Have you seen this new TV spot from Apple called “Data Auction”? It is really bugging me. I must have seen it about 50 times on various streaming services. While it does a great job of showing how your personal information is being traded by data brokers, it takes tremendous license with its visual elements and how its iOS operating system actually works.

Apple has been improving its privacy protection over the past several years, so I give them some props for trying. But unless you are determined and really patient, fixing your phone (or other fruit-filled device) up the way you’d like it to preserve your privacy isn’t simple, and chances are you’ll probably get it wrong on the first try.

Apple’s commercial touts new features that they have added to iOS over the past couple of years: the ability to prevent third-party apps and advertisers from tracking your movements, including across your app portfolio, browsing and through using its Mail app. They both can eventually be found in the Settings/Privacy/Tracking screens. As we watch our hapless actor “Ellie” wander into her data auction, she fortunately has her iPhone at hand and is able to zap the auction audience into smoke with the press of A Single Button. Too bad that isn’t the actual iOS interface, which has a very confusingly labeled slider “Allow Apps to Request to Track” that should be off if you want to do the same thing (data oblivion). There is another button that Ellie used to rid her emails of trackers.

Okay, it is a very effective commercial. And I am glad that Apple has taken this approach to help users’ privacy. But why not use the actual UI? And better yet, why not hide it three menus deep where few can find it?

Apple has some interesting developments for iOS 16 that will be out later this fall, including one called “Safety Check” that Elllie will really love, especially if she has an abusive partner or a cyber stalker. Maybe if they use the same actor we can get a more faithful representation of what real users will have to do.

As more communities install automated license plate readers (APLRs) to monitor vehicle traffic, there are growing concerns about the privacy and efficacy of these tools. Stories have appeared in local newspapers, such as those in St. Louis, Louisville and Akron that document the rapid rise of Flock license plate camera data and how it can be a central source of vehicle movements.

These stories highlight some of the privacy implications of APLRs and also recall some of the same issues with the growth of other massive private data collections. In my latest blog for Avast, I describe what’s going with these APLR systems, some of the issues raised by privacy advocates, and how they compare with the DNA/genetic testing data collections.

If you have heard of the process of social engineering, the ability of a hacker to trick you into divulging your private details, then you might have come across ethical hacker Rachel Tobac. She’s the CEO of SocialProof Security and board member of Women in Security and Privacy. I virtually attended one of her more recent talks, during which she explained her craft and gave some suggestions on how we all can improve our personal security and make her job more difficult.

Tobac has carried out some notable security stunts in the past, such as live hacking a CNN report’s accounts and stealing his airline points. “I hack so people can understand how hackers think and hopefully you will avoid these mistakes,” she told her audience.

You can read more about her talk — and how to harden your own defenses against social engineering attacks — in my latest blog for Avast here. And if you want to watch a great documentary about the teens behind the 2020 Twitter hack, you can find it streaming on Hulu here,