San Francisco - Technology is supposed to make our lives better, yet many big companies have products with big security and privacy holes that disrespect user control and put us all at risk. The Electronic Frontier Foundation (EFF) is launching a new project called “Fix It Already!” demanding repair for nine issues from tech giants like Facebook and Google.
“We chose these nine problems because they are well-known problems and weaknesses in these services that, if fixed, could make a huge difference in many people’s lives,” said EFF Associate Director of Research Gennie Gebhart. “It’s 2019, and it’s time for big tech companies to bring their products in line with what consumers expect and deserve.”
“Fix It Already!” takes Facebook to task for re-using customers’ phone numbers to deliver targeted advertising, even if the customer only provided the number for security purposes, like for two-factor authorization or to receive account alerts. Facebook should not re-use your phone number for its advertising purposes and it should fix its systems to prevent all non-essential uses of this sensitive information.
For Google, “Fix It Already!” demands that the Android phone allow users to deny and revoke network permissions for apps. While Android makes it easy to block apps from seeing things like your location data and your contacts, it doesn’t allow users to block the apps’ ability to phone home about every launch, click, or tap in the app. Google should let Android users block snooping apps from exfiltrating data off their phones.
“Users need to have control and be able to set clear limits on what is done with their data. Information gathered for one purpose should not be secretly re-used. A targeted advertising business model is no excuse for engaging in creepy behavior,” said EFF Director of Cybersecurity Eva Galperin. “Facebook and Google are relied upon by millions and millions of people, which makes it even more important for them to treat customers and their data with respect.”
The “Fix It Already!” list also identifies problems that leave customers insecure. It asks Apple to let users truly encrypt their iCloud backups, tells Twitter to end-to-end encrypt direct messages, and demands that Verizon stop pre-installing spyware on phones. Microsoft, Slack, Venmo, and WhatsApp are also called out in the report.
“All the products on our list are supposed to be state-of-the-art, but their failure to fix these obvious problems means that they aren’t taking users’ real needs to heart,” said EFF Technology Projects Director Jeremy Gillula. “We hope that with a little more attention, these companies will now take these issues seriously and fix them already.”
For the full “Fix It Already!” list: