Twitter Linkedin
Donate

29 Mar

Posted at 05:52h in News by
0 Likes

Corporate Accountability News Highlights is a regular series by Ranking Digital Rights highlighting key news related to tech companies, freedom of expression, and privacy issues around the world.

Turkey tightens internet controls

Lawmakers in Turkey have adopted new measures that further tightens the government’s control over the internet. A new law adopted on March 21 will require video-streaming services and media or websites broadcasting through the internet to obtain a license from the country’s broadcasting regulator, RTÜK. 

A protest against internet censorship in Istanbul, Turkey in May 2011. Photo credit: Erdem Civelek [CC BY 2.0] via Wikimedia Commons.

If a service does not secure a license, courts would order ISPs to block that service. Courts would also be able to request “broadcasters” to remove content deemed “illegal.” The law is also expected to apply to video platforms hosting user-generated content, like Youtube, or platforms that allow users to host live video streams, like Facebook and Periscope.

One RTÜK member said that “there’s little difference between what YouTube does and some of the video streaming services that will be subject to the new law.” Reporters Without Borders noted in a statement that such platforms have been used by “many censored media outlets to circulate their content.”

This is the latest move by the Turkish government to crack down on internet freedom. The 2017 Freedom on the Net report by Freedom House rated the country’s internet environment as “Not Free.” The Turkish government often resorts to blocking or throttling social media platforms and instant messaging apps. Thousands of websites, including Wikipedia, news sites, LGBT-related websites, and VPN services are blocked. The country’s authorities recently banned the encrypted email service ProtonMail, and they are reportedly considering “solutions” to block VPNs.

In addition, Turkish authorities are notorious for pressuring social media platforms to comply with their requests to remove content, often threatening to block them. For example, during the first half of 2017, Turkey made 2,710 content removal requests to Twitter, topping the list of countries making such requests.

Internet and telecommunications companies should be transparent about how they handle government requests for content restrictions, and publish data about the number of requests received, the number they complied with, and the types of subject matter associated with these requests. Most companies evaluated in the 2017 Corporate Accountability Index lacked transparency about how they handle government requests to restrict content or accounts, and did not disclose sufficient data about the number of requests they received or complied with, or which authorities made these requests.  

Companies should also notify users when they restrict content. Services that host user-generated content should notify those who posted the content, and users trying to access it. The notification should include a clear reason for the restriction. The 2017 Index found that companies do not disclose sufficient data about their user notification policies when they restrict content or accounts.

(more…)

23 Mar

Posted at 12:13h in News by
0 Likes

Corporate Accountability News Highlights is a regular series by Ranking Digital Rights highlighting key news related to tech companies, freedom of expression, and privacy issues around the world.

U.S. and UK demand answers from Facebook over Cambridge Analytica scandal

Photo in the Public Domain, via Pixabay.

Authorities in the U.S. and the UK are demanding answers from Facebook after it was revealed that data of an estimated 50 million of the platform’s users was harvested without their consent. In 2014, a researcher at the University of Cambridge developed a personality quiz app that collected data from 270,000 users. The app also enabled the researcher to collect data about those in the friend networks of the quiz respondents without their knowledge. According to reports, the developer then sold the data to data mining firm Cambridge Analytica, which used the data to build detailed profiles of American voters target them with pro-Trump political ads.

In response to these revelations, authorities in both the UK and the US are demanding answers from Facebook. In the UK, members of parliament summoned Facebook CEO Mark Zuckerberg to testify before a parliamentary committee investigating fake news. The country’s information commissioner is investigating organizations that include social media companies and data analytics companies over their handling of user data during political campaigning. In the U.S., Congress members have also called on Zukerberg to testify, while the U.S. Federal Trade Commission is reportedly investigating whether the company violated the terms of a 2011 agreement by Facebook not to share users’ data without their consent.

On Thursday, Zuckerberg said that the company will “investigate all apps that had access to large amounts of information” before 2014 and “will conduct a full audit of any app with suspicious activity.” In 2014, Facebook changed its policies to reduce the amounts of data third-party developers can access. Zuckerberg told Recode that the number of the apps they are going to investigate is in the “tens of thousands” and that the process will “take a number of months.”   

Internet, mobile, and telecommunications companies should be transparent about what user information they share, with which parties and for what purposes. Companies should also give users options to control how their information is collected and used for targeted advertising. Companies evaluated in the 2017 Corporate Accountability Index did not disclose enough information about such options. Facebook disclosed less about these options than any of the other 12 internet companies evaluated. The company did not disclose options allowing users to control the company’s collection of their user information, and how their information is used for targeted advertising.

(more…)

22 Mar

Posted at 15:56h in Featured, News, Partnerships by
0 Likes
Verizon building in the New York City skyline.

Verizon building in the New York City skyline. Photo credit: Ted McGrath [CC BY-NC-SA 2.0]

Internet service providers in New York City fail to provide sufficient information for consumers to make informed choices about the privacy risks of using these services, according to a new study (PDF) by the Digital Equity Lab at the New School released this week. The study, which used the Ranking Digital Rights Corporate Accountability Index methodology to evaluate 11 of New York City’s major internet service providers (ISPs), found that these privacy policies were too vague for consumers to understand how these companies handle their data.

The study found that ISPs did not provide privacy policies in the main languages spoken by residents. While companies offered policies in English and Spanish, none provide these policies in the other six official languages of New York City. The study also found that most policies failed to provide users clear options to control what information is collected and shared about them.

The report is one of several recent studies that have adapted the Index methodology to examine corporate transparency of policies and practices affecting freedom of expression and privacy in different regions. A report by the Social Media Exchange (SMEX) in Lebanon used the Index methodology to survey 66 mobile providers in 22 Arab countries and found that mobile users lacked critical information about the policies affecting their freedom of expression and privacy. In addition, this February researchers with Paris-based Internet Sans Frontières published a study based on the Index methodology which found that mobile providers in Kenya and Senegal lacked sufficient transparency, with discrepancies between disclosed policies of the parent companies and their local subsidiaries.

20 Mar

Posted at 04:18h in Announcements, Featured, News by
0 Likes

Image by VLADGRIN on Shutterstock

Please join us online or in person on Wednesday, April 25th for the launch of the Ranking Digital Rights 2018 Corporate Accountability Index!! As in 2017, we have evaluated 22 of the world’s most powerful internet, mobile, and telecommunications companies on their commitments and disclosed policies affecting users’ expression and privacy. Find out what has—and has not—improved in the past year. Learn how our 2018 findings relate to the headlines of the past year about privacy breaches, disinformation, hate speech, censorship, network shutdowns, and more.

When: 9:30-11am EDT (1:30pm UTC) on Wednesday April 25th

Where: Italian Academy, Columbia University, New York City

RSVP here with more event information, directions to the venue

UPDATE: watch the live webcast here!

(more…)

16 Mar

Posted at 05:43h in News by
0 Likes

Corporate Accountability News Highlights is a regular series by Ranking Digital Rights highlighting key news related to tech companies, freedom of expression, and privacy issues around the world.

Users can sue Yahoo for data breaches, a U.S. judge rules

Former Yahoo CEO Marissa Mayer testifying before Congress about data breaches. Screenshot from the C-Span Video Library.

A federal judge has ruled that a class action lawsuit against Yahoo over data breaches can move forward. The massive data breaches that occurred between 2013 and 2016 affected all of the company’s 3 billion users.

The plaintiffs in the class action suit argue that Yahoo’s handling of the breaches exposed their data to hackers who stole their identities and money. The company admitted that hackers were able to access its user-database and steal user passwords. Yahoo is also accused of taking too long to address the data breaches even though the company’s security officials knew about them.

“Plaintiffs’ allegations are sufficient to show that they would have behaved differently had defendants disclosed the security weaknesses of the Yahoo Mail System,” U.S. District Judge Lucy Koh said.

Telecommunications, and internet and mobile ecosystem companies should clearly disclose what steps they take to keep user data secure and how they respond to data breaches. The 2017 Corporate Accountability Index found that companies communicate less about what they are doing to protect users’ security than they do about what users should do to protect themselves. Companies disclosed more to users about how to defend themselves against cyber risks than about what steps they take to keep users’ information secure or about what they do to address security vulnerabilities once they are discovered.

None of the internet and mobile ecosystem companies evaluated in the 2017 Index disclosed information about their processes for responding to data breaches, including whether or not they commit to notify relevant authorities without undue delay and their process for notifying data subjects affected by the breach.

(more…)

Twitter Linkedin

Media requests:

comms@rankingdigitalrights.org

Other inquiries:

info@rankingdigitalrights.org