Privacy
Public Knowledge Blasts Latest Privacy Meltdown, This One at Instagram Affiliate Hyp3r

WASHINGTON, August 8, 2019 – News of another data breach at Facebook marketing partner Hyp3r on Thursday prompted more demands for federal privacy legislation.
According to the non-profit group Public Knowledge, Hyp3r collected public records of Instagram users’ geolocation, personal bios, followers, metadata and photos – all without users’ consent.
“It’s well past time for Congress to enact strong, comprehensive federal privacy legislation,” said Dylan Gilbert, policy fellow at Public Knowledge.
As long as companies operate free of strong consumer privacy and security laws, he said, companies will continue to turn a blind eye to user privacy and security violations.
Instagram, which is owned by Facebook, said it has terminated its partnership with Hyp3r. Hyp3r had been using data harvesting tools to download users’ Instagram stories that are supposed to auto-delete after 24 hours.
Hyp3r also reportedly took advantage of a security lapse in the Instagram app to harvest posts tagged with geofenced locations. In both cases, only public accounts were compromised.
In the wake of Facebook’s Cambridge Analytica scandal, Instagram had begun disabling parts of its API, including location tools. However, Instagram’s faulty implementation of API rollbacks prompted Hyp3r to create tools that take advantage of these discrepancies, according to a report in Gizmodo.
Hyp3r saved the content and then used the information to build and sell extensive profiles of users’ daily lives, said Gilbert. While this was done in violation of Instagram’s rules, Hyp3r appears to have been free of any meaningful oversight from Instagram or Facebook.
Rules should be put in place that will empower consumers to better control their data, said Gilbert. The situation is also unsurprising, given that Facebook likely indirectly profited from Hyp3r’s data collection via the Facebook ad manager tool.
(Photo from Hyp3r’s Twitter stream.)
Cybersecurity
Senate Looks for Answers During First Public Hearing on SolarWinds Cyber Attack

WASHINGTON, August 8, 2019 – News of another data breach at Facebook marketing partner Hyp3r on Thursday prompted more demands for federal privacy legislation.
According to the non-profit group Public Knowledge, Hyp3r collected public records of Instagram users’ geolocation, personal bios, followers, metadata and photos – all without users’ consent.
“It’s well past time for Congress to enact strong, comprehensive federal privacy legislation,” said Dylan Gilbert, policy fellow at Public Knowledge.
As long as companies operate free of strong consumer privacy and security laws, he said, companies will continue to turn a blind eye to user privacy and security violations.
Instagram, which is owned by Facebook, said it has terminated its partnership with Hyp3r. Hyp3r had been using data harvesting tools to download users’ Instagram stories that are supposed to auto-delete after 24 hours.
Hyp3r also reportedly took advantage of a security lapse in the Instagram app to harvest posts tagged with geofenced locations. In both cases, only public accounts were compromised.
In the wake of Facebook’s Cambridge Analytica scandal, Instagram had begun disabling parts of its API, including location tools. However, Instagram’s faulty implementation of API rollbacks prompted Hyp3r to create tools that take advantage of these discrepancies, according to a report in Gizmodo.
Hyp3r saved the content and then used the information to build and sell extensive profiles of users’ daily lives, said Gilbert. While this was done in violation of Instagram’s rules, Hyp3r appears to have been free of any meaningful oversight from Instagram or Facebook.
Rules should be put in place that will empower consumers to better control their data, said Gilbert. The situation is also unsurprising, given that Facebook likely indirectly profited from Hyp3r’s data collection via the Facebook ad manager tool.
(Photo from Hyp3r’s Twitter stream.)
Cybersecurity
SolarWinds CEO Says Hack Shows Need for Information-Sharing Between Industry and Government

WASHINGTON, August 8, 2019 – News of another data breach at Facebook marketing partner Hyp3r on Thursday prompted more demands for federal privacy legislation.
According to the non-profit group Public Knowledge, Hyp3r collected public records of Instagram users’ geolocation, personal bios, followers, metadata and photos – all without users’ consent.
“It’s well past time for Congress to enact strong, comprehensive federal privacy legislation,” said Dylan Gilbert, policy fellow at Public Knowledge.
As long as companies operate free of strong consumer privacy and security laws, he said, companies will continue to turn a blind eye to user privacy and security violations.
Instagram, which is owned by Facebook, said it has terminated its partnership with Hyp3r. Hyp3r had been using data harvesting tools to download users’ Instagram stories that are supposed to auto-delete after 24 hours.
Hyp3r also reportedly took advantage of a security lapse in the Instagram app to harvest posts tagged with geofenced locations. In both cases, only public accounts were compromised.
In the wake of Facebook’s Cambridge Analytica scandal, Instagram had begun disabling parts of its API, including location tools. However, Instagram’s faulty implementation of API rollbacks prompted Hyp3r to create tools that take advantage of these discrepancies, according to a report in Gizmodo.
Hyp3r saved the content and then used the information to build and sell extensive profiles of users’ daily lives, said Gilbert. While this was done in violation of Instagram’s rules, Hyp3r appears to have been free of any meaningful oversight from Instagram or Facebook.
Rules should be put in place that will empower consumers to better control their data, said Gilbert. The situation is also unsurprising, given that Facebook likely indirectly profited from Hyp3r’s data collection via the Facebook ad manager tool.
(Photo from Hyp3r’s Twitter stream.)
Education
Privacy Concerns Increase With Ed Technology Boom, Says Acting Chair of Federal Trade Commission

WASHINGTON, August 8, 2019 – News of another data breach at Facebook marketing partner Hyp3r on Thursday prompted more demands for federal privacy legislation.
According to the non-profit group Public Knowledge, Hyp3r collected public records of Instagram users’ geolocation, personal bios, followers, metadata and photos – all without users’ consent.
“It’s well past time for Congress to enact strong, comprehensive federal privacy legislation,” said Dylan Gilbert, policy fellow at Public Knowledge.
As long as companies operate free of strong consumer privacy and security laws, he said, companies will continue to turn a blind eye to user privacy and security violations.
Instagram, which is owned by Facebook, said it has terminated its partnership with Hyp3r. Hyp3r had been using data harvesting tools to download users’ Instagram stories that are supposed to auto-delete after 24 hours.
Hyp3r also reportedly took advantage of a security lapse in the Instagram app to harvest posts tagged with geofenced locations. In both cases, only public accounts were compromised.
In the wake of Facebook’s Cambridge Analytica scandal, Instagram had begun disabling parts of its API, including location tools. However, Instagram’s faulty implementation of API rollbacks prompted Hyp3r to create tools that take advantage of these discrepancies, according to a report in Gizmodo.
Hyp3r saved the content and then used the information to build and sell extensive profiles of users’ daily lives, said Gilbert. While this was done in violation of Instagram’s rules, Hyp3r appears to have been free of any meaningful oversight from Instagram or Facebook.
Rules should be put in place that will empower consumers to better control their data, said Gilbert. The situation is also unsurprising, given that Facebook likely indirectly profited from Hyp3r’s data collection via the Facebook ad manager tool.
(Photo from Hyp3r’s Twitter stream.)
-
Artificial Intelligence3 months ago
U.S. Special Operations Command Employs AI and Machine Learning to Improve Operations
-
Broadband Roundup3 months ago
Benton on Middle Mile Open Access Networks, CENIC Fiber Route in California, Investors Buying Bitcoin
-
Section 2304 months ago
President Trump’s FCC Nominee Grilled on Section 230 During Senate Confirmation Hearing
-
Artificial Intelligence1 month ago
Artificial Intelligence Aims to Enhance Human Capabilities, But Only With Caution and Safeguards
-
Broadband Roundup3 months ago
Trump Signs Executive Order on Artificial Intelligence, How Not to Wreck the FCC, Broadband Performance in Europe
-
5G3 months ago
5G Stands to Impact Industry Before Consumers, Says Verizon CEO Hans Vestberg
-
Fiber2 months ago
Smaller Internet Providers Were Instrumental to Fiber Deployment in 2020, Says Fiber Broadband Association
-
#broadbandlive3 months ago
Broadband Breakfast Live Online Event Series on ‘Tools for Broadband Deployment’ on Enhancing Rural America