Web Concepts

Posts Tagged ‘privacy’

A simple system that compares Facebook pictures and webcam snapshots can make a positive match after less than three seconds, according to Carnegie Mellon University researchers. Alessandro Acquisti and colleagues presented their findings at the Black Hat computer security conference in Las Vegas.

“A stranger could know your last tweet just by looking at you,” Acquisti told CNET’s privacy blog.

The system was able to correlate Facebook profile pictures to webcam shots, and to otherwise anonymous photos on a dating website. The Facebook-webcam system identified about 31 percent of users, and only 10 percent of the dating site users, but the message was clear — anonymity is becoming harder and harder to maintain.

This can be problematic for several reasons, not the least of which is the damage that can be done by mistaken identity. Computer systems that put the wrong name to a face can cause headaches or worse. But in simpler terms, do average Facebook users really want random people to find out their e-mail addresses and phone numbers simply by looking at their faces?

Google engineers have discussed hypothetically using its own this technology for such a purpose, but say they have no plans to actually do it.

Acquisti, an information technology and public policy professor, made a database of about 25,000 photos taken from CMU students’ Facebook profiles, CNET explains. Acquisti had volunteers peer into a webcam, and facial recognition software connected their images to their Facebook profiles. The system made a successful identification for 31 percent of the students after less than three seconds. The team also compared about 278,000 Facebook pictures to 6,000 dating website profile pictures, in which the members used pseudonyms, and about one in 10 were identifiable, CNET says.

Then the CMU researchers also developed an iPhone app that works the same way, running a photo through facial recognition software and displaying that person’s name and information on the screen.

The system only works with front-facing photos, and it would need to be refined, but as technology improves it will only get easier, Acquisti said.

[CNET]

The MORIS device attaches to the back of an iPhone, adding roughly 1.75 inches to the thickness of the smartphone. Police officers armed with the tool can take a photo of a person’s face from about five feet away, or scan his or her iris from about six inches, and wirelessly beam that data to law enforcement databases elsewhere to look for a match. It can also perform remote fingerprint matching.

Similar biometric technology has been deployed by the U.S. military in places like Iraq and Afghanistan to confirm the identities of civilians entering military safe zones and to search for known insurgents at checkpoints. But rolling it out in the streets of the U.S. has plenty of people concerned with privacy and Constitutional issues.

The technology lives in a somewhat gray area of the law. It’s generally permissible to take a photo of anyone in a public space, but when a law enforcement agent does so--and especially when he or she then cross references it against a criminal database--that could constitute a search, and therefore should require a warrant.

It’s another one of those situations where technology has simply outpaced the law ( you would think Ben Franklin of all people would’ve seen mobile facial recognition software coming). So while it would be nice to turn to legal precedent here, there simply is none.

Nonetheless, BI2 has deals with about 40 agencies nationwide to deliver about 1,000 of the devices starting in September. From a law enforcement standpoint, police officers seem to like it. It’s a technology that lets them get to the bottom of a situation quickly. Moreover, in the technology’s defense, it’s tough to use MORIS to abuse a person’s rights if an officer is not already in the process of abusing them.

In an interview with BI2’s chief executive Sean Mullin last year, he told PopSci that the responses of privacy groups and civil liberties advocates are entirely appropriate, but that he thinks the technology passes legal muster. The facial recognition technology requires a frontal facial image taken from close proximity, he says--in other words, it requires consent. Iris scans are practically impossible without the subject’s cooperation, as are fingerprint scans. Besides, the alternative when a police officer can’t confirm a suspect’s identity is generally a trip downtown to sort it out. MORIS simplifies that process.

Whether or not that’s enough to satisfy the privacy rights crowd--and the law--remains to be seen. How this kind of technology is treated by the law now will set the precedent for when the technology becomes more robust--and perhaps more long-range, more surreptitious, and potentially more “Big Brother.”

[WSJ]

The MORIS device attaches to the back of an iPhone, adding roughly 1.75 inches to the thickness of the smartphone. Police officers armed with the tool can take a photo of a person’s face from about five feet away, or scan his or her iris from about six inches, and wirelessly beam that data to law enforcement databases elsewhere to look for a match. It can also perform remote fingerprint matching.

Similar biometric technology has been deployed by the U.S. military in places like Iraq and Afghanistan to confirm the identities of civilians entering military safe zones and to search for known insurgents at checkpoints. But rolling it out in the streets of the U.S. has plenty of people concerned with privacy and Constitutional issues.

The technology lives in a somewhat gray area of the law. It’s generally permissible to take a photo of anyone in a public space, but when a law enforcement agent does so--and especially when he or she then cross references it against a criminal database--that could constitute a search, and therefore should require a warrant.

It’s another one of those situations where technology has simply outpaced the law ( you would think Ben Franklin of all people would’ve seen mobile facial recognition software coming). So while it would be nice to turn to legal precedent here, there simply is none.

Nonetheless, BI2 has deals with about 40 agencies nationwide to deliver about 1,000 of the devices starting in September. From a law enforcement standpoint, police officers seem to like it. It’s a technology that lets them get to the bottom of a situation quickly. Moreover, in the technology’s defense, it’s tough to use MORIS to abuse a person’s rights if an officer is not already in the process of abusing them.

In an interview with BI2’s chief executive Sean Mullin last year, he told PopSci that the responses of privacy groups and civil liberties advocates are entirely appropriate, but that he thinks the technology passes legal muster. The facial recognition technology requires a frontal facial image taken from close proximity, he says--in other words, it requires consent. Iris scans are practically impossible without the subject’s cooperation, as are fingerprint scans. Besides, the alternative when a police officer can’t confirm a suspect’s identity is generally a trip downtown to sort it out. MORIS simplifies that process.

Whether or not that’s enough to satisfy the privacy rights crowd--and the law--remains to be seen. How this kind of technology is treated by the law now will set the precedent for when the technology becomes more robust--and perhaps more long-range, more surreptitious, and potentially more “Big Brother.”

[WSJ]

SceneTap is a start-up that is using facial recognition tech to help you eschew the sausage fest at your usual watering holes and find the hangouts where you might actually have a chance of conversing with someone of the gender you’re looking for (whatever gender that might be). It will do so via a handy smartphone app that will map the joints where the objects of your desire are congregating at any given moment.

It works like this: bars install facial recognition cameras at their entrances and exits. These cameras, we are assured, are not equipped with good enough technology to actually identify you or cross reference images with something like Facebook. They simply detect gender. And in doing so, they keep a running tally of how many guys and dolls are in a given juke joint at a given time.

Using the accompanying app, you can get a good read on what your chances are at a particular place before you pay cab fare across town or drop a cover charge on some velvet-roped joint that turns out to be empty. But that’s as far as SceneTap will get you. As far as actually approaching the bar and tapping him/her on the shoulder--unfortunately for you, Casanova, there’s no app for that.

[Forbes]

Internet IDs will be ineffective, risky, and won't address the root of our real problems with online security

To see the other side of this argument, click here to read the "point" in our point/counterpoint.

Let’s start with one of the more recent plans (though not the most recent--that honor belongs to a new suggestion from the Danish police that anonymity be banned online entirely): The Obama Administration’s federated Internet identity system. Also known as the National Strategies for Trusted Identities in Cyberspace (.pdf),” or simply “N-Stick,” this government coordinated proposal again aims to reduce online fraud and identity theft while at the same time grease the wheels of e-commerce.

N-Stick

On the surface there’s actually plenty to admire about the initiative. Not only does it recognize that we’ve become increasingly reliant, both from an economic and personal standpoint, on the Web, but it also promises to takes steps toward creating “an online environment where individuals, organizations, services, and devices can trust each other”—all in a way that doesn’t divulge any personal information, mind you. The Administration was even savvy enough to recognize that any such government-run program would be inherently suspect so it subsequently made the NSTIC a purely “opt-in” system to be executed by the private sector and led by the Commerce Department.

And if all that sounds too good to be true, that’s because it is. Look at bit deeper and the NSTIC is actually nothing more than a cyber-utopian pipe dream. Behind all the good intentions, lofty goals, and reassurances of privacy, the plan would, at best, give citizens a decidedly false sense of security, privacy, and control. At worst, it would create a daunting array of new privacy nightmares to contend with.

Here’s the problem—or rather problems. As is generally the case with online ID schemes, the actual execution of the NSTIC goals falls under the we’ll-figure-it-out-as-we-go approach. Questions surrounding technical guarantees, government power over ID issuance, nationality, anonymity, and even incentives and business models all remain unanswered. Like any plan lacking necessary specifics, it tends to raise far more questions than it answers. Yes, these initiatives are admittedly difficult to implement (especially considering we’re dealing with the sprawling Wild West that is the Internet), but moving forward without tackling regulatory policy and procedural safeguards is irresponsible and, frankly, a waste of time. Given that similar schemes have been tried before and failed for exactly the same reasons, this should be abundantly clear to the government by now. And what exactly makes the Obama Administration think NSTIC will succeed where companies like Microsoft and Google have already failed? Yeah, that’s not really clear either.

Jay Stanley of the ACLU’s Speech, Privacy and Technology Program, succinctly sums up the problem thusly: “[The NSTIC] is basically a strategy, not a plan.”

What Are the Actual Risks?

Similarly, the creators of this strategy seem to display a profound misunderstanding of the primary risks we actually face online. In this case, the underlying assumption is that most of our Internet woes are due to a lack of sufficient authentication. If you ask Columbia computer science professor Steve Bellovin, this is demonstrably false. And the man who helped create USENET should probably know. While it’s true that password based security has plenty of faults, the biggest problem we continually face was (and is) buggy code, says Bellovin. Indeed, as he noted in his original response to the government’s first NSTIC draft, “all the authentication in the world won’t stop a bad guy who goes around an authentication system.”

This can (and has) been done in any number of ways: Hackers can find bugs to exploit before authentication is performed. They can also find bugs within the actual authentication system. The simple fact is that Internet is chock full of buggy network servers. In fact, buggy code is a part of all large computer programs and the direct result of software complexity. Anyone who’s ever dealt with malware should know this.

Also dubious is the notion that NSTIC will actually protect our online anonymity any more than the systems we currently have in place. While the government touts the advantages of using “trusted third parties,” and “unlinkable” certificates that won’t divulge personal info, at the end of the day, “someone at some point is still verifying and authenticating that you are who you say you are,” says Lee Tien, a senior staff attorney for Electronic Frontier Foundation.

“So the question becomes, what exactly are those verifying authorities doing with your data?” Could they be compelled to hand it over to the government or police? And if we’re talking third parties here, wouldn’t there eventually be some push to monetize all that valuable info? How else will the companies involved actually make money? Again, the bottom line is that these credentials will still live somewhere on the Internet, which in turn means that whoever hosts them (even if there is no centralized database) will also have the ability to de-anonymize the ID and link it to a person. That, my friends, is not anonymity.

All Your Security Eggs in a Single Government Basket

And let’s not forget the myriad dangers of using a single-access point of entry for the Web. Key to the Obama Administration’s "identity ecosystem" is the use of exactly this type of credential. This could take the form of unique software on a smartphone or a smart card that generates a one-time digital password, and according to the plan the approach would eliminate the need to remember all those pesky passwords. Great, right? Wrong.

If you have any doubts that switching to a single "trusted" credential, regardless of how strongly authenticated, will make things safer for you online, you haven’t been paying attention to the news. What the NSTIC will actually do is create yet another high-value target for hackers and cyber-criminals. And what exactly will happen when such a credential is compromised? Who will be responsible? These again are all questions left unanswered by the government.

Finally, on top of all of this is the fact that government plans to take make the entire system opt-in. This may help assuage the public’s Big Brother fears, but for such a plan to be effective, we’d actually need to see it implemented across the world. Indeed, the very foundation of NSTIC’s success hinges on mass adoption. And at this point, there’s no reason to believe, especially with all the unanswered questions and lack of assurances, that anyone will be rushing to sign up.

Mandatory IDs Are Even Worse

All this opting-in business also brings us to the more freaky realm of mandatory Internet licensing, another scheme backed by a surprising number of high-profile security experts and technologists. Think of these as driver’s licenses for the Internet. Every citizen would get a kind of learner’s permit in the form of a hardware ID, which would allow them access to certain pre-approved sites. Browse responsibly and you’re in the clear. But do something wrong and prepare to be tracked down and cyber-smited.

The rationale behind these plans is two-fold. First, proponents emphasize that cybercrime has become increasingly hard to police and that the Internet—or specifically computers—can be just as dangerous as say, a gun or car. Second, many of these otherwise intelligent people argue that we’ve already lost our privacy on the the Web. Our ISPs know all sorts of things about us. Our phones track us everywhere we go. So why live under the illusion we’re truly anonymous when we go online?

This is exactly what backers like Eugene Kaspersky, CEO of security behemoth Kaspersky Labs, and Microsoft Chief Research and Strategy Officer Craig Mundie use to rationalize such a system.

“When you buy a car, the car is registered and you have a driver’s license,” said Kaspersky in a 2010 essay on the subject. “If you want to have a gun, the same thing—it’s registered to the person who bought it. The question is why? Because it’s dangerous. With computers, you can make much more harm than with a gun or car.”

This is not only misleading, but in fact wrong in almost every way. An ordinary gun or car owner has the potential to do massive harm. Your average Internet user? Not so much. And while it’s true that large networks of computers can be dangerous (botnets, etc), equating them to deadly weapons is beyond ridiculous. This reasoning also fails (like the NSTIC plan) to acknowledge that authentication really isn’t the big problem here, it’s bad code in software and people and programs that exploit it. Furthermore, if the rationale is that privacy is dead, that our ISPs already know everything about us, why would these these mandatory IDs even be necessary? Authenticating something or someone that’s already known? It’d simply be a matter of tapping Big Brother and getting to necessary information.

Like NSTIC, there’s also the issue of scale with mandatory Internet IDs. For such a plan to even come close to being useful, there would once again need to be mass adoption. It’s beyond naive to assume every nation would somehow come together and approve a universal online ID system, especially one with such scary privacy implications.

An Inadequate Solution

Bottom line? As imperfect and piecemeal as our current safeguards can be, creating yet another online ID that hackers will inevitably exploit is not the way to boost privacy or make people feel better about online transactions. Yes, the Internet wasn’t designed to be a worldwide system of mass communication. But that’s exactly what it’s evolved into. And retroactively trying to police it or enforce mass adoption of new security schemes before they're fully legally baked is quite simply a recipe for disaster. Indeed, all these so-called trusted IDs schemes do is mask the decidedly unsexy solutions that could really get to the root of the problem: Continuing to push for more online fraud awareness, and implementing legislative safeguards.

After all, the real goal of any trusted identity ecosystem is actually to do away with true anonymity. And if everyone knows you’re a dog online, well, that changes the very thing that makes the Internet so unique and invaluable in the first place.

It'll save us money and provide secure (yet optional) ways to do our online banking, healthcare, and taxes

To see the other side of this argument, click here to read the "counterpoint" in our point/counterpoint.

And what exactly is an "identity ecosystem," you might ask. The concept at this stage is a little nebulous, but it basically refers to an online environment that's fundamentally different than the one we have now. Instead of an anonymous free-for-all, an identity ecosystem would allow people to use and prove their identities thanks to solid authoritative sources. That ecosystem, by necessity, would support a whole mess of security options that allow consumers to choose how to better protect their online identities. NSTIC is calling these security options “trusted credentials,” which is an umbrella term for any devices or methods considered to be more secure than passwords. Yes, it’s incredibly ambiguous, but give them a break: The bulk of the technology that might qualify as a trusted credential is still in development.

This is not a new idea – in fact, inventor/philosopher/Force Majeure Ted Nelson’s work with Project Xanadu, which he founded in 1960, predicted this problem decades before the Googlian Empire. The first rule of Project Xanadu? Every server is uniquely and securely identified. A little further down the list is a similar rule: Every user is uniquely and securely identified. Nelson even foresaw the problem of compensating people for their intellectual property online; with a unique ID, a micropayment could be debited from a user’s account every time they read an article or viewed an image on a webpage. Voila! Dramatic Chipmunk would be rich! But that idea fell out of favor as Xanadu's sorta-competitor, the World Wide Web, achieved dominance.

Trusted credentials are needed to make up for the failings of passwords, which are not considered nearly secure enough to protect the sensitive information we'd like to start accessing online. "What's wrong with passwords?" you might ask. Lots of things!

Passwords? More Like Past-words!

Passwords are awesome if you’re a child founding a secret club in your tree house. They’re becoming pretty useless everywhere else, however. Well, a) no offense, but as this New York Times article on popular passwords points out, yours might not be as sneaky as you think, and b) with the rise of phishing and keystroke logging, smart hackers don’t even have to guess anymore--they’re tricking you into spilling your Internet beans. Ari Schwartz, Senior Internet Policy Advisor at the NIST’s Information Technology Laboratory, thinks they have been outdated as an online security standard for several years. “This is actually the third attempt the federal government has made [to introduce a policy] in the last 10 years,” he says. “But this time there’s more support from the private sector,” referring to a public letter dated February 17th, 2011 signed by the advocacy groups Business Software Alliance, the Information Technology Industry Council, and TechAmerica, urging Congress to support NSTIC. So apparently, writing letters to Congress actually works sometimes!

Anyway, the envisioned “identity ecosystem” will provide Americans with a number of different options for “trusted credentials” that will step up the protection of their online identities without sacrificing their privacy. Microsoft, eTrade and PayPal, amongst several other major corporations, have already expressed their support and are working on contributing technology to the strategy.

‘What is a trusted credential?’ you may be asking. An example is the RSA SecurID, a token manufactured by the security division of the gargantuan information infrastructure producer EMC. It’s a small piece of hardware that provides numeric passwords from a unique key at set intervals, usually either every 30 or 60 seconds. That's matched up with the code generated by the same unique key, which resides in RSA's servers. Users have to enter the code that's displayed on their little SecurID dongles at that very second. If used in conjunction with a password, the token is a major obstacle for hackers--many corporations rely on SecurID, which is why the company freaked out so thoroughly after a very rare hack exposed its clients to attack. Google has also jumped on this bandwagon, announcing in February 2011 that interested Gmail customers can enable an extra layer of security for their accounts. This tactic is called “two-factor authentication,” and can be used with tokens, smart cards, cell phones and digital certificates, amongst other emerging platforms.

Schwartz is a major proponent of two-stage authentication, hoping that NSTIC's embracing of security features like it will “spur innovation, not interrupt it.” By moving past the ineffectiveness of passwords to something more secure, NSTIC could allow folks to perform tasks usually seen as too potentially risky to be done online, including storing healthcare records and tax records. He uses the advent of the Internet itself as an analog for this effort towards cyber security: after all, the Internet was originally a federal tool handed off to the private sector where it flourished into the cornucopia of kitten videos it is today.

Privacy Will Be Enhanced, Not Eroded

Listen, I get it: Americans love freedom. Americans often have a knee jerk reaction to plans like NSTIC because they think it might erode their personal liberty.

That’s not the case here. Commerce Secretary Gary Locke has repeatedly stated that the participation in NSTIC’s strategy will be voluntary and that private companies are taking the lead, not the government. Yes, there has been a great deal of backlash anyway, with critics claiming it is an overreach of federal power and comparing NSTIC to the Chinese national internet ID system. That’s just not true. It’s like comparing apple pie to Mandarin oranges.

You need more assurance? Jeremy Grant, Senior Executive Advisor for Identity Management at NSTIC, counters these rumors, explaining that “Many other countries have chosen to rely on national ID cards. We don’t think that’s a good model. Having a single issuer of identities creates unacceptable privacy and civil liberties issues.” Schwartz elaborated on Grant’s statement by explaining that the role of the government in this initiative is limited to convening private companies to discuss practical answers, supporting their research, and making sure they abide by the Fair Information Practice Principles. The government will play no role beyond these considerations.

All About the Benjamins

I hope thus far we’ve made it clear that as cyber crimes become more and more prevalent, online security reform is essential in and of itself. But there will be another bonus: money! NSTIC’s plan has the potential to save the nation a lot of it. For example, President Obama has long supported an entirely digital health care system. In January 2009, he stated that computerizing medical records would “cut waste, eliminate red tape, and reduce the need to repeat expensive medical tests […] It won’t just save billions of dollars and thousands of jobs -- it will save lives by reducing the deadly but preventable medical errors that pervade our health care system.” Indeed, Dr. David Brailer, who served as President Bush’s health information czar from 2004-2006, estimates that a digital record system could save the health care industry as much as $300 billion per year. That’s a thousand dollars per American citizen! How are you going to spend yours?

Well, not so fast--if the U.S. goes ahead with mass digitization of records, especially when it comes to sensitive material such as medical information, there has to be an extremely secure authentication infrastructure already in place. Otherwise, everyone is going to know that you were patient one of the zombie apocalypse. That's yet another advantage a comprehensive protective policy will provide in the coming years.

Voluntary Versus Mandatory Systems

While many believe NSTIC overreaches federal boundaries, some think it doesn’t go far enough. Cyber security expert Stephen Spoonamore has long advocated a mandatory computer licensing system not unlike that of the automobile industry. “When the automobile was introduced in 1890, anyone could buy one and just drive it away. It was only after car-crashes had finally shocked everyone into submission [30 years later] that people were required to learn the basic rules of the road before using a car. All of this is directly parallel with the computer. Introduced in the late 80s, it has taken 30 years to understand you are driving a dangerous machine that can hurt people, and systems.”

Spoonamore considers the NSTIC strategy to be a “non-starter” because it is voluntary. He thinks it’s a mistake to shy away from national ID systems, which are used in Germany, Belgium, China and several other countries. “Computer crime inside of Germany and China is miniscule compared to U.S.,” he explains. “I worked on some of the fraud detection systems in Germany [and it’s much] easier to find credit card thieves, child porn hucksters, etc., than in the U.S..” While he doesn’t support the Chinese model because of its privacy infringements, he sees more resemblance between the current American system and China’s than he does between the U.S. and Germany. “Law enforcement in Germany has rules and needs probable cause to look at what you are doing. In the U.S. and China, the government can spy on anyone, at anytime via computer and never tell you. And they do.”

That’s why Spoonamore advocates a solely federal system, requiring registration fees, an IP address linked inexorably to the computer’s owner (it’s currently legal to blank an IP address, which makes you all but anonymous--madness!) and courses developed to obtain different classes of licenses. “The computer is a vehicle (or weapon) which takes you places, allows you to do things, and if it’s misused, can hurt people. Same as any other vehicle or weapon.”

The Internet is wonderful, and yes, America, so is freedom. But we are in the middle of a giant information revolution. With unparalleled ability to create new industries and culture came unparalleled opportunity to exploit one another. Sort of a Spider-Man “great power, great responsibility” dilemma. Online criminals are shooting us like phish in a barrel. Ultimately, the question is not whether or not the government should take steps to increase online security, it’s how far should they go in the effort to protect citizens from cyber-criminals.

No other phone stores this information in this way

This could theoretically be useful for anyone interested in knowing where an iPhone owner spends his or her time — advertisers, employers, spouses, parents.

“Apple have made it possible for anyone from a jealous spouse to a private investigator to get a detailed picture of your movements,” according to researcher Pete Warden.

To be clear, such a snoop would need access to your phone or computer and a way to extract and refine the data. It is not sent to Apple nor any third parties, as far as the researchers can tell — it’s just stored on an individual user’s devices. But it is apparently not very difficult to extract the location data from a user's computer.

Warden and Alasdair Allan say they tried to find similar location tracking code on Android phones, but could not find anything. “We haven't come across any instances of other phone manufacturers doing this,” Warden tells the Guardian.

Given Google’s penchant for location tracking and mapping, the alarm is perhaps surprising — Google’s “Latitude” app lets users see their friends on a map, for instance. But Latitude requires that users actively choose to track their location information; in this case, the user is unaware of the data collection. The Guardian reports that Apple did not comment on why the file was created or whether it could be disabled. If you upgrade to a new phone, the file is transferred to that next-generation device, which the researchers say means the data collection is not accidental.

Warden — who has previously worked for Apple — and Allan created their own app that finds the hidden file among the stored backup files on a Mac and turns it into a map. If you don’t care to visualize your travels, Warden explains how to find the file on his website.

The researchers believe the location data is obtained by triangulating the phone’s position against the closest cell phone towers, which uses less battery power than GPS. It also explains why some of the data is incorrect, as triangulation is much less precise than GPS. But the data is still alarmingly accurate, tracking your history as an iPhone owner through the months and years. Forgot that you took that trip to Boston last summer? Your iPhone didn't.

It’s not clear how this information would be used, but there are several possible explanations, including targeted mobile advertising, synchronization for location-based networks like FourSquare, understanding commuter habits, and so on.

Allan found the file while the pair were working on how to visualize mobile data, having already collaborated on other data-visualization projects including a radiation map for Japan. At first the researchers weren’t sure what it was, Warden explains on his website.

“After we dug further and visualized the extracted data, it became clear that there was a scary amount of detail on our movements,” he writes.

There is no real way to disable this logging at the moment, though you can encrypt your data to make it harder to read once it's synced to your computer. This is a big enough problem that we expect Apple will respond at some point, so we'll keep you updated if and when that happens.

[the Guardian]