Big Tech hit with new allegations of spying, privacy violations

Big Tech companies are facing fresh allegations of spying and privacy violations, with Russia accusing Apple of helping facilitate espionage and the U.S. government taking on Amazon.

Russia’s Federal Security Service, or FSB, said it discovered that the U.S. intelligence community compromised thousands of Apple iPhones in an espionage operation targeting Russians and affecting others from countries including China and Israel, according to an English-language translation of its announcement this month. 

The FSB accused the U.S. National Security Agency as the culprit of the alleged spying operation. The Russian agency said the information it uncovered showed how closely Apple worked with the U.S. intelligence community. 

The NSA declined to comment to The Washington Times on the FSB’s accusation. Apple told Reuters it never worked with any government to install a backdoor in its products and never would. 

Alongside the Russian government’s accusations, the Moscow-based firm Kaspersky published details of a snooping operation involving malicious software that the company said it found deployed against the iPhones of those in its “middle and top management.”

CEO Eugene Kaspersky said his company was confident its employees were not the main target of the cyberattack operation but did not say who he thought was the focus. 

“The attack is carried out using an invisible iMessage with a malicious attachment, which, using a number of vulnerabilities in the iOS operating system, is executed on a device and installs spyware,” Mr. Kaspersky wrote Thursday on his company’s website. “The deployment of the spyware is completely hidden and requires no action from the user.” 

He said the spyware collected microphone recordings, photos, location and other data from the infected devices. 

Mr. Kaspersky’s Thursday post did not say who he thought was responsible for the spyware deployed against his company. 

The Kaspersky company told news publication Vice it did not have technical details of the FSB’s allegations but it understood the indicators of compromise that Kaspersky detailed were the same as those behind the FSB’s allegations.  

While the U.S. and Apple face Russian allegations of an international spying operation, the U.S. government has blamed Amazon for violating users’ privacy at home. 

The Federal Trade Commission and the Department of Justice are ordering Amazon to change its data deletion process over allegations it violated a children’s privacy law and deceived parents about its storage of voice and location data. 

Amazon is set to pay a $25 million civil penalty to resolve claims that it violated the Children’s Online Privacy Protection Act, according to the FTC’s announcement last week.  

Samuel Levine, director of the FTC’s Bureau of Consumer Protection, said the law does not allow companies to keep kids’ data for any reason. Amazon allegedly kept children’s data to tune its voice recognition algorithm for its Alexa voice assistant.

“Amazon’s history of misleading parents, keeping children’s recordings indefinitely, and flouting parents’ deletion requests violated COPPA and sacrificed privacy for profits,” Mr. Levine said in a statement last week. 

Amazon said it takes its responsibility to customers and families seriously, but disputed wrongdoing in violation of law. 

“While we disagree with the FTC’s claims and deny violating the law, this settlement puts the matter behind us,” Amazon said in a statement. “As part of the settlement, we agreed to make a small modification to our already strong practices, and will remove child profiles that have been inactive for more than 18 months unless a parent or guardian chooses to keep them.”