law enforcement requests. Apple promises to inform users before disclosing their data to the government, has a published policy of requesting judicial review of all National Security Letters, and explicitly states that third parties are forbidden from allowing Apple user data to be used for surveillance purposes. We urge Apple to support substantive reforms to rein in NSA surveillance.
The EFF “star” Apple lacks? Pro-user public policy: Reform 702. Apple has not publicly called for reforms to Section 702 to curtail the surveillance of innocent people.
has disabled user voting on CNN app after 15,000 one-star votes.
heh.
UPDATE:
“CNN’s attempt to delete their app from the Apple Store to reupload it for a rating reset backfires as it falls right back down to a one star rating.”
Why not 5 stars… who else in tech other than Apple has made any statement trying to protect your digital stuff.
Other companies have joined Apple in their decision to try to protect our privacy. Apple, as the most valuable company in the world gets a lot more press for its stance. First, because it is a high-end phone with high-end security. Secondly, only the most expensive Android phones attempt that level of security. The regular ones cannot. And governments are breaking into those phones all the time. It is the problem with Android.
Unfortunately, it doesn’t matter to most people in the world as Android ownership numbers continue to grow at record pace. Most people would rather have free services over privacy and security and I doubt that will ever change. So many people post their personal information on Facebook one would almost think they want all their information revealed. I doubt most users even care if they’re being spied upon unless they really have something sinister to hide.
I have to wonder if Apple is going overboard on privacy because there are so many critics claiming Apple isn’t doing enough data mining from users and they say it makes Apple’s services weak and stupid compared to Amazon and Alphabet’s services. Apple runs its own ship the want it wants to and that’s their decision. I can’t figure out whether it’s actually helping or hurting their sales.
You’re right in that right now, most users don’t care about security or privacy…. or at least they care more about lower prices than they do about privacy, etc.
That said, there will come a day where the privacy issue becomes more important. Perhaps it will take a high profile case to that better exposes how companies are monetizing your data and how it allows more creepy ads, etc. Either, way, when that does become important to users, it’s not something Google, Amazon, Facebook, etc. are going to be able to change any time soon as their business model is dependent upon poor user privacy. Apple is in a much better long term position in that regard.
Apple “earns” not “wins” 4 out of 5 stars.
OK. No mention of our favorite snoop Google, so I looked.
Two or one stars? No, same as Apple, four stars. How could this be, the biggest collector of personal data?
Apparently EFF does not have a section to review “Does company collect personal data and sell it to the highest bidder.” They need to add that.
Granted, this report is about government asking for customer data. But you and I know Google hands over large amounts to the feds under the table.