After bailing out of the approval process, 23andMe’s DNA testing kit was (technically) banned from sale by the FDA. But it’s still for sale.
Charles Seife in Scientific American says that’s not the reason you should be concerned. That’s because 23andMe’s real business isn’t medical research, it’s data collection.
As part of my Information Security training, the architecture of TCP/IP and the OSI model were covered. They introduced TCP/IP (the basis of the Internet) as optimized for access, not security. Never has that been more apparent than now, with what the NSA has done with the Internet backbone via their QUANTUM program.
If I tell you that the NSA has broken privacy rules, you might not believe me. But if I tell you the numbers came from an NSA internal audit you might change your mind.
There’ been a widely-reported story about a woman on Long Island whose house was visited by a bunch of government agents because of some online searches for pressure cookers and backpacks. Everyone, including the woman, assumed it was Google who tipped off the agents. Turns out, it was her husband’s former employer since at least some of the searches were done on a company computer.
While Google does routinely give up your search data to anyone who requests it, it’s also important to remember that your work computer, email, searches, etc. are also being monitored. If you think you have privacy, anywhere, you’re only fooling yourself.
The NSA hasn’t just been collecting phone call metadata, they’ve been harvesting the To, From, and BCC lines of e-mails. Supposedly, only for messages with at least one foreign address and supposedly they stopped in 2011, but does anyone really believe that at this point?
Apple has released a letter outlining their commitment to customer privacy. And I want to believe them, really I do. But as with anything written by lawyers it’s a good idea to grab a few grains of salt before reading the letter.
While Apple doesn’t name any agency (though they do mention Prism) in particular, you can be sure that they’ve received and ultimately granted requests for customer data. How often and how many? Apple doesn’t give totals over time but this is indicative:
From December 1, 2012 to May 31, 2013, Apple received between 4,000 and 5,000 requests from U.S. law enforcement for customer data. Between 9,000 and 10,000 accounts or devices were specified in those requests, which came from federal, state and local authorities and included both criminal investigations and national security matters.
Apple is a company that wishes to continue to operate in order to make money. While it may be committed to protecting their customers’ privacy there’s just so much they can do while avoiding legal action from the government. They may be fighting the good fight but in the end we still lose.