TIME privacy

U.K’s David Cameron Threatens Messaging App Ban Over Terror Concerns

David Cameron in Paris on Jan. 11, 2015.
David Cameron in Paris on Jan. 11, 2015. John van Hasselt—Corbis

Apps like Snapchat and Whatsapp can be used by terrorists, says Prime Minister David Cameron

British Prime Minister David Cameron said Monday he wants to ban encrypted messaging services like Snapchat and WhatsApp if British intelligence services can not access them.

If Cameron is re-elected in May’s parliamentary elections, his government would target any encrypted online communication tools that could potentially be used by terrorists, the prime minister said.

“Are we going to allow a means of communications which it simply isn’t possible to read?” Mr. Cameron said at an event on Monday, the New York Times reports. ““My answer to that question is: ‘No, we must not.’ ”

Cameron’s statement comes as European politicians demand greater access to people’s online activities on Google and Facebook, particularly after terrorist threats like the attack last week in Paris. Tech giants including Microsoft, Twitter and Google have resisted greater oversight by intelligence agencies in Europe and the United States.

It’s unclear how the British government would enforce a ban on apps like Snapchat and the Facebook-owned WhatsApp, which are used by millions of people worldwide.

[NYT]

MONEY identity theft

You Already Have Fraud Protection Tools That Are Better Than the Ones Obama Proposed

President Barack Obama arrives to speak at the Federal Trade Commission (FTC) offices at the Constitution Center in Washington, Monday, Jan. 12, 2015
Carolyn Kaster—AP

On Monday, President Obama previewed his two big solutions for the problem of identity theft. But it turns out they may do little for your wallet.

Americans are terrified of identity theft. They’re more afraid of identity theft than every other crime, Gallup says. And they have good reason to be: Over the past year, millions of consumers have had sensitive personal information exposed in data breaches.

Well, President Obama has heard your concerns. He’ll offer at least two big solutions in next week’s State of the Union address. Obama previewed those ideas during a speech at the Federal Trade Commission on Monday.

Bottom line: If you’re afraid of an identity thief racking up debts in your name, don’t rest easy just yet. Here’s what the president’s proposals wouldn’t accomplish—and what you can do instead to protect yourself.

#1: A federal notification requirement for security breaches

Obama’s idea: Pass a new federal law requiring businesses to tell consumers their personal information has been exposed within a month of a breach.

“Sometimes, folks don’t even find out their credit card information has been stolen until they see charges on their bill, and then it’s too late,” Obama explained during his speech at the FTC. “So under the new standard that we’re proposing, companies would have to notify consumers of a breach within 30 days.”

But Paul Stephens, director of policy and advocacy at the Privacy Rights Clearinghouse, says he worries that Obama’s national proposal could override existing state laws, which generally offer even stronger protections.

Altogether, 47 states have laws governing how businesses must notify consumers of security breaches. Most states “require notification in the most expedient/expeditious time possible and without unreasonable delay,” says Pam Greenberg of the National Conference of State Legislatures. Exceptions include Florida, which requires notice within 30 days, and Ohio, Vermont, and Wisconsin, which require notice within 45 days, according to Greenberg.

Stephens is also concerned that the legislation will give companies wide discretion to decide whether consumers are at risk—and, therefore, whether they need to be notified. “The mere existence of a breach should trigger mandatory reporting because individuals whose information has been breached have a right to know about it,” Stephens says.

What’s more, notes Stephens, in many cases it takes some time before the companies themselves know they’ve been hacked. And if law enforcement agencies are investigating the breach, authorities may ask companies not to disclose anything that would undermine the investigation.

We’ll have to wait and see on the details. The “Personal Data Notification and Protection Act” has not been introduced in Congress yet.

#2: Free credit scores

On Monday, the president praised JPMorganChase, Bank of America, USAA, and the State Employees’ Credit Union for offering their customers free credit scores as part of their packages of financial services. “We’re encouraging more companies to join this effort every day,” he said.

He’s had some help from the Consumer Financial Protection Bureau, which over the past year has been pressuring credit card companies to provide free access to FICO score information to help consumers make smarter financial decisions—and the effort is starting to bear results.

“This means that a majority of American adults will have free access to their credit score, which is like an early warning system telling you that you’ve been hit by fraud so you can deal with it fast,” Obama said on Monday.

But that’s where he’s wrong. Your credit score is the opposite of an early warning system—by the time your credit score has moved, you’re already in deep trouble, explains Odysseas Papadimitriou, CEO of CardHub.com, a credit card comparison site.

“Let’s say I steal your identity and I open a credit card under your name,” Papadimitriou says. “I get your credit card June 1. I get the bill July 1, that bill is due on August 1. I miss that payment. The next bill is due September 1. I miss that payment. At that point in time, I get reported—on September 1. All the damage is done. That’s why it’s completely useless.”

Having free access to your credit score is nice. But if the score is bad, it’s already too late.

What you can do now

First, get your hands on a “chip-and-signature” credit card. Experts are hopeful that this new technology could stem the near-constant retail data breaches. Visa and Mastercard have promised to update all their cards by October 2015.

Here’s how it works: The “chip” encrypts your transaction data, which should make it harder for hackers to raid retailers’ checkout systems and steal your credit card number. Stephens warns that identity thieves can still rack up fraudulent charges in your name if they get hold of your physical chip-and-signature card. A chip-and-PIN card is even better—that would require you to input a 4-digit PIN for any purchase. But any chip should help.

Second, check your free credit reports. Your credit report will show whether any new, fraudulent accounts have been opened in your name. Your credit score will only tank once someone has opened a fraudulent account and missed two payments. Papadimitriou thinks Congress should let Americans access their credit reports for free, at any time. Until then, you’re only entitled to one free credit report from each credit bureau every year—so check every four months.

While you’re at it, keep a close eye on your credit card statements. Report any suspicious charges. The good news is there are consumer protections in place to ensure you’ll get almost all of your money back in the event of fraud.

If an identity thief just stole your card number, you’ll ultimately owe nothing. If an identity thief stole your actual card, your liability is limited to $50 for credit cards and $500 for debit cards, depending on how early you report the problem. So you want to catch it early.

For more

TIME privacy

Obama to Propose Laws to Protect Consumer Data, Student Privacy

President Barack Obama on Jan. 9, 2015.
President Barack Obama on Jan. 9, 2015. Carolyn Kaster—AP

U.S. companies would be required to notify customers within 30 days of their personal information being compromised

(WASHINGTON) — President Barack Obama wants Congress to pass legislation requiring companies to inform customers within 30 days if their data has been hacked, a move that follows high-profile breaches at retailers including Target, Home Depot and Neiman Marcus.

A White House official said Obama will announce the proposed legislation Monday, along with a measure aimed at preventing companies from selling student data to third parties and from using information collected in school to engage in targeted advertising.

Obama’s proposals are part of a White House effort to preview components of the president’s State of the Union address in the lead-up to the Jan. 20 speech. The official, who insisted on anonymity, was not authorized to discuss the proposed legislation by name ahead of Obama’s speech at the Federal Trade Commission.

If passed by Congress, the Personal Data Notification and Protection Act could require U.S. companies to notify customers within 30 days of their personal information being compromised. Recent hackings have exposed the lack of uniform practices for alerting customers in the event of a breach.

The legislation would also make it a crime to sell customers’ identities overseas.

Obama’s proposals also follow last month’s hacking at Sony Pictures Entertainment. The White House has blamed the cyber attack on North Korea and responded with new sanctions against the isolated nation.

In addition to the customer notification legislation, Obama will also ask lawmakers to pass the Student Digital Privacy Act. The measure would prohibit companies from selling student data to third parties, a move spurred by the increased use of technology in schools that can scoop up personal information.

The White House official said the proposed bill is based on a California statute.

It’s unclear whether the new Republican-led Congress will take up either of Obama’s legislative proposals.

TIME Gadgets

Smart Gadgets Could Severely Compromise Privacy, Says FTC Chair

Sony's 4.9mm thick Bravia 4K television is displayed during the 2015 International Consumer Electronics Show in Las Vegas
Sony's 4.9mm thick Bravia 4K television is displayed during the 2015 International Consumer Electronics Show (CES) in Las Vegas, Nevada January 6, 2015. Steve Marcus—REUTERS

The "Internet of Things" has the potential to be very damaging to the individuals using it, she outlined

Smart gadgets of the future could put together a “deeply personal” view of a person’s lifestyle based on the data they gather, the chair of the U.S. Federal Trade Commission warned on Tuesday.

Edith Ramirez said during her speech at the International Consumer Electronics Show (CES) that the Internet of Things revolution consisting of machines and sensors monitoring our daily lives could pose a real threat to privacy, the BBC reported.

Ramirez cited smart televisions that keep track of viewer preferences as an example to show that data gathered by these devices could be shared with other organizations that could abuse that privilege, and said data must be gathered only for specific purposes.

“I question the notion that we must put sensitive consumer data at risk on the off-chance a company might someday discover a valuable use for the information,” she said.

[BBC]

Read next: The Science of Why Your Kids Can’t Resist ‘Frozen’

MONEY privacy

Security Flaws Let Hackers Listen in on Calls

German researchers say the network that allows cellphone carriers to direct calls to one another is full of security holes.

TIME Morning Must Reads

Morning Must Reads: December 17

Capitol
The early morning sun rises behind the US Capitol Building in Washington, DC. Mark Wilson—Getty Images

Terror Threat Nixes The Interview

Some cinema chains are pulling Sony’s film The Interview from their lineups after hackers threatened a 9/11-style attack against theaters who screen the upcoming movie. Sony said it is going forward with plans to release the film, but would support theaters’ decisions

Starbucks CEO Talks Racism

Howard Schultz outlined his concern about the effects of racism and increasing social polarization in America in a letter to all Starbucks employees

Putin’s Influence Wanes

Russia’s worst economic crash since 1998 may force the Russian President to rethink his adventures abroad

Jeb Bush Eyes Run for Presidency

Former Florida Gov. Jeb Bush announced Tuesday that he will “actively explore” running for president in 2016. “I think we need to have candidates lift our spirits,” he said, one day before announcing his formal intention to explore a campaign

U.S. Will Bid to Host the Summer Olympics in 2024

The United States Olympics Committee (USOC) unanimously approved on Tuesday a U.S. bid to host the 2024 Summer Olympics and Paralympic Games. One of Boston,

Washington D.C., San Francisco and Los Angeles will be picked for the bid in 2015

Pakistan Mourns After Peshawar School Massacre

Pakistanis mourned collectively and individually on Wednesday after a brutal attack on a school in Peshawar by Taliban militants that claimed more than 140 lives, including 132 children. But questions remain over the military’s relationship with extremist groups

Angelina Jolie Hires Experts to Protect Her Kids Online

Angelina Jolie and her husband Brad Pitt, who don’t use social media, have hired a cyber-security team to monitor their children’s Internet usage and exposure. “We wouldn’t even know what to look for,” she said

Australia’s PM Demands Answers After Sydney Siege

Tony Abbott has said that everything from the nation’s gun laws to its national security policies are up for serious review after a troubled Iranian migrant on bail was able to evade watch lists, buy a firearm and take over a Sydney café, leading to three deaths

Clifford the Big Red Dog Creator Norman Bridwell Dies at 86

Author and illustrator Norman Bridwell died on Friday, Dec. 12, in Martha’s Vineyard at age 86. His publisher, Scholastic, announced the news Tuesday, but did not give a cause of death. Bridwell was best known for creating the Clifford the Big Red Dog book series

Bill Cosby Won’t Be Charged Over L.A. Molestation Claim

Los Angeles prosecutors on Tuesday declined to file any charges against Bill Cosby after a woman recently claimed the comedian molested her around 1974. The rejection of a child sexual abuse charge by prosecutors came roughly 10 days after Judy Huth met city police

NHL Teams Postpone Seasonal Hospital Visits

Several NHL teams are postponing their annual holiday visits to hospitals, amid a mumps outbreak within the league. At least 15 NHL players have so far come down in the outbreak, including for the Anaheim Ducks, Minnesota Wild, New Jersey Devils and New York Rangers

Poll: 57% of Americans Say Race Relations in U.S. Are Bad

A majority of Americans now say that race relations in the United States are bad, according to a new poll, which showed the most pessimistic assessment of racial issues in almost two decades

We will hold an #AskTIME subscriber Q&A this Friday, December 19, at 1 p.m., with TIME managing editor Nancy Gibbs, who recently selected The Ebola Fighters as TIME’s choice for Person of the Year 2014.

You can submit your questions beforehand on Twitter using the #AskTIME hashtag or in the comments of this post. We depend on smart, interesting questions from readers.

You will need to be a TIME subscriber to read the Q & A. ($30 a year or 8 cents a day for the magazine and all digital content.) Once you’re signed up, you can log in to the site with a username and password.

Get TIME’s The Brief e-mail every morning in your inbox

TIME legal

Why Microsoft, Apple, Fox News and NPR Are Suddenly Working Together

Microsoft
The Microsoft logo is displayed over the Microsoft booth at the 2010 International Consumer Electronics Show at the Las Vegas Hilton January 7, 2010 in Las Vegas, Nevada. Justin Sullivan—Getty Images

Microsoft is fighting a U.S. warrant to turn over emails stored in Ireland

It’s not every day you see Microsoft and Apple or Fox News and NPR going to bat for the same team — but that’s exactly what’s happening now, in a case that could have big consequences for American tech and media companies.

Last December, a Federal judge granted U.S. investigators a warrant to access a Microsoft user’s emails, stored in a data center in Dublin, Ireland, in relation to an investigation. Microsoft said no way, arguing the U.S. government has no right to issue a warrant for emails stored abroad.

Microsoft has good reason to reject the government’s demands here: If would-be Microsoft customers outside the U.S. start thinking their emails are subject to U.S. warrants, they might think twice about becoming Microsoft customers. Indeed, top tech firms have already lost big overseas contracts over fears that American services are subject to National Security Agency snooping.

Microsoft has yet to convince any court to overturn the original warrant. A magistrate first ruled against Microsoft’s challenge in April. The company got another defeat in August when U.S. District Judge Loretta Preska found that it wasn’t a matter of where Microsoft stored the emails, but rather where Microsoft and the user in question were themselves based.

However, Microsoft still refused to hand over the user’s emails. The company filed a new appeal last week, arguing that a ruling against Microsoft threatens the privacy of foreign users and Americans alike as more people choose to store their emails and other sensitive documents in off-site cloud servers instead of local hard drives.

“We believe that when one government wants to obtain email that is stored in another country, it needs to do so in a manner that respects existing domestic and international laws,” Microsoft General Counsel Brad Smith wrote Monday. “In contrast, the U.S. Government’s unilateral use of a search warrant to reach email in another country puts both fundamental privacy rights and cordial international relations at risk.”

And that’s where Microsoft’s strange bedfellows come into play. Rival tech companies like Apple, Amazon and HP, as well as news organizations from across the political spectrum like CNN, Fox News, NPR and The Guardian, have all signed amicus briefs supporting Microsoft’s fight to keep its users’ emails away from the U.S. government. It may seem weird for these companies to work together on just about anything else, but it makes sense here: technology companies have a business interest in keeping users’ communications private, while media outlets don’t want their reporters’ messages to fall into the government’s hands.

“The government’s position . . . will significantly deter the use of remote data management technologies by businesses and individuals, particularly their use of U.S. cloud services providers, and thereby undermine a significant contributor to U.S. economic growth,” reads an amicus brief filed in the case by the Business Software Alliance, a trade group that counts Microsoft, Apple, Intel and other top tech companies as members. “There is no basis in law for the extraordinary result sought by the United States.”

Whatever happens in the Microsoft case, then, could have big privacy implications for businesses and users alike. There probably won’t be a resolution until late 2015 at the earliest, but some observers expect this one to wind up all the way at the Supreme Court.

MONEY Shopping

3 Scary Smart Ways Stores Use Your Personal Information

man handing credit card
Robert Hadfield

Shops are saving all your details so they can sell you even more.

Retailers want to get to know you. This should come as no surprise — we’ve all seen how our Internet search history and purchases affect the online ads we see — but it’s just as important for bricks-and-mortar stores to understand their customers.

It’s all about marketing. Whether you like it or not, retailers want you to see sales, deals and new products you’ll be interested in, and the only way they’ll know your preferences is by tracking them.

“In newspapers, we would throw out these blanket ads, and there was so much waste,” said Ritchie Sayner, referencing pre-Internet marking strategies. He has worked for RMSA Retail Solutions, a retail consulting firm, for 35 years and has seen firsthand how direct marketing campaigns have evolved.

Most people know that retailers want their contact information — handing over your name, email address, ZIP code and phone number has become a somewhat standard element of the modern in-store transaction. It’s better than nothing, but a name and email address isn’t much of a customer profile. That’s the bare minimum. If they’re doing it right, a retailer is not only going to know your name and where you live, they’re going to keep track of how much money you spend, your favorite brands, your shoe size and pretty much anything else they can think of. Here’s what they use it for.

1. Clearing Out Inventory

Say you own a shoe store. You’re going through your inventory, and you notice you have three times as many women’s shoes in size seven than in any other size. Where are all the size seven customers? How can you get them to come into your store and solve your superfluous seven problem?

Simple: Send them an email. From boutiques to big-box stores, retailers are doing their best to build robust customer profiles so they can reach a specific group of shoppers when necessary. Sure, you could send an email to all the women on your mailing list, promoting a big weekend shoe sale, but the size nine ladies won’t be too pleased when they show up and all the great shoes are only available in sevens.

“They’re going to keep track of you by ‘She’s a size four, she buys this particular line,’” Sayner said. “If you buy on sale or if you buy at full price — they have more information about you than you’d probably like them to.”

2. Making You Feel Loved

Happy birthday! Enjoy a free cup of coffee. It’s your anniversary? Here’s a coupon for two meals at the price of one! Remember that time you bought something from us last year? It’s that time of year again! Here’s 30% off for nothing in particular — we miss you!

You may not love the idea of a company keeping a ton of information on you, but man, you love getting free stuff on your birthday. It’s like that free birthday cookie makes up for the hundreds of emails that business sends you every other day of the year. Retailers want details on who you are so they can appropriately reward you with freebies and discounts, in exchange for your loyalty.

3. Classifying You

It can be very difficult for a salesperson to get you to share your information — just think of how many times you’ve declined to give the cashier your email address when checking out.

“It’s really hard to do,” said Jason Becker, chief operating officer at RICS Software, a point-of-sale platform. “If you’re going to ask for a customer’s information, you have to give a good reason for why.”

That requires establishing a relationship. The salesperson has to treat you well and earn your trust. At the end, he or she can use your interaction to fill out a customer profile.

It’s funny, because for all the people skills it may require to develop the profile, the way it’s used is quite robotic. You’re no longer Jane who likes running, you’re a 35-year-old female marathoner who spends $300 on athletic gear every three months and replaces her running shoes every February.

“Most softwares also enable the retailer to classify that customer into a cohort, classify that type of runner into what type of runner or athlete that person is,” Becker said, speaking in general about POS systems. “It enables them (retailers) to market more effectively.”

A lot of that information is populated through loyalty programs or entered manually by the sales person, especially if you’re in a smaller store. Larger retailers may generate a customer profile with the information it captures when you swipe a credit card. It happens in many ways, through software of various sophistication levels, but you can confidently assume the stores you frequent have a sort of dossier on you.

For many consumers, that dossier is terrifying because of the slew of retail data breaches that happened in 2014. After having their credit cards compromised, their email addresses stolen and even their passwords cracked, it can be hard to trust a retailer, but it all comes down to what you’re comfortable giving up for a deal.

More from Credit.com

This article originally appeared on Credit.com.

MONEY Workplace

Why Smart People Send Stupid Emails That Can Ruin Their Careers

Producer Scott Rudin and Sony Pictures Entertainment Co-Chairman Amy Pascal attend the Sony Pictures Classic 68th Annual Golden Globe Awards Party held at The Beverly Hilton hotel on January 16, 2011 in Beverly Hills, California.
Producer Scott Rudin and Sony Pictures Entertainment Co-Chairman Amy Pascal publicly apologized for racially insensitive emails. Neilson Barnard—Getty Images

High-profile email leaks show, once again, the danger of assuming that what you write is for the recipient's eyes only.

What were they thinking?

When Amy Pascal and Scott Rudin were exchanging their now infamous emails, leaked in the Sony Pictures Entertainment hacking scandal, they clearly weren’t worried about what would happen to their careers if anyone else read their notes.

You have to wonder why not: Companies routinely monitor worker communications. Email is regularly used as evidence in lawsuits and criminal investigations. Now hacking is another threat. Email isn’t private. Everyone knows that.

Pascal, who climbed the ranks at Sony Pictures Entertainment to become co-chairman, and Rudin, an Oscar-winning movie producer, are not stupid people. Yet they are just the latest example of high-profile executives who send email without a thought about what would happen if the outside world read them.

Remember David Petraeus, the four-star general and CIA director who resigned from his job after an FBI investigation inadvertently turned up emails that exposed an extramarital affair? Ironically, Petraeus didn’t even send the emails. He wrote them and saved them to his drafts folder. He and his girlfriend shared the password and simply logged in to read the drafts.

Then there’s New Jersey Gov. Chris Christie, who fired his chief of staff Bridget Anne Kelly after it was revealed that she sent emails joking about traffic tie-ups caused by lane closings on the George Washington Bridge. The closures, an alleged retaliation against the mayor of Fort Lee for not endorsing Christie’s bid for governor, spawned a scandal that continues to affect Christie’s presidential prospects.

And most recently, a Harvard business school professor publicly apologized last week for an epic email rant that went viral, in which he threatened to sic the authorities on a local Chinese food restaurant that allegedly overcharged him $4 for a dinner delivery.

Even though senders should know better, “there’s an illusion of privacy, because the truth is, most of us haven’t been hacked or even know if higher-ups are reading our email,” says Dana Brownlee, president of Professionalism Matters. When it comes to successful people, she says, ego often trumps common sense. “Those with power often reach a point where they let their guard down because they feel somewhat invincible.”

It’s a trap that any of us can easily fall into, particularly in today’s time-crunched workplace, where it’s often easier to shoot off an email or text rather than pick up the phone—or, better still, walk down the hall—to discuss a sensitive issue. “We all have to be really careful about using email almost exclusively to communicate,” Brownlee says. “It’s dangerous.”

Brownlee suggests giving yourself this simple test: How comfortable would you be if your boss, a co-worker or the person you are writing about read it? Not sure? Don’t send it.

“Warning flags truly should go off in your head any time you prepare to hit send on anything you wouldn’t want to read on the front page of the paper,” says Brownlee. “Save the jokes and snarky or personal stuff for one-on-one time. You’ll be glad you did.”

TIME privacy

Julian Assange Is Crowdfunding a Life-Size Statue of Himself Because Of Course He Is

Wikileaks Founder Julian Assange Makes A Statement After Six Months Residing At The Ecuadorian Embassy
Wikileaks founder Julian Assange speaks from the Ecuadorian Embassy on December 20, 2012 in London, England. Peter Macdiarmid—Getty Images

The WikiLeaks founder wants to get his face out of the Ecuadorian embassy

Julian Assange has been stuck in the Ecuadorian Embassy in London for two and a half years, and the WikiLeaks founder apparently has a lot of time on his hands.

Assange is using the whistle-blowing website’s official Twitter account to fuel a funding drive for a life-size bronze public “monument to courage” featuring himself, Chelsea Manning and Edward Snowden, the Independent reports. The Italian sculptor Davide Dormino will stick bronze depictions of the trio on chairs with another empty seat beside them—that’s for the public, who can join the whistleblowers.

Some £100,000 is needed for the project, while just £19,360 has been raised on Kickstarter so far. The Kickstarter page says that the the statue “is not a simple homage to individuals, but to courage and to the importance of freedom of speech and information.”

Assange is wanted for questioning in Sweden over sex offense allegations, which he has denied. He fears that if he leaves that embassy, he’ll be extradited to the U.S. after his organization published classified military and diplomatic documents.

[The Independent]

Your browser, Internet Explorer 8 or below, is out of date. It has known security flaws and may not display all features of this and other websites.

Learn how to update your browser