18,000 Android apps with tens or hundreds of millions of installs on the Google Play Store have been found to violate Google's Play Store Advertising ID policy guidance by collecting persistent device identifiers such as serial numbers, IMEI, WiFi MAC addresses, SIM card serial numbers, and sending them to mobile advertising related domains alongside ad IDs. Bleeping Computer reports: AppCensus is an organization based in Berkeley, California, and created by researchers from all over the world with expertise in a wide range of fields, ranging from networking and privacy to security and usability. The project is supported by "grants from the National Science Foundation, the Department of Homeland Security, and the Data Transparency Lab." By highlighting this behavior, AppCensus shows that while users are being offered the option to reset the advertising ID, doing so will not immediately translate into getting a new "identity" because app developers can also use a multitude of other identifiers to keep their tracking and targeting going.
Google did not yet respond to a report sent by AppCensus in September 2018 containing a list of 17,000 Android apps that send persistent identifiers together with ad IDs to various advertising networks, also attaching a list of 30 recipient mobile advertising related domains where the various IDs were being sent. While looking at the network packets sent between the apps and these 30 domains, AppCensus observed that "they are either being used to place ads in apps, or track user engagement with ads." In a statement to CNET, a Google spokesperson said: "We take these issues very seriously. Combining Ad ID with device identifiers for the purpose of ads personalization is strictly forbidden. We're constantly reviewing apps -- including those listed in the researcher's report -- and will take action when they do not comply with our policies." Some of the most popular applications found to be violating Google's Usage of Android Adverting ID policies include Clean Master, Subway Surfers, Fliboard, My Talking Tom, Temple Run 2, and Angry Birds Classic. The list goes on and on, and the last app in the "Top 20" list still has over 100 million installations.
In an updated Terms of Service policy sent out on Thursday, Spotify is now explicitly banning ad blockers. "The new rules specifically state that 'circumventing or blocking advertisements in the Spotify Service, or creating or distributing tools designed to block advertisements in the Spotify Service' can result in immediate termination or suspension of your account," reports The Verge. From the report: The service already takes significant measures to limit ad blockers. In a DigiDay report from last August, a Spotify spokesperson revealed that the company has "multiple detection measures in place monitoring consumption on the service to detect, investigate and deal with [artificial manipulation of streaming activity]." After it was reported last March that 2 million users (about 2 percent of free Spotify users) were dodging ads with modded apps and accounts, Spotify began cracking down by disabling accounts when the company detected abnormal activity. Users were sent email warnings and given the chance to reactivate their accounts after uninstalling the ad-blocking software. In some rare cases where the problem persisted, Spotify would terminate the account. The new Terms of Service, which go into effect on March 1st, will give Spotify the authority to terminate accounts immediately, without warning.
In March, TechCrunch discovered Facebook planned to require advertisers pledge that they had permission to upload someone's phone number or email address for ad targeting. That tool debuted in June, though there was no verification process and Facebook just took businesses at their word despite the financial incentive to lie. In November, Facebook launched a way for ad agencies and marketing tech developers to specify who they were buying promotions "on behalf of." Soon that information will finally be revealed to users. From the report: Starting February 28th, Facebook's "Why am I seeing this?" button in the drop-down menu of feed posts will reveal more than the brand who paid for the ad, some biographical details they targeted, and if they'd uploaded your contact info. Facebook will start to show when your contact info was uploaded, if it was by the brand or one of their agency/developer partners, and when access was shared between partners. A Facebook spokesperson tells me the goal to keep giving people a better understanding of how advertisers use their information.
This new level of transparency could help users pinpoint what caused a brand to get ahold of their contact info. That might help them to change their behavior to stay more private. The system could also help Facebook zero in on agencies or partners who are constantly uploading contact info and might not have attained it legitimately. Apparently seeking not to dredge up old privacy problems, Facebook didn't publish a blog post about the change but simply announced it in a Facebook post to the Facebook Advertiser Hub Page.
"Britain's Competition and Markets Authority (CMA) has threatened prominent social media stars with heavy fines or prison time if they advertise commercial products on social media without making it clear that they are doing so in exchange for financial rewards," writes Slashdot reader dryriver. The BBC reports: Sixteen social media stars including singers Ellie Goulding and Rita Ora, models Rosie Huntington-Whiteley and Alexa Chung, and vlogger Zoella have agreed to change how they post online. They will have to clearly state if they have been paid or received any gifts or loans of products they endorse. It follows warnings from the Competition and Markets Authority that their posts could break consumer law. Online endorsements can boost brands but can also mislead, said the CMA. The CMA has not made a finding on whether the influencers named breached consumer law, but said all of them volunteered to change their practices following an investigation. However, if they fail to comply with the agreement reached with the CMA, they could be taken to court and face heavy fines or prison sentences of up to two years.
According to new research from marketing technology firm Audience Project, the majority (57%) of UK customers would stop watching Netflix if commercials were introduced, and even lowering subscriptions would cause a significant drop off of 42%. Here are some of the other key findings: - In the UK, Netflix takes the lion's share of the streaming audience at 70%, followed by BBC iPlayer (61%). Interestingly, YouTube, ITV Player and All4, all of which host ads, saw a decline. - TV is still the preferred streaming device in the UK used by 42% of respondents. - Streaming is on the rise particularly amongst the young, with almost as many 15-25 year olds streaming/downloading (63%) as watching traditional TV (65%) "This is proof, if it were needed, that Netflix is right to focus on growing through its investment in content rather than considering hosting advertising any time soon," Netimperative reports. Martyn Bentley, Commercial Director UK at Audience Project, comments: "Our findings highlight the growing importance of targeting and relevance in advertising. As consumers have increasing choice over whether or not they see ads, both broadcasters and advertisers alike need to work hard to ensure that campaigns enhance experience, rather than detract -- plus it suggests that greater inroads need to be made with Connected TV as a means to help tailor advertising at a granular level."
"Google engineers have proposed changes to the open-source Chromium browser that will break content-blocking extensions, including various ad blockers," reports The Register. "The drafted changes will also limit the capabilities available to extension developers, ostensibly for the sake of speed and safety. Chromium forms the central core of Google Chrome, and, soon, Microsoft Edge." From the report: In a note posted Tuesday to the Chromium bug tracker, Raymond Hill, the developer behind uBlock Origin and uMatrix, said the changes contemplated by the Manifest v3 proposal will ruin his ad and content blocking extensions, and take control of content away from users. Manifest v3 refers to the specification for browser extension manifest files, which enumerate the resources and capabilities available to browser extensions. Google's stated rationale for making the proposed changes is to improve security, privacy and performance, and supposedly to enhance user control.
But one way Google would like to achieve these goals involves replacing the webRequest API with a new one, declarativeNetRequest. The webRequest API allows extensions to intercept network requests, so they can be blocked, modified, or redirected. This can cause delays in web page loading because Chrome has to wait for the extension. In the future, webRequest will only be able to read network requests, not modify them. The declarativeNetRequest allows Chrome (rather than the extension itself) to decide how to handle network requests, thereby removing a possible source of bottlenecks and a potentially useful mechanism for changing browser behavior. The report notes that Adblock Plus "should still be available" since "Google and other internet advertising networks apparently pay Adblock Plus to whitelist their online adverts."
Bogus LinkedIn job postings for leading US organizations, including the US Army, the State of Florida and defense contractor General Dynamics, are popping up for Russian locales like St. Petersburg and Moscow, the firm Evolver has found. Is it AI-Gone-Wild, or is something more nefarious afoot? Moscow, on the border between Idaho and Washington...
Police in Bulgaria have arrested an alleged Russian hacker who may be responsible for a huge Android ad scam that netted $10 million. The individual identified as Alexander Zhukov is a Saint Petersburg native who's been living in Varna, Bulgaria, since 2010 and was apprehended on November 6th after the US issued an international warrant for his arrest, according to ZDNet.
Facebook couldn't have picked a worse time to introduce Portal, a camera-equipped smart display designed to make video chatting in your home easier. And, if the rumors are true, the company is reportedly also preparing to launch a video chat camera for your TV, based on the same system as Portal. Not only does news of this hardware come at a time when when Facebook is under major scrutiny after suffering a massive data breach in September, which exposed private information of 29 million users, including usernames, birth date, gender, location, religion and the devices used to browse the site. But the most concerning part about Portal, is that Facebook's own executives don't seem to have a basic understanding of what types of data the company will be collecting or what it will be using it for.