A lawsuit filed against eufy security cam maker Anker Tech claims the biz assigns “unique identifiers” to the faces of any person who walks in front of its devices – and then stores that data in the cloud, “essentially logging the locations of unsuspecting individuals” when they stroll past. […] All three suits allege Anker Read more about Anker Eufy security cam ‘stored unique ID’ of everyone filmed in the cloud for other cameras to identify – and for anyone to watch[…]

Cerebral has revealed it shared the private health information, including mental health assessments, of more than 3.1 million patients in the United States with advertisers and social media giants like Facebook, Google and TikTok. The telehealth startup, which exploded in popularity during the COVID-19 pandemic after rolling lockdowns and a surge in online-only virtual health Read more about Telehealth startup Cerebral shared millions of patients’ data with advertisers since 2019[…]

[…] The Online Safety Bill contemplates bypassing encryption using device-side scanning to protect children from harmful material, and coincidentally breaking the security of end-to-end encryption at the same time. It’s currently being considered in Parliament and has been the subject of controversy for months. [ something something saving children – that’s always a bad sign Read more about Signal says it will shut down in UK over Online Safety Bill, which wants to install spyware on all your devices[…]

[…] “There are two main problems here,” Mozilla’s Caltrider said. “The first problem is Google only requires the information in labels to be self-reported. So, fingers crossed, because it’s the honor system, and it turns out that most labels seem to be misleading.” Google promises to make apps fix problems it finds in the labels, Read more about Google’s Play Store Privacy Labels Are a ‘Total Failure:’ Study[…]

[…] with numerous recent studies showing the ease at which VR users can be profiled, deanonymized, and data harvested, metaverse platforms carry all the privacy risks of the current internet and more while at present having none of the defensive privacy tools we are accustomed to using on the web. To remedy this, we present Read more about MetaGuard: Going Incognito in the Metaverse[…]

[..] In a paper provided to The Register in advance of its publication on ArXiv, academics Vivek Nair, Wenbo Guo, Justus Mattern, Rui Wang, James O’Brien, Louis Rosenberg, and Dawn Song set out to test the extent to which individuals in VR environments can be identified by body movement data. The boffins gathered telemetry data Read more about 3 motion points allow you to be identified within seconds in VR[…]

Russ Cox, a Google software engineer steering the development of the open source Go programming language, has presented a possible plan to implement telemetry in the Go toolchain. However many in the Go community object because the plan calls for telemetry by default. These alarmed developers would prefer an opt-in rather than an opt-out regime, Read more about Google’s wants Go reporting telemetry data by default[…]

Many programs collect user data and send it back to their developers to improve software or provide more targeted services. But according to the PC Security Channel (via Neowin (opens in new tab)) Microsoft’s Windows 11 sends data not only to the Redmond, Washington-based software giant, but also to multiple third parties. To analyze DNS traffic generated by Read more about Windows 11 Sends Tremendous Amount of User Data to Third Parties – pretty much spyware for loads of people![…]

Microsoft wants everyone to know that it isn’t looking to invade their privacy while looking through their Windows PCs to find out-of-date versions of Office software. In its KB5021751 update last month, Microsoft included a plan to scan Windows systems to smoke out those Office versions that are no longer supported or nearing the end Read more about Microsoft won’t access private data in Office version scan installed as OS update they say[…]

The Federal Trade Commission took historic action against the medication discount service GoodRx Wednesday, issuing a $1.5 million fine against the company for sharing data about users’ prescriptions with Facebook, Google, and others. It’s a move that could usher in a new era of health privacy in the United States. “Digital health companies and mobile Read more about FTC Fines GoodRx $1.5M for Sending Medication Data to Facebook, Google, others[…]

Meta’s (META.O) WhatsApp subsidiary was fined 5.5 million euros ($5.95 million) on Thursday by Ireland’s Data Privacy Commissioner (DPC), its lead EU privacy regulator, for an additional breach of the bloc’s privacy laws. The DPC also told WhatsApp to reassess how it uses personal data for service improvements following a similar order it issued this Read more about Meta’s WhatsApp fined 5.5 mln euro by lead EU privacy regulator[…]

Your international money transfers might not be as discreet as you think. Senator Ron Wyden and The Wall Street Journal have learned that US law enforcement can access details of money transfers without a warrant through an obscure surveillance program the Arizona attorney general’s office created in 2014. A database stored at a nonprofit, the Read more about US law enforcement has warrantless access to many money transfers[…]

Meta has filed a lawsuit against Voyager Labs, which it has accused of creating tens of thousands of fake accounts to scrape data from more than 600,000 Facebook users’ profiles. It says the surveillance company pulled information such as posts, likes, friend lists, photos, and comments, along with other details from groups and pages. Meta Read more about Meta sues surveillance company for allegedly scraping more than 600,000 accounts – pots and kettles[…]

Google has agreed to pay $9.5 million to settle a lawsuit brought by Washington DC Attorney General Karl Racine, who accused the company earlier this year of “deceiving users and invading their privacy.” Google has also agreed to change some of its practices, primarily concerning how it informs users about collecting, storing and using their Read more about Google will pay $9.5 million to settle Washington DC AG’s location-tracking lawsuit[…]

NHS England has extended its contract with US spy-tech biz Palantir for the system built at the height of the pandemic to give it time to resolve the twice-delayed procurement of a data platform to support health service reorganization and tackle the massive care backlog. The contract has already been subject to the threat of Read more about Spy Tech Palantir’s Covid-era UK health contract extended without public consultation or competition[…]

France’s data protection authority, CNIL, fined Apple €8 million (about $8.5 million) Wednesday for illegally harvesting iPhone owners’ data for targeted ads without proper consent. […] The French fine, though, is the latest addition to a growing body of evidence that Apple may not be the privacy guardian angel it makes itself out to be. Read more about Apple Faces French $8.5M Fine For Illegal Data Harvesting[…]

[…] On January 10, according to The South China Morning Post, China’s Cyberspace Administration will implement new rules that are intended to protect people from having their voice or image digitally impersonated without their consent. The regulators refer to platforms and services using the technology to edit a person’s voice or image as, “deep synthesis Read more about China’s Setting the Standard for Deepfake Regulation[…]

[…] graduate students at Northeastern University were able to organize and beat back an attempt at introducing invasive surveillance devices that were quietly placed under desks at their school. Early in October, Senior Vice Provost David Luzzi installed motion sensors under all the desks at the school’s Interdisciplinary Science & Engineering Complex (ISEC), a facility Read more about Grad Students Analyze, Hack, and Remove Under-Desk Surveillance Devices Designed to Track Them – at  a privacy institute![…]

[…] We’ve already spent many, many words explaining how age verification technology is inherently dangerous and actually puts children at greater risk. Not to mention it’s a privacy nightmare that normalizes the idea of mass surveillance, especially for children. But, why take our word for it? The French data protection agency, CNIL, has declared that Read more about As US, UK Embrace ‘Age Verify Everyone!’ French Data Protection Agency Says Age Verification Is Unreliable And Violates Privacy Rights[…]

Eufy, the company behind a series of affordable security cameras I’ve previously suggested over the expensive stuff, is currently in a bit of hot water for its security practices. The company, owned by Anker, purports its products to be one of the few security devices that allow for locally-stored media and don’t need a cloud Read more about Eufy Cameras Have Been Uploading Unencrypted Face Footage to Cloud[…]

Google agreed to a $391.5 million dollar settlement on Monday to end a lawsuit accusing the tech giant of tricking users with location data privacy settings that didn’t actually turn off data collection. The payout, the result of a suit brought by 40 state attorneys general, marks one of the biggest privacy settlements in history. Read more about Google Settles 40 States’ Location Data Suit for only $392 Million[…]