Pornhub disables website in Texas after AG sues for not verifying users’ ages

Pornhub has disabled its site in Texas to object to a state law that requires the company to verify the age of users to prevent minors from accessing the site. Texas residents who visit the site are met with a message from the company that criticizes the state’s elected officials who are requiring them to Read more about Pornhub disables website in Texas after AG sues for not verifying users’ ages[…]

car with eye in sky

Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies

Kenn Dahl says he has always been a careful driver. The owner of a software company near Seattle, he drives a leased Chevrolet Bolt. He’s never been responsible for an accident. So Mr. Dahl, 65, was surprised in 2022 when the cost of his car insurance jumped by 21 percent. Quotes from other insurance companies Read more about Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies[…]

European Commission broke data protection law with Microsoft Office 365 – duh

The European Commission has been reprimanded for infringing data protection regulations when using Microsoft 365. The rebuke came from the European Data Protection Supervisor (EDPS) and is the culmination of an investigation that kicked off in May 2021, following the Schrems II judgement. According to the EDPS, the EC infringed several data protection regulations, including Read more about European Commission broke data protection law with Microsoft Office 365 – duh[…]

Biden executive order aims to stop a few countries from buying Americans’ personal data – a watered down EU GDPR

[…] President Joe Biden will issue an executive order that aims to limit the mass-sale of Americans’ personal data to “countries of concern,” including Russia and China. The order specifically targets the bulk sale of geolocation, genomic, financial, biometric, health and other personally identifying information. During a briefing with reporters, a senior administration official said Read more about Biden executive order aims to stop a few countries from buying Americans’ personal data – a watered down EU GDPR[…]

Investigators seek push notification metadata in 130 cases – this is scarier than you think

More than 130 petitions seeking access to push notification metadata have been filed in US courts, according to a Washington Post investigation – a finding that underscores the lack of privacy protection available to users of mobile devices. The poor state of mobile device privacy has provided US state and federal investigators with valuable information Read more about Investigators seek push notification metadata in 130 cases – this is scarier than you think[…]

Scammers Are Now Scanning Faces To Defeat Age verification Biometric Security Measures

For quite some time now we’ve been pointing out the many harms of age verification technologies, and how they’re a disaster for privacy. In particular, we’ve noted that if you have someone collecting biometric information on people, that data itself becomes a massive risk since it will be targeted. And, remember, a year and a Read more about Scammers Are Now Scanning Faces To Defeat Age verification Biometric Security Measures[…]

Meta will start collecting much more “anonymized” data about Quest headset usage

Meta will soon begin “collecting anonymized data” from users of its Quest headsets, a move that could see the company aggregating information about hand, body, and eye tracking; camera information; “information about your physical environment”; and information about “the virtual reality events you attend.” In an email sent to Quest users Monday, Meta notes that Read more about Meta will start collecting much more “anonymized” data about Quest headset usage[…]

Canadian college M&M Vending machines secretly scanning faces – revealed by error message

[…] The scandal started when a student using the alias SquidKid47 posted an image on Reddit showing a campus vending machine error message, “Invenda.Vending.FacialRecognitionApp.exe,” displayed after the machine failed to launch a facial recognition application that nobody expected to be part of the process of using a vending machine. Enlarge / Reddit post shows error Read more about Canadian college M&M Vending machines secretly scanning faces – revealed by error message[…]

a picture of an eye staring at your from your mobile phone

European human rights court says backdooring encrypted comms is against human rights

The European Court of Human Rights (ECHR) has ruled that laws requiring crippled encryption and extensive data retention violate the European Convention on Human Rights – a decision that may derail European data surveillance legislation known as Chat Control. The Court issued a decision on Tuesday stating that “the contested legislation providing for the retention Read more about European human rights court says backdooring encrypted comms is against human rights[…]

23andMe Thinks ‘Mining’ Your DNA Data Is Its Last Hope

23andMe is in a death spiral. Almost everyone who wants a DNA test already bought one, a nightmare data breach ruined the company’s reputation, and 23andMe’s stock is so close to worthless it might get kicked off the Nasdaq. CEO Anne Wojcicki is on a crisis tour, promising investors the company isn’t going out of Read more about 23andMe Thinks ‘Mining’ Your DNA Data Is Its Last Hope[…]

The EU wants to criminalize AI-generated deepfakes and the non-consensual sending of intimate images

[…] the European Council and Parliament have agreed with the proposal to criminalize, among other things, different types of cyber-violence. The proposed rules will criminalize the non-consensual sharing of intimate images, including deepfakes made by AI tools, which could help deter revenge porn. Cyber-stalking, online harassment, misogynous hate speech and “cyber-flashing,” or the sending of Read more about The EU wants to criminalize AI-generated deepfakes and the non-consensual sending of intimate images[…]

Hundreds of thousands of EU citizens ‘wrongly fined for driving in London Ulez’ in one of EUs largest privacy breaches

Hundreds of thousands of EU citizens were wrongly fined for driving in London’s Ulez clean air zone, according to European governments, in what has been described as “possibly one of the largest data breaches in EU history”. The Guardian can reveal Transport for London (TfL) has been accused by five EU countries of illegally obtaining Read more about Hundreds of thousands of EU citizens ‘wrongly fined for driving in London Ulez’ in one of EUs largest privacy breaches[…]

iPhone Apps Secretly Harvest Data When They Send You Notifications, Researchers Find

iPhone apps including Facebook, LinkedIn, TikTok, and X/Twitter are skirting Apple’s privacy rules to collect user data through notifications, according to tests by security researchers at Mysk Inc., an app development company. Users sometimes close apps to stop them from collecting data in the background, but this technique gets around that protection. The data is Read more about iPhone Apps Secretly Harvest Data When They Send You Notifications, Researchers Find[…]

France fines Amazon $35 million over intrusive employee surveillance

France’s data privacy watchdog organization, the CNIL, has fined a logistics subsidiary of Amazon €32 million, or $35 million in US dollars, over the company’s use of an “overly intrusive” employee surveillance system. The CNIL says that the system employed by Amazon France Logistique “measured work interruptions with such accuracy, potentially requiring employees to justify Read more about France fines Amazon $35 million over intrusive employee surveillance[…]

a map of the netherlands with cellphone towers

Dutch phones can be easily tracked online: ‘Extreme security risk’

BNR received more than 80 gigabytes of location data from data traders: the coordinates of millions of telephones, often registered dozens of times a day. The gigantic mountain of data also includes movements of people with functions in which safety plays an important role. A senior army officer could be followed as he drove from Read more about Dutch phones can be easily tracked online: ‘Extreme security risk’[…]

Drivers would prefer to buy a low-tech car than one that shares their data

According to a survey of 2,000 Americans conducted by Kaspersky in November and published this week, 72 percent of drivers are uncomfortable with automakers sharing their data with advertisers, insurance companies, subscription services, and other third-party outfits. Specifically, 37.3 percent of those polled are “very uncomfortable” with this data sharing, and 34.5 percent are “somewhat Read more about Drivers would prefer to buy a low-tech car than one that shares their data[…]

Google agrees to settle $5 billion lawsuit accusing it of tracking Incognito users

In 2020, Google was hit with a lawsuit that accused it of tracking Chrome users’ activities even when they were using Incognito mode. Now, after a failed attempt to get it dismissed, the company has agreed to settle the complaint that originally sought $5 billion in damages. According to Reuters and The Washington Post, neither Read more about Google agrees to settle $5 billion lawsuit accusing it of tracking Incognito users[…]

a verizon technician giving away a large binder of documents to an ugly orc

Verizon Once Again Busted Handing Out Sensitive Wireless Subscriber Information To Any Nitwit Who Asks For It – because no US enforcement of any kind

Half a decade ago we documented how the U.S. wireless industry was caught over-collecting sensitive user location and vast troves of behavioral data, then selling access to that data to pretty much anybody with a couple of nickels to rub together. It resulted in no limit of abuse from everybody from stalkers to law enforcement Read more about Verizon Once Again Busted Handing Out Sensitive Wireless Subscriber Information To Any Nitwit Who Asks For It – because no US enforcement of any kind[…]

police officer looking up data on a smartphone

UK Police to be able to run AI face recognition searches on all driving licence holders

The police will be able to run facial recognition searches on a database containing images of Britain’s 50 million driving licence holders under a law change being quietly introduced by the government. Should the police wish to put a name to an image collected on CCTV, or shared on social media, the legislation would provide Read more about UK Police to be able to run AI face recognition searches on all driving licence holders[…]

Internet Architecture Board hits out at US, EU, UK client-side scanning (spying on everything on your phone and pc all the time) plans – to save (heard it before?) kids

[…] Apple brought widespread attention to this so-called client-side scanning in August 2021 when it announced plans to examine photos on iPhones and iPads before they were synced to iCloud, as a safeguard against the distribution of child sexual abuse material (CSAM). Under that plan, if someone’s files were deemed to be CSAM, the user Read more about Internet Architecture Board hits out at US, EU, UK client-side scanning (spying on everything on your phone and pc all the time) plans – to save (heard it before?) kids[…]

Google Will Stop Telling Law Enforcement Which Users Were Near a Crime, start saving location data on the mobile device instead of their servers. But not really though. And Why?

So most of the breathless reporting on Googles “Updates to Location History and new controls coming soon to Maps” is a bit like this below. However Google itself in “Manage your Location History” says that if you have location history on, it will also save it to it’s servers. There is no mention of encryption. Read more about Google Will Stop Telling Law Enforcement Which Users Were Near a Crime, start saving location data on the mobile device instead of their servers. But not really though. And Why?[…]

US Law enforcement can obtain prescription records from pharmacy giants without a warrant

America’s eight largest pharmacy providers shared customers’ prescription records to law enforcement when faced with subpoena requests, The Washington Post reported Tuesday. The news arrives amid patients’ growing privacy concerns in the wake of the Supreme Court’s 2022 overturn of Roe v. Wade. The new look into the legal workarounds was first detailed in a Read more about US Law enforcement can obtain prescription records from pharmacy giants without a warrant[…]

Proposed US surveillance regime makes anyone with a modem a big brother spy. Choice is between full on spying and full on spying.

Under rules being considered, any telecom service provider or business with custodial access to telecom equipment – a hotel IT technician, an employee at a cafe with Wi-Fi, or a contractor responsible for installing home broadband router – could be compelled to enable electronic surveillance. And this would apply not only to those involved with Read more about Proposed US surveillance regime makes anyone with a modem a big brother spy. Choice is between full on spying and full on spying.[…]

Bad genes: 23andMe leak highlights a possible future of genetic discrimination

23andMe is a terrific concept. In essence, the company takes a sample of your DNA and tells you about your genetic makeup. For some of us, this is the only way to learn about our heritage. Spotty records, diaspora, mistaken family lore and slavery can make tracing one’s roots incredibly difficult by traditional methods. What Read more about Bad genes: 23andMe leak highlights a possible future of genetic discrimination[…]

Governments, Apple, Google spying on users through push notifications – they all go through Apple and Google servers (unencrypted?)!

In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from Alphabet’s (GOOGL.O) Google and Apple (AAPL.O). Although details were sparse, the letter lays out yet another path by which governments can track smartphones. Apps of all kinds rely on push notifications to alert smartphone users to Read more about Governments, Apple, Google spying on users through push notifications – they all go through Apple and Google servers (unencrypted?)![…]