AdGuard’s digest: Microsoft’s nightmarish AI feature, Google’s ad injection, and massive biometric data leak
Google is injecting ads in AI-generated query results
Google has never shied away from pushing more ads on its users. Now it’s found yet another way — the big G has said it it’s been experimenting with putting search and shopping ads in its AI Overviews, which are AI-generated summaries to search queries. According to statements from the Google Ads & Commerce blog, these ads will be positioned both above and below the AI-generated overview.
In its blog, Google said that people who were part of the early testing of the new ad placements found them “overly helpful.” We would rather take this with a grain of salt — surveys suggest that the majority of users are annoyed by the paid ads, and only agree with them because the Google Search is free. We must say it’s free with strings attached — since it collects your browsing habits and sells them to third parties.
By integrating ads above and below the content, Google appears to prioritize profit over user experience — but it won’t be the first for the company, which derives over 80% of its revenue from ads.
Biometric data leaked in major cybersecurity incident
A trove of biometric data, including thousands of fingerprints and facial images linked to law enforcement in India, was found exposed online. This sensitive information, unearthed by security researcher Jeremiah Fowler on a server associated with a company called ThoughtGreen Technologies, is now reportedly being put on sale on Telegram.
About 500 gigabytes of data encompassing 1.6 million documents were leaked, including a folder housing a staggering 8 GB of sensitive facial data, according to the researcher, who could not verify the contents of the file dump. ThoughtGreen Technologies claimed that the data did not belong to them.
The breach highlights broader concerns regarding the security and privacy implications of widespread biometric data collection. As governments and companies increasingly rely on biometrics for identification and authentication purposes, ensuring the protection of such sensitive data becomes critical. It seems that security practices have simply not kept pace with technological advances. And while you can change your phone number, cancel your credit card, or even change your name (although that would be extreme), it’s impossible to change your fingerprint or voice. That makes you think twice whether it is really a great idea to pay for a cup of coffee with your face.
Microsoft new AI tool dubbed ‘a privacy nightmare’
The UK’s Information Commissioner’s Office (ICO) has initiated inquiries with Microsoft regarding its brand new feature called Recall, which captures screenshots of users’ laptops every few seconds. Privacy campaigners already dubbed the feature, exclusive to Microsoft’s forthcoming Copilot+ PC, a “nightmare” that can have “a chilling effect” on people.
The feature will be able to look through all users’ past activity: that includes browsing history, as well as files, photos, and emails. And while this is nothing unheard of on its own, Microsoft adds a twist — the Recall feature will also be taking screenshots every few seconds while you’re using the device and will be able to comb through these screenshots too.
Microsoft claims Recall is private “by design” and says that the snapshots will be encrypted and stored locally on the device, allowing the user to be in control over the captured content. You can configure the Recall feature to exclude some websites or apps, you can also pause it completely, or delete all the snapshots that it had captured and.
However, despite Microsoft’s assurances, Mozilla has already raised concerns that Recall’s screenshot feature could expose sensitive information, including passwords, to potential misuse by parties like law enforcement or Microsoft itself. There are also concerns that Microsoft may change its mind and decide to store the data on its servers, which may pave the way for using it for targeted advertising or AI training. Microsoft said it won’t remove sensitive content from snapshots, meaning that all your searches or financial account details could be visible in them. So, we side with Mozilla and say — be vigilant when using this “optional experience,” as Microsoft calls it.
A federal privacy bill is finally coming to the US?
A bipartisan group of US lawmakers, Republican Rep. Cathy McMorris Rodgers and Democratic Sen. Maria Cantwell, are spearheading efforts to pass new federal online privacy legislation ahead of the 2024 US presidential elections. The proposed legislation, known as the American Privacy Rights Act, includes provisions to protect the online data of Americans from Big Tech companies.
According to a bill summary, it would grant consumers the right to access, correct, delete, and export their data — similar to the landmark EU legislation — while also imposing limits on data collection and usage by companies. Additionally, the bill would prohibit the transfer of certain data to third parties without consent. “I see the American Privacy Rights Act as foundational to protecting kids online, foundational to protecting our individual identity online,” Rodgers said.
Lawmakers appear to be racing against the clock to pass the legislation before the US presidential election, which is five months away. And while such a bill is long overdue, it would mark a milestone for privacy in the US. It will be a major disappointment if things turn sour and the bill’s passage is derailed.