235 Million Instagram, TikTok And YouTube User Profiles Exposed In Massive Data Leak

it was such an unsecured database that the Comparitech researchers, led by Bob Diachenko, discovered on August 1, leaving the personal profile data of nearly 235 million Instagram, TikTok and YouTube users up for grabs. The data was spread across several datasets; the most significant being two coming in at just under 100 million each Read more about 235 Million Instagram, TikTok And YouTube User Profiles Exposed In Massive Data Leak[…]

Securus sued for ‘recording attorney-client jail calls, handing them to cops’ – months after settling similar lawsuit and charging more than 100x normal price for the calls. Hey, monopolies!

Jail phone telco Securus provided recordings of protected attorney-client conversations to cops and prosecutors, it is claimed, just three months after it settled a near-identical lawsuit. The corporate giant controls all telecommunications between the outside world and prisoners in American jails that contract with it. It charges far above market rate, often more than 100 Read more about Securus sued for ‘recording attorney-client jail calls, handing them to cops’ – months after settling similar lawsuit and charging more than 100x normal price for the calls. Hey, monopolies![…]

US Secret Service Bought Access to Bable Street’s Locate X Spy Tool for warrantless surveillance

Babel Street is a shadowy organization that offers a product called Locate X that is reportedly used to gather anonymized location data from a host of popular apps that users have unwittingly installed on their phones. When we say “unwittingly,” we mean that not everyone is aware that random innocuous apps are often bundling and Read more about US Secret Service Bought Access to Bable Street’s Locate X Spy Tool for warrantless surveillance[…]

New Toyotas will upload data to AWS to help create custom insurance premiums based on driver behaviour, send your data to others too

Toyota already operates a “Mobility Services Platform” that it says helps it to “develop, deploy, and manage the next generation of data-driven mobility services for driver and passenger safety, security, comfort, and convenience”. That data comes from a device called the “Data Communication Module” (DCM) that Toyota fits into many models in Japan, the USA Read more about New Toyotas will upload data to AWS to help create custom insurance premiums based on driver behaviour, send your data to others too[…]

Privacy Shield no longer valid: Joint Press Statement from U.S. Secretary of Commerce Wilbur Ross and European Commissioner for Justice Didier Reynders

The U.S. Department of Commerce and the European Commission have initiated discussions to evaluate the potential for an enhanced EU-U.S. Privacy Shield framework to comply with the July 16 judgment of the Court of Justice of the European Union in the Schrems II case. This judgment declared that this framework is no longer a valid Read more about Privacy Shield no longer valid: Joint Press Statement from U.S. Secretary of Commerce Wilbur Ross and European Commissioner for Justice Didier Reynders[…]

Lawmakers Ask California DMV How It Makes $50 Million a Year Selling Drivers’ Data

A group of nearly a dozen lawmakers led by member of Congress Anna Eshoo wrote to the California Department of Motor Vehicles (DMV) on Wednesday looking for answers on how and why the organization sells the personal data of residents. The letter comes after Motherboard revealed last year that the DMV was making $50 million Read more about Lawmakers Ask California DMV How It Makes $50 Million a Year Selling Drivers’ Data[…]

Private equity wants to own your DNA – Blackstone buys Ancestry at $250,- per person

The nation’s largest private equity firm is interested in buying your DNA data. The going rate: $261 per person. That appears to be what Blackstone, the $63 billion private equity giant, is willing to pay for genetic data controlled by one of the major companies gathering it from millions of customers. Earlier this week, Blackstone Read more about Private equity wants to own your DNA – Blackstone buys Ancestry at $250,- per person[…]

Whoops, our bad, we just may have ‘accidentally’ left Google Home devices recording your every word, sound, sorry

Your Google Home speaker may have been quietly recording sounds around your house without your permission or authorization, it was revealed this week. The Chocolate Factory admitted it had accidentally turned on a feature that allowed its voice-controlled AI-based assistant to activate and snoop on its surroundings. Normally, the device only starts actively listening in Read more about Whoops, our bad, we just may have ‘accidentally’ left Google Home devices recording your every word, sound, sorry[…]

Australian government sues Google for misleading consumers in Doubleclick data collection

The Australian government has filed its second lawsuit against Google in less than a year over privacy concerns, this time alleging the tech giant misled Australian consumers in an attempt to gather information for targeted ads. The Australian Competition and Consumers Commission (ACCC), the country’s consumer watchdog, says Google didn’t obtain explicit consent from consumers Read more about Australian government sues Google for misleading consumers in Doubleclick data collection[…]

See When Other Apps Use Your Microphone or Camera With This Android App

you can get this functionality by downloading and installing a simple app from the Google Play Store: Access Dots. It’s free, it’s easy, and it helps you up your Android’s security game. I would almost call it a must-install for anyone, because it’s as unobtrusive as it is helpful. Download and launch the app, and Read more about See When Other Apps Use Your Microphone or Camera With This Android App[…]

We’re suing Google for harvesting our personal info even though we opted out of Chrome sync – netizens

A handful of Chrome users have sued Google, accusing the browser maker of collecting personal information despite their decision not to sync data stored in Chrome with a Google Account. The lawsuit [PDF], filed on Monday in a US federal district court in San Jose, California, claimed Google promises not to collect personal information from Read more about We’re suing Google for harvesting our personal info even though we opted out of Chrome sync – netizens[…]

Twitter Contractors Abused Access to Beyoncé’s Account: Report

Twitter contractors with high-level administrative access to accounts regularly abused their privileges to spy on celebrities including Beyoncé, including approximating their movements via internet protocol addresses, according to a report by Bloomberg. Over 1,500 workers and contractors at Twitter who handle internal support requests and manage user accounts have high-level privileges that enable them to Read more about Twitter Contractors Abused Access to Beyoncé’s Account: Report[…]

EU demands strange concessions from Google over Fitbit deal – wants to share movement data to third parties

The EU has demanded that Google make major concessions relating to its $2.1 billion acquisition of fitness-tracking company Fitbit if the deal is to be allowed to proceed imminently, according to people with direct knowledge of the discussions. Since it was announced last November, the acquisition has faced steep opposition from consumer groups and regulators, Read more about EU demands strange concessions from Google over Fitbit deal – wants to share movement data to third parties[…]

Instagram and 50 other apps found that quietly access iOS device’s camera

Apple’s iOS 14 beta has proven surprisingly handy at sussing out what apps are snooping on your phone’s data. It ratted out LinkedIn, Reddit, and TikTok for secretly copying clipboard content earlier this month, and now Instagram’s in hot water after several users reported that their camera’s “in use” indicator stays on even when they’re Read more about Instagram and 50 other apps found that quietly access iOS device’s camera[…]

Facebook settles unauthorised use of facial recognition for $650 million

Facebook has agreed to pay a total of $650 million in a landmark class action lawsuit over the company’s unauthorized use of facial recognition, a new court filing shows. The filing represents a revised settlement that increases the total payout by $100 million and comes after a federal judge balked at the original proposal on Read more about Facebook settles unauthorised use of facial recognition for $650 million[…]

Amazon’s auditing of Alexa Skills is so good, these boffins got all 200+ rule-breaking apps past the reviewers

Amazon claims it reviews the software created by third-party developers for its Alexa voice assistant platform, yet US academics were able to create more than 200 policy-violating Alexa Skills and get them certified. In a paper [PDF] presented at the US Federal Trade Commission’s PrivacyCon 2020 event this week, Clemson University researchers Long Cheng, Christin Read more about Amazon’s auditing of Alexa Skills is so good, these boffins got all 200+ rule-breaking apps past the reviewers[…]

Firefox on Android: Camera remains active when phone is locked or the user switches apps after streaming

Mozilla says it’s working on fixing a bug in Firefox for Android that keeps the smartphone camera active even after users have moved the browser in the background or the phone screen was locked. A Mozilla spokesperson told ZDNet in an email this week that a fix is expected for later this year in October. Read more about Firefox on Android: Camera remains active when phone is locked or the user switches apps after streaming[…]

Mozilla offers trusted VPN services – good timing!

Starting today, there’s a VPN on the market from a company you trust. The Mozilla VPN (Virtual Private Network) is now available on Windows and Android devices. This fast and easy-to-use VPN service is brought to you by Mozilla, the makers of Firefox, and a trusted name in online consumer security and privacy services. See Read more about Mozilla offers trusted VPN services – good timing![…]

E.U. Court Invalidates Data-Sharing Agreement With U.S.

The European Union’s top court ruled Thursday that an agreement that allows big tech companies to transfer data to the United States is invalid, and that national regulators need to take tougher action to protect the privacy of users’ data. The ruling does not mean an immediate halt to all data transfers outside the EU, Read more about E.U. Court Invalidates Data-Sharing Agreement With U.S.[…]

Google faces lawsuit over tracking in apps even when users opted out

Google records what people are doing on hundreds of thousands of mobile apps even when they follow the company’s recommended settings for stopping such monitoring, a lawsuit seeking class action status alleged on Tuesday. The data privacy lawsuit is the second filed in as many months against Google by the law firm Boies Schiller Flexner Read more about Google faces lawsuit over tracking in apps even when users opted out[…]

Only 9% of visitors give GDPR consent to be tracked

Most GDPR consent banner implementations are deliberately engineered to be difficult to use and are full of dark patterns that are illegal according to the law. I wanted to find out how many visitors would engage with a GDPR banner if it were implemented properly and how many would grant consent to their information being Read more about Only 9% of visitors give GDPR consent to be tracked[…]

Uncovered: 1,000 phrases that incorrectly trigger Alexa, Siri, and Google Assistant

As Alexa, Google Home, Siri, and other voice assistants have become fixtures in millions of homes, privacy advocates have grown concerned that their near-constant listening to nearby conversations could pose more risk than benefit to users. New research suggests the privacy threat may be greater than previously thought. The findings demonstrate how common it is Read more about Uncovered: 1,000 phrases that incorrectly trigger Alexa, Siri, and Google Assistant[…]

Zoom misses its own deadline to publish its first transparency report

How many government demands for user data has Zoom received? We won’t know until “later this year,” an updated Zoom blog post now says. The video conferencing giant previously said it would release the number of government demands it has received by June 30. But the company said it’s missed that target and has given Read more about Zoom misses its own deadline to publish its first transparency report[…]

Consumer orgs ask world’s competition watchdogs: Are you really going to let Google walk off with all Fitbit’s data?

Twenty consumer and citizen rights groups have published an open letter [PDF] urging regulators to pay closer attention to Google parent Alphabet’s planned acquisition of Fitbit. The letter describes the pending purchase as a “game-changer” that will test regulators’ resolve to analyse how the vast quantities of health and location data slurped by Google would Read more about Consumer orgs ask world’s competition watchdogs: Are you really going to let Google walk off with all Fitbit’s data?[…]

Purism’s quest against Intel’s Management Engine black box CPU now comes in 14 inches

This latest device succeeds the previous Librem 13 laptop, which ran for four generations, and includes a slightly bigger display, a hexa-core Ice Lake Intel Core i7 processor, gigabit Ethernet, and USB-C. As the name implies, the Librem 14 packs a 14-inch, 1920×1080 IPS display. Purism said this comes without increasing the laptop’s dimensions thanks Read more about Purism’s quest against Intel’s Management Engine black box CPU now comes in 14 inches[…]