New EU rules would require chat apps to scan private messages for child abuse

The European Commission has proposed controversial new regulation that would require chat apps like WhatsApp and Facebook Messenger to selectively scan users’ private messages for child sexual abuse material (CSAM) and “grooming” behavior. The proposal is similar to plans mooted by Apple last year but, say critics, much more invasive. After a draft of the Read more about New EU rules would require chat apps to scan private messages for child abuse[…]

US secretly issued secret subpoena to access Guardian reporter’s phone records

The US justice department secretly issued a subpoena to gain access to details of the phone account of a Guardian reporter as part of an aggressive leak investigation into media stories about an official inquiry into the Trump administration’s child separation policy at the southern border. Leak investigators issued the subpoena to obtain the phone Read more about US secretly issued secret subpoena to access Guardian reporter’s phone records[…]

Web ad firms scrape email addresses before you press the submit button

Tracking, marketing, and analytics firms have been exfiltrating the email addresses of internet users from web forms prior to submission and without user consent, according to security researchers. Some of these firms are said to have also inadvertently grabbed passwords from these forms. In a research paper scheduled to appear at the Usenix ’22 security Read more about Web ad firms scrape email addresses before you press the submit button[…]

Indian Government Now Wants VPNs To Collect And Turn Over Personal Data On Users

The government of India still claims to be a democracy, but its decade-long assault on the internet and the rights of its citizens suggests it would rather be an autocracy. The country is already host to one of the largest biometric databases in the world, housing information collected from nearly every one of its 1.2 Read more about Indian Government Now Wants VPNs To Collect And Turn Over Personal Data On Users[…]

Hackers are reportedly using emergency data requests to extort women and minors

In response to fraudulent legal requests, companies like Apple, Google, Meta and Twitter have been tricked into sharing sensitive personal information about some of their customers. We knew that was happening as recently as last month when Bloomberg published a report on hackers using fake emergency data requests to carry out financial fraud. But according Read more about Hackers are reportedly using emergency data requests to extort women and minors[…]

Brave’s De-AMP feature bypasses harmful Google AMP pages

Brave announced a new feature for its browser on Tuesday: De-AMP, which automatically jumps past any page rendered with Google’s Accelerated Mobile Pages framework and instead takes users straight to the original website. “Where possible, De-AMP will rewrite links and URLs to prevent users from visiting AMP pages altogether,” Brave said in a blog post. Read more about Brave’s De-AMP feature bypasses harmful Google AMP pages[…]

Boris Johnson, Catalan Activists Hit With NSO Spyware: Report

Spyware manufactured by the NSO Group has been used to hack droves of high-profile European politicians and activists, The New Yorker reports. Devices associated with the British Foreign Office and the office of British Prime Minister Boris Johnson are allegedly among the targeted, as well as the phones of dozens of members of the Catalan Read more about Boris Johnson, Catalan Activists Hit With NSO Spyware: Report[…]

Cisco’s Webex phoned home audio telemetry even when muted

Boffins at two US universities have found that muting popular native video-conferencing apps fails to disable device microphones – and that these apps have the ability to access audio data when muted, or actually do so. The research is described in a paper titled, “Are You Really Muted?: A Privacy Analysis of Mute Buttons in Read more about Cisco’s Webex phoned home audio telemetry even when muted[…]

Mega-Popular Muslim Prayer Apps Were Secretly Harvesting Phone Numbers

Google recently booted over a dozen apps from its Play Store—among them Muslim prayer apps with 10 million-plus downloads, a barcode scanner, and a clock—after researchers discovered secret data-harvesting code hidden within them. Creepier still, the clandestine code was engineered by a company linked to a Virginia defense contractor, which paid developers to incorporate its Read more about Mega-Popular Muslim Prayer Apps Were Secretly Harvesting Phone Numbers[…]

Microsoft is finally making it easier to switch default browsers in Windows 11

Microsoft is finally making it easier to change your default browser in Windows 11. A new update (KB5011563) has started rolling out this week that allows Windows 11 users to change a default browser with a single click. After testing the changes in December, this new one-click method is rolling out to all Windows 11 Read more about Microsoft is finally making it easier to switch default browsers in Windows 11[…]

Bungie lawsuit aims to unmask YouTube copyright claim abusers

YouTube’s copyright claim system has been repeatedly abused for bogus takedown requests, and Bungie has had enough. TorrentFreak reports the game studio has sued 10 anonymous people for allegedly leveling false Digital Millennium Copyright Act (DMCA) claims against a host of Destiny 2 creators on YouTube, and even Bungie itself. The company said the culprits Read more about Bungie lawsuit aims to unmask YouTube copyright claim abusers[…]

Ubiquiti Files Case Against Security Blogger Krebs Over ‘False Accusations’ (for doing his job)

In March of 2021 the Krebs on Security blog reported that Ubiquiti, “a major vendor of cloud-enabled Internet of Things devices,” had disclosed a breach exposing customer account credentials. But Krebs added that a company source “alleges” that Ubiquiti was downplaying the severity of the incident — which is not true, says Ubiquiti. Krebs’ original Read more about Ubiquiti Files Case Against Security Blogger Krebs Over ‘False Accusations’ (for doing his job)[…]

Copyright Is Indispensable For Artists, They Say; But For All Artists, Or Just Certain Kinds?

One of the central “justifications” for copyright is that it is indispensable if creativity is to be viable. Without it, we are assured, artists would starve. This ignores the fact that artists created and thrived for thousands of years before the 1710 Statute of Anne. But leaving that historical detail aside, as well as the Read more about Copyright Is Indispensable For Artists, They Say; But For All Artists, Or Just Certain Kinds?[…]

EU, US strike preliminary deal to unlock transatlantic data flows – yup, the EU will let the US spy on it’s citizens freely again

Negotiators have been working on an agreement — which allows Europeans’ personal data to flow to the United States — since the EU’s top court struck down the Privacy Shield agreement in July 2020 because of fears that the data was not safe from access by American agencies once transferred across the Atlantic. The EU Read more about EU, US strike preliminary deal to unlock transatlantic data flows – yup, the EU will let the US spy on it’s citizens freely again[…]

Virtual Kidnappers Are Scamming Parents Out of Millions of Dollars

[…] cases have become so widespread that the bureau has a name for them: virtual kidnappings. “It’s a telephone extortion scheme,” says Arbuthnot, who heads up virtual-kidnapping investigations for the FBI out of Los Angeles. Because many of the crimes go unreported, the bureau doesn’t have a precise number on how widespread the scam is. Read more about Virtual Kidnappers Are Scamming Parents Out of Millions of Dollars[…]

Messages, Dialer apps sent text, call info to Google

Google’s Messages and Dialer apps for Android devices have been collecting and sending data to Google without specific notice and consent, and without offering the opportunity to opt-out, potentially in violation of Europe’s data protection law. According to a research paper, “What Data Do The Google Dialer and Messages Apps On Android Send to Google?” Read more about Messages, Dialer apps sent text, call info to Google[…]

HBO hit with class action lawsuit for allegedly sharing subscriber data with Facebook

HBO is facing a class action lawsuit over allegations that it gave subscribers’ viewing history to Facebook without proper permission, Variety has reported. The suit accuses HBO of providing Facebook with customer lists, allowing the social network to match viewing habits with their profiles. It further alleges that HBO knows Facebook can combine the data Read more about HBO hit with class action lawsuit for allegedly sharing subscriber data with Facebook[…]

Italy slaps creepy webscraping facial recognition firm Clearview AI with €20 million fine

Italy’s data privacy watchdog said it will fine the controversial facial recognition firm Clearview AI for breaching EU law. An investigation by Garante, Italy’s data protection authority, found that the company’s database of 10 billion images of faces includes those of Italians and residents in Italy. The New York City-based firm is being fined €20 Read more about Italy slaps creepy webscraping facial recognition firm Clearview AI with €20 million fine[…]

Ice Cream Machine Repairers Sue McDonald’s for $900 Million

For years, the tiny startup Kytch worked to invent and sell a device designed to fix McDonald’s notoriously broken ice cream machines, only to watch the fast food Goliath crush their business like the hopes of so many would-be McFlurry customers. Now Kytch is instead seeking to serve out cold revenge—nearly a billion dollars worth Read more about Ice Cream Machine Repairers Sue McDonald’s for $900 Million[…]

UK Online Safety Bill to require more data to use social media – eg send them your passport

The country’s forthcoming Online Safety Bill will require citizens to hand over even more personal data to largely foreign-headquartered social media platforms, government minister Nadine Dorries has declared. “The vast majority of social networks used in the UK do not require people to share any personal details about themselves – they are able to identify Read more about UK Online Safety Bill to require more data to use social media – eg send them your passport[…]

EU Data Watchdog Calls for Total Ban of Pegasus Spyware

Israeli authorities say it should be probed and U.S. authorities are calling for it to be sanctioned, but EU officials have a different idea for how to handle Pegasus spyware: just ban that shit entirely. That’s the main takeaway from a new memo released by EPDS, the Union’s dedicated data watchdog on Tuesday, noting that Read more about EU Data Watchdog Calls for Total Ban of Pegasus Spyware[…]

100 Billion Face Photos? Clearview AI tells investors it’s On Track to Identify ‘Almost Everyone in the World’

tThe Washington Post reports: Clearview AI is telling investors it is on track to have 100 billion facial photos in its database within a year, enough to ensure “almost everyone in the world will be identifiable,” according to a financial presentation from December obtained by The Washington Post. Those images — equivalent to 14 photos Read more about 100 Billion Face Photos? Clearview AI tells investors it’s On Track to Identify ‘Almost Everyone in the World’[…]

It’s Back: Senators Want ‘EARN IT’ Bill To Scan All Online Messages by private companies – also misusing children as an excuse

A group of lawmakers have re-introduced the EARN IT Act, an incredibly unpopular bill from 2020 that “would pave the way for a massive new surveillance system, run by private companies, that would roll back some of the most important privacy and security features in technology used by people around the globe,” writes Joe Mullin Read more about It’s Back: Senators Want ‘EARN IT’ Bill To Scan All Online Messages by private companies – also misusing children as an excuse[…]

Revealed: UK Gov’t Plans Publicity Blitz to Undermine Chat Privacy, encryption. Of course they use children. And Fear.

The UK government is set to launch a multi-pronged publicity attack on end-to-end encryption, Rolling Stone has learned. One key objective: mobilizing public opinion against Facebook’s decision to encrypt its Messenger app. The Home Office has hired the M&C Saatchi advertising agency — a spin-off of Saatchi and Saatchi, which made the “Labour Isn’t Working” Read more about Revealed: UK Gov’t Plans Publicity Blitz to Undermine Chat Privacy, encryption. Of course they use children. And Fear.[…]

Is Microsoft Stealing People’s Bookmarks, passwords, ID / passport numbers without consent?

received email from two people who told me that Microsoft Edge enabled synching without warning or consent, which means that Microsoft sucked up all of their bookmarks. Of course they can turn synching off, but it’s too late. Has this happened to anyone else, or was this user error of some sort? If this is Read more about Is Microsoft Stealing People’s Bookmarks, passwords, ID / passport numbers without consent?[…]