An analysis of 10 highly popular Android apps found what researchers are calling the “out of control” sharing of potentially sensitive information with third parties, in some cases in likely violation of Europe’s GDPR privacy regulations.
The findings, which were published in a report issued by the Norwegian Consumer Council (NCC), prompted a coalition of nine consumer advocate and privacy groups to call on federal and state authorities to investigate. Additionally, Twitter has reportedly booted Grindr — one of the apps detailed in the study — off of its ad network.
The 10 apps were named as menstrual health trackers Clue and My days; online dating apps Grindr, Happn, OkCupid and Tinder, beauty app Perfect365, the religion app Muslim: Qibla Finder, the game My Talking Tom 2 and keyboard app Wave Keyboard. Cybersecurity company Mnemonic is credited with conducting the technical test on the apps from June through November 2019, checking them for integrated software development kits (SDKs) and other third-party tools that could enable them to record data and share it with partners.
Altogether, the 10 apps were found to have transmitted user data to at least 135 unique third parties who play a role in advertising or behavioral profiling, all to help marketers better optimize their efforts of targeting their ideal audience. Many users may never have even heard of some of these companies, let alone know that they are collecting their data, the report states.
Mobile device users are assigned various unique numerical identifiers, which allow marketing and adtech industry players to collect scores of information, tie it to these identifiers, and create complex and accurate user profiles for advertising purposes. One such identifier is the Android Advertising ID, which allows companies to track consumers across different services. All 10 apps transmitted this form of identifier to at least some of its third-party partners — 70 altogether.
Only one stopped there — Wave Keyboard — while the remaining nine shared additional information with partners. “This information included the IP address and GPS location of the user, personal attributes including gender and age, and various user activities. Such information can be used to track and target these users with ads, to profile them, and consumers like them, and to infer many highly sensitive infer attributes including sexual orientation and religious beliefs,” the report states.
While such information is helpful to advertisers, it could also allow companies to personally identify individual users and conduct surveillance on them, or discriminate against people based on their attributes. And if such data is leaked to or accessed by malicious actors, users could be at risk of identity theft and blackmail, the report continues.
The 135 third-party partners of the 10 studied apps include such universally known names as Facebook, Google, and Twitter via its mobile app advertising platform MoPub. It also includes players such as Braze, a provider of customer relationship management and mobile marketing automation software; the mobile advertising and marketing platform AdColony, and mobile push notification service OneSignal.
According to the NCC, the researchers observed Grinder sending users’ GPS coordinates IP addresses, ages, and genders to certain partners, and information about “relationship type” to one company in particular — Braze (although Braze did not receive users’ Android Advertising ID).
“Twitter’s adtech subsidiary MoPub was used as a mediator for much of this data sharing, and was observed passing personal data to a number of other advertising third parties including the major adtech companies AppNexus and OpenX,” the report notes. “Many of these third parties reserve the right to share the data they collect with a very large number of partners.”
Shortly after the NCC report was released, Twitter suspended Grindr’s MoPub account, and provided this statement to various media outlets: “We are currently investigating this issue to understand the sufficiency of Grindr’s consent mechanism. In the meantime, we have disabled Grindr’s MoPub account.”
Fellow dating app Tinder was also found to send GPS position and “target gender” to certain of its partners. Meanwhile, OkCupid shared user-provided data on sexuality, drug use, political views and more to Braze.
“With how the adtech industry works today, personal data is being broadcast and spread with few restraints. The multitude of violations of fundamental rights are happening at a rate of billions of times per second, all in the name of profiling and targeting advertising. It is time for a serious debate about whether the surveillance-driven advertising systems that have taken over the internet, and which are economic drivers of misinformation online, is a fair trade-off for the possibility of showing slightly more relevant ads,” the report concludes.
“Every day, millions of Americans share their most intimate personal details on these apps, upload personal photos, track their periods and reveal their sexual and religious identities. But these apps and online services spy on people, collect vast amounts of personal data and share it with third parties without people’s knowledge. Industry calls it adtech. We call it surveillance. We need to regulate it now, before it’s too late,” said Burcu Kilic, digital rights program director at Public Citizen, one of the nine organizations that sent letters to Congress, the FTC and the state AGs in California, Texas and Oregon asking for an investigation.
The other organizations to sign the letter were the American Civil Liberties Union of California, Campaign for a Commercial-Free Childhood, the Center for Digital Democracy, Consumer Action, the Consumer Federation of America, Consumer Reports, the Electronic Privacy Information Center (EPIC) and U.S. Public Interest Research Groups.
“The purpose of the testing has been to increase our understanding of the mobile advertising ecosystem,” said Andreas Claesson, senior security consultant with Mnemonic and lead researcher on the project, in a company blog post. “In particular, we have aimed to identify some of the main actors collecting user data from our sample set of apps, understand the type and frequency of data flows, and examine the specific information that is being transmitted.”
“We were quite surprised by the amount of data sharing occurring,” added project partner Tor Bjørstad, application security lead and principal consultant. “A key motivation for this project has been that data collection, sharing, and processing within the advertising industry on mobile platforms is poorly understood. We hope that this work documenting the current industry practices will help start a debate on how user data is collected and used for mobile advertising.”
SC Media attempted to find press contacts for each of the 10 software developers in order to request an official comment. SC Media will add such comments as they are received.
Unsuccessful Conti Ransomware Attack Still Packs Costly Punch
Microsoft, Adobe Exploits Top List of Crooks’ Wish List
Cybersecurity Degrees in North Carolina — Your Guide to Choosing a School
North Carolina’s cybersecurity educational and career opportunities are included in this guide. The following details the cybersecurity degree programmes available in North Carolina, as well as some of the economic factors behind the cybersecurity industry’s growth in the state.
Over the past few decades, North Carolina’s economy has undergone a major redistribution. Three of the state’s primary foundations, which were developed earlier in the twentieth century, have all experienced significant contraction. Furniture and textile manufacturing, as well as tobacco farms, were once the most important employers in North Carolina, particularly in rural areas.
Fortunately, new contributors, mainly financial intermediaries, biotechnology, information technology, healthcare, and science, have been able to replace these industries.
The majority of this expansion has occurred in the state’s major cities. However, this is excellent news for cybersecurity practitioners, since these sectors are major employers of information security professionals. Bank of America is one of the most well-known employers in North Carolina, but it is far from the only one. Other examples include Lowe’s, US Trust, Family Dollar, and Tyson Foods.
Growing importance of cybersecurity in North Carolina
North Carolina’s state government has been a vocal supporter of the cybersecurity sector and the job opportunities it offers. It has been a sponsor of the Girls Go CyberStart initiative, which aims to interest and engage young girls in cybersecurity technology.
The Enterprise Security & Risk Management office of the Department of Information Technology keeps the community informed about emerging information security threats and mitigation strategies. The Secretary of State has launched a Cybersecurity Initiative to help state-registered investment advisors and their clients protect their personal details.
North Carolina teamed up with Cisco and other leading cybersecurity companies in 2018 to offer cybersecurity training to veterans in the state. The initiative, known as CyberVetsUSA, provides free training and job opportunities to veterans, transitioning service members, National Guard and reservists, and their spouses.
The North Carolina Center for Cybersecurity (NCCYBER) was founded as a non-profit organisation to facilitate communications between industry, academic institutions, and the state government in 2018.
North Carolina’s cybersecurity future appears promising, with government funding and essential consumers of cybersecurity services in place and increasing rapidly.
Cybersecurity education in North Carolina
North Carolina is home to some of the country’s best higher education institutions, especially in medical and technical research. Wake Forest, Duke, North Carolina State, and the University of North Carolina have all had a hand in the burgeoning research industry in the state.
It’s odd, though, that North Carolina’s colleges and universities haven’t been more enthusiastic about taking up the cybersecurity mantle. The state government has expressed its support, and the economy has become increasingly dependent on technology, especially information technology. Only the University of North Carolina (UNC) has invested significant capital in improving cybersecurity education programmes among the larger name colleges.
Fortunately, UNC is putting in a lot of effort. The Department of Software and Information Systems is in charge of the university’s cybersecurity initiatives. The CyberDNA Research Center was founded to conduct cutting-edge research into information security technologies and techniques. On the Charlotte campus, the school has also developed its own Cybersecurity Boot Camp, which aims to prepare students for a career in cybersecurity in as little as 24 months.
As a result, UNC, in conjunction with other smaller campuses, is offering good opportunities for would-be cybersecurity students to pursue their career goals.
All companies are under pressure to maintain full data protection at all times, and keeping up with rapidly changing technology is crucial. As a result, seasoned cybersecurity experts are prioritised. However, due to a shortage of staff relative to demand, employers will continue to seek out entry-level information security specialists in order to sustain sufficient cyber defences.
Many employers, particularly larger businesses, are willing to accept candidates with associate’s degrees for these entry-level positions. Associate’s degree programmes usually last between a year and two years to complete. When time and resources allow, professionals with this background and some real-world experience in cybersecurity can return to school and obtain a bachelor’s degree or higher. In addition, associate’s degree courses are often accepted as credit for bachelor’s degree programmes, making completion simpler and less costly.
Campus-based associate’s degrees in North Carolina
On North Carolina community college campuses, seven different cybersecurity associate’s degree programmes are currently available. Information and links are given below.
Online associate’s degrees in North Carolina
At this time, there are only two online cybersecurity associate’s degrees available in North Carolina. A curriculum leading to an AAS in Information Technology – Network Management is offered by Beaufort County Community College. On its Winston-Salem campus, Forsyth Technical Community College offers an Associate in Applied Science – IT Cybersecurity programme.
Since cybersecurity has become such a vital field, most industry positions require at least a bachelor’s degree in a computer-related or STEM field. A professional’s resume would be at the top of the pile for job opportunities if they have an undergraduate degree in cybersecurity. Interestingly, bachelor’s degree programmes are currently unavailable in North Carolina, although this is expected to change in the near future.
Campus-based bachelor’s degrees in North Carolina
Only one university currently offers cybersecurity bachelor’s degree programmes on campus. As previously said, the University of North Carolina is at the forefront. The University of North Carolina at Charlotte offers a Bachelor of Science in Computer Science with a Cybersecurity Focus. UNC – Wilmington also provides a Cybersecurity Minor to all UNCW undergraduate students, regardless of major.
Online bachelor’s degrees in North Carolina
North Carolina schools only deliver one online bachelor’s degree in cybersecurity. A Bachelor of Science in Cybersecurity is offered at Montreat College.
In recent years, cybersecurity master’s degrees have become much more relevant, as evidenced by the growing number of educational options accessible. Senior-level and management-level corporate jobs are increasingly requiring candidates to have a graduate degree. The demand for C-suite corporate positions such as Chief Information Security Officer is a major factor. However, cybersecurity veterans who prefer academia, cybersecurity science, or cybersecurity consulting find master’s degrees to be a valuable addition to their resume.
Campus-based master’s degrees in North Carolina
As seen in the table below, North Carolina currently offers five campus-based cybersecurity master’s degree options from three separate colleges. There are no online master’s programmes available right now.
In recent years, doctorate degrees in cybersecurity have become more widely available. Professionals with academic or study backgrounds are the main source of demand for these PhDs. PhDs are being sought by several cybersecurity veterans holding c-suite roles in the corporate world.
Campus-based Ph.D.’s in North Carolina
The University of North Carolina has taken over as the sole provider of cybersecurity Ph.D. programmes. The University of North Carolina at Charlotte offers a Ph.D. in Computing and Information Systems with a variety of academic emphasis specialties, including cybersecurity.
Certification programmes are useful to both newcomers and seasoned practitioners in the field of cybersecurity. There are a variety of certification programmes available, each tailored to a specific audience.
Certain types of certifications include an introduction to the technologies and methods used, which may help beginners determine if cybersecurity is right for them. Completing such certifications would almost certainly give job seekers an edge in entry-level positions.
Some cybersecurity certifications are intended to help seasoned practitioners advance their studies in a specific specialty, such as penetration testing. These advanced information security certifications will help you improve your resume and advance your career.
Other cybersecurity certifications, on the other hand, are intended to serve as stand-ins for advanced degrees, particularly master’s degrees.
Campus-based cybersecurity certifications in North Carolina
North Carolina universities currently deliver eight campus-based credential programmes. More details can be found in the table below.
Online cybersecurity certifications in North Carolina
Online access is also available for four credential programmes. Forsyth Technical Community College offers three of these alternatives. The following are some of them:
Cybersecurity Jobs in Carolina
North Carolina’s cybersecurity industry is expanding rapidly, and the supply of trained professionals is not keeping up. According to Cyberseek, 34,739 people were working in any field of cybersecurity in the 12 months leading up to September 2019. During the same time span, state employers advertised 19,657 new information security work openings. The vast majority of these job vacancies are in North Carolina’s three largest cities. Employers in Charlotte posted 8,418 new cybersecurity job openings, Raleigh had 5,626 new job openings, and Durham had 2,342 new job openings.
The state of North Carolina is taking steps to expand the labour pool, especially by attempting to tap into the state’s large veteran population. Nonetheless, since the state’s economy is centred on financial intermediaries, demand for new talent will continue to rise as cybersecurity becomes a more pressing problem.
Security analysts were paying a little more than the national average salary in May 2018. According to the US Bureau of Labor Statistics, the average hourly wage was $50.20 and the average annual income was $104,430. North Carolina’s standard of living, on the other hand, was well below the national average. The main explanation for the lower cost of living in North Carolina is the relatively low cost of housing. However, keep in mind that these are statewide numbers. Housing would, of course, be more costly in areas surrounding major cities, as this is where the majority of cybersecurity jobs are located. Even so, the most expensive place, Charlotte, has a lower cost of living than the national average.
H2 Cybersecurity in North Carolina
The economic transformation in North Carolina over the last few decades has occurred at a time when data stores are becoming increasingly vulnerable. Finance, healthcare, information technology, and science, which are now leading the way in North Carolina, are common targets for hackers and thus heavy users of cybersecurity services.
The state government is also assisting veterans and young women who want to pursue careers in cybersecurity. It’s also setting the standard for public education about vulnerability and how to avoid being hacked, as well as for its own data protection.
According to recent employment figures, cybersecurity jobs are increasingly expanding. Unfortunately, work demand is outpacing the supply of trained cybersecurity professionals. This is generating a seller’s market in North Carolina, with professionals with the expertise to fill vital cybersecurity positions far outnumbering those without.
Find your Cybersecurity Degree or Certification
The internet and digital technologies are becoming increasingly important in daily life. With that development comes a rise in the risks that come with living a hyper-connected life.
Consider recent headlines: massive data breaches, businesses selling personal information, and browsers snooping on your sessions — all of these are examples of emerging security threats that will require a skilled and well-trained workforce to contain and eradicate.
Data shows that cyber crime, such as identity theft and fraud, is instilling fear in people of all ages.
According to the Ponemon Institute, an independent polling organisation specialising in data and privacy, 61 percent of small and medium-sized companies experienced a data breach in 2017.
If there is a bright lining to all of this, it is that the demand for cybersecurity experts is rapidly increasing. What was once considered a subfield of computer science is now considered its own discipline.
Cybersecurity is a concept and a discipline that is still changing. It used to apply to people who were in charge of restricting access to databases and computer networks that contained confidential data (such as financial transactions or military intelligence).
However, as cloud and mobile computing become more prevalent, and more software and knowledge than ever before can be accessed across the internet, the profession is evolving to include a wider range of security threats.
Companies that create multiplayer video games, or startups developing browser-based productivity software, for example, must now consider user protection in some way. This translates to a large number of job openings and fair pay.
But it also means that schools are designing new courses and curriculum to meet the industry’s rising demand for trained candidates who appreciate cybersecurity’s cutting edge at all levels, from industry qualification to Ph.D. programmes.
The Cybersecurity Guide was designed to assist prospective students and early career professionals in navigating this new space and identifying opportunities that best suit their educational and professional objectives.
How to use Cybersecurity Guide
This guide is designed to provide useful resources for those interested in learning more about the field. The website is organised into several major parts, including:
CYBERSECURITY DEGREE OVERVIEW
One of the most important aspects of a cybersecurity career is education. Cybersecurity is a technological area that often necessitates a thorough understanding of topics like criminal justice, psychology, and management. There are various levels of cybersecurity degrees available today, ranging from an associate’s degree programme to a Ph.D. programme. Some degree programmes include cybersecurity as a focus or specialisation, while others include cybersecurity as an emphasis or specialisation.
ONLINE CYBERSECURITY DEGREE OVERVIEW
It is possible to obtain a truly excellent online education. As a result of the COVID pandemic, most colleges and universities have been forced to invest in online platforms to provide coursework and programming. As a result, there are more online cybersecurity degrees available than ever before, including the famous online cybersecurity master’s degree. With so many choices, finding the right curriculum match is crucial.
CYBERSECURITY CERTIFICATION OVERVIEW
Certifications in cybersecurity are a vital part of the increasing industry. Cybersecurity certifications are divided into two categories. The first are business certifications, which are intended to show a particular level of competence or ability. These can range from knowing how to use a proprietary networking platform to proving you’re a certified ethical hacker.
Cybersecurity certifications are also available via academic programmes. These credentials will help you gain a competitive edge in the job market or advance your career. The majority of university cybersecurity credential programmes are oriented toward teaching cybersecurity-specific leadership and management at the post-baccalaureate level.
In the area of cybersecurity, there are several job options. It’s worth noting that not all cybersecurity jobs necessitate a strong technological context. Investigations, policy creation, management, and leadership are only a few of the ways to get started in a cybersecurity career. There are a variety of cybersecurity career paths that can be accelerated or strengthened by earning a graduate degree (a master’s in cybersecurity is a common choice) or receiving graduate-level certifications.
As previously mentioned, the cybersecurity sector is rapidly expanding. The knowledge environment surrounding cybersecurity degrees, certifications, and career opportunities is very diverse due to so much transition. To stay on top of things, we work with authors who have specialised cybersecurity experience and interview experts in the field on a regular basis. As a result, a collection of in-depth informational tools covering everything from cybersecurity scholarship opportunities to what to do if you’ve been a victim of a cyber attack have been developed.
Please return often because we are continuously updating this page with new knowledge and resources as they become accessible.
Please see our contact information on our about us page if you’d like to write for us, talk about your programme or company, or get in touch about something else.
Saudi Aramco to co-lead report on cyber resilience in oil industry
Product warranty startup Extend raises $260 million, SoftBank leads funding
Biden administration eyes cybersecurity funding after hacks
China bans financial, payment institutions from cryptocurrency business
Uniswap Price Analysis: 18 May
Why The SEC Opposes XRP Holders’ Involvement In Action Against Ripple
BIC’s Video News Show: Cardano Update
Tafi Announces New Campaign with VRChat Featuring Updating Nikei Avatar
Google beefs up Workspace security with these new features
Real Estate Economist Dr. Peter Linneman to Serve as Economic Advisor to Capital Square
Vise Raises $65 Million in Series C Round
Canadian Market Modestly Higher In Cautious Trade
Fintech Startup Janover Inc. Awarded Inc. Magazine’s Best Workplaces of 2021
Click-and-mortar is a better model for healthcare
Checking connection: ROCCAT Kone Pro Air review
SEC Allegedly Using All Means Possible to Block XRP Holders From Presenting Evidence
Nvidia’s First DLSS Compatible VR Games Include No Man’s Sky
Medscape Education’s Psychiatry Update 2021 Focuses on Hot Topics in Mental Health
Which U.S. Generation Wields the Most Economic Power?
Medical Indicators Launches Blog Providing Up-to-date Information on the Healthcare & Medical Device Industries
Altice USA Gets Downgrade From BofA: Here’s Why
WarnerMedia-Discovery merger is expected to create $3 billion in savings – here are some of the jobs at risk
HCSS Introduces New Version of Aerial With Innovative Features for Heavy Civil Contractors
Benchmark Space Systems and Starfish Space team up to advance orbital docking and refueling
Dorothy is a startup that offers faster cash post-disaster
Every cosmetic arriving in Legends of Runeterra Patch 2.8.0
Legends of Runeterra Patch 2.8.0 brings new event, Dark Horizon
Legends of Runeterra Patch 2.8.0 adds skins for champion cards and Mega Guardians
Nvidia Adds First DLSS VR Titles Including No Man’s Sky
Watch Google I/O keynote live right here
Blockchain1 week ago
Yieldly announces IDO
Aviation1 week ago
JetBlue Hits Back At Eastern Airlines On Ecuador Flights
AI7 days ago
Build a cognitive search and a health knowledge graph using AWS AI services
Esports6 days ago
‘Destroy Sandcastles’ in Fortnite Locations Explained
Blockchain6 days ago
Shiba Inu: Know How to Buy the New Dogecoin Rival
Blockchain1 week ago
“Privacy is a ‘Privilege’ that Users Ought to Cherish”: Elena Nadoliksi
Esports1 week ago
Resident Evil Village: Chamber of Solace Full Items List and Locations
Blockchain News1 week ago
Goldman Sachs Managing Director Reportedly Resigns After Making Millions from Dogecoin
Energy1 week ago
ONE Gas to Participate in American Gas Association Financial Forum
Blockchain7 days ago
Meme Coins Craze Attracting Money Behind Fall of Bitcoin
Blockchain6 days ago
Texas House Passes Bill that Recognizes Crypto Under Commercial Law
Blockchain1 week ago
NYC Comptroller Candidate Suggests Crypto Investments as Inflation Hedge