FTC disclosure evaluation research from the archives
By: Lorrie Cranor, FTC Chief Technologist | Sep 12, 2016 1:35PM
Continue Reading FTC disclosure evaluation research from the archives
FTC disclosure evaluation research from the archives
By: Lorrie Cranor, FTC Chief Technologist | Sep 12, 2016 1:35PM
Continue Reading FTC disclosure evaluation research from the archives
A deep dive into mobile app location privacy following the InMobi settlement
By: Nithan Sannappa and Lorrie Cranor | Aug 9, 2016 12:55PM
In June, the Commission announced its first settlement with a mobile advertising network, InMobi. Among other things, the Commission’s complaint challenges the company’s location tracking practices. In this post, we explain the mechanism that the Commission alleges InMobi used to track users’ location without permission, and discuss technical steps that mobile operating systems have taken to try to address this practice.
Continue Reading A deep dive into mobile app location privacy following the InMobi settlement
Your mobile phone account could be hijacked by an identity thief
By: Lorrie Cranor, FTC Chief Technologist | Jun 7, 2016 11:38AM
A few weeks ago an unknown person walked into a mobile phone store, claimed to be me, asked to upgrade my mobile phones, and walked out with two brand new iPhones assigned to my telephone numbers. My phones immediately stopped receiving calls, and I was left with a large bill and the anxiety and fear of financial injury that spring from identity theft.
Continue Reading Your mobile phone account could be hijacked by an identity thief
The virtues of strong enduser device controls
By: Ashkan Soltani, Chief Technologist | Aug 26, 2015 4:22PM
Continue Reading The virtues of strong enduser device controls
Enhancing permissions through contextual integrity
By: Nithan Sannappa, Division of Privacy and Identity Protection | May 21, 2015 1:25PM
This is the third post in my series on privacy and security in mobile computing, which builds on the Commission’s 2013 mobile security workshop. In my last post, I concluded that – despite a history of usability concerns – permissions in mobile operating systems are clearly an improvement over the opacity of traditional operating systems.
Continue Reading Enhancing permissions through contextual integrity
Usability and transparency considerations of permission-based access controls
By: Nithan Sannappa, Division of Privacy and Identity Protection | May 14, 2015 9:16AM
This is the second post in our series on privacy and security in mobile computing, which builds on the Commission’s 2013 mobile security workshop.
Continue Reading Usability and transparency considerations of permission-based access controls
Secure APIs and the principle of least privilege
By: Nithan Sannappa, Division of Privacy and Identity Protection | May 7, 2015 1:12PM
Editor’s Note: As noted in a previous post, Tech@FTC is expanding to include posts by other technically minded staff at the Commission. This is the first in a series of blog posts by Nithan Sannappa, an attorney in the Division of Privacy and Identity Protection, that will explore several important issues regarding user privacy and security in mobile computing.
Continue Reading Secure APIs and the principle of least privilege