Latest news with #ElectronicPrivacyInformationCenter
Yahoo
08-08-2025
- Yahoo
This New Instagram Feature Is An Absolute Privacy Nightmare
Instagram knows where you are, and now, so can anyone who you claim as a friend on the social media platform. On Wednesday, Instagram rolled out a Map feature to U.S. users that will share your location in real time to mutual followers. The feature is not turned on by default, but once you grant people access, Instagram Reels, posts or stories with a location tagged in them can show up on a map for 24 hours after they were posted. Instagram already allowed people to share their location in Direct Messages, but this new Map feature takes it one step further by sharing this information in a map format for mutual followers. Although Map is described by Instagram as 'a new, lightweight way to connect with each other,' that bid for connection can also expose where you live and where you regularly go to people and brands you would rather not have such specific data.'Absolutely make the choice to have it off,' said Calli Schroeder, senior counsel for the Electronic Privacy Information Center. Here's why. This Information Can Be Fun To Share With Friends — But It Also Can Help Stalkers And Law Enforcement When you decide to share your location with people, you are broadcasting valuable information. 'It can be used by law enforcement to track your actions. It can be used by advertisers to be like, 'Oh, they frequently go by this place. Let's serve them ads for this place all the time,'' Schroeder said. Schroeder said location-sharing not only reveals where you are at a given time, which is a security risk in itself, but it also exposes your routine and your connections to stalkers or anyone with an agenda against you. If someone 'sees that you're going to drop off and pick up at certain times, they now know where your kid goes to school or day care ― that's a security thing you should be thinking about,' Schroeder said as one example. With location-sharing, people can also figure out where you go to church, which political groups you belong to, or what kind of medical providers you use, which are also sensitive information, she added. Meta states that you can use the Map feature to find friends at a concert, as one positive example, but Schroeder notes that there are safer, more private ways to achieve this: 'If your friend wanted you to know that they were at a concert, they would text you or do a hashtag on a picture.' I think the real privacy risk comes from sharing your location through an intermediary like Trujillo, staff attorney at Electronic Frontier Foundation There are also other location-sharing options that do not involve sharing this information to a social media platform like Instagram, which uses this information to help businesses determine which ads you might be interested in. Apple's 'Find My' location feature, for example, is encrypted and stored within your device, meaning it would not be available to law enforcement seeking this data from a company like Apple. As a result, 'It's not as easily used for advertisements and other kinds of manipulation that often happen with location tracking,' Schroeder said. If 'the government came trying to compel that information in the future, Apple just does not have that information to share,' explained Mario Trujillo, a staff attorney at Electronic Frontier Foundation.'It is a highly personal decision if you want to share your location with a select group of friends,' he noted. 'But when you do it through a platform owned by Meta, you should understand that information will also be used to target you with ads. And if Meta is retaining that information, it could one day be compelled by the government.''I think the real privacy risk comes from sharing your location through an intermediary like Meta,' Trujillo said. 'When you share your location data with friends through Meta, Meta is also using that location data for purposes that are not really benefiting you. It's to benefit its own profit margin.' How To Find Map Feature On Instagram — And How To Turn It Off See for yourself how the feature works. Keep in mind that the feature is still being rolled out and is not yet available widely. To use Map: 1. Click the upper right hand arrow in Instagram to go to your messages. A globe titled 'Map' should appear next to your profile icon if the feature has been rolled out to your account. 2. Select 'Map' and see where you are. If location-sharing is turned off, your profile icon should be captioned 'Not sharing' on the Map.3. If you select to turn on the Map feature, you can choose which limited group of people can see it. You have the option between followers you follow back, people in your selected 'close friends' group, only specific people, or no one at all. Once location-sharing is turned on, Instagram states that 'your precise location updates every time you open Instagram. It disappears if you don't open the app for 24 hours.' If You Do Use Map, At Least Follow This Security Protocol If you do use the Map feature, be vigilant about who is in your friends list and regularly check to restrict people from it. Schroder said she is concerned that users may turn Map on once and forget to turn it off. 'I am very happy to hear that the default is that it's off, and it takes a deliberate action to turn it on. But how many times have we turned on a service for one specific scenario and then just forgot to put it back?' she said. Your friends on Instagram might include hundreds of people you have never met in person. Thorin Klosowski, a security and privacy activist for the Electronic Frontier Foundation, said with more followers, 'It might become more difficult at scale to remember exactly who you're sharing with.'Whether it creeps you out or comforts you to have constant access to where someone is, location-sharing is here to stay. It has become an expectation for staying connected for all generations. In an April survey of 1,000 U.S. adults, those between the ages of 18 to 29 were the most likely group to have the feature turned on in their phones, but people between 45 and 60 were the most likely group to share location with three or more people. If you're going to do it through Instagram's Map feature, be careful about who you consider your friend, and consider if there's a less public way to let a friend or acquaintance know where you are. 'I would encourage people to think really strongly about what is the purpose that you would want to come from sharing your location data,' Schroeder said. 'Is there a safer or easier way to do that more deliberately, with the specific people that you want to share your location with?' Related... Everyone Can See You Are Job Hunting On LinkedIn Unless You Do This With Meta AI App, You Can 'Discover' People's Wildest Thoughts — But Are You Unknowingly Sharing Yours? Are You A Bad Person For Using TikTok? How To Handle The 'Ick' For Apps You Don't Want To Quit. This 1 iPhone Setting Might've Caused The Signal Debacle. Here's Why You Should Turn It Off.
Yahoo
24-07-2025
- General
- Yahoo
For The Sake Of Your Family, You Should Always Do This 1 Thing With Your Wedding Registry
Before you say 'I do' to your beloved, there are many small and big decisions to make, such as what to wear and whom to invite ― but there is one tiny, yet monumental, decision that too many couples overlook. It's a decision that every couple faces when creating an online wedding registry: How private or public should this list be to anyone searching for this information online? The choice is yours, but privacy experts strongly recommend setting up your registry to be as private as possible.'Some registry websites are pretty locked down about privacy and security, and they won't make the address public, or they'll keep other information private, unless you have some of password-protect [option turned on], but in a lot of cases, they'll share the information because it's practical,' said Calli Schroeder, senior counsel for the Electronic Privacy Information Center. But what is convenient for shipping is not necessarily the safest option for your family. That's because long after your wedding is over, this identifiable information can come back to haunt you. Why Wedding Registries Should Stay As Private As Possible When you sign up for a registry through Amazon, for example, Amazon states that making your registry public will 'help your friends and family find your registry.' Unfortunately, that makes it easier for strangers and vengeful exes to find it, too. If your registry is set to public on Amazon, your name, email address, wedding date, city and state of your wedding location, and registered items become viewable by anyone once you share a link, as well as searchable on Amazon and its registry partner according to Amazon. Ideally, you don't want it to be easier for a stranger to find out where and when your wedding could be ― especially if they have an agenda against you. Schroeder said one especially risky detail to list is the address where people should send their gifts. Often, it's either your home address or your family's address. 'Maybe you have no issues with people knowing where you live. But let's say, for example, you had an abusive ex who is tracking to see what's going on in your life. They see you're getting married, and they see where it's happening, where parts of the ceremony are,' Schroeder said. 'They could cause you some real problems by showing up, stalking, harassing.' Instead of sharing your home address, you could try listing a P.O. box, Schroeder said. And if you do want to list your home address for convenience, at least enable the option to password-protect the information. This will keep your information 'way safer' than by having all of your identity publicly available, Schroeder added. Limiting your registry's reach doesn't just protect you; it protects anyone who might want to cause problems for your family. For example, if your sibling is involved in a child custody dispute with their ex and this person is looking for their current address, your gift address is suddenly valuable information, Schroeder said as an example. 'In many cases, the worst-case scenario is going to be... a gate-crash, maybe you have a little bit of public embarrassment,' Schroeder said about what people could do with your registry information. 'But there are cases where people are kind of unhinged, and it can be a dangerous situation.' Keeping your registry public also makes it searchable for data broker websites, whose business model is to sell this information to anyone interested for a few dollars. 'Many of the people websites now advertise that they're using bots that are just looking for anything that looks like an address, and then building files with whatever names are tied to that address,' Schroeder explained. Once your home information is part of a data broker's database, it can be an exhausting process to request that they remove it from these sites. However, you can avoid that by making it a little harder for them to find you. If you want to take it a step further, consider using a pseudonym or your first name and last initial on wedding website information. That way, it's harder for bad actors and automated internet scraping tools to discover who you are, Schroeder suggested. There are many problems you can't avoid at a wedding, but this doesn't have to be one of them. You may not be able to stop a relative from going off script for their speech, or the weather from pouring rain down at your wedding venue, but making your wedding registry private is within your control to do –– as long as you remember to take this step as seriously as the rest of your busy wedding prep. Related... Minnesota Shooting Suspect Allegedly Found Targets' Addresses Online. Here's How To Hide Yours. Taking Your Phone To A Trump Protest Could Have Alarming Consequences Why You Can (And Should) Opt Out Of TSA Facial Recognition Right Now Solve the daily Crossword
WIRED
12-06-2025
- WIRED
The Meta AI App Lets You 'Discover' People's Bizarrely Personal Chats
Jun 12, 2025 5:46 PM Launched in April, the Meta AI platform offers a 'discover' feed that includes user queries containing medical, legal, and other seemingly sensitive information. Meta logo is displayed during the 9th edition of the VivaTech show at Parc des Expositions Porte de Versailles on June 11, 2025 in Paris, France. Photograph: Getty Images 'What counties [sic] do younger women like older white men,' a public message from a user on Meta's AI platform says. 'I need details, I'm 66 and single. I'm from Iowa and open to moving to a new country if I can find a younger woman.' The chatbot responded enthusiastically: 'You're looking for a fresh start and love in a new place. That's exciting!' before suggesting 'Mediterranean countries like Spain or Italy, or even countries in Eastern Europe.' This is just one of many seemingly personal conversations that can be publicly viewed on Meta AI, a chatbot platform that doubles as a social feed and launched in April. Within the Meta AI app, a 'discover' tab shows a timeline of other people's interactions with the chatbot; a short scroll down on the Meta AI website is an extensive collage. While some of the highlighted queries and answers are innocuous—trip itineraries, recipe advice—others reveal locations, telephone numbers, and other sensitive information, all tied to user names and profile photos. Calli Schroeder, senior counsel for the Electronic Privacy Information Center said in an interview with WIRED that she has seen people 'sharing medical information, mental health information, home addresses, even things directly related to pending court cases.' 'All of that's incredibly concerning, both because I think it points to how people are misunderstanding what these chatbots do or what they're for, and also misunderstanding how privacy works with these structures,' Schroeder says. It's unclear whether the users of the app are aware that their conversations with Meta's AI are public, or which users are trolling the platform after news outlets began reporting on it. The conversations are not public by default; users have to choose to share them. There is no shortage of conversations between users and Meta's AI chatbot that seem intended to be private. One user asked the AI chatbot to provide a format for terminating a renter's tenancy, while another asked it to provide an academic warning notice that provides personal details including the school's name. Another person asked about their sister's liability in potential corporate tax fraud in a specific city using an account that ties to an Instagram profile that displays a first and last name. Someone else asked it to develop a character statement to a court which also provides a myriad of personally identifiable information both about the alleged criminal and the user himself. There are also many instances of medical questions, including people divulging their struggles with bowel movements, asking for help with their hives, and inquiring about a rash on their inner thighs. One user told Meta AI about their neck surgery, and included their age and occupation in the prompt. Many, but not all, accounts appear to be tied to a public Instagram profile of the individual. Meta spokesperson Daniel Roberts wrote in an emailed statement to WIRED that users' chats with Meta AI are private unless users go through a multi-step process to share them on the Discover feed. The company did not respond to questions regarding what mitigations are in place for sharing personally identifiable information on the Meta AI platform. In a company blog post announcing the app, Meta said 'nothing is shared to your feed unless you choose to post it.' It also mentions that users can tell its AI to 'remember certain things about you' and 'also delivers more relevant answers to your questions by drawing on information you've already chosen to share on Meta products, like your profile, and content you like or engage with.' 'People really don't understand that nothing you put into an AI is confidential,' Schroeder says. 'None of us really know how all of this information is being used. The only thing we know for sure is that it is not staying between you and the app. It is going to other people, at the very least, to Meta.' After the initial launch of Meta's AI app, critics were quick to point out potential privacy issues, with one headline calling it 'a privacy disaster waiting to happen.' Despite those concerns, the pace of the development and deployment of such AI shows no signs of slowing down, especially at Meta: CEO Mark Zuckerberg recently announced that Meta's AI assistant has 1 billion users across the company's platforms, and its been reported that Meta is creating a new AI lab led by Scale AI cofounder Alexandr Wang, dedicated to building superintelligence. "Is Meta aware of how much sensitive information its users are mistakenly making publicly available,' one user asked Meta AI on Thursday, in a query that showed up in the public feed. 'Some users might unintentionally share sensitive info due to misunderstandings about platform defaults or changes in settings over time,' the chatbot responded. 'Meta provides tools and resources to help users manage their privacy, but it's an ongoing challenge.'
The Independent
23-05-2025
- Politics
- The Independent
Privacy and hunger groups sue over USDA attempt to collect personal data of SNAP recipients
Privacy and hunger relief groups and a handful of people receiving food assistance benefits are suing the federal government over the Trump administration's attempts to collect the personal information of millions of U.S. residents who use the Supplemental Nutrition Assistance Program. The lawsuit filed in Washington, D.C., on Thursday says the U.S. Department of Agriculture violated federal privacy laws when it ordered states and vendors to turn over five years of data about food assistance program applicants and enrollees, including their names, birth dates, personal addresses and social security numbers. The lawsuit 'seeks to ensure that the government is not exploiting our most vulnerable citizens by disregarding longstanding privacy protections,' National Student Legal Defense Network attorney Daniel Zibel wrote in the complaint. The Electronic Privacy Information Center and Mazon Inc.: A Jewish Response to Hunger joined the four food assistance recipients in bringing the lawsuit. The White House did not immediately respond to a request for comment. The Supplemental Nutrition Assistance Program, or SNAP, is a social safety net that serves more than 42 million people nationwide. Under the program formerly known as food stamps, the federal government pays for 100% of the food benefits but the states help cover the administrative costs. States also are responsible for determining whether people are eligible for the benefits, and for issuing the benefits to enrollees. As a result, states have lots of highly personal financial, medical, housing, tax and other information about SNAP applicants and their dependents, according to the lawsuit. President Donald Trump signed an executive order March 20 directing agencies to ensure 'unfettered access to comprehensive data from all state programs' as part of the administration's effort to stop ' waste, fraud and abuse by eliminating information silos.' That order prompted Elon Musk's Department of Government Efficiency and the USDA to ask states and electronic benefit vendors to turn over the info earlier this month. Failing to do so may 'trigger noncompliance procedures,' the USDA warned in a letter to states. Some states have already turned over the data, including Alaska, which shared the personal info of more than 70,000 residents, according to the lawsuit. Other states like Iowa plan to turn over the information, the plaintiffs say. They want a judge to declare the data collection unlawful, to order the USDA to destroy any personal information it already has, and to bar the agency from punishing states that fail to turn over the data. ___
Associated Press
23-05-2025
- Politics
- Associated Press
Privacy and hunger groups sue over USDA attempt to collect personal data of SNAP recipients
Privacy and hunger relief groups and a handful of people receiving food assistance benefits are suing the federal government over the Trump administration's attempts to collect the personal information of millions of U.S. residents who use the Supplemental Nutrition Assistance Program. The lawsuit filed in Washington, D.C., on Thursday says the U.S. Department of Agriculture violated federal privacy laws when it ordered states and vendors to turn over five years of data about food assistance program applicants and enrollees, including their names, birth dates, personal addresses and social security numbers. The lawsuit 'seeks to ensure that the government is not exploiting our most vulnerable citizens by disregarding longstanding privacy protections,' National Student Legal Defense Network attorney Daniel Zibel wrote in the complaint. The Electronic Privacy Information Center and Mazon Inc.: A Jewish Response to Hunger joined the four food assistance recipients in bringing the lawsuit. The White House did not immediately respond to a request for comment. The Supplemental Nutrition Assistance Program, or SNAP, is a social safety net that serves more than 42 million people nationwide. Under the program formerly known as food stamps, the federal government pays for 100% of the food benefits but the states help cover the administrative costs. States also are responsible for determining whether people are eligible for the benefits, and for issuing the benefits to enrollees. As a result, states have lots of highly personal financial, medical, housing, tax and other information about SNAP applicants and their dependents, according to the lawsuit. President Donald Trump signed an executive order March 20 directing agencies to ensure 'unfettered access to comprehensive data from all state programs' as part of the administration's effort to stop ' waste, fraud and abuse by eliminating information silos.' That order prompted Elon Musk's Department of Government Efficiency and the USDA to ask states and electronic benefit vendors to turn over the info earlier this month. Failing to do so may 'trigger noncompliance procedures,' the USDA warned in a letter to states. Some states have already turned over the data, including Alaska, which shared the personal info of more than 70,000 residents, according to the lawsuit. Other states like Iowa plan to turn over the information, the plaintiffs say. They want a judge to declare the data collection unlawful, to order the USDA to destroy any personal information it already has, and to bar the agency from punishing states that fail to turn over the data. ___
