Indonesia just banned a number of major websites including Steam, Epic Games, PayPal and Battle.net!
Here is what you need to know!
Indonesia Banned Steam, PayPal, Epic Games + More!
On 30 July 2022, Indonesians woke up to the shocking discovery that a number of gaming platforms like Steam, Epic Games, Origin, Ubisoft and Battle.net are now banned!
Not only were gaming platforms banned, Indonesia also banned major websites and digital services like PayPal and Waze.
Indonesian netizens have started sharing tips on how to bypass this sudden ban – by using VPN, or changing their DNS servers, to bypass what appears to be an IP block.
Why Indonesia Banned Steam, PayPal, Epic Games, Etc!
There was no official announcement by the Indonesian government, but it is likely that Indonesia banned Steam, PayPal, Epic Games and a bunch of other websites and digital platforms because they failed to register as an Electronics System Provider / Penyelenggara Sistem Elektronik (PSE).
On November 24, 2020, the Indonesian Ministry of Communication and Information Technology (Kominfo) imposed a new regulation calling for all local and international digital services to register with them for cybersecurity and user protection purposes.
Failure to comply with that regulation would subject the digital service to being banned / blocked in Indonesia.
Here is a partial list of major websites, platforms and digital services registered with the Indonesian government, and those that have not been registered, or are known to be blocked.
Those on the unregistered list are likely to be blocked, if not already blocked. Interestingly, Telegram is listed as registered, but is currently inaccessible (blocked) in Indonesia.
On July 15 – just 2 weeks earlier – Kominfo warned that digital service providers will be banned in Indonesia on July 21, 2022 if they refused to register.
The deadline for all PSE registration – both domestic and foreign – was set at July 20, 2022. After that, Kominfo would start banning unregistered apps and services.
At that time, Kominfo reported that many major brands and companies have yet to register with them, like Google (which owns YouTube, Google Drive, Gmail, etc.), Meta (which owns WhatsApp, Instagram and Facebook), Twitter, Netflix, PUBG Mobile and Mobile Legends.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
China just fined Didi Global a whopping $1.2 billion for violating its cybersecurity, data security and privacy laws!
China Fines Didi Global $1.2 Billion For Violating Laws!
On Thursday, 21 July 2022, the Cyberspace Administration of China (CAC) announced that Didi Global breached the country’s cybersecurity law, data security law, and personal information protection law.
The Chinese cyberspace regulator fined Didi Global 8 billion yuan ($1.2 billion), as well as a personal fine of 1 million yuan ($148,000) each on Chairman and CEO Cheng Wei, as well as President Liu Qing (also known as Jean Liu).
The facts of violations of laws and regulations are clear, the evidence is conclusive, the circumstances are serious, and the nature is vile.
Didi Global responded to the regulator’s announcement with a contrite statement “sincerely” accepting the judgement and penalties :
We sincerely accept this decision, and resolutely obey it. We will strictly follow the penalty decision and the requirements of relevant laws and regulations, conduct comprehensive and in-depth self-examination, and actively cooperate with supervision and complete rectification carefully.
We will take this as a warning and further strengthen the construction of cyberspace security and data security, strengthen the protection of personal information, and earnestly fulfill our social responsibilities. We will serve every passenger, driver and partner well, and realize the safe, healthy and sustainable development of the enterprise.
What Did Didi Do To Incur China’s Wrath?
According to an FAQ by the CAC, its investigators started their investigation of Didi in July 2021.
After conducting an extensive investigation, they found that Didi conducted data processing activities that “seriously affected national security”, and refused to comply with “the explicit requirements of regulatory authorities” and conducted “malicious evasion” of regulatory supervision.
They also stated that Didi Global committed 16 violations of China’s laws, including :
Didi illegally collected 11.9639 million screenshots from its users’ mobile phone photo albums.
Didi excessively collected 8.323 billion pieces of its users’ clipboard information, and application list information.
Didi excessively collected 107 million pieces of passenger face recognition information, and 53.5092 million pieces of age group information, 16.3556 million pieces of occupational information, 1.3829 million pieces of family relationship information, and 153 million pieces of taxi address information.
Didi excessively collected passengers’ evaluation of the drivers, when the app is running in the background, and 167 million pieces of precise location (longitude and latitude).
Didi excessively collected 142,900 pieces of driver education information, and 53.976 billion pieces of “intent information”, 1.538 billion pieces of resident city information, and 304 million pieces of non-local business/travel information.
Its users are frequently asked to provide “telephone permissions” while using its services.
Inaccurate and clear description of user personal information processing, including device information.
The CAC noted that Didi started its bad practices in June 2015, and continued even after the Cybersecurity Law was implemented in June 2017, the Data Security Law started in January 2022, and the Personal Information Protection Law was implemented in November 2021.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
FCC Commissioner Brendan Carr just publicly asked Apple and Google to remove TikTok from their app stores!
Here is what you need to know about the renewed heat on TikTok!
FCC Commissioner Asks Apple + Google To Remove TikTok!
On June 29, 2022, FCC Commissioner Brendan Carr publicly called on Apple and Google to remove TikTok from their app stores.
This move came after leaked TikTok audio recordings obtained by Buzzfeed News revealed that ByteDance staff in China (and possibly the Chinese government) retained extensive access to data on US citizens.
In his public letter to Apple CEO Tim Cook, and Google CEO Sundar Pichai, the FCC Commissioner asked that TikTok be removed for “its pattern of surreptitious data practices”.
It is clear that TikTok poses an unacceptable national security risk due to its extensive data harvesting being combined with Beijing’s apparently unchecked access to that sensitive data.
But it is also clear that TikTok’s pattern of conduct and misrepresentations regarding the unfettered access that persons in Beijing have to sensitive U.S. user data – just some of which is detailed below – puts it out of compliance with the policies that both of your companies require every app to adhere to as a condition of remaining available on your app stores.
Therefore, I am requesting that you apply the plain text of your app store policies to TikTok and remove it from your app stores for failure to abide by those terms.
FCC Commissioner Carr also labelled TikTok as a “sophisticated surveillance tool” that is designed to harvest “personal and sensitive data“.
At its core, TikTok functions as a sophisticated surveillance tool that harvests extensive amounts of personal and sensitive data.
Indeed, TikTok collects everything from search and browsing histories to keystroke patterns and biometric identifiers, including faceprints – which researchers have said might be used in unrelated facial recognition technology – and voiceprints.
It collects location data as well as draft messages and metadata, plus it has collected the text, images, and videos that are stored on a device’s clipboard. The list of personal and sensitive data it collects goes on from there.
This should come as no surprise, however. Within its own borders, the PRC has developed some of the most invasive and omnipresent surveillance capabilities in the world to maintain authoritarian control.
Carr ended his letter with an “ultimatum” of sorts – if Apple and Google do not remove TikTok from their app stores, they need to provide “separate responses” to him by July 8, 2022, explaining why TikTok does not contravene their App Store policies.
As of June 30, 2022, TikTok is still available to download in the US app stores of both Apple and Google.
If Apple and Google acts on the FCC Commissioner’s request, TikTok will only be removed from their US app stores. It won’t affect downloads in other countries.
Neither would it prevent users in the US from continuing to use TikTok. They just won’t be able to download it any longer, or update to newer versions.
FCC Commissioner Lists History Of TikTok Data Practices!
While the leaked TikTok audio recordings may have precipitated this open letter to Apple and Google, FCC Commissioner Carr pointed to a list of questionable data practices by TikTok in the past.
The list makes for really interesting reading, especially for those who are not up to date on TikTok’s privacy and data security issues :
In August 2020, TikTok circumvented a privacy safeguard in Google’s Android operating system to obtain data that allowed it to track users online.
In March 2020, researchers discovered that TikTok, through its app in the Apple App Store, was accessing users’ most sensitive data, including passwords, cryptocurrency wallet addresses, and personal messages.
In 2021, TikTok agreed to pay $92 million to settle lawsuits alleging that the app “clandestinely vacuumed up and transferred to servers in China (and to other servers accessible from within China) vast quantities of private and personally identifiable user data and content that could be employed to identify, profile, and track the physical and digital location and activities of United States users now and in the future.”
In March 2022, a report included current and former TikTok employees stating in interviews that TikTok delegates key decisions to ByteDance officials in Beijing and that an employee was asked to enter sensitive information into a.cn domain, which is the top-level domain operated by the Chinese government’s Ministry of Industry and Information Technology.
Earlier, in 2019, TikTok paid $5.7 million to settle Federal Trade Commission allegations that its predecessor app illegally collected personal data on children under the age of 13.
India- the world’s largest democracy–has already banned TikTok on national security grounds for stealing and surreptitiously transmitting user data in an unauthorized manner.
Multiple U.S. military branches have also banned TikTok from government-issued devices due to national security risks, including the Navy, Army, Air Force, Coast Guard, and Marine Corps.
U.S. government officials have also urged troops and their dependents to erase the app from their personal phones.
U.S. national security agencies have similarly banned TikTok from official devices citing national security risks, including the Department of Defense, Department of Homeland Security, and the TSA.
The RNC and DNC have warned campaigns about using TikTok based on security concerns and the threat of officials in Beijing accessing sensitive data.
Citing data security concerns, private U.S. business operations have also banned TikTok from company devices, including Wells Fargo.
Once accessed by personnel in Beijing, there is no check on the CCP using the extensive, private, and sensitive data about U.S. users for espionage activities because compliance with the PC’s 2017 National Intelligence law is mandatory in China.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Leaked audio from internal TikTok meetings show that private user data has been repeatedly accessed from China!
Here is what you need to know…
Privacy Promise By TikTok : Overseas Data Stored In US + Singapore
For many years now, TikTok has repeatedly assured users that all data collected from users outside of China, stays out of China and is thus, not accessible to anyone in China.
To ensure that the Chinese government has no access to the data, one of the measures they took was to store all data collected overseas in servers located in the United States, with backups in Singapore.
We store the information described in the “ What Information We Collect ” section in servers located in the United States and Singapore.
Most people may not realise this, but they also added a caveat right after that, stating that their Corporate Group (in China) may remotely access the data…
When entities in our Corporate Group need information to help us provide the Platform, they remotely access the information pursuant to authorised and secure access controls.
TikTok Leak : China Repeatedly Accessed Private User Data!
Buzzfeed News recently received audio recordings from more than eighty (80) internal TikTok meetings, in which employees admitted that engineers in China accessed private user data.
This was despite a TikTok executive’s sworn testimony at an October 2021 US Senate hearing at the same time period, that a “world-renowned, US-based security team” decides who gets access to the private user data.
Instead, the leaked audio revealed that US staff did not have permission or knowledge of how to access the data. Rather, it was their colleagues in China who determined how and who accessed the private user data.
The leaked tapes ultimately show that TikTok may have misled lawmakers, users, and the public by downplaying the fact that their private data is readily accessible by employees in China, and potentially, the Chinese government.
Everything Is Seen In China
Eight different employees stated in nine statements that they had to refer to their colleagues in China to make those decisions.
“Everything is seen in China“, said a member of TikTok’s Trust and Safety department in a September 2021 meeting.
In another September 2021 meeting, a TikTok director referred to a Beijing-based engineer as a “Master Admin” who “has access to everything“.
There’s Some Backdoor To Access User Data…
Fourteen of the leaked audio recordings were with, or about, a team of Booz Allen Hamilton consultants that TikTok brought in to investigate how data flows through TikTok and ByteDance’s internal tools.
In September 2021, one Booz Allen Hamilton consultant told colleagues that the tools felt like they had backdoors to access user data :
I feel like with these tools, there’s some backdoor to access user data in almost all of them, which is exhausting.
Oracle Only Providing Storage For Project Texas
TikTok has been working on what they call Project Texas – securely storing overseas data in Oracle cloud servers to comply with CFIUS (Committee on Foreign Investment in the United States).
Project Texas is limited to protecting the private information of US users, like phone numbers and birthdays – details that are not publicly visible, or have been set to private.
Such data will be stored at an Oracle datacenter in Texas – hence the name, and would only be accessible to specific US-based TikTok employees.
However, TikTok’s head of global cyber and data defense made clear that Oracle was only providing the data storage space for Project Texas. Ultimately, TikTok would be setting up the servers, and controlling everything.
It’s almost incorrect to call it Oracle Cloud, because they’re just giving us bare metal, and then we’re building our VMs [virtual machines] on top of it.
Unique IDs Not Protected Information
In one of the leaked audio recordings from a January 2022 meeting, TikTok’s head of product and user operations announced with a laugh that the Unique ID (UID) will not be amongst the protected content under the CFIUS agreement.
The conversation continues to evolve. We recently found out that UIDs are things we can have access to, which changes the game a bit.
Other Data Not Stored On Oracle Servers
The problem with Project Texas is that it only addresses US users… and only a small subset of their data.
Everything else – including private user data from non-US countries – will stay in their US and Singapore servers that remain accessible to ByteDance’s Beijing offices.
Response By TikTok : 100% US Data Traffic Routed To Oracle
TikTok publicly announced on the same day – June 17, 2022, that it changed the “default storage location of US user data“, and that “100% of US user traffic is being routed to Oracle Cloud Infrastructure“.
Although they “expect” to fully pivot to Oracle cloud servers located in the US, they will continue to use their existing US and Singapore servers for backup, and delete US users’ private data over time.
While this may address some of the privacy concerns for US users, it does not address the other privacy concerns revealed in the leaked audio recordings… or the privacy concerns of non-US users.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Here is our UPDATED video + pictorial guide on how to ENABLE and DISABLE MySJ Trace in MySejahtera!
Updated @ 2022-01-24 : Added a solution for MySJ Trace not working on Android 12 devices.
Updated @ 2022-01-06 : Added two solutions for people who cannot enable MySJ Trace.
Updated @ 2022-01-02 : Added a new method on disabling MySJ Trace, and a new video guide.
Updated @ 2021-12-30 : Added two methods on disabling MySJ Trace, and a new video guide.
Originally posted @ 2021-12-29
Why Enable MySJ Trace In MySejahtera?
MySJ Trace is a new MySejahtera feature, which allows for more accurate contact tracing, and removes the need to manually check out from locations.
Once enabled, your phone will use Bluetooth to communicate with other phones that have MySJ Trace enabled, to determine the distance and length of contact. This eliminates the need to manually check-out.
The proximity data it collects allows Malaysia Ministry of Health (KKM) to accurately determine if you are a close contact of a COVID-19 positive person.
Obviously, this feature only works if everyone has MySJ Trace enabled, so please enable it!
MySejahtera does not offer any option to turn off MySJ Trace once you set it up, but if you prefer to turn off MySJ Trace to “protect your privacy“, or to save a little power, there is an easy way to do it.
All you have to do is disable Bluetooth connectivity, and MySJ Trace is immediately disabled. That’s because MySJ Trace relies on Bluetooth to determine your proximity to other users.
You can do that by pulling down the notification tray in your smartphone, and tapping on the active Bluetooth icon to disable it. Alternatively, you can disable it in your device settings.
Once disabled, the MySJ Trace section in the MySejahtera check-in screen will now ask you to setup again. But there is no need to set it up again.
Whenever you want to re-enable MySJ Trace, all you have to do is re-enable Bluetooth, and MySJ Trace will immediately start working again. Essentially, your smartphone’s Bluetooth connectivity now acts as a toggle for MySJ Trace.
Permanently Disable MySJ Trace
For those who want to permanently disable MySJ Trace, without disabling Bluetooth, reinstalling MySejahtera works for both Android and iOS devices. This is the only known solution for iOS devices.
Android devices, on the other hand, have two alternatives – disabling location permission, or clearing app data.
Option A : Disable Location Permission
Here are the steps to disable Location Permission for MySejahtera in your Android device :
Step 1 : Go to Settings > Apps > MySejahtera > Permissions.
Step 2 : Tap on the Location option under the list of Allowed permissions.
Step 3 : Tap on Allow only while using the app or Deny.
That’s it! Once you go out, MySJ Trace will be permanently disabled in MySejahtera.
Credit : I would like to thank Kyle Hudsons for pointing this out to us.
Option B : Clear MySejahtera App Data
Here are the steps to clear the MySejahtera app data in your Android device :
Step 1 : Go to Settings > Apps > MySejahtera > Storage.
Step 2 : Tap on Clear data. You will be warned that this will remove your MySejahtera account information and database.
Please be warned that if you proceed, your MySejahtera account information will be cleared, together with your past contact history.
Your COVID-19 vaccination history and certificate are stored in the cloud and remain safe, but you will need to log into your MySejahtera account again.
So please do NOT proceed unless you remember your MySJ ID and password!
Step 3 : If you are sure, tap on the OK option to clear the MySejahtera data.
Step 4 : Launch MySejahtera, and log into MySejahtera using your MySJ ID (either your mobile number or email address), and your password.
After you log in, you will see that MySJ Trace has been disabled. You will need to setup MySJ Trace (again) to enable it.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
Ever since the MySejahtera team launched the MySJ Trace feature, many questions were raised by people over its security, privacy, and usability.
So with help from Dr. Mahesh Appannan, the Head of Data at the Crisis Preparedness and Response Centre (CPRC) of the Malaysia Ministry of Health (KKM), here are the answers to some of your frequently asked questions about MySJ Trace!
These answers supplement the original frequently asked questions (FAQ) about the MySJ Trace feature, which you can read in the next section.
Question #1 : Why Does MySJ Lists Interactions Even At Home?
The interactions refers to Bluetooth devices (with MySJ Trace enabled) that your MySejahtera app detected.
MySJ Trace can detect Bluetooth signals from as far as 10 metres away, but can be reduced by barriers (walls, your body, other electronics, etc.)
It will not only detect the smartphones of your family members (with MySJ Trace enabled), but also your neighbours, who can be in the floor above, below, or next to your home.
There is nothing to worry about these “interactions”. It just means you came within 10 metres of people who have MySJ Trace enabled.
Question #2 : Does Interactions Mean Casual / Close Contacts?
No, not all interactions are flagged as casual / close contacts, if you become COVID-19 positive.
The algorithm takes into account the signal strength (RSSI – Received Signal Strength Indicator) that your phone detects, and your exposure time.
The parameters used to classify casual or close contacts are refined over time for maximum accuracy. For example, if the Omicron variant becomes widespread, the exposure time will be shortened, and the distance extended, for someone to be considered a casual / close contact.
Question #3 : Why Do People In The Same Family Have Different Number Of Interactions?
Even if your family goes out together, you may all have different number of interactions, because it depends on a variety of facts :
your individual proximity to other people,
anything that blocks Bluetooth signals – their bodies, other electronics, electronic keys, etc.
whether you are holding the phone, or it is in your pocket, etc.
Question #4 : Does MySJ Trace Transmit My Data With Each Interaction?
No. There is no handshake or exchange of information with each interaction.
MySJ Trace detects the Bluetooth signal of other phones, and logs when that “interaction” occurred, and the signal strength.
It’s like listening to the radio – the broadcaster does not receive anything in return.
Question #5 : Does MySJ Trace Transmit My Data?
No. MySJ Trace stores all of the recorded data in your phone, and does not automatically upload it.
Only if you are COVID-19 positive, are you asked to upload your contact history for the last 14 days, so that people who were your close contact can be notified.
MySJ Trace requires your explicit consent to transmit your data to the Malaysia Ministry of Health (KKM).
Question #6 : How Long Does MySJ Trace Store Data?
MySJ Trace only stores data for the last 14 days, on a First-In, First-Out basis.
All data older than the most recent 14 days are automatically purged.
Question #7 : Why Do You Still Need To Check In Using QR Code?
First – not everyone is using MySJ Trace, so there still needs to be an alternative contact tracing method.
The QR code check-in function also gives KKM data to undertake faster contact tracing, especially involving a major cluster.
Question #8 : What’s The Difference Between MySJ Trace And QR Code Check-In?
MySJ Trace allows for automatic contact tracing, while QR code check-in gives KKM critical data. In addition :
MySJ Trace algorithm is based on time and distance (Bluetooth signal strength), while
Check-In algorithm is based only on time
Question #9 : Does MySJ Trace Use A Lot Of Battery Power?
MySJ Trace uses Bluetooth Low Energy (BLE), which consumes significantly lower power than standard Bluetooth wireless communications. The impact on battery life is minimal.
Question #10 : Why Does MySJ Trace Not Use Exposure Notification By Google / Apple?
By Google and Apple standards, an Exposure Notification (EN) app must maintain user anonymity, and record proximity data anonymously. It cannot contain Personally Identifiable Information (PII).
The MySejahtera app necessarily contains your identity, vaccination status and certificates, and so on. Therefore, it cannot comply with Google and Apple’s requirements for an Exposure Notification app.
MySJ Trace : Official Answers To Frequently Asked Questions
Here are the official answers to the MySJ Trace frequently-asked questions (FAQ):
1. What is MySJ Trace?
MySJ Trace is a contact tracing application developed by the Government of Malaysia.
It adopts a community-driven approach where participating devices exchange proximity information whenever an app detects another device with MySJ Trace app installed.
This application allows the identification of people who were in close proximity to COVID-19 infected individual
2. What is the difference between MySJ Trace and MySejahtera?
MySejahtera & MySJ Trace are used by the Ministry of Health (MOH) to help manage the COVID-19 pandemic in Malaysia.
MySejahtera allows users to perform quick health-self assessment and for the Ministry of Health (MOH) to monitor users’ health condition and take immediate actions in providing treatments.
Meanwhile, MySJ Trace further complements MySejahtera by detecting and tracing the individuals who are in close contact with the COVID-19 positive patients.
MySJ Trace was developed through a strategic cooperation between government agencies of Malaysia :
Ministry of Science, Technology and Innovation (MOSTI)
Ministry of Health (KKM)
Administrative Modernisation and Management Planning Unit (MAMPU)
Malaysian Institute of Microelectronic Systems (MIMOS)
4. Who are the users of MySJ Trace?
All Malaysian citizens and residents of Malaysia.
5. Where can I download MySJ Trace?
Users only need to update the MySejahtera application to the latest version.
6. How does MySJ Trace function?
MySJ Trace enables participating devices to exchange proximity information whenever the app detects another device with the same app installed. Data collected will be stored and processed only by the MOH officers.
When a user is identified to be COVID-19 positive, the user will initiate a process to upload the data from the user’s smartphone to a secured database managed by the MOH.
7. What is contact tracing?
Contact tracing is an identification process of individuals who may have come into close contact with an infected COVID-19 patient.
It enables the MOH to further trace and contact the individuals and organize a follow-up action.
8. If I have been identified as a close contact, how will I be contacted?
The user will receive an SMS, and a notification in the MySejahtera app.
9. What data are collected by MySJ Trace?
Only these data are collected :
Unique User ID (UUID) that is created by the MySejahtera app.
Operating system version (Android or iOS)
Time of contact
Received Signal Strength Indicator (RSSI)
10. Are my personal information that is stored in the app safe?
MySejahtera and MySJ Trace are owned and operated entirely by the Malaysian government. The government guarantees that all information collected and used in the app comply with the information security standards of the government of Malaysia.
11. Does MySJ Trace require Internet connectivity after activation?
Yes, Internet connectivity is required when you first update the MySejahtera app, and during the data uploading process.
12. What devices support MySJ Trace?
MySJ Trace is supported by smartphones that use the Android or iOS operating systems :
Android : Version 8.0 and above – Non-sleep mode must be set, so MySJ Trace will remain active in both foreground and background modes.
iOS : Version 10 and above
– The phone must be active at all times while the app needs to be in the foreground mode.
13. Must Bluetooth be activated at all times?
Yes, Bluetooth must be activated at all times for MySJ Trace to work properly.
14. Will Bluetooth usage cause high battery usage?
Unlike using Bluetooth to stream music or to a wireless headphone continuously, MySJ Trace uses Bluetooth to only transmit its presence periodically. As such, it uses significantly less power.
15. Will the app use significant battery power if MySJ Trace is left running all the time?
MySJ Trace uses Bluetooth Low Energy (BLE) to minimise battery usage. Therefore, the app does not use significant amounts of battery power to collect persistent contact tracing information.
16. Will MySJ Trace Bluetooth usage affect my other Bluetooth accessories?
MySJ Trace does not affect the use or performance of other Bluetooth accessories like wireless speakers, wireless earphones or headphones, or smartwatches.
17. Why must I allow location permission for the Android version?
Android requires location permission to be granted for any app to access Bluetooth features. However, geolocation data will not be collected.
For iOS, only the Bluetooth function needs to be enabled.
Please Support My Work!
Support my work through a bank transfer / PayPal / credit card!
What Went Wrong With MySejahtera Check-Out Function
MySejahtera introduced a Check-Out function in September 2021, allowing you to check-out from locations to improve contact tracing.
Using this Check-Out function lets contact tracers eliminate you as a casual or close contact, by determining when you left a certain location where a COVID-19 positive person was present.
However, it was a tedious manual process, because checking in and out of locations do not happen in a linear fashion. So many people ended up not checking out sometimes, or not at all.
This led some people to be wrongly identified as a Casual Contact, or even a Close Contact, of a COVID-19 positive person.
To avoid that problem, and to improve contact tracing, we need a better solution. And that solution is MySJ Trace, which uses Bluetooth technology to determine your close contacts, how close they were and how long you were in close contact.
So please enable MySJ Trace, and keep it running, at least while you are out in public. It will accurately monitor and record your close contacts, so you can help KKM trace them if you get infected with COVID-19.
It will also prevent you from being misidentified as a casual or close contact of a COVID-19 positive person.
Telegram just highlighted the ability to migrate WhatsApp chats to their app, but you really should NOT do that.
Find out why this is a BIG security and privacy risk than just leaving your chats in WhatsApp!
Telegram : Moving Chat History From WhatsApp, Line + KakaoTalk
In a recent version 7.4 update for their iOS app, Telegram announced a new feature – the ability to move your chat messages from other apps like WhatsApp, Line and Kakaotalk to their app.
Curiously, that ability has actually been part of WhatsApp since 2018, when they introduced the ability to export chats to email and other apps.
And while this feature is purportedly available only with the iOS version of Telegram Messenger, you can already do that with existing versions of WhatsApp and Telegram.
Why You Should NOT Move WhatsApp Chats To Telegram!
You should note that the privacy risks with WhatsApp have been grossly exaggerated by the media and many Internet “experts”.
For one thing – WhatsApp users have been sharing metadata with Facebook since September 2016, a fact initially lost on many media outlets and “experts”.
But we understand the fear – Facebook is a real snoop. Even so, it would be a mistake to migrate from WhatsApp to Telegram.
Let us share with you why you should NOT migrate from WhatsApp to Telegram, and why it is a BIG mistake to migrate your WhatsApp data to Telegram.
Fact #1 : Telegram Is LESS Secure Than WhatsApp
WhatsApp fully implemented end-to-end encryption across all of their apps and network since 5 April 2016.
End-to-end encryption prevents WhatsApp or Facebook from reading your messages. Only the sender and receiver(s) can read them.
WhatsApp shares a considerable amount of data and metadata that Facebook can use to identify and track your movements and activities. But not the content of your messages.
Telegram, on the other hand, has STILL NOT implemented end-to-end encryption for all messages by default.
Instead, they still insist on offering end-to-end encryption only when you create a Secret Chat.
This leaves the bulk of your messages completely readable by Telegram and anyone who intercepts those messages as they travel from your device through the Internet to the recipient.
The very presence of Secret Chats between certain people is itself metadata that can help oppressive regimes identify their enemies or whistleblowers.
Fact #2 : Your Data Is Stored In Telegram Cloud Servers
All WhatsApp data is stored only in your registered device. WhatsApp also does not retain messages in their servers after they are delivered, and will only store files (like photos and videos) and undelivered messages for 30 days.
It’s the opposite with Telegram – all of your data – messages, photos, videos, documents – is stored in their cloud servers. Even though they are encrypted in storage, Telegram holds the encryption keys, NOT YOU.
This ability has its advantages like convenient access across multiple devices, but it also makes Telegram less secure.
Telegram has access to your encrypted files, including the ability to decrypt them for authorities that legally compels them to do so.
Fact #3 : Moving Your Messages + Media To Telegram Exposes Them
While your chats and media remain within your WhatsApp app, they are encrypted and not available to anyone but yourself (and the recipients).
Migrating your chat messages and media to Telegram would involve sending them unencrypted to Telegram’s servers.
This exposes your hitherto secure chats and media to a man-in-the-middle attack – allowing a third party to snoop or grab a copy of the data as it travels unencrypted to the Telegram servers.
Fact #4 : Facebook Already Has Your Metadata
As we pointed out earlier, WhatsApp has been sharing our metadata with Facebook since September 2016.
So moving your existing chats out of WhatsApp won’t limit or reduce your exposure. That horse has long bolted from the stable.
Moving your chat history and files to Telegram will just offer a new attack surface for cybercriminals and oppressive regimes.
Fact #5 : Facebook Will Still Have Your Data If You Still Use Facebook!
Here is the other thing that people don’t realise – migrating from WhatsApp to another messaging app is pointless if you do not also stop using Facebook.
As long as you still use Facebook, they will still have access to a consideration amount of metadata. Losing your WhatsApp metadata just gives them less metadata.
After all, Facebook can track your movements and activity even if you are NOT on Facebook! This is what they call Off-Facebook Activity.
Respect for your privacy is coded into our DNA, and we built WhatsApp around the goal of knowing as little about you as possible: You don’t have to give us your name and we don’t ask for your email address. We don’t know your birthday. We don’t know your home address. We don’t know where you work. We don’t know your likes, what you search for on the internet or collect your GPS location. None of that data has ever been collected and stored by WhatsApp, and we really have no plans to change that.
2016 : WhatsApp Starts Sharing Data With Facebook
In August 2016, WhatsApp announced that they would start sharing data with Facebook, after rolling out end-to-end encryption.
[B]y coordinating more with Facebook, we’ll be able to do things like track basic metrics about how often people use our services and better fight spam on WhatsApp. And by connecting your phone number with Facebook’s systems, Facebook can offer better friend suggestions and show you more relevant ads if you have an account with them. For example, you might see an ad from a company you already work with, rather than one from someone you’ve never heard of.
At that time, WhatsApp offered existing users a special one-time only option to opt-out of the data sharing, but only if they did it within 30 days.
If you did not opt-out within 30 days back in August 2016, your data would be shared with Facebook.
This opt-out option was NOT provided to new WhatsApp users who registered on or after 25 August 2016.
After 24 September 2016 : WhatsApp Has Been Sharing Data With Facebook
With the singular exception of existing users who managed to opt-out by 24 September 2016, the data of every other WhatsApp user has been shared with Facebook.
8 February 2021 Onwards : More Information Is Shared
What will really change from 8 February 2021 onwards is the additional information that WhatsApp will share with Facebook :
Status Information. You may provide us your status if you choose to include one on your account. Learn how to use status on Android, iPhone, or KaiOS.
Location Information. We collect and use precise location information from your device with your permission when you choose to use location-related features, like when you decide to share your location with your contacts or view locations nearby or locations others have shared with you. There are certain settings relating to location-related information which you can find in your device settings or the in-app settings, such as location sharing. Even if you do not use our location-related features, we use IP addresses and other information like phone number area codes to estimate your general location (e.g., city and country). We also use your location information for diagnostics and troubleshooting purposes.
User Reports. Just as you can report other users, other users or third parties may also choose to report to us your interactions and your messages with them or others on our Services; for example, to report possible violations of our Terms or policies. When a report is made, we collect information on both the reporting user and reported user.
Opted Out In 2016? It Is Still Honoured!
WhatsApp will apparently continue to honour the decision of those who opted-out of data sharing in August 2016.
For those who opted out, you can agree to the new policy, and your data will still NOT be shared with Facebook.
To check if you opted-out in August 2016, you will need to check in your WhatsApp account – Settings > Account > Request Account Info.
ACCESS_FINE_LOCATION : access precise location (GPS and network-based)
CALL_PHONE : directly call phone numbers
CAMERA : take pictures and videos
READ_EXTERNAL_STORAGE : read the contents of your SD card
WRITE_EXTERNAL_STORAGE : modify or delete the contents of your SD card
We immediately noticed that several controversial permissions are no longer in it :
GET_ACCOUNTS : find accounts on the device
READ_CONTACTS : read your contacts
WRITE_CONTACTS : modify your contacts
So if you are worried that MySejahtera is reading your contacts or modifying them, just UPDATE it to the latest version 1.0.25!
Fact #4 : Actual Permissions Are Fewer
When we checked MySejahtera 1.0.25 as installed in our phone, we found that it actually asked for and used only 11 permissions, instead of 14 as reported by Exodus.
The report also offered a bit more context about those permissions. For instance, location data is only made available when you are actively using the app.
That’s because the location data is used by MySejahtera for its Hotspot Tracker and Locate Health Screening Facility features.
In your phone, you can tap on them for more information on what they allow the app to do.
Fact #5 : Apps Need To Read, Modify + Delete Their Own Data
The permission to read, modify and delete content on our phone may seem ridiculous, but it is a necessity for most apps.
Unless the apps is merely a container for a website or web service, it needs to store data, and modify or delete it when necessary.
Fact #6 : Access To External / SD Card Is Necessary
Most developers will also ask for the permission to read, modify and delete content to the (micro) SD card, because of Adoptable Storage.
Adoptable Storage is a feature that lets smartphones use external storage (like a microSD card) as if it is part of their internal storage.
When a microSD card is used this way, apps like MySejahtera can be installed on it. Therefore, it would require permission to read, modify and delete its own data on the external storage card.
Fact #7 : Android Restricts Data Snooping
Apps that have access to read / modify / write external storage are allowed to access files from other apps. However, this is limited to only these three media collections :
MySejahtera, or any other app with similar permissions, cannot read / modify / delete data outside of those three media storage locations.
MySejahtera is owned and operated by the Government of Malaysia. It is administrated by the Ministry of Health (MOH) and assisted by the National Security Council (NSC) and the Malaysian Administrative Modernisation and Management Planning Unit (MAMPU). The Government assures that the collection of your personal information is align with Personal Data Protection Act 2010 (Act 709).
The app will not record user’s Personal Data except with the permission and voluntarily provided by the user. Information collected are used for monitoring and enforcement purposes by Government authorities in dealing with the COVID-19 pandemic. This information is not shared with other organizations for other purposes unless specifically stated.
Fact #9 : You Are Protected By PDPA 2010 (Act 709)
After years of letting third-party companies sell camera covers, Apple just issued a warning that using a camera cover can damage your MacBook laptop!
Find out what’s going on, and why using a camera cover may be critical for your privacy, but can damage your MacBook!
Warning : Using A Camera Cover Can Damage Your MacBook!
In a new technical advisory, Apple warns that closing your MacBook laptop with a camera cover attached could physically damage the display, due to the limited clearance between the display and the chassis.
In addition, installing a camera cover can block the ambient light sensor located next to the camera. This will prevent features like automatic brightness and True Tone from working properly.
If you close your Mac notebook with a camera cover installed, you might damage your display because the clearance between the display and keyboard is designed to very tight tolerances.
TikTok Caught Spying What We Type In Other Apps… TWICE!
Beyond their obvious desire to grow their service at the expense of the danger to real people, there have been cybersecurity and privacy concerns about TikTok.
In a space of just four months, TikTok has been caught spying on what we type in OTHER APPS… not once, but TWICE. Take a look at this video expose…
TikTok Caught Spying On What We Type : First Time
Let’s start in March 2020, when Talal Has Bakry and Tommy Mysk exposed how they found that TikTok was spying on what we typed in other apps through the pasteboard / clipboard.
In the video above, you can see how TikTok immediately asked to read all text stored in the pasteboard, whenever it is launched.
The pasteboard contains everything you copied earlier – messages from other people, quotes from an article, or far more sensitive stuff like your password or account number.
And because of Apple’s universal clipboard feature, this means everything you copy on your Mac or iPad will be available on your iPhone, and therefore TikTok.
To be clear, TikTok was just one of the many apps that they found to be spying on what we type. Here were the apps they confirmed were spying on the pasteboard / clipboard.
Al Jazeera English
New York Times
The Huffington Post
The Wall Street Journal
8 Ball Pool
Classic Bejeweled HD
Flip The Gun
Plants vs. Zombies Heroes
Pooking – Billiards City
Tomb of the Mask
Tomb of the Mask: Color
Total Party Kill
10% Happier: Meditation
5-0 Radio Police Scanner
Bed Bath & Beyond
Pigment – Adult Coloring Book
Recolor Coloring Book to Color
The Weather Network
At that time, TikTok told Zak Doffman that it was Google Ads that was snooping into the pasteboard / clipboard.
“The clipboard access issues showed up due to third-party SDKs, in our case an older version Google Ads SDK. We are in the processes of updating so that the third-party SDK will no longer have access.“
They claimed it was because TikTok was using an older Google Ads SDK, which they have since replaced with a newer version.
TikTok Caught Spying On What We Type : Second Time
BFast forward to June, and the release of iOS 14 beta. The new clipboard warning feature in iOS 14 appears to have caught TikTok spying on the pasteboard / clipboard once again.
In the dramatic video shared by Jeremy Burge – the 1:35 point in our video above – he shows TikTok grabbing the contents of his iPhone’s clipboard every 1-3 keystrokes, as he typed in Instagram!
Okay so TikTok is grabbing the contents of my clipboard every 1-3 keystrokes. iOS 14 is snitching on it with the new paste notification pic.twitter.com/OSXP43t5SZ
This is even more egregious than the first time they spied on the pasteboard / clipboard! Instead of just looking at what you copied into the clipboard earlier, TikTok is literally reading what you are typing in a different app!
TikTok now claims that this issue was “triggered by a feature designed to identify repetitive, spammy behaviour“, and that they have already submitted an updated app without this “anti-spam feature“.
TikTok Caught Spying : What Should YOU Do?
If you are not a frequent TikTok user, the answer is simple – UNINSTALL TikTok.
If you really like TikTok, you should immediately update to the latest version, which ByteDance claims will no longer read your clipboard because it has both an updated Google Ads SDK, as well as their anti-spam feature removed.
Either way, if you are concerned about privacy issues with TikTok, you should write to email@example.com and express your deep concerns about not letting them read what you are typing, whether it is in their app or other apps.
The recent case of a Chinese driver getting fine for scratching his face is a funny example of current AI surveillance technology. Yet it is also a wake-up call on the dangers of pervasive AI surveillance by the state.
Fined For Scratching Nose By AI Surveillance System!
A Jinan resident, Mr. Liu, was driving his car in the eastern Shandong province, when he raised his hand to touch his face. Most of us unconsciously do that 2 to 5 times per minute!
Unbeknownst to him, one of the many AI surveillance cameras in the city noticed his action, and issued him a fine of 50 yuan* and 2 demerit points for “driving while holding a phone“.
* Approximately $7.25 / £5.70 / €6.50 / RM 30
The Jinan AI surveillance system also sent him this screenshot of his traffic violation, as captured at 7:20 AM on 20 May 2019.
Just like many automated systems (looking at you, Facebook and Google!), there was no way to dispute the charge. Mr. Liu tried to sort out the situation over the phone, but “no one would help him“.
He only got justice by appealing to the court of public opinion on Sina Weibo, where his post went viral. Only then did the Jinan traffic police department take notice and investigate his complaint.
Two days later, they cancelled his ticket after confirming that he was only touching his face, and not actually using a phone while driving.
AI Surveillance In Chinese Cities
China has been working hard at developing smart cities, as part of their social engineering efforts to quell political dissent and encourage Chinese citizens to “behave properly”.
There are already over 170 million surveillance cameras across China, with a projected 400 million surveillance cameras installed by next year. And they are all controlled by AI surveillance systems.
Such extensive surveillance coverage has allowed the Chinese government to detect crimes and punish their citizens for them. It also feeds the new Social Credit System – a national reputation system that assess the economic and social reputation of every Chinese citizen and business.
However, such pervasive surveillance has led to serious privacy implications for the Chinese citizenry. Anyone who wants to understand the power, allure and dangers of AI surveillance should watch the TV series, Person of Interest.
The Dangers Of AI Surveillance
While AI surveillance technology is now quite incredible, this case has exposed its vulnerabilities and limitations.
Human oversight is still necessary, because AI surveillance is not accurate enough to detect false positives.
It may be tempting to make the AI surveillance system the judge, jury and executioner, but such systems need to implement the principle of “guilty beyond a reasonable doubt“, and that means ignoring anything that is not close to a 99.9% match.
There should be an appeal system in place. It took a viral social media post to alert the Jinan traffic police department to the mistake.
There is also the question of personal data security. Can the government securely store the data, without unsanctioned or illegal access? How long should they store the information before they are deleted?
Alibaba Cloud + The Malaysia City Brain
Alibaba Cloud is one of the chief architects of Chinese smart city initiative and AI surveillance capabilities with their ET City Brain that runs on their Tianchi Platform.
The first phase of the Malaysia City Brain will kickstart with 382 AI traffic cameras at 281 traffic light junctions in Kuala Lumpur.
Although the Malaysian government is ostensibly implementing the Malaysia City Brain to “optimise the flow of vehicles and timing of traffic signals“, it is really a short step to the Chinese model of population and crime surveillance.
Since the story broke about the Facebook Messenger, Instagram and WhatsApp integration plan, the world exploded in a mixture of shock, apoplexy, and righteous indignation.
Take a DEEP BREATH and CALM DOWN. Let us tell you exactly what the FB Messenger + Instagram + WhatsApp integration plan is really about, and what it really means for Facebook and all of us…
The FB Messenger + Instagram + WhatsApp Integration Plan Clarified!
What Is Going On?
The New York Times broke the story on 25 January 2019, that Facebook CEO Mark Zuckerberg is working to integrate the messaging services that power Facebook Messenger, Instagram and WhatsApp.
Essentially, he wants all three platforms to use the same messaging platform or protocol to communicate.
Are The Three Apps Being Merged?
Some reports (looking at your, Forbes and BBC!) have claimed that WhatsApp is merging with Facebook Messenger and Instagram, or that WhatsApp and Instagram will be integrated with Facebook Messenger. That is NOT TRUE.
Facebook is not going to combine all three apps into a single mega-app – the one app to rule them all. WhatsApp, Instagram and Facebook Messenger will continue to be separate apps.
What Exactly Has Changed?
NOTHING at the moment. This FB Messenger + Instagram + WhatsApp integration project is scheduled to be completed by the end of 2019, or early 2020.
Until the new unified messaging protocol is complete and implemented in all three apps, nothing will change. At the moment, all three apps continue to use their existing messaging protocols.
What We Know About The Messenger + Instagram + WhatsApp Integration Plan So Far
Let’s enumerate what we know about the FB Messenger + Instagram + WhatsApp integration plan :
All three apps will still function independently
All three apps will use the same messaging protocol
The new unified messaging protocol will support end-to-end encryption
Why Does Facebook Want To Do This?
Migrating all three apps to a unified messaging protocol or platform has some real advantages for Facebook :
far less work is needed to maintain a single platform or set of protocols, than three different platforms or sets of protocols
it will extend the reach of their three apps, helping to “encourage” users of one app to use the other two apps.
it will make it easier for them to harvest more information, to create more accurate user profiles.
it should make it easier to introduce or extend new features into all three apps, e.g. time-limited Stories.
Is This Good Or Bad For Users?
There are some potential advantages for users…
users of any one of those three apps will be able to communicate with each other, without installing the other apps.
users of any one of those three apps will be able to share data (photos, videos, files, etc.) with each other, without installing the other apps.
it will introduce end-to-end encryption to Instagram, which does not yet support it.
potentially, it could mean end-to-end encryption will be enabled by default for Facebook Messenger (which currently only supports end-to-end encryption if you turn on Secret Conversations).
it could promote greater accountability and transparency, with a reduction in fake accounts and profiles.
On the other hand, the tighter integration has some serious potential ramifications…
it will be harder to obfuscate or separate your profile in one app, from your profiles in the other two apps.
any bug or vulnerability in the unified messaging protocol will affect all three apps.
any successful attack will cause far greater damage, with far more data lost or stolen.
it does not address serious privacy concerns – even if end-to-end encryption is enabled by default for all three apps in the new unified messaging protocol, the metadata isn’t.
it may make it more difficult for users to consider alternative apps or services.
abusing one app (intentional or otherwise) could get you banned or blocked on all three apps.
How Serious Are These Concerns?
The New York Times reported that Mark Zuckerberg’s “championing” of the FB Messenger + Instagram + WhatsApp integration plan led to “internal strife” over privacy concerns. How bad?
Apparently, it led to the founders of both Instagram (Kevin System and Mike Krieger) and WhatsApp (Jan Koum and Brian Acton) leaving Facebook. Dozens of WhatsApp employees also clashed with Mark Zuckerberg over this integration plan.
But Don’t Panic Just Yet…
There is no need to be one of those headless chickens running around, screaming that the world has ended or is about to end. The WhatsApp Messenger you have come to rely on has not changed, or will change for many more months to come.
The project is still in its infancy. Facebook is internally planning to complete the project by the end of 2019, and probably early 2020. There is still the better part of the year to consider alternative messaging apps out there.
Facebook has been doing a belated job of closing the barn door after the horses have bolted out and rampaged through the village. Now they officially announced that Facebook privacy tools are “easier to find”. Yay for transparency?
Read the official Facebook press release on making privacy tools easier to find… and tell us what you think!
Facebook Privacy Tools Now Easier To Find
By Erin Egan, VP and Chief Privacy Officer, Policy and Ashlie Beringer, VP and Deputy General Counsel
Last week showed how much more work we need to do to enforce our policies and help people understand how Facebook works and the choices they have over their data. We’ve heard loud and clear that privacy settings and other important tools are too hard to find and that we must do more to keep people informed.
So in addition to Mark Zuckerberg’s announcements last week – cracking down on abuse of the Facebook platform, strengthening our policies, and making it easier for people to revoke apps’ ability to use your data – we’re taking additional steps in the coming weeks to put people more in control of their privacy.
Most of these updates have been in the works for some time, but the events of the past several days underscore their importance.
Making Data Settings and Tools Easier to Find
Controls that are easier to find and use. We’ve redesigned our entire settings menu on mobile devices from top to bottom to make things easier to find. Instead of having settings spread across nearly 20 different screens, they’re now accessible from a single place. We’ve also cleaned up outdated settings so it’s clear what information can and can’t be shared with apps.
New Privacy Shortcuts menu. People have also told us that information about privacy, security, and ads should be much easier to find. The new Privacy Shortcuts is a menu where you can control your data in just a few taps, with clearer explanations of how our controls work. The experience is now clearer, more visual, and easy-to-find. From here you can:
Make your account more secure: You can add more layers of protection to your account, like two-factor authentication. If you turn this on and someone tries to log into your account from a device we don’t recognise, you’ll be asked to confirm whether it was you.
Control your personal information: You can review what you’ve shared and delete it if you want to. This includes posts you’ve shared or reacted to, friend requests you’ve sent, and things you’ve searched for on Facebook.
Control the ads you see: You can manage the information we use to show you ads. Ad preferences explains how ads work and the options you have.
Manage who sees your posts and profile information: You own what you share on Facebook, and you can manage things like who sees your posts and the information you choose to include on your profile.
Tools to find, download and delete your Facebook data.
It’s one thing to have a policy explaining what data we collect and use, but it’s even more useful when people see and manage their own information. Some people want to delete things they’ve shared in the past, while others are just curious about the information Facebook has.
So we’re introducing Access Your Information – a secure way for people to access and manage their information, such as posts, reactions, comments, and things you’ve searched for. You can go here to delete anything from your timeline or profile that you no longer want on Facebook.
We’re also making it easier to download the data you’ve shared with Facebook – it’s your data, after all. You can download a secure copy and even move it to another service. This includes photos you’ve uploaded, contacts you’ve added to your account, posts on your timeline, and more.
The Road Ahead
It’s also our responsibility to tell you how we collect and use your data in language that’s detailed, but also easy to understand. In the coming weeks, we’ll be proposing updates to Facebook’s terms of service that include our commitments to people.
We’ll also update our data policy to better spell out what data we collect and how we use it. These updates are about transparency – not about gaining new rights to collect, use, or share data.
We’ve worked with regulators, legislators and privacy experts on these tools and updates. We’ll have more to share in the coming weeks, including updates on the measures Mark shared last week.
20 April 2017 – While people claim to value their personal photos more than any other form of data stored on their digital devices, they are happy to sell them for little money, research by Kaspersky Lab shows. A survey has shown that for 49% of people, private and personal photos of themselves are the most precious data they have on their devices, followed by photos of their children and spouses.
The thought of losing these precious memories is considered more distressing for them than the prospect of a car accident, breaking up with a partner, or a quarrel with a friend or family member. However, when confronted with the decision to delete this data for money, people nevertheless gave their digital data – such as photos – away for as little as 10.37 Euros.
Yes, People Will Sacrifice Personal Photos For Just 10 Euros!
When asked, people say that digital memories have a special place in their hearts, perhaps because these memories are considered to be irreplaceable. Over two-fifths, for example, say they wouldn’t be able to replace photos and videos of their travels (45%), their children (44%) or themselves (40%).
The survey shows that the thought of losing these personal photos is considered very distressing by most people. In fact, this latest study from Kaspersky Lab indicates that people often value their devices and photos even more than their partners, friends and pets.
Kaspersky Lab asked people how distressed they would be in a number of different scenarios, including the illness of a family member, a breakup with a partner, a car accident, the loss of their digital photos, contacts, and more. Across the globe, the illness of a family member ranked in first place as the most distressing incident that they could experience. The loss or theft of a device, and the loss of digital photos, ranked second and third in multiple regions across the globe leaving car accidents, a break up with a partner, a bad day at work, quarrels with family members and friends, and even in some cases, a pet’s illness, lower in the ranks of distressing incidents.
However, an experiment conducted for Kaspersky Lab by media psychologists at the University of Wuerzburg also showed researchers a contradictory result: despite them claiming to love for their data, people are also ready to sell it for surprisingly little money.
The participants of the experiment were asked to place a monetary value on the data stored on their smartphones – including photos of family and friends, contact information and personal documents. Surprisingly, the values people placed on their data were significantly lower than expected, considering the distress they said they would experience if they were to lose that data. People tended to put more money against their financial and payment details (an average 13.33EUR) than other forms of data. Contact information was considered to be worth 11.89EUR on average and general photos were valued at only 10.37EUR on average.
Furthermore, the experiment showed that it is people’s most precious memories which they are most likely to exchange for money. When participants were offered payment (based on the sums above) for the deletion of their data (no data was actually deleted), it was the photos of family and friends, personal documents and photos of the participants themselves that were the data categories most often approved for deletion.
“The experiment showed us interesting and reflective results: while people believe that they understand the value of their data, the emotional value isn’t reflected in their everyday actions. On the one hand, people seem to be aware of the types of data that are more important to them– they believe their digital memories, such as photos, are extremely distressing to lose. On the other hand, people have a low awareness of the value of their data, and are putting little monetary value against their data as a result. They know it’s emotionally important, but they are not able to appreciate its value yet. They would need someone to actively remind them of what their data is worth before they share it, or allow someone to delete it.” – said Andrei Mochola, Head of Consumer Business at Kaspersky Lab.