UK-based location data collection firm Huq admitted that at least two of its partner apps on people’s phones collected data without seeking permission from users.
The company uses location data from apps on phones and sells it to clients that include dozens of English and Scottish city councils.
The firm reported that in two cases where it was aware of two “technical breaches” of data privacy requirements and that “it is possible that we or our partners may uncover future technical issues.”
“Huq data is used anonymously. Nevertheless, consent is a vital pillar of data collection and must be taken seriously. We strive to ensure consent is explicitly sought by all our app partners,” said Conrad Poulson, chief executive of Huq.
While the firm has asked the partner apps in question to “rectify their code and republish their apps,” such things happening are not anomalies and every other day, a new company is responsible for leaking their customer data.
2021 is actually on pace to be the worst year ever in terms of data breaches, with 1,291 leaks reported this year through September.
Just this month, the U.K.’s Labour Party confirmed a cyberattack on a third-party company leading to the compromise of members’ data, even IAB Europe’s self-styled Transparency and Consent Framework (TCF) has been found to fail to comply with General Data Protection Regulation (GDPR).
This is where Nym comes into the picture, a project building the next generation of privacy.
To resolve the grave issue of internet protocols leaking sensitive data of their users that can be used without their knowledge, Nym is developing the infrastructure to prevent this by protecting every packet’s metadata at the network and application layers.
Next Generation of Global Privacy
This next generation of global privacy has three main components, including a Nym Token (NYM) that incentivizes privacy and is used to make its other component: Nym mixnet decentralized, sustainable, and resilient.
The Nym mixnet is a multi-purpose mixnet that prevents traffic analysis by anyone, including the NSA. The third component is Nym Credentials, under which users can privately reveal part or all of their data at their own discretion for any necessary compliance and authentication. It is achieved by allowing 3rd party apps to anonymize any arbitrary ‘key : value’ pairs.
Earlier this year, the Switzerland-based privacy startup raised $6 million to continue the commercial development of its infrastructure. Before that, in 2019, Nym raised a $2.5 million seed round and then received a grant from the European Union’s Horizon 2020 research fund.
Founded in 2018, the project is backed by the likes of leading crypto exchange Binance, Polychain Capital, NGC Ventures, Maven11 Capital, Tioga Capital Partners, and others.
This year, the project aims to achieve the milestone of launching its mainnet. Before this, it has invited users to run mix-nodes on the testnet, which hide patterns and metadata by mixing data packets with those of other users.
Currently, the developer team of the project is coding up the algorithms for active and inactive sets of mixnodes. While an inactive set of mixnodes are busy mixing traffic, the project needs an inactive reserve so that the network can scale easily when necessary.
To be part of the mixnet, mixnodes need to put up a stake. The active set of nodes is selected every epoch based on their total stake and some added randomness to make it less predictable to ensure the security of the system. These mixnodes are rewarded in proportion to their total stake and the work done.
Reserve mixnodes are also rewarded for being on standby, but active nodes are rewarded more because they do relatively more work.
The ongoing development sets the path for the projects’ next milestones, which includes building Nym client applications and GUIs, wallet integrations, and support for private messaging applications and cryptocurrency transactions next year. Once this is done, Nym will work on providing support for decentralized VPNs and their institutional adoption.