Hi Friends,

Even as I launch this today ( my 80th Birthday ), I realize that there is yet so much to say and do. There is just no time to look back, no time to wonder,"Will anyone read these pages?"

With regards,
Hemen Parekh
27 June 2013

Now as I approach my 90th birthday ( 27 June 2023 ) , I invite you to visit my Digital Avatar ( www.hemenparekh.ai ) – and continue chatting with me , even when I am no more here physically

Thursday, 30 November 2017

Here is the Proof





In my yesterday’s blog ,






I had envisaged the extent to which Google compromises privacy of our personal data



Then I came across the following in today’s

 Mumbai Mirror :



“ Few Android Apps track all you do on your smartphone “



Three quarters of Android apps are using “clandestine surveillance software” to track everything users do on their smartphones, according to a new report.


Researchers at Yale University’s Privacy Lab and French non-profit organisation Exodus Privacy conducted a study into 25 known “ trackers ”, which are used for targeted advertising, behavioural analytics, and location tracking.


In their analysis of over 300 apps, more than 75 per cent were found to contain the signatures of these trackers — including popular Google Play apps such as Uber, Tinder, Skype, Twitter, Spotify and Snapchat.


What’s more, the researchers said that many Android users don’t realise that these trackers are on their phones, and are often unaware that their personal information is being shared.


One Google-owned tracker called Crashlytics — used by Tinder, Spotify, Uber and OKCupid among others — is designed to track app crash reports, but also allows developers to “get insight into your users, what they’re doing, and inject live social content to delight them”.


Another, called FidZup, can “detect the presence of mobile phones and therefore their owners”, using ultrasonic tones that are inaudible to the human ear, according to Exodus.


Meanwhile, one app developed by multinational insurance and financial firm AXA was found to contain six trackers.


EXACTLY WHAT INFORMATION IS SHARED IS UNKNOWN, BUT THE DATA STORED BY THE APP IS EXTREMELY SENSITIVE.


“Publication of this information is in the public interest, as it reveals clandestine surveillance software that is unknown to Android users at the time of app installation,” said Sean O’Brien and Michael Kwet, visiting fellows at Yale, in a blog post, adding,


“Lack of transparency about the collection, transmission, and processing of data via these trackers raises serious privacy concerns and may have grave security implications for mobile software downloaded and in active use by billions of people worldwide.”


The researchers are now calling on app developers, as well as Google, for “increased transparency into privacy and security practice as it relates to these trackers”.


Although the study didn’t examine iOS apps, the researchers warn that the situation may be no better on Apple’s App Store.


“Many of the same companies distributing Google Play apps also distribute apps via Apple, and tracker companies openly advertise Software Development Kits (SDKs) compatible with multiple platforms,” said O’Brien and Kwet.


“Thus, advertising trackers may be concurrently packaged for Android and iOS, as well as more obscure mobile platforms.”




Add to the above , what Times of India reports today as follows :



“ Google detects app stealing info from phones “

·          
Google has detected an app ‘ Tizi ’, which has been stealing information from call records and also from social media apps like Facebook, WhatsApp, and also takes pictures from mobile phones without even displaying them on screen of the device.


Tizi is a fully featured backdoor that installs spyware to steal sensitive data from popular social media applications. The Google Play Protect security team discovered this family in September 2017, when device scans found an app with rooting capabilities that exploited old vulnerabilities,” a post on Google security blog said.


The company has removed the app from Play Store, notified all known affected devices and suspended account of the app developer, the post dated November 27 said. The post said that earlier variant of Tizi did not have rooting capabilities. It developed later on and thereafter started stealing sensitive information from devices.


“The rooting capabilities give an app full control of the device. It can bypass all restriction poised on it by the Android security system. An app with rooting is like a user using the device. The presence of such app on Google Play Store raises concerns around secure apps on the Play Store,” cyber security expert Jiten Jain said.


Tizi’s backdoor capability is common to commercial spyware, such as recording calls from WhatsApp, Viber, and Skype, sending and receiving SMS messages, and accessing calendar events, call log, contacts, photos, Wi-Fi encryption keys, and a list of all installed apps.


“Tizi apps can also record ambient audio and take pictures without displaying the image on the device’s screen,” the post said. The post said that in and after April 2016, vulnerabilities in devices which could have been affected by Tizi were fixed with new software codes.


“If a Tizi app is unable to take control of a device because the vulnerabilities it tries to use are all patched, it will still attempt to perform actions through high level of permissions it asks the user to grant to it, mainly around reading and sending SMS messages and monitoring, redirecting, and preventing outgoing phone calls,” the post said.



Dear Members of Committee on Data Protection Law :


Any idea how the proposed law will deal with the owners / developers of these hundreds of Apps and succeed in suing / punishing them – and in which court ?



         Justice B N Srikrishna…………………………bnsrikrishna@gmail.com


·         Smt Aruna Sundarrajan………………………secy-dot@nic.in


·         Dr Ajay Bhushan Pandey…………………. ceo@uidai.gov.in


·         Dr Ajay Kumar……………………………. ajay@deity.gov.in / akumar@del2.vsnl.net.in


·         Prof. Rajat Moona……………………………. moona@iitk.ac.in


·         Dr Gulshan Rai………………………………..  grai@deity.gov.in


·         Prof. Rishikesha Krishnan………………   director@iimidr.ac.in


·         Dr Arghya Sengupta………………………   arghya.sengupta@gmail.com


30  Nov  2017


Tuesday, 28 November 2017

#GoogleIndia #PrivacyLaw #DataProtection

Just  Ask  Google  !




Dear Members of Srikrishna Committee ( on Data Protection Law ) :



It is safe to assume that all of you carry a GPS enabled smart phone and synced it with your E Mail / SMS


Most likely , you have also installed WhatsApp / Skype or FaceTime / Play Store / Weather App Google Map /  Street View /  Calendar / Clock / Calculator etc


Without doubt , your smart phone is installed with a Mobile Wallet App ( most likely, BHIM , linked with your Aadhar ID and your Bank Account )


You may have a UBER or OLA , taxi-hailing App , which would have captured every trip you undertook ( from WHERE to WHERE )


Now the agenda / date / time and venue of this meeting which you are attending right now was , without doubt , conveyed to you using some “ Messaging Service “ , over your phone


So , Google ( or Apple or Samsung ) knows , WHO you are , WHERE you are and WHAT you are discussing  right now – and with WHOM !

  
And if the Convener of the meeting ordered some food ( for serving after the meeting ) , using some APP on his smart phone , then Google also knows what you are eating !


And if the MINUTES of that meeting is sent for your OK over email , Google knows that as well  !


No doubt , each one of you, at some time or other , must have conducted a Google  Search by entering your own name in its search bar to know what Google knows about you


But those Search Results won’t tell you that Google also knows the following things about YOU :



·         Who I am ( name )


·         Where and when, I was born / who were my parents


·         Where I grew up / where I live currently


·         Do I live in a rented place or in an owned flat


·         What Schools / Colleges I attended ( - and degrees I acquired )


·         What Companies I worked for and salaries I got


·         How I travel to work ( own vehicle or public transport )


·         Where I go for my holidays / what books I read


·         Who I married and who are my children ( - and how many )


·         If divorced , how much alimony I pay and to whom


·         Where I invest my money ( Banks – Funds – Equity etc )


·         How much I have borrowed from whom and for how long


·         My Credit ranking  ( including my spending history / card wise – wallet wise )


·         What are my eating ( food ) preferences and the restaurants I visit


·         What I do for entertainment ( Music / Movies / Videos )


·         What clothes I wear and how often do I buy


·         Who are my friends and how often I phone / text them / meet them


·         What ailments I suffer from and what medicines I take


·         What minor offences ( traffic ) or crimes that I have committed


·         What elections I have contested ( won and lost )


·         Who are my doctors / lawyers / brokers / agents etc


·         What web sites I visit and how often and for how long


·         What do I search on the Net / What RSS feeds I subscribe to


·         What TV channels I watch and Radio Stations that I listen to


·         Every photo of mine ever taken ( selfie or otherwise )



·         Every phone call that I ever made or received



·         Every Email / Text message that I ever sent or received


·         Every blog / comment that I ever posted on the Web



·         Every face-to-face communication that I engaged in


Readers are requested to forward this to the following members of the Committee :


        Justice B N Srikrishna…………………………bnsrikrishna@gmail.com


·         Smt Aruna Sundarrajan………………………secy-dot@nic.in


·         Dr Ajay Bhushan Pandey…………………. ceo@uidai.gov.in


·         Dr Ajay Kumar……………………………. ajay@deity.gov.in / akumar@del2.vsnl.net.in


·         Prof. Rajat Moona……………………………. moona@iitk.ac.in


·         Dr Gulshan Rai………………………………..  grai@deity.gov.in


·         Prof. Rishikesha Krishnan………………   director@iimidr.ac.in


·         Dr Arghya Sengupta………………………   arghya.sengupta@gmail.com




29  Nov  2017


Monday, 27 November 2017

#DataProtection #SrikrishnaCommittee

7  Pillars  of  Data  Protection  Law


Times of India ( 28 / Nov ) carries following news :


“ The 7 Pillars of Data Protection Law , according to Srikrishna Committee “

These are :

·         A firm and legal framework

·         Technology Agnosticism

·         Data Minimization

·         Informed and meaningful Consent

·         Accountability of Data Controller

·         Penalties for Wrongful Processing

·         Enforcement of Data Protection Framework



The white paper put out by the Committee , inviting suggestions from public , notes :


“ Biggest challenge in regulating emerging technologies such as big data, artificial intelligence and the Internet of Things, lies in the fact that they may operate outside the framework of traditional privacy principles .


The advent of the Internet of Things also poses a challenge to the degree of anonymity that can be achieved


New devices capture data in forms which are unique . an example is that of a person’s gait being uniquely identified by a wearable activity tracker. Such data can perhaps never be completely identified . The current methods of using aggregated anonymised data might not be secure enough when applied to such data  “


For a list of 229 questions on which citizen opinions are solicited , read :




My own suggestions sent earlier to the following members of the Committee are linked below . Should you agree with these , just forward this mail to the following E Mail IDs :

Ensure that YOUR voice is heard !


·         Justice B N Srikrishna…………………………bnsrikrishna@gmail.com


·         Smt Aruna Sundarrajan………………………secy-dot@nic.in


·         Dr Ajay Bhushan Pandey…………………. ceo@uidai.gov.in


·         Dr Ajay Kumar……………………………. ajay@deity.gov.in / akumar@del2.vsnl.net.in


·         Prof. Rajat Moona……………………………. moona@iitk.ac.in


·         Dr Gulshan Rai………………………………..  grai@deity.gov.in


·         Prof. Rishikesha Krishnan………………   director@iimidr.ac.in


·         Dr Arghya Sengupta………………………   arghya.sengupta@gmail.com



MY  SUGGESTIONS :







































28  Nov  2017