privacy - page 18

The costs of not complying with HIPAA (the 1996 Health Insurance Portability and Accountability Act), which includes self-reporting of data breaches, can be steep. Blue Cross Blue Shield of Tennessee recently finalized a settlement with the Department of Health and Human Services for $1.5 million for a recent breach (on top of a $17 million price tag for the investigation and remediation actions). HHS seems to be making a a show of high profile enforcement as a way to encourage better compliance among smaller organizations, including hospitals and individual medical practices.

This raises the question of whether or not using the iPad in healthcare increases the risk of privacy violations. If so, will a show of force on the part of HHS dampen the enthusiasm for the iPad in healthcare?

The app privacy scandal caused by Path’s iPhone app is still leaving its mark, as members of the U.S. Congress have sent out letters to 33 prominent App Store developers to better understand the issue. “We want to better understand the information collection and use policies and practices of apps for Apple’s mobile devices with a social element.”

Apps like the official Facebook and Twitter clients are among the list. Energy and Commerce Committee Ranking Member Henry A. Waxman and Commerce, Manufacturing, and Trade Subcommittee Ranking Member G. K. Butterfield have requested that the developers behind such apps reveal how Apple imposes its privacy standards and how the standards are implemented.

One of the feature on the new iPad is its dictation capabilities, a feature also available on the iPhone 4S (which also boasts Apple’s Siri virtual assistant feature). There are quite a few ways that high quality dictation and other speech to text capabilities could useful to professionals in many fields.

The problem is that in order to get that high quality dictation functionality, the new iPad and the iPhone 4S rely on Apple’s servers to do much of the work in turning your speech into text. More importantly, it isn’t just snippets of voice recordings that get sent to Apple. Personal data from your iPad or iPhone 4S gets uploaded as well and much of it remains associated with you and your device. That’s a general concern for most of us, but for professionals in regulated industries like healthcare or fields that require confidentiality like finance and legal professions, it becomes a critical privacy concern and may even break the law.

Apple has always taken privacy very seriously. When it was discovered that popular app Path secretly uploaded an iPhone user’s entire address book to its servers, the media reacted very strongly and Apple was forced to get involved. Path was violating Apple’s terms of agreement, and it was discovered that many other apps in the App Store had been doing the same thing for quite some time. Apple said that it would clarify the privacy issue for end users with a future iOS update.

High-profile meetings take place at Apple’s headquarters in Cupertino, California all the time, but the public rarely gets to hear about what is said behind closed doors. As it turns out, Path CEO Dave Morin was summoned to Cupertino by Apple CEO Tim Cook to talk about the recent privacy scandal his app caused.

Unlike most computers, the iPad isn’t designed to be a multi-user device. iOS doesn’t support multiple user accounts or profiles – that essentially means one set of device and application settings along with a personal collection of information like notes, email, browser bookmarks, and stored passwords for different online services. Sharing a device with that much personal data makes it easy for someone to snoop while using another person’s iPhone or iPad or on an iPad that is commonly shared between multiple users.

Passtouch is a web browser for the iPad that’s designed to offer at least some multi-user capabilities as well as to secure web-based information like bookmarks, cookies, and stored passwords. It doesn’t offer whole-device accounts or profiles but it does offer some extra security for devices that are regularly shared.

Path recently sparked a huge controversy over user privacy violations in popular App Store apps, and the media firestorm that resulted has now promoted The California Attorney General to enforce new standards for informing users about app privacy policies.

Apple, Google, Microsoft, HP, Amazon and RIM will now be implementing new policies that developers must comply with when publishing apps online. All information that’s collected from the user will be outlined in the app’s privacy policy and made viewable in app stores before downloading.

What with the whole Path address book debacle, this isn’t a good week to be caught up in a user privacy scandal on iOS as far as public perception is concerned. Google better batten down the hatches then, as it has just been discovered that they have been exploiting a loophole in the way Safari blocks cookies to bypass the privacy settings of millions of iPhone, iPad and Mac owners. Ouch.

Apple has officially responded to the contact sharing debacle that was highlighted by the Path iPhone app last week. After it was discovered that Path secretly uploaded a user’s entire contact database to its own servers, the controversy sparked more discussion about how Apple needs to enforce its user privacy guidelines more to protect customers.

Third-party apps will have to ask for permission to access contact data from a user, according to Apple. The issue will be remedied with an upcoming iOS update.

You’d be forgiven for thinking that unauthorized iOS apps obtained from the likes of Cydia aren’t as careful with your personal data as those approved by Apple for sale in the App Store. In fact, the opposite is true. Jailbroken iOS apps respect your privacy more than those obtained from the App Store.

Last week, the web exploded with the news that social iOS app Path was uploading your entire address book to its servers, and then keeping it there. Worse, it was sending and storing them in plain text (although the connection was at least SSL-encrypted). Clearly, having Path notify you when your friends join the service is handy, but is there a way to do this without compromising your privacy? According to Edinburgh iOS supremo Matt Gemmell, there is.

Caught up in a maelstrom of controversy over revelations that Path has been uploading iOS users’ address books to their own servers, Path CEO David Morin has spoken out about what’s going to happen now.

It’s all good news. Not only is Path taking full responsibility, and apologizing whole-heartedly for the violation, they’ve also pushed live a new update to the Path app that makes uploading your address book opt-in. But will other developers follow Path’s lead?

Beginning March 1st, Google will roll most of its privacy policies into one new main privacy policy to cover the majority of its products. Google has been slowly working towards the goal of creating a unified and more personal experience across their products and the new privacy policy is just another step in that direction.

O2, once Apple’s exclusive cell phone company reseller of iPhones in the UK, has been caught exposing user phone numbers in the headers sent to websites its customers visit while using its 3G network.

Today’s iOS 5.1 beta 3 makes some interesting references to Siri’s Dictation feature. On both the iPod touch and iPad, a new Dictation text file has appeared under the keyboard settings window. This new document is not present in the same place on the iPhone 4S, suggesting that this reference does indeed foreshadow what’s to come.

The text file outlines iOS Dictation’s privacy details. While Siri Dictation is currently an iPhone 4S-only feature, it’s plausible to assume that Apple is working to bring the feature to other iOS devices.

With the recent controversy surrounding Carrier IQ, U.S. Senator Al Franken has jumped back into the fight for privacy and sent an open letter yesterday to Carrier IQ asking the company to answer a number of questions concerning the company’s key-logger and data logging software. Senator Franken’s letter contains 11 pointed questions mostly asking why the company logs information, what type of information they’re tracking, who receives the information, and how is it used?

Carrier IQ’s software is currently running on millions of smartphones in the U.S. Apple released a statement on Thursday promising to eradicate all traces of Carrier IQ’s software with a new software update. Android manufacturer HTC released a statement today blaming carriers for the inclusion of CarrierIQ on their phones. Samsung also released a similar statement.

Lion has introduced some new yet basic privacy settings. The new settings control how you share your location and collect usage data to send to Apple. Although now it seems to be fairly basic I think it is still important to know what if any apps on your Mac are accessing location services on Mac OS X.

I’ll show you how to find out if they are or not in this tip.

Steve Jobs calls Android a “probe in your pocket” because it spies on users, according to Wall Street Journal reporter Kara Swisher.

The latest Apple patent to surface from the U.S. Patent & Trademark Office details another of company’s ingenious little inventions, and suggests future devices could boast privacy screens that prevent curious eyes from gazing upon your tawdry activities while you ride the bus.

As promised, Apple sent V.P. Guy Tribble to Washington to address Senator Al Franken and other stuffy politicians about the so-called LocationGate scandal.

Cupertino’s message? Same as it ever was: we don’t track user locations. Period.

“We do not share customer information with third parties without our customers’ explicit consent. Apple does not track users’ locations. Apple has never done so and has no plans to do so,” said Tribble.

Curiously, while Apple may not track users’ locations, the United States Department of Justice would like mobile providers to start, allowing the Department of Justice to attain records that would “enable law enforcement to identify a suspect’s smartphone based on the IP addresses collected by Web sites that the suspect visited.”

What’s good for the goose isn’t necessarily what’s good for the gander. Apparently, it’s only okay for the government to keep track of what you do with your smartphone, not Apple.

The iPhone tracking issue that’s causing a big privacy stink isn’t new and isn’t really tracking users, says an iOS forensics researcher.

It’s actually a data file that is used internally by the iPhone to do things like geo-tag photos, and it’s been in iOS for a long time (in a different form).

What’s new is a nifty extraction tool called iPhoneTracker that pulls the data off your hard drive and makes a striking map out of it. iPhoneTracker was released this week at O’Reilly’s Where 2.0 conference, causing a huge outcry about privacy and prompting U.S. Senator Al Franken to write to Steve Jobs.

In addition, the file has become more accessible than it used to be because it’s now used by third-party apps that require location data.

“It is not secret, malicious, or hidden,” writes Alex Levinson, an iOS forensics researcher.

Senator Al Franken (D-MN) wants answers about the iPhone’s undisclosed tracking features.

As reported, the iPhone and 3G iPad secretly record your location as you travel around and sync it with your computer. It appears to be a serious violation of privacy. It was first disclosed by security researchers Alasdair Allan and Pete Warren at O’Reilly’s Where 2.0 conference.

Apple hasn’t yet explained the matter, prompting Sen. Franken to publish an open letter to Steve Jobs demanding answers.

Sen Franken wants to know why Apple is collecting the data; how it is collected; what it is used for; why it isn’t encrypted; if the data is shared; and why consumers aren’t asked before the data is collected.

Here’s the full text of Sen. Franken’s letter to Jobs:

The big news today is all about how Apple has apparently been busy secretly squirreling away data about your movements on your iPhone 4 or GPS-equipped iPad, and storing it in a file on your computer via syncing. Is this a big deal, or business as usual, just a giant tech company doing its thing?

[polldaddy poll=4946757]

The latest beta version of Safari now features a do-not-track privacy setting to prevent online advertisers from tracking users as they surf the Web.

The tool has been added to the latest version of Safari in Lion, the upcoming update to OS X expected to go public this summer.

Safari is the third major browser to add a do-not-track setting. It joins Microsoft’s Internet Explorer and Mozilla’s Firefox include it, but Google’s Chrome does not — yet.

Google, of course, is one of the web’s biggest online advertisers. It’s also worth noting that Apple offers an in-app advertising program called iAds that competes with other forms of advertising, online and off.

Wall Street Journal: Apple Adds Do-Not-Track Tool to New Browser