privacy rights Archives

AppWizard

March 24, 2025

Messaging apps: a report on Australian Government agency practices and policies

Out of 22 surveyed Australian Public Service agencies, 16 (73%) use messaging apps for work-related purposes, while 3 (14%) prohibit their use and 3 (14%) are undecided. Policies governing messaging app usage often do not align with statutory obligations such as the Freedom of Information Act 1982, Privacy Act 1988, and Archives Act 1983. Among the 16 agencies that allow messaging apps, only 7 shared their policies, with 5 addressing security classification needs and 6 lacking necessary archiving protocols. Furthermore, 5 agencies did not adequately meet FOI search requirements, and none required the use of official accounts or devices. Recommendations for agencies include developing clear policies on messaging app usage, addressing information management, FOI, privacy, and security, and ensuring preferred messaging apps properly manage personal information. The survey involved 25 agencies, with 22 responding, to assess messaging app usage and associated policies.

Tech Optimizer

February 14, 2025

New PostgreSQL Zero-Day Potentially Leveraged in BeyondTrust Attacks

Tulsi Gabbard, the newly appointed U.S. Director of National Intelligence, is involved in a debate over digital privacy and national security due to the UK's reported directive to Apple to create a backdoor for accessing encrypted iCloud data. U.S. lawmakers, including Senator Ron Wyden and Representative Andy Biggs, have expressed concerns that such a backdoor could compromise data security and expose sensitive information to unauthorized access and cyber threats. They argue that this policy could have global implications for data protection standards. Gabbard's response to the issue may impact the U.S. stance on encryption and privacy.

AppWizard

December 4, 2024

U.S. officials urge Americans to use encrypted apps amid cyberattack

A significant cyberattack, dubbed Salt Typhoon, has targeted major U.S. telecommunications firms, including AT&T and Verizon, leading officials to recommend the use of encrypted messaging applications for secure communications. Chinese hackers reportedly infiltrated these companies to surveil customers, particularly focusing on call records and live phone calls, including those related to political figures. The FBI has not provided a timeline for when telecommunications systems will be free of unauthorized access and has decided not to notify individuals whose metadata was compromised. The breach has raised concerns about the security of compliance systems used by telecom companies. End-to-end encrypted applications like Signal and WhatsApp are advocated for, while the FBI's stance on encryption remains complex, having historically opposed full encryption that prevents law enforcement access. Senator Ron Wyden criticized the reliance on compliance systems, arguing they leave sensitive information vulnerable to breaches.

AppWizard

September 20, 2024

Why Total Security in Messengers is Impossible: Insights from Egor Alshevski

The protection of personal information and online security is a critical concern in the digital landscape, with messaging applications claiming to use open-source code and advanced encryption techniques. However, achieving absolute security is complex and often unattainable. Egor Alshevski, CEO of InTouch AG, states that creating a completely secure messenger is impossible due to inherent vulnerabilities from software flaws, hardware issues, and evolving cybercriminal tactics. Government intervention poses significant challenges, with legislation like Australia’s Assistance and Access Act of 2018 requiring backdoors in encryption, undermining secure messaging. The proposed EU Child Sexual Abuse Regulation could dismantle encryption by mandating communication scanning, further compromising privacy. Governments utilize techniques like GSM ID tracking and exploiting device software vulnerabilities to access encrypted communications. While encryption protects message content, metadata remains accessible and can reveal communication habits. Users can enhance their security by regularly updating software and choosing messengers that publish their source code, although these measures are not foolproof. Open-source code allows independent security audits but can also be exploited by malicious actors. End-to-end encryption protects message content but faces threats from legislation and metadata leaks. AI and machine learning can improve security by analyzing data for suspicious activities, but their potential misuse raises concerns about mass surveillance and privacy infringement. The future of messenger security will depend on balancing individual privacy with legitimate security needs, continuous innovation, and collaboration among technologists, policymakers, and civil society. Despite advancements, the notion of a 100% secure messenger remains a myth, and vulnerabilities will persist.

AppWizard

September 20, 2024

Facebook Messenger, Messenger Kids Class Action to Move Forward

Meta Platforms Inc. is facing a federal court ruling allowing a class action lawsuit to proceed, which alleges that the Facebook Messenger and Messenger Kids applications improperly collected and retained biometric identifiers, violating the Illinois Biometric Information Privacy Act (BIPA). Judge Nancy J. Rosenstengel determined that the plaintiffs have sufficiently articulated their claims regarding the scanning of users’ facial geometries. Despite Meta's arguments that the facial scans do not fall under BIPA, the court found the allegations warranted further examination.