ReportWire

Tag: digital privacy

  • Zcash Rallies After Latest Relisting Announcement From Major Exchange

    Photo by BeInCrypto

    Zcash, the privacy-focused cryptocurrency, surged more than 12% to trade near $600 on Sunday after OKX announced it would relist the token.

    The rally makes ZEC the top-performing asset among major cryptocurrencies in the last 24 hours, significantly outpacing Bitcoin, which has struggled to reclaim the $90,000 level.

    On November 23, OKX announced that spot trading for the ZEC/USDT pair would resume at 12:00 UTC tomorrow.

    While the exchange failed to provide additional reasons for its decision, the move marks a significant regulatory U-turn for the venue. It had previously delisted the asset in 2023, citing compliance risks.

    Nonetheless, the decision can be linked to two significant factors, including ZEC’s strong outperformance of Bitcoin in recent months.

    It also reflects a post-election regulatory thaw, as the new SEC leadership is emboldening platforms to re-integrate privacy protocols that were once considered radioactive.

    Meanwhile, the resurgence of Zcash has ignited a philosophical clash on Wall Street regarding the future of digital privacy.

    Eric Balchunas, Senior ETF Analyst at Bloomberg, cautioned that the sudden pivot to privacy coins could fragment the broader crypto narrative. He noted that this shift comes at a time when Bitcoin is trying to consolidate institutional support.

    He argued that pushing a separate privacy layer risks “splitting the vote” of capital allocation when Bitcoin needs unified political and cultural backing to cement its status as a global reserve asset.

    “Zcash has third-party candidate vibes, like Gary Johnson or Jill Stein. Seems like you’d better off folding in their ideas to the main party vs splitting the vote, which could have major consequences, especially in such a crucial time for BTC,” he said.

    However, asset managers suggest that fundamental flaws in Bitcoin are driving the rotation.

    Jan van Eck, CEO of global investment manager VanEck, pushed back against the “spoiler” characterization. He noted that veteran investors are treating Zcash as a necessary complement to Bitcoin rather than a competitor.

    According to Van Eck, the current bear market in Bitcoin reflects “the on-chain reality” of surveillance risks. He argued that rising demand for confidentiality is driving capital toward Zcash’s encrypted ledger.

    Read original story Zcash Rallies After Latest Relisting Announcement From Major Exchange by Oluwapelumi Adejumo at beincrypto.com

    Source link

  • Credifence Review: Best RFID Blocking Card for Digital Privacy


    NEW YORK, July 22, 2025 (Newswire.com)

    What You’ll Learn

    In an era defined by hyper-connectivity, the urgency of digital privacy in 2025 is no longer a choice-it’s a necessity. The rise of smart devices, contactless payments, and near-field communication (NFC) has introduced new vulnerabilities into our everyday lives. One brand stands out in helping consumers protect their personal data with ease and elegance: Credifence, a premium RFID Blocking Card built for today’s fast-paced, tech-infused lifestyle. This article explores why Credifence has become a top-rated favorite in the RFID space and what makes it an indispensable accessory for modern consumers.

    Disclaimer: This article is for informational purposes only. Credifence products are not intended to diagnose, treat, cure, or prevent any disease. No medical claims are made or implied.

    Readers can Visit the Official Credifence Site to explore the full report or latest update.

    The Growing Importance of Credifence in 2025

    As we enter 2025, consumers are becoming acutely aware of the digital breadcrumbs they leave behind. From airport check-ins to subway rides and coffee purchases, every tap of a card introduces an opportunity for unauthorized access. This cultural moment-defined by “digital fatigue,” “multi-sensory environments,” and a ballooning “modern stress load”-has created an urgent demand for passive protective tools that blend seamlessly into daily life.

    Credifence responds to this need not with complicated setups or invasive monitoring, but with a simple, high-impact solution: a slim RFID blocking card that users can easily place in their wallet. In a time when many individuals are juggling multiple smart cards, e-wallets, and mobile devices, having a frictionless data-protection layer is no longer a nice-to-have-it’s non-negotiable.

    Beyond its practicality, the RFID Blocking Card by Credifence appeals to those feeling overwhelmed by their hyper-connected surroundings. It taps into a broader consumer desire for set-it-and-forget-it safety-something that doesn’t require monthly updates or permissions, but simply works in the background. This speaks to multitaskers, minimalists, and privacy-first buyers alike, respecting their need for a non-intrusive solution.

    Industry analysts are noting a sharp uptick in demand for these types of silent protection tools, particularly among digital nomads, travelers, gig economy workers, and urban professionals. The minimalist functionality of the Credifence card aligns perfectly with these lifestyle demands, earning it repeated placement in 2025’s top consumer electronics roundups and gear reviews.

    Amid rising concerns around passive data theft, signal skimming, and wireless infiltration, consumers are also seeking non-battery-driven solutions. Unlike many overengineered gadgets on the market, Credifence doesn’t rely on apps, Bluetooth syncing, or active scanning. It blocks RFID signals the moment it enters a wallet-no buttons, no fuss.

    This frictionless philosophy resonates strongly with users who are looking for peace of mind without additional screen time or setup. Whether commuting across a city, traveling overseas, or simply navigating daily transactions, Credifence offers a static layer of confidence that today’s digital consumer deeply values.

    One recent affiliate roundup emphasized how Credifence “fits invisibly into everyday carry”-a testament to its simplicity and design logic. The trend is clear: 2025 belongs to products that work quietly, efficiently, and without adding to digital overload. Credifence leads the pack in this emerging category.

    To see how this RFID-blocking card fits into modern security strategies, visit the Official Credifence Site for deeper insights into its structure and design approach.

    What Is Credifence and How Is It Structured?

    Credifence, a unique RFID blocking card, is designed to seamlessly fit into any standard wallet while providing silent protection against digital intrusion. Its simplicity is its strength, as it uses electromagnetic shielding technology to create a protective field that neutralizes RFID signals. This passive yet powerful approach requires no batteries, no software, and no maintenance, yet it provides real-time shielding against unwanted scans.

    Structurally, Credifence resembles a sleek credit card in form but contains within it a complex layering system designed to absorb and deflect high-frequency electromagnetic waves. These layers are composed of proprietary shielding materials that disrupt RFID signals in the 13.56 MHz frequency range-a common spectrum used by modern credit cards, transit passes, and ID badges. By doing so, Credifence helps to safeguard users from potential data skimming or identity theft attempts.

    Unlike other options in the market that involve cumbersome RFID sleeves or bulky metal enclosures, Credifence is a seamless addition to everyday life. There’s no need to insert each individual card into a sleeve, no special compartments to manage. One Credifence card, when placed adjacent to other cards in a wallet, is enough to block potential threats. This is especially beneficial for users who carry multiple contactless cards and want a universal layer of protection without reorganizing their personal items.

    From a usability standpoint, the card’s passive design allows it to work continuously without user intervention.It doesn’t trigger alerts or require connectivity to function, making it ideal for individuals seeking a minimalist tool to enhance privacy. It is not dependent on any mobile device pairing or firmware upgrades, distinguishing it from newer gadgets that often suffer from compatibility issues or obsolescence.

    Credifence is also structured around a consumer-first ethos. There is no branding excess, no glossy overpromising, and no implied health or therapeutic claims. Instead, it reinforces its role purely as a lifestyle enhancement tool-a modern solution for modern problems. It’s a clean-label product for a clean-signal future, targeting those who value data sovereignty without complicating their digital footprint.

    Credifence is all about practicality and transparency. Its design logic makes it compatible with nearly all wallet formats, including bifold, trifold, and minimalist slim wallets. It’s also TSA-compliant and safe for international use, making it an ideal choice for frequent travelers and remote workers who often navigate multiple security environments.

    For a firsthand look at how this elegantly simple design supports modern digital needs, Learn More About Credifence and discover what sets its structure apart in the RFID protection market.

    What Reviewers Are Saying About Credifence

    Credifence continues to attract widespread attention across affiliate channels, consumer review platforms, and lifestyle security blogs for its elegant simplicity and practical design. The narrative emerging from the online ecosystem isn’t one of hype or spectacle-it’s a steady wave of appreciation from individuals who have seamlessly incorporated the product into their daily routines, providing a sense of reassurance about its practicality.

    Reviewers consistently highlight Credifence as a standout in the RFID blocking category for its invisible ease of use. Instead of adding bulk or friction to wallets already packed with daily essentials, it disappears into the background-working silently to provide security without asking anything from the user in return. This design minimalism aligns with what many reviewers have termed “passive privacy,” a growing trend in 2025 where users want tools that protect without demanding attention, making the audience feel in tune with the latest developments.

    Clean-label design is another recurring theme. Affiliate reviewers often praise Credifence’s lack of over branding and its commitment to functional aesthetics. It doesn’t scream “security device” or stand out awkwardly among other cards. Instead, it blends in, looking and feeling like any standard credit card while performing a high-tech task beneath the surface. This discretion is especially appreciated by frequent travelers, professionals, and minimalist users who value utility over flash.

    Performance feedback also centers around credibility. Reviewers emphasize that while many RFID blocking products on the market make grandiose claims or present complex tech jargon, Credifence remains rooted in a clearly defined functionality: protect your data from passive scans-nothing more, nothing less. This focus on usability and transparency has earned the brand repeated mentions in “Best Of” lists, particularly in publications dedicated to travel gear, tech security, and daily carry essentials.

    In terms of stacking compatibility, Credifence stands out for being completely non-interfering. Many reviewers have noted that the card’s design works well alongside other wallet contents and does not disrupt NFC card readers when deliberately used for transactions. Instead, it selectively blocks only those scans that are unauthorized or incidental-maintaining access when you want it and protection when you don’t, making the audience feel at ease about its compatibility.

    The tone across most consumer-focused content is one of appreciation for its set-and-forget nature. Users appreciate that it doesn’t require syncing, account creation, or digital oversight. This freedom from app-based configuration or account registration has become a strong selling point in an increasingly connected world where many feel fatigued by device onboarding processes.

    For a broader sense of how Credifence is being positioned and recommended within this niche, Explore the RFID Blocking Card Reviews for Credifence to see how real users and reviewers frame its role in their security strategy.

    Comparing Credifence to Competitors in the RFID Blocking Card Space

    In the fast-evolving market of RFID protection products, not all offerings are created equal. While a growing number of brands have entered the RFID blocking card category, few have managed to strike the same balance of form, function, and transparency that Credifence has cultivated. As more consumers seek out frictionless solutions to growing data security threats, competitive distinctions become especially important. Credifence stands apart by offering a logic-driven, user-friendly experience that doesn’t sacrifice performance for price or complexity. Its simple, one-time setup and passive operation make it a breeze to use.

    Many RFID protection tools in the market today fall into one of two camps: overly complex gadgets requiring batteries and user activation, or inexpensive gimmicks that offer limited shielding with questionable consistency. Credifence avoids both extremes. Unlike tech-heavy options that need pairing with mobile apps or require recharging, Credifence is entirely passive and durable. Its robust construction ensures a long lifespan, and once added to a wallet, it requires no further interaction-making it an ideal solution for individuals who want long-term peace of mind without maintenance overhead.

    Compared to entry-level RFID sleeves or adhesive tags, Credifence delivers a broader and more reliable field of interference. While sleeves protect only the cards directly inserted into them, Credifence offers proximity shielding, meaning a single card can protect multiple nearby cards in the same wallet. This distinction is crucial for users with more than one tap-enabled card-such as metro passes, IDs, and credit cards-who want to avoid the hassle of manually separating each into its own barrier. This feature of Credifence will make the audience feel secure and protected, knowing that their cards are shielded from potential threats.

    Another notable edge is in the product’s non-intrusive footprint. Some RFID blockers rely on thick metal plates or dense polymer cores that bulk up a wallet and interfere with its usability. Credifence, however, maintains the thinness and flexibility of a traditional card, making it compatible with minimalist, bi-fold, and trifold wallet designs. This slim profile has made it especially popular among travelers, business professionals, and those who prioritize portability.

    In terms of transparency, Credifence provides a clear use-case narrative without making unverifiable claims or marketing exaggerations. It’s not positioned as a tech gadget, but as a passive tool that performs one job exceptionally well.This contrasts with many competitors who blur the lines between digital and analog security, often creating consumer confusion around what’s truly needed.

    Design-wise, Credifence leans into neutrality. With no bright logos, flashy textures, or disruptive branding, it disappears into your wallet’s visual profile-an attribute valued by users who prefer understated accessories. Competitors that emphasize branding at the expense of discretion may appeal to a different demographic, but for the privacy-conscious minimalist, Credifence feels like a natural fit. This emphasis on neutrality in Credifence’s design will make the audience feel respected and understood, knowing that their preference for understated accessories is being catered to.

    From a stacking standpoint, Credifence’s shielding materials and signal disruption radius have been optimized to function in real-world scenarios-such as crowded public transport, shared workspaces, or high-traffic terminals-without blocking intentional taps when the card is moved aside. Few competitors match this duality of passive protection and responsive access.

    To compare these features side-by-side and gain insight into how Credifence ranks in today’s market, See Why Credifence Was Ranked Among the Best in the growing RFID blocking card segment.

    Deeper Look at Credifence’s Feature Philosophy

    At the heart of Credifence’s enduring success is a design philosophy that champions simplicity, functionality, and user empowerment. While the term’ingredients’ is typically associated with consumable products, in the context of an RFID blocking card, it refers to the materials, construction, and shielding logic. Credifence sets itself apart by incorporating a clean, logic-first feature set that supports long-term use without requiring constant attention from the user. It’s not about flashy features-it’s about doing one thing well, consistently, and discreetly.

    One of the primary pillars of Credifence’s design is passive electromagnetic shielding. This feature is structured to emit no active signals, require no pairing, and consume no energy. Instead, Credifence uses a specialized blend of conductive materials engineered to absorb and disrupt RFID signals in the high-frequency range (13.56 MHz). This range includes contactless credit cards, government-issued IDs, transit passes, and access badges-all of which are increasingly being targeted by signal-skimming attacks. By passively neutralizing unauthorized attempts at data capture, Credifence provides a first line of defense that doesn’t interfere with daily usage.

    The second principle is zero-setup usability. This means that unlike many tech security tools that require a lot of setup and user interaction, Credifence is ready to use right out of the box. The card does not need to be activated, registered, or positioned with precision. Simply placing it in a wallet near your other cards is enough to create an RFID-free zone around them. This simplicity enhances the user experience while ensuring accessibility for all demographics-from tech-savvy professionals to older adults who may avoid digital gadgets altogether.

    Another key feature is the universal fit of Credifence. While some competitors cater to specific use cases, such as compatibility with certain travel wallets or metal cardholders, Credifence is universally sized to match a standard credit card. This allows it to seamlessly fit into any wallet configuration, whether it’s a classic leather bifold, a slim front-pocket cardholder, or a travel-focused RFID organizer. Users don’t have to change their carry habits to enjoy the privacy benefits.

    Durability is a key aspect of Credifence. Unlike thinner sleeve-based products that wear out with repeated use, Credifence is built to withstand years of pocket friction, drops, and bending. Its layered shielding materials are sandwiched between robust polymer substrates that resist cracking while maintaining a lightweight feel. Users often describe the card as ‘just there’-unchanged, unbothered, and quietly effective month after month.

    A fifth and increasingly vital principle is visual discretion. With growing concerns about social engineering and identity targeting, more consumers are gravitating toward personal accessories that don’t call attention to themselves. Credifence delivers on this front with a design that mimics a blank or low-profile loyalty card-one that blends in rather than stands out. There are no aggressive logos or eye-catching colors, which makes it less likely to be noticed and removed by potential bad actors during moments of distraction, like airport security or café meetups.

    Taken together, these five principles-passive shielding, zero setup, universal fit, robust durability, and visual discretion-create a feature stack that reflects a deeper philosophical commitment: protection without intrusion. It’s a forward-thinking take on modern privacy tools, designed not to dominate your life, but to quietly enhance it.

    To see how these principles translate into daily use and long-term value, Discover the Structure Behind RFID Blocking Card and explore the practical engineering that powers Credifence.

    How Affiliate Reviewers Rate Credifence

    Affiliate reviewers across multiple verticals-from tech accessories to personal security gear-consistently give Credifence high marks for its intelligent simplicity, ease of adoption, and long-term usability. Unlike trend-based gadgets that spike in popularity only to fade with software issues or battery limitations, Credifence has maintained its top-tier ranking by focusing on fundamentals that resonate with discerning audiences.

    At the heart of its appeal is usability logic. Reviewers appreciate how Credifence requires no setup or learning curve. It doesn’t need syncing, software, or monthly updates. Users simply insert the card into their wallet, and it begins shielding sensitive RFID data immediately. This level of intuitive design earns Credifence repeated praise in lists that prioritize convenience and “plug-and-play” solutions for digital hygiene. It’s the kind of tool that can be recommended to anyone-from a tech minimalist to a seasoned traveler-without caveats or disclaimers.

    Another factor consistently noted is Credifence’s non-aggressive product positioning. Unlike some competitors that rely on dramatic marketing claims about imminent threats and guaranteed protection, Credifence maintains a clean, pragmatic narrative. This approach reassures users that Credifence is a support tool for modern privacy, not a failproof fortress. This balanced communication approach makes it a trusted name in a category where skepticism is common, providing a sense of reassurance to the audience.

    Reviewers also emphasize Credifence’s consistent presence in multi-category roundups, especially those aimed at smart travel accessories, productivity tools, and personal data safety gear. Its cross-compatibility and passive function make it versatile enough to show up in recommendations for digital nomads, parents, students, and entrepreneurs alike. This multi-audience utility has helped establish Credifence as a “universal recommendation”-a rare position in the crowded accessory space, making the audience feel included and catered to.

    From a ranking criteria standpoint, reviewers often highlight four core scoring factors: ease of use, unobtrusiveness, reliability, and compatibility. Credifence routinely scores at or near the top in each of these categories, helping it remain in leading positions across affiliate articles that examine real-world function over theoretical specs. In a year where many consumers are overwhelmed by feature fatigue, this kind of clarity has made Credifence an anchor product for privacy-focused content creators.

    Moreover, reviewers value how Credifence integrates with other tools. Because it doesn’t interfere with Bluetooth, NFC-enabled smart rings, or payment apps, it earns strong marks for stacking compatibility. This is particularly relevant in 2025, as more consumers are layering multiple security measures-like biometric logins and wearable tech-into their routines. Credifence plays well with others, which enhances its review performance in lifestyle blogs and gear breakdowns, giving the audience a sense of confidence and security in their tech choices.

    As a result, it’s no surprise to see Credifence at the top of affiliate lists discussing low-maintenance privacy solutions that align with the modern consumer’s desire for quiet efficiency.

    To explore how Credifence continues to lead top affiliate reviews and rankings, Read the Expert Breakdown of Credifence and see how it holds its place among other trusted tools.

    The Science or Technical Framework Behind RFID Blocking Cards

    RFID blocking technology, while rooted in a well-established understanding of electromagnetic wave interference and radio-frequency physics, is becoming more user-friendly. As more consumers become aware of the vulnerabilities that come with contactless payment cards, transit passes, and smart IDs, the need for a solution that leverages real science without requiring technical knowledge has only grown. Credifence is built on this principle, ensuring a seamless daily usability that anyone can appreciate.

    At its core, RFID-short for Radio-Frequency Identification-relies on electromagnetic fields to wirelessly transfer data between a tag and a reader. Most commonly used for near-field communications, this technology is embedded in modern credit cards, passports, metro cards, and even access control badges. These cards carry tiny microchips that transmit information when activated by an external reader within a short distance-often just a few inches.

    The security risk emerges when bad actors use easily accessible devices known as “skimmers” to initiate these transfers without consent. These rogue scanners can be disguised in bags, handheld readers, or strategically placed near checkout areas. Once activated, they can capture data being emitted by unprotected cards-data that could be used for unauthorized purchases or identity theft.

    Credifence operates by introducing a layer of shielding between the card’s antenna and the surrounding electromagnetic environment. The materials within the Credifence card are specially selected for their electromagnetic attenuation properties, meaning they are capable of absorbing or deflecting the high-frequency signals used in RFID communication (especially the common 13.56 MHz frequency used by most contactless payment systems). This creates a localized “dead zone” in the electromagnetic field, preventing unauthorized devices from establishing a successful read.

    Unlike some competitors that use thin, semi-metallic films with limited durability, Credifence integrates multi-layered shielding architecture. This includes woven metallic alloys, conductive polymers, and dielectric materials designed to work together to form a redundant interference system. These layers are laminated into a durable card that does not degrade with heat or pressure-ensuring long-term effectiveness even with daily wallet friction or exposure to environmental changes. This durability provides a sense of security and confidence in the product’s longevity.

    One of the key engineering achievements of Credifence is its ability to maintain passive operation while still providing active shielding. Passive means there are no batteries, no energy input, and no signal broadcast. Instead, it reacts defensively to external electromagnetic fields by neutralizing their ability to energize nearby RFID tags. This passive architecture reduces any risk of interference with devices that consumers do wish to interact with-like payment terminals or gate readers-so long as the card is slightly repositioned during intentional scans.

    Consumer-sourced feedback consistently validates this design logic. Users report that the Credifence card does not block access when intentionally using contactless systems, provided they briefly move it out of proximity.This underscores the technical success of Credifence’s shielding radius: it’s strong enough to block unauthorized reads, but designed with real-world functionality in mind.

    The science behind Credifence isn’t overly complex, but it is finely tuned for real-life application. It reflects a broader trend in 2025 toward invisible engineering-tools that apply rigorous material science in ways that enhance everyday life without becoming burdensome or intrusive.

    To understand more about the physical principles that guide RFID protection and how Credifence leverages this technology without compromising simplicity, Learn More About Credifence and its functionally grounded design approach.

    Who Might Consider Trying Credifence

    The appeal of Credifence reaches far beyond a single target demographic. As digital payment systems and smart identification tools become more prevalent, consumers from nearly every walk of life are beginning to assess how they can take back control of their personal information. Credifence caters to this emerging awareness by offering a passive protection solution that integrates naturally into a wide array of routines, lifestyles, and priorities. Whether you’re a frequent traveler who needs to protect your boarding pass and digital wallet, a parent concerned about your child’s school ID, or a privacy advocate looking to reduce your digital footprint, Credifence has a solution for you.

    One of the most responsive audiences to Credifence includes frequent travelers and global nomads. These individuals often carry multiple RFID-enabled cards-from boarding passes and hotel keys to digital wallets and passports. For them, data security is more than a preference; it’s a necessity. Crowded airports, train stations, and public transit systems are common hotspots for RFID skimming, and Credifence offers a non-invasive way to add a protective layer without interfering with mobility or access.

    Corporate professionals and daily commuters are another major segment. Many of these individuals operate in shared environments where data is constantly in motion-office badge scanners, tap-to-pay lunch counters, coworking spaces. In these high-traffic zones, passive card scanning devices can easily go unnoticed. Credifence provides peace of mind in these fast-paced spaces without demanding any behavioral changes from the user. It’s a static security feature that adapts to the speed of modern work life.

    Parents and guardians are increasingly seeing the value of passive data protection, not just for themselves but for their children. As younger individuals start to carry school IDs, tap-to-pay student cards, and contactless transit passes, the risk of exposure grows. Credifence offers a non-digital solution that can be placed discreetly in a child’s wallet or backpack, requiring no software and posing no learning curve. It’s a source of reassurance, knowing that their children’s personal information is protected.

    Aging adults and retirees also represent a key demographic. Many in this group seek practical, low-maintenance security measures that do not involve complicated technology or ongoing management. Credifence meets this need perfectly by functioning independently, requiring no activation or digital literacy. Its set-and-forget nature appeals to those who value simplicity and peace of mind, providing a sense of security and independence.

    Additionally, digital minimalists and privacy advocates find Credifence aligns closely with their values. In an age when surveillance feels ubiquitous and even apps demand personal access, Credifence stands out as a rare security tool that doesn’t collect, transmit, or store any data. It simply blocks access-quietly, reliably, and without leaving a trace.

    Even college students and gig economy workers-who often juggle multiple forms of contactless identification, payment methods, and freelance tools-are turning to Credifence as a protective buffer that doesn’t add weight or complexity. It fits into the hustle-oriented lifestyle without demanding attention or upkeep, providing a sense of support and empowerment in their fast-paced lives.

    Across these groups, one theme remains consistent: the desire for seamless protection that doesn’t disrupt routines. Whether you’re managing business travel, protecting your family, simplifying your digital footprint, or just seeking quiet confidence in your daily transactions, Credifence offers a universally relevant form of support.

    To explore how different lifestyles are integrating passive RFID protection into their everyday carry, See Full Comparison at Credifence.com and discover why this tool continues to earn praise across varied user profiles.

    Questions Consumers Frequently Ask About Credifence

    How do I use the Credifence RFID Blocking Card on a daily basis?

    Using Credifence is a breeze. There’s no setup or technical knowledge required. Just slip the card into your wallet, near your RFID-enabled cards like contactless credit cards or identification cards. Its shielding properties will create a protective barrier, giving you peace of mind as you go about your day.

    Will Credifence interfere with intentional contactless transactions?

    Credifence is designed to block RFID signals in close proximity, without interfering with your intentional transactions. When you want to make a tap payment or use an access badge, simply move the Credifence card away from your active card for a moment. This ensures your desired transaction goes through, while maintaining security during idle periods.

    Can Credifence be used with any type of wallet or cardholder?

    Yes, Credifence is sized to the dimensions of a standard credit card, making it compatible with nearly all wallet styles-bifold, trifold, slim, or money clips. It fits effortlessly into the same slots used for standard plastic cards and requires no special compartments or holders to function.

    How long does Credifence last, and does it need to be replaced?

    Rest assured, Credifence is built to last. It’s durable and long-lasting, thanks to its design that doesn’t use any electronic components, batteries, or moving parts. Its shielding materials are resistant to wear and bending, ensuring it maintains effectiveness for extended periods without needing replacement. Normal usage won’t impact its performance.

    Is Credifence compatible with digital wallets and mobile payment apps?

    Credifence does not interfere with mobile phone functionality or wireless payment apps like Apple Pay, Google Wallet, or Samsung Pay. It only blocks RFID signals at the physical card level, so it won’t affect digital wallets or near-field communication used via smartphones or wearables.

    Can I travel internationally with Credifence?

    Absolutely. Credifence contains no batteries or electronic parts, making it TSA-compliant and safe for air travel. It’s suitable for use in all countries and can help provide passive protection for passports, travel cards, and international payment systems that utilize RFID technology.

    Does Credifence protect all cards equally, or do I need more than one?

    One Credifence card is typically sufficient for most users. When placed centrally within a wallet, its shielding radius can cover multiple RFID-enabled cards nearby. However, users who carry a larger volume of cards or who prefer added redundancy may choose to carry more than one for extra protection.

    Why Credifence Fits the 2025 Innovation Model

    The consumer landscape of 2025 is defined not just by faster technology, but by smarter and more sustainable design philosophies. Innovation today isn’t about who can build the most complex tool-it’s about who can build the most relevant one. Within this context, Credifence stands as a leading example of functionality-first thinking, confidently aligning with the 2025 innovation model: it solves a real problem, requires zero upkeep, and integrates seamlessly into modern life.

    In an era where consumers are inundated with apps, platforms, alerts, and subscriptions, the most valuable tools are those that demand the least from the user. Credifence fits squarely into this self-sufficient innovation model-offering a product that doesn’t need charging, syncing, or constant attention. This aligns with a growing wave of digital minimalism and smart simplicity that’s defining the best-performing accessories of the decade, providing a sense of reassurance and comfort to the user.

    Its clean-label positioning also ties into broader macro trends in longevity and low-intervention wellness. While not a health product per se, Credifence supports the mental clarity and peace of mind that comes from knowing your personal data is less vulnerable in crowded environments. Consumers are increasingly framing security as part of holistic well-being-seeing protection not only as a technical function, but as a lifestyle enhancement. Credifence contributes to this evolving definition of wellness through its calm, unobtrusive presence.

    In terms of sustainability and design ethic, Credifence rejects the fast-cycle gadget model. It does not require disposable parts, does not break down with firmware updates, and does not add to digital clutter. This appeals to the eco-conscious buyer who prioritizes long-lasting tools that solve problems without contributing to e-waste or obsolescence. In this way, Credifence mirrors other functional accessories that are gaining traction-like mechanical watches, reusable filters, and minimalist travel gear.

    The brand also thrives at the intersection of personal sovereignty and passive privacy. In 2025, more individuals are realizing that data security isn’t just a corporate responsibility-it’s a personal one. As governments, workplaces, and retail environments implement more forms of passive data collection, consumers are actively seeking tools that shield their information without blocking access to convenience. Credifence meets this need by allowing intentional interactions while blocking intrusive ones-a key innovation insight in the age of ambient surveillance.

    Finally, Credifence fits the model of tools that enhance everyday intelligence-the category of smart accessories that improve life by being forgotten, not noticed. It doesn’t beep, blink, buzz, or notify. It’s quiet innovation: protection that disappears into your pocket and performs consistently without effort, ensuring that you are not overwhelmed by its presence. This type of unobtrusive support is precisely what defines the most adopted and respected products in today’s innovation-driven world.

    To learn more about how Credifence embodies the privacy-focused, minimal-intervention spirit of 2025 innovation, See Why Credifence Was Ranked Among the Best in its class and how it compares across emerging security accessory trends.

    Contact & Company Info

    For more details, See Full Comparison at Credifence.com

    Final Disclaimer

    This article is for informational purposes only and does not constitute professional advice or formal recommendations. The content presented is based on publicly available information and affiliate publisher insights related to consumer-use products and technologies. Credifence is not a medical device and is not intended to diagnose, treat, cure, or prevent any disease or health condition. No medical claims are made or implied.

    We may receive a small commission if you choose to purchase products through affiliate links included in this article. This does not affect the price you pay or the objectivity of the information provided.

    Always consult a qualified professional for advice related to health, safety, personal finance, or data security. Individual experiences with products may vary. Statements in this article have not been evaluated by the Food and Drug Administration.

    Readers are encouraged to perform their own due diligence before purchasing or using any featured product. This publication is not responsible for any individual outcome arising from the use or misuse of the product discussed.

    Contact Information
    Credifence Customer Support
    support@credifence.com
    +1 (251) 351-5695

    Source: CredifenceCredifence

    Source link

  • Report finds most subscription services manipulate customers with ‘dark patterns’

    Report finds most subscription services manipulate customers with ‘dark patterns’

    Most subscription sites use “dark patterns” to influence customer behavior around subscriptions and personal data, according to a pair of new reports from global consumer protection groups. Dark patterns are “practices commonly found in online user interfaces [that] steer, deceive, coerce or manipulate consumers into making choices that often are not in their best interests.” The international research efforts were conducted by the International Consumer Protection and Enforcement Network (ICPEN) and the Global Privacy Enforcement Network (GPEN).

    The ICPEN conducted the of 642 websites and mobile apps with a subscription component. The assessment revealed one dark pattern in use at almost 76 percent of the platforms, and multiple dark patterns at play in almost 68 percent of them. One of the most common dark patterns discovered was sneaking, where a company makes potentially negative information difficult to find. ICPEN said 81 percent of the platforms with automatic subscription renewal kept the ability for a buyer to turn off auto-renewal out of the purchase flow. Other dark patterns for subscription services included interface interference, where desirable actions are easier to perform, and forced action, where customers have to provide information to access a particular function.

    The companion from GPEN examined dark patterns that could encourage users to compromise their privacy. In this review, nearly all of the more than 1,000 websites and apps surveyed used a deceptive design practice. More than 89 percent of them used complex and confusing language in their privacy policies. Interface interference was another key offender here, with 57 percent of the platforms making the least protective privacy option the easiest to choose and 42 percent using emotionally charged language that could influence users.

    Even the most savvy of us can be influenced by these subtle cues to make suboptimal decisions. Those decisions might be innocuous ones, like forgetting that you’ve set a service to auto-renew, or they might put you at risk by encouraging you to reveal more personal information than needed. The reports didn’t specify whether the dark patterns were used in illicit or illegal ways, only that they were present. The dual release is a stark reminder that digital literacy is an essential skill.

    Anna Washenko

    Source link

  • US watchdog teases crackdown on data brokers that sell Americans’ personal information | CNN Business

    US watchdog teases crackdown on data brokers that sell Americans’ personal information | CNN Business


    Washington
    CNN
     — 

    The US government plans to rein in the vast data broker industry with new, privacy-focused regulations that aim to safeguard millions of Americans’ personal information from data breaches, violent criminals and even artificial intelligence chatbots.

    The coming proposal by the Consumer Financial Protection Bureau would extend existing regulations that govern credit reports, arrest records and other data to what the agency describes as the “surveillance industry,” or the sprawling economy of businesses that traffic in increasingly digitized personal information.

    The potential rules, which are not yet public or final, could bar data brokers from selling certain types of consumer information — including a person’s income or their criminal and payment history — except in specific circumstances, the CFPB said.

    The push could also see new restrictions on the sale of personal information such as Social Security numbers, names and addresses, which the CFPB said data brokers often buy from the major credit reporting bureaus to create their own profiles on individual consumers.

    Issued under the Fair Credit Reporting Act, the regulations would seek to ensure that data brokers selling that sensitive information do so only for valid financial purposes such as employment background checks or credit decisions, and not for unrelated purposes that may allow third parties to use the data to, for example, train AI algorithms or chatbots, the CFPB said.

    The announcement follows an agency study into the data broker industry this year that found widespread concerns about how consumer data is being collected, used and shared. The inquiry received numerous submissions from the public warning about the disproportionate risks that unregulated data sharing can have on minorities, seniors, immigrants and victims of domestic violence.

    “Reports about monetization of sensitive information — everything from the financial details of members of the U.S. military to lists of specific people experiencing dementia — are particularly worrisome when data is powering ‘artificial intelligence’ and other automated decision-making about our lives,” CFPB Director Rohit Chopra said in a statement. “The CFPB will be taking steps to ensure that modern-day data brokers in the surveillance industry know that they cannot engage in illegal collection and sharing of our data.”

    The CFPB’s proposal will first be floated with a group of small businesses for feedback before being publicly unveiled in a formal rulemaking, the agency said.

    The CFPB isn’t the only US agency clamping down on the massive data industry. Last year, the Federal Trade Commission proposed a sweeping set of regulations that may restrict how all businesses collect and use consumer data, taking aim at what FTC Chair Lina Khan has described as the “persistent tracking and routinized surveillance of individuals.”

    The agency initiatives reflect how Congress has continually failed to produce a comprehensive, national-level consumer privacy law, despite years of lawmaker negotiations and the rise of privacy regulations overseas that increasingly affect US businesses.

    Source link

  • Large US tech companies face new EU rules | CNN Business

    Large US tech companies face new EU rules | CNN Business



    CNN
     — 

    The world’s largest tech companies must comply with a sweeping new European law starting Friday that affects everything from social media moderation to targeted advertising and counterfeit goods in e-commerce — with possible ripple effects for the rest of the world.

    The unprecedented EU measures for online platforms will apply to companies including Amazon, Apple, Google, Meta, Microsoft, Snapchat and TikTok, among many others, reflecting one of the most comprehensive and ambitious efforts by policymakers anywhere to regulate tech giants through legislation. It could lead to fines for some companies and to changes in software affecting consumers.

    The rules seek to address some of the most serious concerns that critics of large tech platforms have raised in recent years, including the spread of misinformation and disinformation; possible harms to mental health, particularly for young people; rabbit holes of algorithmically recommended content and a lack of transparency; and the spread of illegal or fake products on virtual marketplaces.

    Although the European Union’s Digital Services Act (DSA) passed last year, companies have had until now to prepare for its enforcement. Friday marks the arrival of a key compliance deadline — after which tech platforms with more than 45 million EU users will have to meet the obligations laid out in the law.

    The EU also says the law intends “to establish a level playing field to foster innovation, growth and competitiveness both in the European Single Market and globally.” The action reinforces Europe’s position as a leader in checking the power of large US tech companies.

    For all platforms, not just the largest ones, the DSA bans data-driven targeted advertising aimed at children, as well as targeted ads to all internet users based on protected characteristics such as political affiliation, sexual orientation and ethnicity. The restrictions apply to all kinds of online ads, including commercial advertising, political advertising and issue advertising. (Some platforms had already in recent years rolled out restrictions on targeted advertising based on protected characteristics.)

    The law bans so-called “dark patterns,” or the use of subtle design cues that may be intended to nudge consumers toward giving up their personal data or making other decisions that a company might prefer. An example of a dark pattern commonly cited by consumer groups is when a company tries to persuade a user to opt into tracking by highlighting an acceptance button with bright colors, while simultaneously downplaying the option to opt out by minimizing that choice’s font size or placement.

    The law also requires all online platforms to offer ways for users to report illegal content and products and for them to appeal content moderation decisions. And it requires companies to spell out their terms of service in an accessible manner.

    For the largest platforms, the law goes further. Companies designated as Very Large Online Platforms or Very Large Online Search Engines will be required to undertake independent risk assessments focused on, for example, how bad actors might try to manipulate their platforms, or use them to interfere with elections or to violate human rights — and companies must act to mitigate those risks. And they will have to set up repositories of the ads they’ve run and allow the public to inspect them.

    Just a handful of companies are considered very large platforms under the law. But the list finalized in April includes the most powerful tech companies in the world, and, for those firms, violations can be expensive. The DSA permits EU officials to issue fines worth up to 6% of a very large platform’s global annual revenue. That could mean billions in fines for a company as large as Meta, which last year reported more than $116 billion in revenue.

    Companies have spent months preparing for the deadline. As recently as this month, TikTok rolled out a tool for reporting illegal content and said it would give EU users specific explanations when their content is removed. It also said it would stop showing ads to teens in Europe based on the data the company has collected on them, all to comply with the DSA rules.

    “We’ve been supportive of the objectives of the DSA and the creation of a regulatory regime in Europe that minimizes harm,” said Nick Clegg, Meta’s president of global affairs and a former deputy prime minister of the UK, in a statement Tuesday. He said Meta assembled a 1,000-person team to prepare for DSA requirements. He outlined several efforts by the company including limits on what data advertisers can see on teens ages 13 to 17 who use Facebook and Instagram. He said advertisers can no longer target the teens based on their activity on those platforms. “Age and location is now the only information about teens that advertisers can use to show them ads,” he said.

    In a statement, a Microsoft spokesperson told CNN the DSA deadline “is an important milestone in the fight against illegal content online. We are mindful of our heightened responsibilities in the EU as a major technology company and continue to work with the European Commission on meeting the requirements of the DSA.”

    Snapchat parent Snap told CNN that it is working closely with the European Commission to ensure the company is compliant with the new law. Snap has appointed several dedicated compliance employees to monitor whether it is living up to its obligations, the company said, and has already implemented several safeguards.

    And Apple said in a statement that the DSA’s goals “align with Apple’s goals to protect consumers from illegal and harmful content. We are working to implement the requirements of the DSA with user privacy and security as our continued North Star.”

    Google and Pinterest told CNN they have also been working closely with the European Commission.

    “We share the DSA’s goals of making the internet even more safe, transparent and accountable, while making sure that European users, creators and businesses continue to enjoy the benefits of the web,” a Google spokesperson said.

    A Pinterest spokesperson said the company would “continue to engage with the European Commission on the implementation of the DSA to ensure a smooth transition into the new legal framework.” The spokesperson added: “The wellbeing, safety and privacy of our users is a priority and we will continue to build on our efforts.”

    Many companies should be able to comply with the law, given their existing policies, teams and monitoring tools, according to Robert Grosvenor, a London-based managing director at the consulting firm Alvarez & Marsal. “Europe’s largest online service providers are not starting from ground zero,” Grosvenor said. But, he added: “Whether they are ready to become a highly regulated sector is another matter.”

    EU officials have signaled they will be scrutinizing companies for violations. Earlier this summer, European officials performed preemptive “stress tests” of X, the company formerly known as Twitter, as well as Meta and TikTok to determine the companies’ readiness for the DSA.

    For much of the year, EU Commissioner Thierry Breton has been publicly reminding X of its coming obligations as the company has backslid on some of its content moderation practices. Even as Breton concluded that X was taking its stress test seriously in June, the company had just lost a top content moderation official and had withdrawn from a voluntary EU commitment on disinformation that European officials had said would be part of any evaluation of a platform’s compliance with the DSA.

    X told CNN ahead of Friday’s deadline that it was on track to comply with the new law.

    Analysts anticipate that the EU will be watching even more closely after the deadline — and some hope that the rules will either encourage tech platforms to replicate their practices in the EU voluntarily around the world or else drive policymakers to adopt similar measures.

    “We hope that these new laws will inspire other jurisdictions to act because these are, after all, global companies which apply many of the same practices worldwide,” said Agustin Reyna, head of legal and economic affairs at BEUC, a European consumer advocacy group. “Europe got the ball rolling, but we need other jurisdictions to win the match against tech giants.”

    Already, Amazon has sought to challenge the very large platform label in court, arguing that the DSA’s requirements are geared toward ad-based online speech platforms, that Amazon is a retail platform and that none of its direct rivals in Europe have likewise been labeled, despite being larger than Amazon within individual EU countries.

    The legal fights could present the first major test of the DSA’s durability in the face of Big Tech’s enormous resources. Amazon told CNN that it plans to comply with the EU General Court’s decision, either way.

    “Amazon shares the goal of the European Commission to create a safe, predictable and trusted online environment, and we invest significantly in protecting our store from bad actors, illegal content, and in creating a trustworthy shopping experience,” an Amazon spokesperson said. “We have built on this strong foundation for DSA compliance.”

    TikTok did not immediately respond to a request for comment on this story.

    Source link

  • Elon Musk should be forced to testify on X’s ‘chaotic environment,’ US regulator tells court | CNN Business

    Elon Musk should be forced to testify on X’s ‘chaotic environment,’ US regulator tells court | CNN Business


    Washington
    CNN
     — 

    Elon Musk should be forced to testify in an expansive US government probe of X, the company formerly known as Twitter, the US government said.

    The government said mass layoffs and other decisions Musk made raised questions about X’s ability to comply with the law and to protect users’ privacy.

    The US government’s attempt to compel Musk’s testimony is the latest turn in an investigation that predates Musk’s acquisition of X that has intensified due to Musk’s own actions, according to a court filing by the Justice Department on behalf of the Federal Trade Commission.

    The court filing dated Monday cites depositions with multiple former X executives, including its former chief information security officer and former chief privacy officer, who testified that a barrage of layoffs and resignations following Musk’s $44 billion takeover may have hindered X from meeting its security obligations under a 2011 FTC consent agreement.

    Twitter and its outside attorney didn’t immediately respond to a request for comment.

    According to testimony cited in the filing, there were so few employees left after the departures that anywhere from 37% to 50% of the company’s security program lacked effective management and oversight, with no one available to take responsibility for those controls. Other planned upgrades to the company’s security program were “impaired,” the filing said, citing a deposition by the former chief information security officer, Lea Kissner.

    In another example, Musk personally tried to rush the rollout of Twitter Blue, the company’s paid subscription service, the filing said. That forced the company’s security team to bypass the required security and privacy checks that were a part of Twitter’s own policies and that had been mandated in the FTC order, according to the testimony of Damien Kieran, the former chief privacy officer.

    The filing also alleges that Musk’s move to grant several journalists access to internal company records — access that would culminate in the so-called Twitter Files claiming to show evidence of politically motivated censorship — initially involved a plan that could potentially have led to the exposure of private user data in violation of the FTC order.

    According to the filing, Musk’s plan originally called for providing access through a dedicated company laptop with “elevated privileges beyond just what a[n] average employee might have.”

    “Longtime information security employees intervened and implemented safeguards to mitigate the risks,” the filing said, but even then, the former employees testified, the process raised doubts about Musk’s commitment to privacy and security.

    X has moved to block Musk from being forced to testify and has asked a federal court to invalidate the entire FTC order requiring it to safeguard user privacy, accusing the FTC of asking too many questions in its probe.

    But in its filing, the US government said its interest in Musk’s testimony is well-justified based on the appearance of a “chaotic environment” at X driven by “sudden, radical changes at the company” following Musk’s acquisition.

    “The FTC had every reason to seek information about whether these developments signaled a lapse in X Corp.’s compliance” with the 2011 order, the filing said. Confirmed violations of the FTC order could lead to billions of dollars in fines for X, as well as potential legal ramifications for individual executives such as Musk if they are deemed personally responsible for them.

    The FTC investigation traces back to bombshell allegations — raised by Twitter’s former security chief Peiter “Mudge” Zatko and predating Musk’s acquisition — that for years Twitter has failed to live up to its legally binding commitments to the FTC to protect user privacy and security. Those allegations were first reported last year by CNN and The Washington Post.

    The investigation has proven politically charged as Musk — and his allies including Republicans on the House Judiciary Committee — have responded to the probe by publicly accusing the FTC of harassment and overreach.

    Source link

  • Meta considers paid subscription in EU for users to bypass targeted ads | CNN Business

    Meta considers paid subscription in EU for users to bypass targeted ads | CNN Business



    CNN
     — 

    Instagram and Facebook users in the European Union may soon be able to opt out of targeted ads if they pay for a monthly subscription.

    A source familiar with the matter told CNN that Meta is evaluating a range of options to comply with multiple European regulations aimed at curbing US technology companies’ use of personalized ads. Over the last year, the EU has tightened regulations and will require big tech companies to ask users for their consent around such advertising.

    In July, a court ruled tech companies could use subscription models as a way of offering such consent, including asking users if they want to access Facebook and Instagram without advertising, for a fee.

    Under the EU’s General Data Protection Regulation (GDPR), companies may collect and use the personal data of EU citizens so long as the usage falls into certain disclosed categories. Meta has previously argued that its data collection for advertising is needed for fulfilling the “contracts” between the platform and end users to provide service. But privacy advocates and regulators have said that justification doesn’t support the use of personal data for advertising.

    CNN’s source said Meta remains in close discussions with its lead regulator in Europe, the Irish Data Protection Commission, about a compliance solution. The plans, if implemented, would not apply to users outside of Europe.

    The Wall Street Journal recently reported Meta aims to charge about $14 a month to users who want to bypass targeted ads on Instagram on their phones and $17 to access both Facebook and Instagram without ads, to comply with EU regulations.

    A spokesperson for Meta declined to comment on the possibility of rolling out a subscription plan but echoed that it is looking at all options.

    “Meta believes in the value of free services which are supported by personalized ads,” the company said in a statement. “However, we continue to explore options to ensure we comply with evolving regulatory requirements. We have nothing further to share at this time.”

    Source link

  • NY officials announce legislation aimed at protecting kids on social media | CNN Business

    NY officials announce legislation aimed at protecting kids on social media | CNN Business



    CNN
     — 

    Two new bills meant to protect children’s mental health online by changing the way they are served content on social media and by limiting companies’ use of their data will be introduced in the New York state legislature, state and city leaders said Wednesday.

    New York Gov. Kathy Hochul and New York Attorney General Letitia James made the announcement at the headquarters of the United Federation of Teachers Manhattan, joined by UFT President Michael Mulgrew, State Senator Andrew Gounardes, Assemblywoman Nily Rozic and community advocates.

    “Our children are in crisis, and it is up to us to save them,” Hochul said, comparing social media algorithms to cigarettes and alcohol. “The data around the negative effects of social media on these young minds is irrefutable, and knowing how dangerous the algorithms are, I will not accept that we are powerless to do anything about it.”

    The “Stop Addictive Feeds Exploitation (SAFE) for Kids Act” would limit what New York officials say are the harmful and addictive features of social media for children. The act would allow users under 18 and their parents to opt out of receiving feeds driven by algorithms designed to harness users’ personal data to keep them on the platforms for as long as possible. Those who opt out would receive chronological feeds instead, like in the early days of social media.

    The bill would also allow users and parents who opt in to receiving algorithmically generated content feeds to block access to social media platforms between 12am and 6am or to limit the total number of hours per day a minor can spend on a platform.

    “This is a major issue that we all feel strongly about and that must be addressed,” James said. “Nationwide, children and teens are struggling with significantly high rates of depression, anxiety, suicidal thoughts and other mental health issues, largely because of social media.”

    The bill targets platforms like Facebook, Instagram, TikTok, Twitter and YouTube, where feeds are comprised of user-generated content along with other material the platform suggests to users based on their personal data. Tech platforms have designed and promoted voluntary tools aimed at parents to help them control what content their kids can see, arguing that the decision about what boundaries to set should be up to individual families. But that hasn’t stopped critics from calling on platforms to do more — or from threatening further regulation.

    “Our children deserve a safer and more secure environment online, free from addictive algorithms and exploitation,” said Gounardes. “Algorithms are the new tobacco. Simple as that.”

    The New York legislation comes amid a raft of similar bills across the country that purport to safeguard young users by imposing tough new rules on platforms.

    States including Arkansas, Louisiana and Utah have passed bills requiring tech platforms to obtain a parent’s consent before creating accounts for teens. Federal lawmakers have introduced a similar bill that would ban kids under 13 from using social media altogether. And numerous lawsuits against social media platforms have accused the companies of harming users’ mental health. The latest of these suits came on Tuesday, when Utah’s attorney general sued TikTok for allegedly misleading consumers about the app’s safety.

    Mulgrew called the New York legislation necessary in part due to a lack of action by the federal government to protect kids.

    “The last time, first and only time that the United States government passed a bill to protect children in social media was 1998,” Mulgrew said, referring to the Children’s Online Privacy Protection Act (COPPA), a federal law that prohibits the collection of personal data from Americans under the age of 13 without parental consent. In July, the US Senate commerce committee voted to advance a bill that would expand COPPA’s protections to teens for the first time.

    New York officials on Wednesday also highlighted risks to children’s privacy online, including the chance their location or other personal data could fall into the hands of human traffickers and others who might prey on youth.

    “While other states and countries have enacted laws to limit the personal data that online platforms can collect from minors, no such restrictions currently exist in New York,” a press release from earlier Wednesday stated. “The two pieces of legislation introduced today will add critical protections for children and young adults online.”

    The New York Child Data Protection Act would protect children’s data online by prohibiting all online sites from collecting, using, sharing or selling the personal data of anyone under 18 for the purposes of advertising, without informed consent or unless doing so is strictly necessary for the purpose of the website. For users under 13, this informed consent must come from a parent or guardian.

    Both bills would authorize the attorney general to bring an action to enjoin or seek damages or civil penalties of up to $5,000 per violation and would allow parents or guardians of minors to sue for damages of up to $5,000 per user incident or for actual damages, whichever is greater.

    The US Department of Health and Human Services says that while social media provides some benefits, it also presents “a meaningful risk of harm to youth.” The Surgeon General’s Social Media and Youth Mental Health Advisory released in May said children and adolescents who spend more than three hours a day on social media face double the risk of mental health problems like depression and anxiety, a finding the report called “concerning” given a recent survey that showed teens spend an average of 3.5 hours a day on social media.

    Source link

  • What is catfishing and what can you do if you are catfished? | CNN Business

    What is catfishing and what can you do if you are catfished? | CNN Business


    Editor’s Note: This story is part of ‘Systems Error’, a series by CNN As Equals, investigating how your gender shapes your life online. For information about how CNN As Equals is funded and more, check out our FAQs.



    CNN
     — 

    Catfishing is when a person uses false information and images to create a fake identity online with the intention to trick, harass, or scam another person. It is often on social media or dating apps and websites as a common tactic used to form online relationships under false pretenses, sometimes to lure people into financial scams.

    The person doing the pretending, or the “catfish” may also obtain intimate images from a victim and use them to extort or blackmail the person. This is known as sextortion, or they may use other personal information shared with them to commit identity theft.

    The term is believed to originate from the 2010 documentary “Catfish,” in which a young Nev Schulman starts an online relationship with teenager “Megan”, who turns out to be an older woman.

    In the final scene of the documentary, the woman’s husband shares an anecdote about how live cod used to be exported from Alaska alongside catfish, which kept the cod active and alert. He likened this to people in real life who keep others on their toes, like his wife. Schulman went on to produce the docuseries Catfish

    There are many reasons people resort to catfishing, but the most common reason is a lack of confidence, according to the Cybersmile Foundation, a nonprofit focused on digital well-being. The foundation states that if someone is not happy with themselves, they may feel happier when pretending to be someone more attractive to others.

    They may also hide their identity to troll someone; to engage in a relationship other than their existing one; or to extort or harass people. Some people may catfish to explore sexual preferences.

    Studies have shown that catfish are more likely to be educated men, with one 2022 study finding perpetrators are more likely to come from religious backgrounds, possibly providing a way to form relationships without the constraints they face in real life, the authors write.

    In another study published last year, Evita March, senior lecturer in psychology at Federation University in Australia, found that people with the strong personality traits of sadism, psychopathy, and narcissism were more likely to catfish.

    March told CNN the findings are preliminary and that her team would like to further investigate if certain personality traits lead to specific kinds of catfishing behavior.

    In the US, romance scams resulting from catfishing have among the highest reported financial losses of internet crimes as a whole. A total of 19,050 Americans reported losing almost $740 million to romance scammers in 2022.

    In the UK, the country’s National Fraud Intelligence Bureau received more than 8,000 reports of romance fraud in the 2022 financial year, totaling more than £92 million (US $116.6 million) lost, with an average loss of £11,500 (US $14,574) per victim.

    In Singapore, romance scams are among the top 10 reported scams. The reported amount of money catfish may get from their victims increased by more than 30% from SGD$33.1 million (US $24 million) in 2020 to $46.6 million (US $34 million) the following year.

    Catfishing is also increasingly happening on an industrial scale with the rise of “cyber scam centers” that have links to human trafficking in Southeast Asia, according to INTERPOL.

    Victims of trafficking are forced to become fraudsters by creating fake social media accounts and dating profiles to scam and extort millions of dollars from people around the world using different schemes such as fake crypto investment sites.

    Catfishing used to occur more among adults through online dating sites, but has now become equally common among teenagers, according to the Cybersmile Foundation.

    Research by Snapchat last year with more than 6,000 Gen Z teenagers and young people in Australia, France, Germany, India, the UK and the US found that almost two-thirds of them or their friends had been targeted by catfish or hackers to obtain private images that were later used to extort them.

    Older people are also likely to lose more money to catfishing. In 2021, Americans lost half a billion dollars through romance scams perpetrated by people using fake personas or impersonating others, with the largest losses paid in cryptocurrency, according to the US Federal Trade Commission. The number of reports rose tenfold among young people (18-29) but older people (over 70s) generally reported losing more money.

    In Australia, a third of dating and romance scams result in financial losses, with women having lost more than double the total amount lost by men, and older people again losing more money than those under 45., according to data from the country’s National Anti-Scam Centre.

    ”Romance scams are one of the hardest things to avoid. It’s emotional manipulation,” said Ngo Minh Hieu, a Vietnamese former hacker and founder of Chong Lua Dao (scam fighters), a cybersecurity non-profit.

    Since 2020, Hieu has been monitoring trends to help scam victims, he says, and explains that in his experience, a catfish would usually approach a victim with premediated intention to scam them.

    They were likely to be using personal information that they mine from the victim’s social media accounts, or may have bought that data from users in private chat groups simply by providing a phone number of a potential victim.

    There are many signs you can look for to help spot a catfish, experts say.

    Firstly, a catfish might contact you out of nowhere, start regular conversations with you and shower you with compliments to quickly build up trust and rapport. They may state desirable qualities in their opening conversations, including wealth or attractiveness, but then rarely or never call you, either over the phone or on a video call.

    They often do not have many friends on social media and their posts are usually scarce. Search results using their name may not yield many results and their stories are usually inconsistent. For example, personal details like where they live or go to school might change when discussed again.

    Another classic sign is if the feelings they declare for you escalate quickly and after a short period of time. A catfish may ask you for sensitive images and money.

    Many scammers use already available photos of other people in their fake personas, which may be possible to spot using a reverse image search.

    With the explosion of AI technology, scammers may now generate unique and realistic images for use as profile pictures. But Hieu explains that thanks to their built-in patterns by design, AI-generated images can be detected, using tools such as AI-Generated Image Detector.

    If you believe you are being catfished, there are steps you can take to protect yourself and help end the targeting.

    Experts advise that you should not be afraid to ask direct questions or challenge the person you believe may be catfishing you. You can do this by asking them why they are not willing to call you or meet face to face, or questioning how they can declare their love for you so quickly.

    Wang and her colleagues sent nearly 200 deterrent messages to active scammers in a 2020 study and concluded that this could make fraudsters respond less or in some cases, admit to wrongdoing.

    An example of one of the messages was: “I know you are scamming innocent people. My friend was recently arrested for the same offense and is facing five years in prison. You should stop before you face the same fate.”

    You should think about stopping all communications with the catfish, and refrain from sending money to them at the risk of further financial demands. Experts say catfish continue to target those who engage with them more.

    It’s also useful to secure your online accounts and ensure your personal information is kept private online.

    Cybersecurity expert Hieu explained that you can do this by putting personal information such as your phone number, email addresses and date of birth in private mode on social media. You can also check if your email has been compromised in a data breach by using tools such as the Have I Been Pwned website.

    Installing two-factor authentication on your accounts can also help protect against unauthorized access. That requires you to take a second step to verify your identity when logging in to a service, for example by SMS or a physical device, such as a key fob.

    Being subjected to catfishing can also have a significant impact on your mental health, with many victims left unable to trust others and some left feeling embarrassed about falling for the scam. A 2019 study found that young LGBTQ+ men in rural America experiencing catfishing on dating apps felt angry and fearful.

    If someone was “sextorted,” they may continue to fear their images resurfacing online in the future.

    March from Federation University in Australia recommended improving digital literacy and staying aware of the potential red flags. She also emphasized the need to recognize today’s loneliness epidemic, which “leads people to perhaps be more susceptible to catfishing scams,” she said.

    Seeking professional support from a counselor or talking to supportive friends and family is one way to address loneliness, March added.

    Catfishing is not explicitly a crime, but the actions that often accompany catfishing, such as extortion for money, gifts or sexual images are crimes in many places.

    The main challenge in tackling online fraud is the issue of jurisdiction, according to a 2020 paper about police handling of online fraud victims in Australia. Traditional policing operates within specific territories, but the internet has blurred these boundaries, the authors write.

    Cybercriminals from one country can also target victims in other countries, complicating law enforcement efforts, and victims often face difficulty and frustration when trying to report cybercrimes, which can further traumatize them.

    Fangzhou Wang, a cybercrime professor at the University of Texas at Arlington told CNN that virtual private networks (VPNs), forged credentials, and anonymous communication methods make it extremely difficult to determine identities or locations.

    Scammers have also capitalized on the proliferation of AI, such as AI-generated personas, which complicates the ability of law enforcement authorities to gather evidence and build cases against a catfish.

    ”Law enforcement agencies, often constrained by limited resources and prioritizing cases based on severity and direct impact, might not readily prioritize catfishing cases without substantial financial losses or physical harm,” Wang told CNN.

    In the US, there are some legal precedents. In 2022, a woman who had created multiple fake profiles to target wealthy men was charged with extortion, cyberstalking, and interstate threats and was sentenced in a plea deal last year.

    In the UK, while catfishing itself is not classified as a criminal offense, if the person using a fake profile engages in illegal activities, like financial gain or harassment, they can be punished by law.

    China has a law that implicates people who allow their websites or communications platforms to be used for frauds and other illegal activities under Article 46 in the Cybersecurity Law.

    If a catfish has tricked you into sending them money, you can go to the authorities and your bank immediately, depending on where you are.

    If activities that are crimes in your country have taken place because of being catfished, such as extortion, identify theft or harassment, the police or other authorities, such as specific commissions targeting online crime, may be your first port of call.

    The Australian government’s agency responsible for online safety, the e-safety commissioner, advises that people gather all the evidence they can, including screenshots of the scammer and chats with them to keep as evidence.

    Depending on the case, you can also submit an abuse or impersonation report against the catfish directly to the platform on which you are communicating with them.

    If you believe the person you are talking to is not who they say they are, most of the larger social media platforms give you the option report them for impersonation or other forms of abuse, including Facebook, Instagram, TikTok, X, Telegram, Tinder and WhatsApp. WeChat also offers a channel to report another user for harassment, fraud, or illegal activity, while Telegram creates an anti-scam thread for users to report on fraudsters.

    You are not responsible for the catfish behaviors of others, but staying vigilant and alert online goes a long way.

    Make sure your online accounts are secured and use two-factor authentication. When browsing the internet, you may want to use a virtual private network (VPN) which makes your internet activity harder to track.

    In many countries such as the US, the UK and Australia, victims have reported being preyed on by catfish who tricked them to put money in bogus cryptocurrency investment sites.

    If someone you have been talking to asks you to put money into an investment site, think twice. The Global Anti-Scam Organization has a database of fraudulent websites generated by their own investigations and the public’s tip offs to help inform you if you’re being scammed.

    If you are a parent, this guide provided by the UK-based National College platform suggests communicating effectively and sensitively with your children about the risks. You may also help them report and block the catfish accounts and report to police if they have been subjected to anything illegal or inappropriate.

    Because catfish get close to a target often by relying on personal information posted on social media, UNICEF asks children to consider their rights when it comes to parents sharing their pictures and other content online, especially when they are underage.





    Source link

  • Google update makes it easier for US users to remove some unwanted search results | CNN Business

    Google update makes it easier for US users to remove some unwanted search results | CNN Business



    CNN
     — 

    Google unveiled new privacy updates this week that lets US users have a wee bit more control over the search results that pop up about themselves online.

    The tech giant said that it was rolling out a new dashboard that will let you know if web results with your contact information are showing up on its search engine. “Then, you can quickly request the removal of those results from Google — right in the tool,” Danielle Romain, the vice president of Trust at Google, said in a blog post Thursday.

    Romain added that Google will also notify you when new results from the web containing your contact info appear, for added “peace of mind.”

    Google also said it was enabling people to remove any of their personal, explicit images that they no longer wish to be visible in its search engine. For example, if you uploaded explicit content to a website and then subsequently deleted it, you can request its removal from Google’s Search if it’s being published elsewhere without your approval. The policy doesn’t apply, however, to content you are commercializing.

    “More broadly, whether it’s for websites containing personal information, explicit imagery or any other removal requests, we’ve updated and simplified the forms you use to submit requests,” Romain said Thursday.

    “Of course, removing content from Google Search does not remove it from the web or other search engines, but we hope these changes give you more control over private information appearing in Google Search,” she added.

    The moves by Google are essentially limited, but a step toward a US-version of Europe’s legally mandated “right to be forgotten” laws. The US updates do not currently, however, go beyond the scope of personal explicit images or contact information. Digital privacy advocates have long lamented how US policy lags far behind the European Union’s approach. An EU court established the right to be forgotten via a ruling in 2014, though the same court said in 2019 that Google does not have to honor the right outside of the EU.

    The privacy updates unveiled by Google this week, however, notably lack any mention of the latest privacy battleground in Big Tech: generative AI. As companies scramble to create large language models, the technology that underpins generative AI tools, many users and privacy advocates are now imploring tech companies to give users a way to opt-out of having their digital data used to train AI tools.

    Source link

  • Meta slapped with record $1.3 billion EU fine over data privacy | CNN Business

    Meta slapped with record $1.3 billion EU fine over data privacy | CNN Business


    London
    CNN
     — 

    Meta has been fined a record-breaking €1.2 billion ($1.3 billion) by European Union regulators for transferring the personal data of Facebook’s EU users to servers in the United States.

    The European Data Protection Board announced the fine in a statement Monday, saying it followed an inquiry into Facebook

    (FB)     by the Irish Data Protection Commission, the chief regulator overseeing Meta’s operations in Europe.

    The fine is the largest ever levied under Europe’s signature data privacy law, known as the General Data Protection Regulation, or GDPR. Meta has also been ordered to cease the processing of personal data of European users in the United States within six months.

    Meta’s infringement is “very serious since it concerns transfers that are systematic, repetitive and continuous,” said Andrea Jelinek, chair of the European Data Protection Board.

    “Facebook has millions of users in Europe, so the volume of personal data transferred is massive. The unprecedented fine is a strong signal to organizations that serious infringements have far-reaching consequences,” she added.

    Meta, which also owns WhatsApp and Instagram, said it would appeal the ruling, including the fine. There would be no immediate disruption to Facebook in Europe, it added.

    The company said the root of the issue stemmed from a “conflict of law” between US rules on access to data and the privacy rights of Europeans. EU and US policymakers were on a “clear path” to resolving this conflict under a new transatlantic Data Privacy Framework.

    The European Data Protection Board “chose to disregard the clear progress that policymakers are making to resolve this underlying issue,” Nick Clegg, Meta’s president of global affairs, and Jennifer Newstead, the company’s chief legal officer, said in a statement.

    “This decision is flawed, unjustified and sets a dangerous precedent for the countless other companies transferring data between the EU and US,” they added.

    “The ability for data to be transferred across borders is fundamental to how the global open internet works. Thousands of businesses and other organizations rely on the ability to transfer data between the EU and the US in order to operate and provide services that people use every day.”

    — This is a developing story and will be updated.

    Source link

  • Opinion: Washington needs to get over its TikTok fixation | CNN

    Opinion: Washington needs to get over its TikTok fixation | CNN

    Editor’s Note: Evan Greer is an activist, writer and musician based in Boston. She’s the director of the digital rights group Fight for the Future, and a regular commentator on issues related to technology policy, LGBTQ communities and human rights. Follow her on Twitter @evan_greer or Mastodon @evangreer@mastodon.online. Read more opinion on CNN.



    CNN
     — 

    The US government is racing ahead with proposals aimed at banning TikTok, the viral video platform used by more than 150 million Americans. Officials say it’s a matter of national security, gesturing urgently toward TikTok’s parent company ByteDance and its ties to China.

    While some might be motivated by thinly-veiled xenophobia, lawmakers also rightly point to concerns about TikTok’s surveillance and capitalist business model, which vacuums up as much personal information about users as possible and then uses it to serve content that keeps us clicking, scrolling, and generating ad revenue. TikTok “spies” on us for profit. That’s not in question.

    The problem is that – while they might not be owned by a Chinese company – Instagram, YouTube, Facebook, Snapchat and Twitter all do it too, as privacy advocates have been warning for more than a decade. Banning TikTok won’t make us safer from China’s surveillance operations. Nor will it protect children, or anyone else, from getting addicted to Big Tech’s manipulative products. It’s just an ineffective solution that sounds good on TV.

    While many governments engage in internet censorship and surveillance, China certainly has one of the most sophisticated and draconian systems. A core characteristic of China’s censorship regime is the “Great Firewall,” which blocks foreign social media apps, news sites and even educational resources like Wikipedia, under the guise of protecting national security.

    As they hyperventilate about TikTok, US politicians are so eager to appear “tough on China” that they’re suggesting we build our very own Great Firewall here at home. There is a small but growing number of countries in the world so authoritarian that they block popular apps and websites entirely. It’s regrettable that so many US lawmakers want to add us to that list.

    Several of the proposals wending their way through Congress would grant the federal government unprecedented new powers to control what technology we can use and how we can express ourselves – authority that goes far beyond TikTok. The bipartisan RESTRICT Act (S. 686), for example, would enable the Commerce Department to engage in extraordinary acts of policing, criminalizing a wide range of activities with companies from “hostile” countries and potentially even banning entire apps simply by declaring them a threat to national security.

    The law is vague enough that some experts have raised concerns that it could threaten individual internet users with lengthy prison sentences for taking steps to “evade” a ban, like side-loading an app (i.e., bypassing approved app distribution channels such as the Apple store) or using a virtual private network (VPN).

    But banning TikTok isn’t just foolish and dangerous, it’s also unconstitutional. The strong free speech protections enshrined in the First Amendment bar the government from extreme actions like criminalizing an app that millions of people use to express their opinions and ideas. The US government can’t ban you from posting or watching TikTok videos any more than they can stop you from reading a foreign newspaper like the Times of India or writing an opinion piece for The Guardian.

    The Washington Post, the New York Times and CNN all have their own official TikTok accounts, as do numerous candidates for office, elected officials, academics, journalists, religious leaders and political figures. Any proposal that results in TikTok’s effective ban in the US would almost certainly fall apart under a legal challenge, as the American Civil Liberties Union and other experts have asserted. Even conservative Republican Senator Rand Paul of Kentucky agrees that banning the app would violate Americans’ right to free speech.

    A ban on TikTok wouldn’t even be effective: The Chinese government could purchase much of the same information from data brokers, which are largely unregulated in the US.

    The rush to ban TikTok – or force its sale to a US company – is a convenient distraction from what our elected officials should be doing to protect us from government manipulation and commercial surveillance: passing some basic data privacy legislation. It’s a matter of common knowledge that Instagram, YouTube, Venmo, Snapchat and most of the other apps on your phone engage in similar data harvesting business practices to TikTok. Some are even worse.

    So it’s not just TikTok. Much of what you do in the digital space on all of your devices is tracked. Companies that engage in the practice claim that they track users’ activities online in order to deliver more targeted advertising and content.

    Many companies sell the data they harvest to third parties, who sell it to fourth and fifth and sixth parties. While companies collect this data for the purpose of extracting profit and getting users hooked on their products, governments have long taken an interest.

    The only way to stop governments from weaponizing data that private companies like TikTok collect and store about us is to stop those companies from collecting and storing so much information in the first place. You can’t do that with censorship. You do that by passing a strong national data privacy law that bans companies from collecting more data about us than they need to provide us with the service we’ve requested.

    Instead of helping Big Tech get bigger by banning a major competitor, Congress should also pass antitrust legislation to crack down on anti-competitive practices. That would give concerned parents and internet users who want to ditch TikTok and Instagram better options to choose from, and reduce the power of the largest platforms, making them harder for governments to exploit and manipulate. It’s much harder for bad actors, whether they’re corporate trolls or government agents, to control information across a constellation of smaller platforms, each with their own rules and algorithms, than it is for them to poison the well when there are a tiny handful of companies controlling access to information.

    A separate concern that lawmakers and US officials have raised is the idea that the Chinese government could pressure TikTok to amplify propaganda, or otherwise change its algorithm to advance the government’s interests. It’s an argument that’s not entirely without merit.

    We know the Russian government was effective in manipulating information on Facebook during the 2016 elections. The US has historically engaged in similar conduct overseas. Consider, for example, the US history in influencing the outcomes of elections in Latin America or disinformation campaigns by US allies after the Arab Spring. State-backed disinformation campaigns are happening at a mass scale and on every major platform. We fight that by demanding more transparency and accountability, not more censorship.

    It’s a national embarrassment that we have no basic data privacy law in the United States. And it’s a travesty that we continue to allow unregulated tech monopolies to trample our rights. Every day that our elected officials spend wringing their hands and spreading moral panic about what the kids are doing on TikTok is another day we’re left vulnerable and unprotected.

    With any luck, Washington’s TikTok hysteria will fade quickly. Let’s hope the next hot new trend in the nation’s capital is passing actual laws that protect people, starting with strong privacy and antitrust legislation.

    Source link

  • When you’re talking to a chatbot, who’s listening? | CNN Business

    When you’re talking to a chatbot, who’s listening? | CNN Business


    New York
    CNN
     — 

    As the tech sector races to develop and deploy a crop of powerful new AI chatbots, their widespread adoption has ignited a new set of data privacy concerns among some companies, regulators and industry watchers.

    Some companies, including JPMorgan Chase

    (JPM)    , have clamped down on employees’ use of ChatGPT, the viral AI chatbot that first kicked off Big Tech’s AI arms race, due to compliance concerns related to employees’ use of third-party software.

    It only added to mounting privacy worries when OpenAI, the company behind ChatGPT, disclosed it had to take the tool offline temporarily on March 20 to fix a bug that allowed some users to see the subject lines from other users’ chat history.

    The same bug, now fixed, also made it possible “for some users to see another active user’s first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date,” OpenAI said in a blog post.

    And just last week, regulators in Italy issued a temporary ban on ChatGPT in the country, citing privacy concerns after OpenAI disclosed the breach.

    “The privacy considerations with something like ChatGPT cannot be overstated,” Mark McCreary, the co-chair of the privacy and data security practice at law firm Fox Rothschild LLP, told CNN. “It’s like a black box.”

    With ChatGPT, which launched to the public in late November, users can generate essays, stories and song lyrics simply by typing up prompts.

    Google and Microsoft have since rolled out AI tools as well, which work the same way and are powered by large language models that are trained on vast troves of online data.

    When users input information into these tools, McCreary said, “You don’t know how it’s then going to be used.” That raises particularly high concerns for companies. As more and more employees casually adopt these tools to help with work emails or meeting notes, McCreary said, “I think the opportunity for company trade secrets to get dropped into these different various AI’s is just going to increase.”

    Steve Mills, the chief AI ethics officer at Boston Consulting Group, similarly told CNN that the biggest privacy concern that most companies have around these tools is the “inadvertent disclosure of sensitive information.”

    “You’ve got all these employees doing things which can seem very innocuous, like, ‘Oh, I can use this to summarize notes from a meeting,’” Mills said. “But in pasting the notes from the meeting into the prompt, you’re suddenly, potentially, disclosing a whole bunch of sensitive information.”

    If the data people input is being used to further train these AI tools, as many of the companies behind the tools have stated, then you have “lost control of that data, and somebody else has it,” Mills added.

    OpenAI, the Microsoft-backed company behind ChatGPT, says in its privacy policy that it collects all kinds of personal information from the people that use its services. It says it may use this information to improve or analyze its services, to conduct research, to communicate with users, and to develop new programs and services, among other things.

    The privacy policy states it may provide personal information to third parties without further notice to the user, unless required by law. If the more than 2,000-word privacy policy seems a little opaque, that’s likely because this has pretty much become the industry norm in the internet age. OpenAI also has a separate Terms of Use document, which puts most of the onus on the user to take appropriate measures when engaging with its tools.

    OpenAI also published a new blog post Wednesday outlining its approach to AI safety. “We don’t use data for selling our services, advertising, or building profiles of people — we use data to make our models more helpful for people,” the blogpost states. “ChatGPT, for instance, improves by further training on the conversations people have with it.”

    Google’s privacy policy, which includes its Bard tool, is similarly long-winded, and it has additional terms of service for its generative AI users. The company states that to help improve Bard while protecting users’ privacy, “we select a subset of conversations and use automated tools to help remove personally identifiable information.”

    “These sample conversations are reviewable by trained reviewers and kept for up to 3 years, separately from your Google Account,” the company states in a separate FAQ for Bard. The company also warns: “Do not include info that can be used to identify you or others in your Bard conversations.” The FAQ also states that Bard conversations are not being used for advertising purposes, and “we will clearly communicate any changes to this approach in the future.”

    Google also told CNN that users can “easily choose to use Bard without saving their conversations to their Google Account.” Bard users can also review their prompts or delete Bard conversations via this link. “We also have guardrails in place designed to prevent Bard from including personally identifiable information in its responses,” Google said.

    “We’re still sort of learning exactly how all this works,” Mills told CNN. “You just don’t fully know how information you put in, if it is used to retrain these models, how it manifests as outputs at some point, or if it does.”

    Mills added that sometimes users and developers don’t even realize the privacy risks that lurk with new technologies until it’s too late. An example he cited was early autocomplete features, some of which ended up having some unintended consequences like completing a social security number that a user began typing in — often to the alarm and surprise of the user.

    Ultimately, Mills said, “My view of it right now, is you should not put anything into these tools you don’t want to assume is going to be shared with others.”

    Source link

  • TikTok users are making fun of Congress members for their questions to app CEO Shou Chew | CNN Business

    TikTok users are making fun of Congress members for their questions to app CEO Shou Chew | CNN Business


    New York
    CNN
     — 

    TikTok creators have had enough of Congress seemingly not understanding how the internet works.

    What happened: On Thursday, TikTok CEO Shou Chew testified before the House Committee for Energy and Commerce, where he was peppered with questions about concerns over the popular app’s potential national security threats and its connections to China. Governments around the world banned the app on official devices, and there is concern that the app’s parent company ByteDance could be forced to cooperate with the Chinese government. (TikTok doesn’t operate in China.)

    The tone from some of its members was combative — something that creators noticed, and mocked, immediately.

    Meanwhile, TikTok creators are leading the way ridiculing members of Congress.

    There needs to be an age limit in Congress,” one caption by user @rachelhannahh said about a clip of US Rep. Buddy Carter, who represents Georgia’s 1st district, asking Chew whether the app tracks pupil dilation as a form of facial recognition to drive algorithms.

    Chew responded by saying the app does not use body, face or voice data to identify users, and the only face data the app collects is for “filters to have sunglasses on your face.”

    ‘Why do you need to know where the eyes are if you’re not seeing if they’re dilated?” Carter then asked, resulting in a barrage of comments ridiculing the congressman’s questions.

    A spokesperson for Carter said the congressman is not on TikTok because it poses a national security risk.

    “TikTok recently updated its privacy policy allowing it to collect biometric data, so it was important that its CEO be on-the-record, under oath detailing what data TikTok collects and whether the Chinese Communist Party has access to that data,” the spokesperson said.

    TechCrunch previously reported that TikTok updated its privacy policy “to allow the app to collect biometric data on US users.” However, the company has said it only uses biometrics for video effects and ByteDance employees in China would not be able to access it, TechCrunch reported.

    Many of the TikTok video clips suggested Congress members don’t know how modern technology works. They believe members of Congress are detached from technology and unaware of how tech companies within their own country operate, resulting in easily mockable questions.

    The app, which has 150 million US users, is facing a potential ban. Among those who’ve heard of TikTok, only 39% of those younger than 30 support a TikTok ban, according to a CBS News/YouGov poll released Thursday.

    US Rep. Mike Gallagher, who represents Wisconsin’s 8th district, told CNN during its primetime special Thursday night that the government needs to address TikTok as a national security threat, despite the popularity of the app among younger voters.

    “Republicans [and] Democrats agreed this is a threat,” Gallagher, a Republican who chairs the House Select Committee on China, told CNN. “So we can’t ignore it just because of concerns about alienating some teenagers on this app.”

    “It’s a national security issue,” he said. “We have to deal with it before it’s too late.”

    It’s a bipartisan opinion. The Biden administration threatened a ban if the app’s Chinese owners don’t spin off their share of the social media platform.

    “Bro outta pocket,” a user who goes by Whittington said on a clip of US Rep. August Pfluger, who represents Texas’ 11th district.

    In the clip, Pfluger said the only other person who united Democrats and Republicans was Vladimir Putin.

    CNN has reached out to Pfluger for comment.

    The hearing may also have created a new group of lobbyists. ByteDance, the company that owns TikTok, flew out more than 30 famous TikTokkers to Washington to advocate for the app, the New York Times reported.

    Another clip that has been widely circulating on the app is one of US Rep. Richard Hudson, who represents North Carolina’s 9th district, questioning Chew on how WiFi connectivity works. The “yes or no” style of interrogating on topics that were complex, or frankly irrelevant, were a major point of exasperation for users.

    “So if I have a TikTok app on my phone and my phone is on my home WiFi network,” Hudson asked, “does TikTok access that network?”

    “Does TikTok access my battery to steal my electricity?” one user said, mocking Hudson.

    CNN has reached out to Hudson for comment.

    Users are also posting POV’s on the app, renacting their own versions of the hearing.

    “What color is the algorithm?” said user Christian Divyne in a video mocking some of the questions Congress members asked Chew.

    The video ended up getting over one million views, with over 250,000 likes as of this writing.

    – CNN’s Samantha Murphy Kelly and Brian Fung contributed to this report.

    Source link

  • TikTok and its CEO are fighting to save the app in the US | CNN Business

    TikTok and its CEO are fighting to save the app in the US | CNN Business

    As a growing number of lawmakers raise national security concerns about TikTok’s ties to China, and some experts worry about the app’s impact on young people’s mental health, CNN is hosting a special to dig into these issues. Watch “CNN Primetime: Is time up for TikTok?” Thursday, March 23 at 9 p.m. ET.



    CNN
     — 

    At a Harvard Business Review conference earlier this month, where executives, professors and artists appeared for talks on corporate leadership and emotional intelligence, Shou Chew attempted to save his company.

    In his talk, Chew, the CEO of TikTok, said the social network would not provide US user data to the Chinese government and has never been asked to do so. Chew stressed the steps TikTok has taken to protect US user data. And four separate times, Chew told the audience that the platform’s mission was to “inspire creativity and bring joy” to users.

    The Harvard event is just one of several media appearances Chew has made in recent weeks amid mounting scrutiny of TikTok and of himself. Chew is set to testify on Thursday for the first time before a Congressional committee about “TikTok’s consumer privacy and data security practices, the platforms’ impact on kids, and its relationship with the Chinese Communist Party,” according to a statement last week from the committee. Meanwhile, federal officials are now demanding the app’s Chinese owners sell their stake in the social media platform, or risk facing a US ban of the app.

    Chew, a Singaporean who has largely stayed out of the spotlight since taking over TikTok in 2021, recently sat for interviews with multiple US newspapers and this week showed up in a video on the corporate TikTok account to highlight the vast reach of the app, which he revealed now has more than 150 million users in the United States.

    “That’s almost half the US coming to TikTok to connect, to create, to share, to learn, or just to have some fun,” said Chew, wearing in a hoodie and t-shirt like any other American tech executive in the clip. “This comes at a pivotal moment for us. Some politicians have started talking about banning TikTok, now this could take TikTok away from all 150 million of you.”

    Chew’s heightened visibility appears to be part of a larger messaging campaign by TikTok to bolster its reputation in the US and remind voters – and their representatives – how essential the social network is to American culture.

    A press conference is planned for Wednesday with dozens of social media creators on the steps of the Capitol, some of whom have been flown out there by TikTok. The company is paying for a blitz of advertisements for a Beltway audience. And last week it put out a docuseries highlighting American small business owners who rely on the platform for their livelihoods.

    Behind the scenes, Chew has also met with members of Congress and TikTok recently invited researchers and academics to its Washington, D.C., offices to learn more about how it is working to address lawmakers concerns over its ties to China through its parent company, ByteDance. Its parent company has also ramped up federal lobbying, spending more than $5 million last year, according to data tracked by OpenSecrets.

    “It’s life or death for TikTok, from their perspective,” said Justin Sherman, the CEO of Global Cyber Strategies, D.C.-based research and advisory firm, who was among the researchers TikTok invited to be briefed on “Project Texas,” the company’s $1.5 billion initiative to address lawmakers’ security concerns. “They are throwing everything they can at the problem.”

    In a statement, TikTok spokesman Jamal Brown said: “A U.S. ban on TikTok could have a direct impact on the livelihoods of millions of Americans. Lawmakers in Washington debating TikTok should hear firsthand from people whose lives would be directly affected by their decisions.”

    For much of the past year, TikTok has been rolling out new features and policies to address privacy and security concerns that the Chinese government could gain access to US user data, as well as broader fears that its app, like other social platforms, can be harmful to some younger users.

    TikTok recently set a default one-hour daily screen time limit on every account for users under 18 in one of the most aggressive moves yet by a social media company to prevent teens from endlessly scrolling. It rolled out a feature that aimed to offer more information to users about why its powerful algorithm recommends certain videos. And the company pledged more transparency to researchers.

    Facing concerns about its parent company’s ties to China, TikTok has also taken a number of steps to more clearly separate its US operations and user data from other parts of the organization. That includes moving all its US user data to Oracle’s cloud platform, where it says it hosts “100% of US user traffic.”

    The messaging campaign has only ramped up this week ahead of the hearing. TikTok rolled out refreshed Community Guidelines for content, which the company framed as being “based on our commitment to uphold human rights and aligned with international legal frameworks.” And Chew once again stressed TikTok’s independence from China.

    “I understand that there are concerns stemming from the inaccurate belief that TikTok’s corporate structure makes it beholden to the Chinese government or that it shares information about U.S. users with the Chinese government,” Chew said in prepared remarks ahead of his testimony before Congress. “This is emphatically untrue.”

    At the same time, TikTok is now betting on a strategy from American tech companies who have faced scrutiny for other reasons, playing up the impact it has on small businesses in the United States, including with the CEO’s prepared remarks and a mini docuseries it released last week titled “TikTok Sparks Good.”

    The series spotlighted inspiring stories of American small business owners and creators. The first of the 60-second clips features a Mississippi soap maker with a deep Southern accent who built her company on the app, and the second features an educator who quit his job to focus on sharing informational videos on TikTok aimed at teaching toddlers how to read.

    “Because of TikTok, I’m reaching millions of families who want to teach their toddlers how to read,” the educator says.

    Dozens of TikTok creators who oppose a ban will also be holding a press conference on Capitol grounds on Wednesday evening with Congressman Jamaal Bowman, a Democrat from New York. TikTok flew out some of the creators, the company confirmed to CNN. (The Information was first to report the move.)

    The list of expected attendees includes a disabled Asian American creator using her platform to combat ableism, a small business owner from South Carolina who launched a greeting card company via TikTok, and an Ohio-based chef who built her bakery business via the app. Some of the creators have hundreds of thousand or even millions of followers on TikTok.

    Even with these efforts, Sherman expressed some skepticism about how persuasive the PR push will be, mostly because of how divided Washington is right now.

    “Not everyone wants a ban,” he said. “For some lawmakers, it will matter that TikTok is taking all these steps to address security concerns.”

    But for others, it won’t move the needle. “Some lawmakers, frankly, do not care what ads TikTok is taking out, what pledges it’s making on its blog about independence, data privacy … They see an unmitigable risk of Chinese government access to data and/or influence over content, and so are going to push for a complete ban.”

    Lindsay Gorman, a senior fellow for emerging technologies at the German Marshall Fund’s Alliance for Securing Democracy and a former Biden administration adviser, said that “by and large, TikTok’s lobbying efforts so far have been pretty ineffective.”

    The problem, she said, is two-fold. First, even if TikTok takes steps to bolster its safeguards today, as it has been doing with Project Texas, concerns remain that it’s always “one update away from becoming a vulnerability.” And second, TikTok’s PR efforts in Washington won’t undo previous moments when the company “shot itself in the foot” by making what she said were “inaccurate statements” to Congress, “and then having revelations come out showing that those were inaccurate.”

    After the initial, Trump-era calls for a TikTok ban appeared to fade in Washington, BuzzFeed reported in 2021 that US user data was repeatedly accessed from China and that “everything is seen in China.” The details in the report were seemingly at odds with remarks a TikTok executive gave before a Senate panel earlier that year, claiming that a US-based security team decides who can access US user data from China. Following the report, TikTok once again became a hot button issue in the nation’s capital.

    But even as suspicion among US lawmakers grew, so did the app’s popularity in the country.

    “I do think TikTok’s strongest argument to date is drawing on its creator user base,” Gorman said. But for some lawmakers with security concerns, the latest push “may be too little too late.”

    In his TikTok video on Tuesday, Chew appealed directly to users of the app. The CEO asked them to write in the comments section to share “what you want your elected representatives to know about what you love about TikTok.”

    The top comment on the clip, which has received upwards of 50,000 likes, simply reads: “You know something went wrong when the boss has to show up 😂”

    Source link

  • TikTok collects a lot of data. But that’s not the main reason officials say it’s a security risk | CNN Business

    TikTok collects a lot of data. But that’s not the main reason officials say it’s a security risk | CNN Business



    CNN
     — 

    After TikTok CEO Shou Chew testified for more than five hours on Thursday before a Congressional committee, one thing was clear: US lawmakers remain convinced that TikTok is an urgent threat to national security.

    The hearing, Chew’s first appearance before Congress, kicked off with a lawmaker calling for TikTok to be banned and remained combative throughout. A number of lawmakers expressed deep skepticism about TikTok’s efforts to safeguard US user data and ease concerns about its ties to China. Nothing Chew said appeared to move the needle.

    The rhetoric inside and outside the hearing room highlighted the growing, bipartisan momentum for cracking down on the app in the United States. As the hearing was taking place, House Speaker Kevin McCarthy said he supports legislation that would effectively ban TikTok; Secretary of State Antony Blinken said TikTok should be “ended one way or another,” and the Treasury Department issued a statement vowing to “safeguard national security,” without mentioning TikTok by name.

    Concerns about TikTok’s connections to China have led governments worldwide to ban the app on official devices, and those fears have factored into the increasingly tense US-China relationship. But the remarks across the federal government on Thursday, combined with a prior threat from the Biden administration to impose a nationwide ban unless TikTok’s Chinese owners sell their stakes, shows that a complete ban of the hugely popular app very much remains a live possibility.

    However, more than two years after the Trump administration first issued a similar threat to TikTok, evidence remains unclear about whether the app is a national security threat. Security experts say the government’s fears, while serious, currently appear to reflect only the potential for TikTok to be used for foreign intelligence, not that it has been. There is still no public evidence the Chinese government has actually spied on people through TikTok.

    TikTok doesn’t operate in China. But since the Chinese government enjoys significant leverage over businesses under its jurisdiction, the theory goes that ByteDance, and thus indirectly, TikTok, could be forced to cooperate with a broad range of security activities, including possibly the transfer of TikTok data.

    “It’s not that we know TikTok has done something, it’s that distrust of China and awareness of Chinese espionage has increased,” said James Lewis, an information security expert at the Center for Strategic and International Studies. “The context for TikTok is much worse as trust in China vanishes.”

    When Rob Joyce, the National Security Agency’s director of cybersecurity, was asked by reporters in December to articulate his security concerns about TikTok, he offered a general warning rather than a specific allegation.

    “People are always looking for the smoking gun in these technologies,” Joyce said. “I characterize it much more as a loaded gun.”

    Technical experts also draw a distinction between the TikTok app — which appears to operate very similarly to American social media in the amount of user tracking and data collection it performs — and TikTok’s approach to governance and ownership. It’s the latter that’s been the biggest source of concern, not the former.

    The US government has said it’s worried China could use its national security laws to access the significant amount of personal information that TikTok, like most social media applications, collects from its US users.

    The laws in question are extraordinarily broad, according to western legal experts, requiring “any organization or citizen” in China to “support, assist and cooperate with state intelligence work,” without defining what “intelligence work” means.

    Should Beijing gain access to TikTok’s user data, one concern is that the information could be used to identify intelligence opportunities — for example, by helping China uncover the vices, predilections or pressure points of a potential spy recruit or blackmail target, or by building a holistic profile of foreign visitors to the country by cross-referencing that data against other databases it holds. Even if many of TikTok’s users are young teens with seemingly nothing to hide, it’s possible some of those Americans may grow up to be government or industry officials whose social media history could prove useful to a foreign adversary.

    Another concern is that if China has a view into TikTok’s algorithm or business operations, it could try to exert pressure on the company to shape what users see on the platform — either by removing content through censorship or by pushing preferred content and propaganda to users. This could have enormous repercussions for US elections, policymaking and other democratic discourse.

    Security experts say these scenarios are a possibility based on what’s publicly known about China’s laws and TikTok’s ownership structure, but stress that they are hypothetical at best. To date, there is no public evidence that Beijing has actually harvested TikTok’s commercial data for intelligence or other purposes.

    Chew, the TikTok CEO, has publicly said that the Chinese government has never asked TikTok for its data, and that the company would refuse any such request. In Thursday’s hearing, Chew said that what US officials fear is a hypothetical scenario that has not been proven.

    “I think a lot of risks that are pointed out are hypothetical and theoretical risks,” Chew said. “I have not seen any evidence. I am eagerly awaiting discussions where we can talk about evidence and then we can address the concerns that are being raised.”

    If there’s a risk, it’s primarily concentrated in the relationship between TikTok’s Chinese parent, ByteDance, and Beijing. The main issue is that the public has few ways of verifying whether or how that relationship, if it exists, might have been exploited.

    TikTok has been erecting technical and organizational barriers that it says will keep US user data safe from unauthorized access. Under the plan, known as Project Texas, the US government and third-party companies such as Oracle would also have some degree of oversight of TikTok’s data practices. TikTok is working on a similar plan for the European Union known as Project Clover.

    But that hasn’t assuaged the doubts of US officials. Multiple lawmakers at the hearing specifically said they were not persuaded by Project Texas. That’s likely because no matter what TikTok does internally, China would still theoretically have leverage over TikTok’s Chinese owners. Exactly what that implies is ambiguous, and because it is ambiguous, it is unsettling.

    In congressional testimony, TikTok has sought to assure US lawmakers it is free from Chinese government influence, but it has not spoken to the degree that ByteDance may be susceptible. TikTok has also acknowledged that some China-based employees have accessed US user data, though it’s unclear for what purpose, and it has disclosed to European users that China-based employees may access their data as part of doing their jobs.

    Multiple privacy and security researchers who’ve examined TikTok’s app say there aren’t any glaring flaws suggesting the app itself is currently spying on people or leaking their information.

    In 2020, The Washington Post worked with a privacy researcher to look under the hood at TikTok, concluding that the app does not appear to collect any more data than your typical mainstream social network. The following year, Pellaeon Lin, a Taiwan-based researcher at the University of Toronto’s Citizen Lab, performed another technical analysis that reached similar conclusions.

    But even if TikTok collects about the same amount of information as Facebook or Twitter, that’s still quite a lot of data, including information about the videos you watch, comments you write, private messages you send, and — if you agree to grant this level of access — your exact geolocation and contact lists. TikTok’s privacy policy also says the company collects your email address, phone number, age, search and browsing history, information about what’s in the photos and videos you upload, and if you consent, the contents of your device’s clipboard so that you can copy and paste information into the app.

    TikTok’s source code closely resembles that of its China-based analogue, Douyin, said Lin in an interview. That implies both apps are developed on the same code base and customized for their respective markets, he said. Theoretically, TikTok could have “privacy-violating hidden features” that can be turned on and off with a tweak to its server code and that the public might not know about, but the limitations of trying to reverse-engineer an app made it impossible for Lin to find out whether those configurations or features exist.

    If TikTok used unencrypted communications protocols, or if it tried to access contact lists or precise geolocation data without permission, or if it moved to circumvent system-level privacy safeguards built into iOS or Android, then that would be evidence of a problem, Lin said. But he found none of those things.

    “We did not find any overt vulnerabilities regarding their communication protocols, nor did we find any overt security problems within the app,” Lin said. “Regarding privacy, we also did not see the TikTok app exhibiting any behaviors similar to malware.”

    TikTok has cited Lin’s research as part of its defense. But Citizen Lab came out swinging this week at the company’s characterizations of the paper, saying in a statement that TikTok has presented the research as “somehow exculpatory” when a key finding was that Lin couldn’t see what happens to user data after it is collected.

    Chew, in a rare moment of apparent frustration, told lawmakers at the hearing that TikTok and Citizen Lab were really saying a version of the same thing. “Citizen Lab is saying they cannot prove a negative, which is what I’ve been trying to do for the last four hours,” he said.

    TikTok has faced claims that its in-app browser tracks its users’ keyboard entries, and that this type of conduct, known as keylogging, could be a security risk. The privacy researcher who performed the analysis last year, Felix Krause, said that keylogging is not an inherently malicious activity, but it theoretically means TikTok could collect passwords, credit card information or other sensitive data that users may submit to websites when they visit them through TikTok’s in-app browser.

    There is no public evidence TikTok has actually done that, however. TikTok has said the keylogging function is used for “debugging, troubleshooting, and performance monitoring,” as well as to detect bots and spam. Other research has shown that the use of keyloggers is extremely widespread in the technology industry. That does not necessarily excuse TikTok or its peers for using a keylogger in the first place, but neither is it proof positive that TikTok’s product, by itself, is any more of a national security threat than other websites.

    There have also been a number of studies that report TikTok is tracking users around the internet even when they are not using the app. By embedding tracking pixels on third-party websites, TikTok can collect information about a website’s visitors, the studies have found. TikTok has said it uses the data to bolster its advertising business. And in this respect, TikTok is not unique: the same tool is used by US tech giants including Facebook-parent Meta and Google on a far larger scale, according to Malwarebytes, a leading cybersecurity firm.

    At the hearing, Chew said the company does keystroke logging to “identify bots,” not to track what users say. He also repeatedly noted that TikTok does not collect more user data than most of its peers in the industry.

    As with the keylogging tech, the fact TikTok uses tracking pixels does not on its own transform the company into a national security threat; the risk is that the Chinese government could compel or influence TikTok, through ByteDance, to abuse its data collection capabilities.

    Separately, a report last year found TikTok was spying on journalists, snooping on their user data and IP addresses to find out when or if certain reporters were sharing the same location as company employees. TikTok later confirmed the incident and ByteDance fired several employees who had improperly accessed the TikTok data of two journalists.

    The circumstances surrounding the incident suggest it was not the type of wide-scale, government-directed intelligence effort that US national security officials primarily fear. Instead, it appeared to be part of a specific internal effort by some ByteDance employees to hunt down leaks to the press, which may be deplorable but hardly uncommon for an organization under public scrutiny. (Nevertheless, the US government is reportedly investigating the incident.)

    Joyce, the NSA’s top cyber official, told reporters in December that what he really worries about is “large-scale influence” campaigns leveraging TikTok’s data, not “individualized targeting through [TikTok] to do malicious things.”

    To date, however, there’s no public evidence of that taking place.

    TikTok may collect an extensive amount of data, much of it quietly, but as far as researchers can tell, it isn’t any more invasive or illegal than what other US tech companies do.

    According to security experts, that’s more a reflection of the broad leeway we’ve given to tech companies in general to handle our data, not an issue that’s unique or specific to TikTok.

    “We have to trust that those companies are doing the right thing with the information and access we’ve provided them,” said Peiter “Mudge” Zatko, a longtime ethical hacker and Twitter’s former head of security who turned whistleblower. “We probably shouldn’t. And this comes down to a concern about the ultimate governance of these companies.”

    Lin told CNN that TikTok and other social media companies’ appetite for data highlights policy failures to pass strong privacy laws that regulate the tech industry writ large.

    “TikTok is only a product of the entire surveillance capitalism economy,” Lin said. “And governments around the world are ignoring their duty to protect citizens’ private information, allowing big tech companies to exploit user information for gain. Governments should try to better protect user information, instead of focusing on one particular app without good evidence.”

    Asked how he would advise policymakers to look at TikTok instead, Lin said: “What I would call for is more evidence-based policy.”

    Source link

  • TikTok CEO testifies before Congress for the first time | CNN Business

    TikTok CEO testifies before Congress for the first time | CNN Business



    CNN
     — 

    TikTok CEO Shou Chew made his first appearance before Congress on Thursday and was immediately hit by intense criticism from lawmakers, including calls for the app to be banned.

    Rep. Cathy McMorris Rodgers, the chair of the House Energy and Commerce Committee, opened Thursday’s hearing by tearing into TikTok, and telling Shou: “Your platform should be banned.”

    “I expect today you’ll say anything to avoid this outcome,” she continued. “We aren’t buying it. In fact, when you celebrate the 150 million American users on TikTok, it emphasizes the urgency for Congress to act. That is 150 million Americans that the [Chinese Communist Party] can collect sensitive information on.”

    In his opening remarks, Chew attempted to stress TikTok’s independence from China and played up its US ties. “TikTok itself is not available in mainland China, we’re headquarterd in Los Angeles and Singapore, and we have 7,000 employees in the U.S. today,” he said.

    “Still, we have heard important concerns about the potential for unwanted foreign access to US data and potential manipulation of the TikTok US ecosystem,” Chew said. “Our approach has never been to dismiss or trivialize any of these concerns. We have addressed them with real action.

    Chew’s moment in the hot seat comes as some lawmakers are renewing calls for the app to be banned in the United States due to perceived national security concerns because of its ties to China through its parent company, ByteDance. TikTok acknowledged to CNN last week that federal officials are demanding the app’s Chinese owners sell their stake in the social media platform, or risk facing a US ban of the app. A number of countries, including the US, have already instituted a ban of the app on government devices due to the security concerns.

    TikTok doesn’t operate in China. But since the Chinese government enjoys significant leverage over businesses under its jurisdiction, the theory goes that ByteDance, and thus indirectly, TikTok, could be forced to cooperate with a broad range of security activities, including possibly the transfer of TikTok data.

    With his appearance, Chew may hope to reassure Americans and temper the heated rhetoric in Washington about the app – but the first two hours of the hearing showed just how challenging a task that might be.

    Much of Chew’s attempts to stress that his company is not an arm of the Chinese government appeared to fall on deaf ears. Numerous members of Congress interrupted the chief executive’s testimony to say they simply don’t believe him.

    “To the American people watching today, hear this: TikTok is a weapon by the Chinese Communist Party to spy on you, manipulate what you see and exploit for future generations,” said Rep. McMorris Rodgers.

    In an exchange with Rep. Anna Eshoo, Chew talked up TikTok’s ongoing efforts to protect US user data and said he has “seen no evidence that the Chinese government has access to that data; they have never asked us, we have not provided it.”

    “I find that actually preposterous,” Eshoo fired back.

    “I have looked in — and I have seen no evidence of this happening,” Chew responded. “Our commitment is to move their data into the United States, to be stored on American soil by an American company, overseen by American personnel. So the risk would be similar to any government going to an American company, asking for data.”

    “I don’t believe that TikTok — that you have said or done anything to convince us,” Eshoo said.

    Perhaps no exchange sums up Thursday’s hearing like a moment following Rep. Kat Cammack’s lengthy critique of TikTok’s content moderation and links to China.

    “Can I respond, Chair?” Chew asked McMorris Rodgers after Cammack’s time was up.

    McMorris Rodgers considered Chew for a brief moment.

    “No. We’re going to move on,” she said.

    As lawmakers doubled down on their questions about TikTok’s data collection practices, Chew also emphasized that the data TikTok collects is data “that’s frequently collected by many other companies in our industry.”

    “We are committed to be very transparent with our users about what we collect,” Chew said. “I don’t believe what we collect is more than most players in the industry.”

    Independent researchers have backed Chew’s assertions. In 2020, The Washington Post worked with a privacy researcher to look under the hood at TikTok, concluding that the app does not appear to collect any more data than your typical mainstream social network. The following year, Pellaeon Lin, a Taiwan-based researcher at the University of Toronto’s Citizen Lab, performed another technical analysis that reached similar conclusions.

    Still, even if TikTok collects about the same amount of information as Facebook or Twitter, that’s still quite a lot of data, including information about the videos you watch, comments you write, private messages you send, and — if you agree to grant this level of access — your exact geolocation and contact lists.

    While national security was expected to be the primary focus of the hearing, multiple lawmakers also highlighted concerns about TikTok’s impact on children.

    Democratic ranking member of the committee Rep. Frank Pallone, for example, said Thursday: “Research has found that TikTok’s algorithms recommend videos to teens that create and exacerbate feelings of emotional distress, including videos promoting suicide, self-harm and eating disorders.”

    Rep. Bob Latta, a Republican from Ohio, accused TikTok of promoting a video on the so-called “blackout challenge” or choking challenge to the feed of a 10-year-old girl from Pennsylvania, who later died after trying to mimic the challenge in the video.

    Republican Rep. Gus Bilirakis of Florida also said there is a lack of adequate content moderation, which leaves room for kids to be exposed to content that promotes self harm.

    “Your technology is literally leading to death,” Bilirakis said to TikTok CEO Shou Chew.

    Citing examples of harmful content served to children, he said, “it is unacceptable, sir, that even after knowing all these dangers, you still claim that TikTok is something grand to behold.”

    TikTok, for its parts, has launched a number of features in recent months to provide additional safeguards for younger users, including setting a new 60-minute default for daily time limit for those under the age of 18. Even that feature, however, was criticized by lawmakers as being too easy for teens to bypass.

    Source link

  • China may prefer TikTok to be banned than fall into US hands | CNN Business

    China may prefer TikTok to be banned than fall into US hands | CNN Business


    Hong Kong
    CNN
     — 

    Nearly three years after the Trump administration threatened to ban TikTok if its Chinese owner didn’t sell the company to American investors, the video app is once again facing an existential threat.

    TikTok CEO Shou Zi Chew will appear later Thursday before US lawmakers, many of whom want the app banned in the United States because of the risk they say it presents to national security. The clamor for a sale is growing louder again.

    But an outright divestment isn’t in the cards, according to analysts and legal experts, not least because the Chinese government views TikTok’s technology as sensitive and has taken steps since 2020 to ensure it can veto any sale by its Beijing-based owner, ByteDance.

    At issue is who owns the keys to TikTok’s algorithms and the vast troves of data collected from the 150 million people in the United States who use the app each month.

    The Chinese government considers some advanced technology, including content recommendation algorithms, to be critical to its national interest. In December, Chinese officials proposed tightening the rules that govern the sale of that technology to foreign buyers.

    “Beijing will have no say in the US decision to mandate the sale of TikTok, but it will retain the ultimate approval authority over such a sale,” said Brock Silvers, chief investment officer for Kaiyuan Capital.

    “It also seems extremely unlikely that Beijing will accept any deal that removes TikTok’s algorithm[s] from its direct control and regulatory authority,” he said.

    TikTok’s algorithms, which keep users glued to the app, are believed to be key to its success. The algorithms give recommendations based on users’ behavior, thus pushing videos they actually like and want to watch.

    Chinese regulators first added algorithms to the restricted list of technologies in August 2020, when the Trump administration threatened to ban TikTok unless it was sold.

    Back then, Chinese state media published a commentary by a professor of trade at the University of International Business and Economics who said the updated rules meant ByteDance would need a license from Beijing to sell its technology.

    “Some cutting-edge technologies might impact national security and public welfare, and need to be included in [export control] management,” Cui Fan told Xinhua.

    The intended sale of TikTok in 2020 to Oracle and Walmart hit a snag after Beijing added algorithms to its export control list. The Biden administration eventually rescinded the Trump-era executive order targeting TikTok, but replaced it with a broader directive focused on investigating technology linked to foreign adversaries, including China.

    Now, the company is once again caught up in a geopolitical struggle between Washington and Beijing.

    “The TikTok hearings in the United States mark the beginnings of a regulatory meat-grinder facing all [Chinese] tech companies,” said Alex Capri, a research fellow at the Hinrich Foundation.

    A senior official from the Chinese regulator of digital and traditional media visited Bytedance’s offices last week. He urged the company to improve the use of “recommendation algorithms” to spread “positive energy” and strengthen the review of online content, according to a statement from the regulator posted on its website.

    The visit highlights Beijing’s resolve to keep its most powerful internet companies on a tight leash. It also has more direct levers to pull.

    In April 2021, a Chinese government entity acquired a “golden share” of 1% in a Beijing subsidiary of ByteDance, according to business data platform Qichacha. The subsidiary controls operating licenses for Douyin, TikTok’s sister app in China, and Toutiao, a news aggregation app.

    “TikTok’s algorithms make it truly unique in terms of data harvesting and strategic analytics, therefore, I don’t see Beijing allowing it to fall into the hands of US interests,” said Capri.

    “Unless they can somehow still access TikTok’s data through other means and methods, including ongoing cyber intrusion and other forms of back-door access.”

    Chinese regulators have been gradually tightening their control over algorithm technology more generally.

    Starting in March 2022, an unprecedented regulation came into effect requiring internet companies to register recommendation algorithms with the Cyberspace Administration, the powerful internet regulator that reports to President Xi Jinping.

    At the beginning of 2023, rules governing “deep synthesis algorithms” also took effect. They will restrict the use of AI-powered image, audio and text-generation software. Such technologies underpin popular apps such as ChatGPT.

    These regulatory developments suggest that TikTok’s recommendation algorithms will be subject to China’s export controls, said Winston Ma, an adjunct professor at New York University School of Law.

    TikTok has been erecting technical and organizational barriers that it says will keep user data safe from unauthorized access.

    Under the plans, known as Project Texas, the US government and third-party companies such as Oracle would also have some degree of oversight of TikTok’s data practices. TikTok is working on a similar plan for the European Union known as Project Clover.

    But that hasn’t reassured US officials, likely because no matter what TikTok does internally, China would still theoretically have leverage over TikTok’s Chinese owners. (Similar measures taken by Huawei didn’t prevent it from being kicked out of Western 5G markets.)

    And the concerns would remain even if TikTok is sold to an American buyer, Capri said.

    “A change of TikTok’s ownership solves nothing,” he said. “The real issue is general data security and who ultimately has access to that data, by whatever means, regardless of legal ownership.”

    The true test, he said, is whether user data can be effectively ring-fenced and privacy and security can be achieved through data segregation, encryption and other means.

    As for a solution, Silvers expects both sides to try to “finesse a compromise” where US concerns are addressed, but Beijing still retains control over TikTok.

    But, he believes Beijing would ultimately prefer for TikTok leave the US market rather than surrender its algorithm.

    “If any Chinese company is to have any chance of surviving increased scrutiny from Western governments, they will have to entrust their data to third party security firms and endure rigorous third party audits and government intrusion, in addition to transferring ownership,” Capri said.

    “This is really an existential crisis for Chinese firms operating in the West.”

    Source link

  • Lawmakers say TikTok is a national security threat, but evidence remains unclear | CNN Business

    Lawmakers say TikTok is a national security threat, but evidence remains unclear | CNN Business



    CNN
     — 

    As TikTok CEO Shou Zi Chew prepares for his first congressional grilling on Thursday, much of the focus will undoubtedly be on the short-form video app’s potential national security risks.

    Concerns about TikTok’s connections to China have led governments worldwide to ban the app on official devices, and those fears have factored into the increasingly tense US-China relationship. The Biden administration has threatened TikTok with a nationwide ban unless its Chinese owners sell their stakes in the company.

    But more than two years after the Trump administration first issued a similar threat to TikTok, security experts say the government’s fears, while serious, currently appear to reflect only the potential for TikTok to be used for foreign intelligence, not that it has been. There is still no public evidence the Chinese government has actually spied on people through TikTok.

    TikTok doesn’t operate in China. But since the Chinese government enjoys significant leverage over businesses under its jurisdiction, the theory goes that ByteDance, and thus indirectly, TikTok, could be forced to cooperate with a broad range of security activities, including possibly the transfer of TikTok data.

    “It’s not that we know TikTok has done something, it’s that distrust of China and awareness of Chinese espionage has increased,” said James Lewis, an information security expert at the Center for Strategic and International Studies. “The context for TikTok is much worse as trust in China vanishes.”

    When Rob Joyce, the National Security Agency’s director of cybersecurity, was asked by reporters in December to articulate his security concerns about TikTok, he offered a general warning rather than a specific allegation.

    “People are always looking for the smoking gun in these technologies,” Joyce said. “I characterize it much more as a loaded gun.”

    Technical experts also draw a distinction between the TikTok app — which appears to operate very similarly to American social media in the amount of user tracking and data collection it performs — and TikTok’s approach to governance and ownership. It’s the latter that’s been the biggest source of concern, not the former.

    The US government has said it’s worried China could use its national security laws to access the significant amount of personal information that TikTok, like most social media applications, collects from its US users.

    The laws in question are extraordinarily broad, according to western legal experts, requiring “any organization or citizen” in China to “support, assist and cooperate with state intelligence work,” without defining what “intelligence work” means.

    Should Beijing gain access to TikTok’s user data, one concern is that the information could be used to identify intelligence opportunities — for example, by helping China uncover the vices, predilections or pressure points of a potential spy recruit or blackmail target, or by building a holistic profile of foreign visitors to the country by cross-referencing that data against other databases it holds. Even if many of TikTok’s users are young teens with seemingly nothing to hide, it’s possible some of those Americans may grow up to be government or industry officials whose social media history could prove useful to a foreign adversary.

    Another concern is that if China has a view into TikTok’s algorithm or business operations, it could try to exert pressure on the company to shape what users see on the platform — either by removing content through censorship or by pushing preferred content and propaganda to users. This could have enormous repercussions for US elections, policymaking and other democratic discourse.

    Security experts say these scenarios are a possibility based on what’s publicly known about China’s laws and TikTok’s ownership structure, but stress that they are hypothetical at best. To date, there is no public evidence that Beijing has actually harvested TikTok’s commercial data for intelligence or other purposes.

    Chew, the TikTok CEO, has publicly said that the Chinese government has never asked TikTok for its data, and that the company would refuse any such request.

    If there’s a risk, it’s primarily concentrated in the relationship between TikTok’s Chinese parent, ByteDance, and Beijing. The main issue is that the public has few ways of verifying whether or how that relationship, if it exists, might have been exploited.

    TikTok has been erecting technical and organizational barriers that it says will keep US user data safe from unauthorized access. Under the plan, known as Project Texas, the US government and third-party companies such as Oracle would also have some degree of oversight of TikTok’s data practices. TikTok is working on a similar plan for the European Union known as Project Clover.

    But that hasn’t assuaged the doubts of US officials, likely because no matter what TikTok does internally, China would still theoretically have leverage over TikTok’s Chinese owners. Exactly what that implies is ambiguous, and because it is ambiguous, it is unsettling.

    In congressional testimony, TikTok has sought to assure US lawmakers it is free from Chinese government influence, but it has not spoken to the degree that ByteDance may be susceptible. TikTok has also acknowledged that some China-based employees have accessed US user data, though it’s unclear for what purpose, and it has disclosed to European users that China-based employees may access their data as part of doing their jobs.

    Multiple privacy and security researchers who’ve examined TikTok’s app say there aren’t any glaring flaws suggesting the app itself is currently spying on people or leaking their information.

    In 2020, The Washington Post worked with a privacy researcher to look under the hood at TikTok, concluding that the app does not appear to collect any more data than your typical mainstream social network. The following year, Pellaeon Lin, a Taiwan-based researcher at the University of Toronto’s Citizen Lab, performed another technical analysis that reached similar conclusions.

    But even if TikTok collects about the same amount of information as Facebook or Twitter, that’s still quite a lot of data, including information about the videos you watch, comments you write, private messages you send, and — if you agree to grant this level of access — your exact geolocation and contact lists. TikTok’s privacy policy also says the company collects your email address, phone number, age, search and browsing history, information about what’s in the photos and videos you upload, and if you consent, the contents of your device’s clipboard so that you can copy and paste information into the app.

    TikTok’s source code closely resembles that of its China-based analogue, Douyin, said Lin in an interview. That implies both apps are developed on the same code base and customized for their respective markets, he said. Theoretically, TikTok could have “privacy-violating hidden features” that can be turned on and off with a tweak to its server code and that the public might not know about, but the limitations of trying to reverse-engineer an app made it impossible for Lin to find out whether those configurations or features exist.

    If TikTok used unencrypted communications protocols, or if it tried to access contact lists or precise geolocation data without permission, or if it moved to circumvent system-level privacy safeguards built into iOS or Android, then that would be evidence of a problem, Lin said. But he found none of those things.

    “We did not find any overt vulnerabilities regarding their communication protocols, nor did we find any overt security problems within the app,” Lin said. “Regarding privacy, we also did not see the TikTok app exhibiting any behaviors similar to malware.”

    TikTok has faced claims that its in-app browser tracks its users’ keyboard entries, and that this type of conduct, known as keylogging, could be a security risk. The privacy researcher who performed the analysis last year, Felix Krause, said that keylogging is not an inherently malicious activity, but it theoretically means TikTok could collect passwords, credit card information or other sensitive data that users may submit to websites when they visit them through TikTok’s in-app browser.

    There is no public evidence TikTok has actually done that, however. TikTok has said the keylogging function is used for “debugging, troubleshooting, and performance monitoring,” as well as to detect bots and spam. Other research has shown that the use of keyloggers is extremely widespread in the technology industry. That does not necessarily excuse TikTok or its peers for using a keylogger in the first place, but neither is it proof positive that TikTok’s product, by itself, is any more of a national security threat than other websites.

    There have also been a number of studies that report TikTok is tracking users around the internet even when they are not using the app. By embedding tracking pixels on third-party websites, TikTok can collect information about a website’s visitors, the studies have found. TikTok has said it uses the data to bolster its advertising business. And in this respect, TikTok is not unique: the same tool is used by US tech giants including Facebook-parent Meta and Google on a far larger scale, according to Malwarebytes, a leading cybersecurity firm.

    As with the keylogging tech, the fact TikTok uses tracking pixels does not on its own transform the company into a national security threat; the risk is that the Chinese government could compel or influence TikTok, through ByteDance, to abuse its data collection capabilities.

    Separately, a report last year found TikTok was spying on journalists, snooping on their user data and IP addresses to find out when or if certain reporters were sharing the same location as company employees. TikTok later confirmed the incident and ByteDance fired several employees who had improperly accessed the TikTok data of two journalists.

    The circumstances surrounding the incident suggest it was not the type of wide-scale, government-directed intelligence effort that US national security officials primarily fear. Instead, it appeared to be part of a specific internal effort by some ByteDance employees to hunt down leaks to the press, which may be deplorable but hardly uncommon for an organization under public scrutiny. (Nevertheless, the US government is reportedly investigating the incident.)

    Joyce, the NSA’s top cyber official, told reporters in December that what he really worries about is “large-scale influence” campaigns leveraging TikTok’s data, not “individualized targeting through [TikTok] to do malicious things.”

    To date, however, there’s no public evidence of that taking place.

    TikTok may collect an extensive amount of data, much of it quietly, but as far as researchers can tell, it isn’t any more invasive or illegal than what other US tech companies do.

    According to security experts, that’s more a reflection of the broad leeway we’ve given to tech companies in general to handle our data, not an issue that’s unique or specific to TikTok.

    “We have to trust that those companies are doing the right thing with the information and access we’ve provided them,” said Peiter “Mudge” Zatko, a longtime ethical hacker and Twitter’s former head of security who turned whistleblower. “We probably shouldn’t. And this comes down to a concern about the ultimate governance of these companies.”

    Lin told CNN that TikTok and other social media companies’ appetite for data highlights policy failures to pass strong privacy laws that regulate the tech industry writ large.

    “TikTok is only a product of the entire surveillance capitalism economy,” Lin said. “And governments around the world are ignoring their duty to protect citizens’ private information, allowing big tech companies to exploit user information for gain. Governments should try to better protect user information, instead of focusing on one particular app without good evidence.”

    Asked how he would advise policymakers to look at TikTok instead, Lin said: “What I would call for is more evidence-based policy.”

    Source link

  • The US government is once again threatening to ban TikTok. What you should know | CNN Business

    The US government is once again threatening to ban TikTok. What you should know | CNN Business



    CNN
     — 

    Nearly two-and-a-half years after the Trump administration threatened to ban TikTok in the United States if it didn’t divest from its Chinese owners, the Biden administration is now doing the same.

    TikTok acknowledged to CNN this week that federal officials are demanding the app’s Chinese owners sell their stake in the social media platform, or risk facing a US ban of the app.

    The new directive comes from the multiagency Committee on Foreign Investment in the United States (CFIUS), following years of negotiations between TikTok and the government body. (CFIUS is the same group that previously forced a sale of LGBTQ dating app Grindr from Chinese ownership back in 2019.)

    The ultimatum from the US government represents an apparent escalation in pressure from Washington as more lawmakers once again raise national security concerns about the app. Suddenly, TikTok’s future in the United States appears more uncertain – but this time, it comes after years in which the app has only broadened its reach over American culture.

    Here’s what you should know.

    Some in Washington have expressed concerns that the app could be infiltrated by the Chinese government to essentially spy on American users or gain access to US user data. Others have raised alarms over the possibility that the Chinese government could use the app to spread propaganda to a US audience. At the heart of both is an underlying concern that any company doing business in China ultimately falls under Chinese Communist Party laws.

    Other concerns raised are not unique to TikTok, but more broadly about the potential for social media platforms to lead younger users down harmful rabbit holes.

    If this latest development is giving you déjà vu, that’s because it echoes the saga TikTok already went through in the United States that kicked off in 2020, when the Trump administration first threatened it with a ban via executive order if it didn’t sell itself to a US-based company.

    Oracle and Walmart were suggested as buyers, social media creators were in a frenzy, and TikTok kicked off a lengthy legal battle against the US government. Some critics at the time blasted then-president Donald Trump’s crusade against the app as political theater rooted in xenophobia, calling out Trump’s unusual suggestion that the United States should get a “cut” of any deal if it forced the app’s sale to an American firm.

    The Biden administration eventually rescinded the Trump-era executive order targeting TikTok, but replaced it with a broader directive focused on investigating technology linked to foreign adversaries, including China. Meanwhile, CFIUS continued negotiations to strike a possible deal that would allow the app to continue operating in the United States. Then scrutiny began to kick up again in Washington.

    Lawmakers renewed their scrutiny of TikTok for its ties to China through its parent company, ByteDance, after a report last year suggested US user data had been repeatedly accessed by China-based employees. TikTok has disputed the report.

    In rare remarks earlier this month at a Harvard Business Review conference, TikTok CEO Shou Chew doubled down on the company’s prior commitments to address the lawmakers’ concerns.

    “The Chinese government has actually never asked us for US user data,” Chew said, “and we’ve said this on the record, that even if we where asked for that, we will not provide that.” Chew added that “all US user data is stored, by default, in the Oracle Cloud infrastructure” and “access to that data is completely controlled by US personnel.”

    TikTok CEO, Shou Zi Chew is interviewed at offices the company uses on Tuesday February 14, 2023 in Washington, DC.(Photo by Matt McClain/The Washington Post via Getty Images)

    As for the concerns that the Chinese government might use the app to spew propaganda to a US audience, Chew emphasized that this would be bad for business, noting that some 60% of TikTok’s owners are global investors. “Misinformation and propaganda has no place on our platform, and our users do not expect that,” he said.

    In response to the CFIUS divestiture request, a TikTok spokesperson told CNN this week that a change in ownership wouldn’t impact how US user data is accessed.

    “If protecting national security is the objective, divestment doesn’t solve the problem,” TikTok spokesperson Maureen Shanahan said in a statement. “A change in ownership would not impose any new restrictions on data flows or access. The best way to address concerns about national security is with the transparent, US-based protection of US user data and systems, with robust third-party monitoring, vetting, and verification, which we are already implementing.”

    TikTok is really only a national security risk insofar as the Chinese government may have leverage over TikTok or its parent company. China has national security laws that require companies under its jurisdiction to cooperate with a broad range of security activities. The main issue is that the public has few ways of verifying whether or how that leverage has been exercised. (TikTok doesn’t operate in China, but ByteDance does.)

    Privacy and security researchers who have looked under the hood at TikTok’s app say that, as far as they can tell, TikTok isn’t much different from other social networks in terms of the data it collects or how it communicates with company servers. That’s still a lot of personally revealing information, but it doesn’t imply that TikTok’s app itself is inherently malicious or a kind of spyware.

    That’s why the concern really focuses on TikTok and ByteDance’s relationship to the Chinese government, and why the Biden administration is pushing for TikTok’s Chinese owners to sell their shares.

    India banned TikTok in the summer of 2020, following a violent border clash between the country and China, in a move that abruptly disconnected the more than 200 million users the app had amassed there.

    While stopping short of banning the app on personal devices, a number of other countries, including the United States, Canada and United Kingdom have recently enacted bans of TikTok on official, government devices.

    Late last year, President Joe Biden signed legislation prohibiting TikTok on federal government devices, and more than half of US states have enacted a similar mandate at the state level. A TikTok spokesperson previously blasted this ban as “little more than political theater.”

    “The ban of TikTok on federal devices passed in December without any deliberation, and unfortunately that approach has served as a blueprint for other world governments,” the spokesperson added.

    Source link