[…] Researchers at Duke University released a study on Monday tracking what measures data brokers have in place to prevent unidentified or potentially malign actors from buying personal data on members of the military. As it turns out, the answer is often few to none — even when the purchaser is actively posing as a Read more about Researchers posed as foreign actors, and data brokers sold them information on military servicemembers anyway – for pennies[…]

YouTube wants its pound of flesh. Disable your ad blocker or pay for Premium, warns a new message being shown to an unsuspecting test audience, with the barely hidden subtext of “you freeloading scum.” Trouble is, its ad blocker detecting mechanism doesn’t exactly comply with EU law, say privacy activists. Ask for user permission or Read more about YouTube cares less for your privacy than its revenues[…]

The EU Commission has been pushing client-side scanning for well over a year. This new intrusion into private communications has been pitched as perhaps the only way to prevent the sharing of child sexual abuse material (CSAM). Mandates proposed by the EU government would have forced communication services to engage in client-side scanning of content. Read more about EU Trys to Implement Client-Side Scanning, death to encryption By Personalised Targeting of EU Residents With Misleading Ads[…]

GSK will pay 23andMe $20 million for access to the genetic-testing company’s vast trove of consumer DNA data, extending a five-year collaboration that’s allowed the drugmaker to mine genetic data as it researches new medications. Under the new agreement, 23andMe will provide GSK with one year of access to anonymized DNA data from the approximately Read more about Drugmakers Are Set To Pay 23andMe Millions To Access Your DNA – which is also your families DNA[…]

Ever since Apple re-branded as the “Privacy” company several years back, it’s been rolling out features designed to show its commitment to protecting users. Yet while customers might feel safer using an iPhone, there’s already plenty of evidence that Apple’s branding efforts don’t always match the reality of its products. In fact, a lot of Read more about Apple’s MAC Address Privacy Feature Has Never Worked[…]

The Data Privacy Framework (DPF) presents new legal guidance to facilitate personal data sharing between US companies and their counterparts in the EU and the UK. This framework empowers individuals with greater control over their personal data and streamlines business operations by creating common rules around interoperable dataflows. Moreover, the DPF will help enable clear Read more about Empowering Responsible and Compliant Practices: Bridging the Gap for US Citizens and Corporations with the New EU-US Data Privacy Framework[…]

Credit bureau company, Equifax, has been fined US$13.4 million by The Financial Conduct Authority (FCA), a UK financial watchdog, following its involvement in “one of the largest” data breaches ever. This cyber security incident took place in 2017 and saw Equifax’s US-based parent company, Equifax Inc., suffer a data breach that saw the personal data Read more about Equifax poked with paltry $13.4 million following 147m customer data breach in 2017[…]

In a bombshell report, an oversight body for the Department of Homeland Security (DHS) found that Immigration and Customs Enforcement (ICE), Customs and Border Enforcement (CBP), and the Secret Service all broke the law while using location data harvested from ordinary apps installed on smartphones. In one instance, a CBP official also inappropriately used the Read more about ICE, CBP, Secret Service All Illegally Used Smartphone Location Data[…]

On Wednesday, EPIC filed a complaint with the US government watchdog over Grindr’s “apparent failure to safeguard users’ sensitive personal data.” This includes both present and past users who have since deleted their accounts, according to the complaint. Despite promising in its privacy policy to delete personal info if customers remove their account, Grindr allegedly retained Read more about EPIC urges FTC to investigate Grindr’s data practices[…]

[…] “Singapore will be one of the first few countries in the world to introduce automated, passport-free immigration clearance,” said minister for communications and information Josephine Teo in a wrap-up speech for the bill. Teo did concede that Dubai had such clearance for select enrolled travelers, but there was no assurance of other countries planning Read more about Singapore plans to scan your face instead of your passport[…]

Web browsers have had tools that let you translate websites for years. But they typically rely on cloud-based translation services like Google Translate or Microsoft’s Bing Translator. The latest version of Mozilla’s Firefox web browser does things differently. Firefox 118 brings support for Fullpage Translation, which can translate websites entirely in your browser. In other Read more about Firefox now has private browser-based website translation – no cloud servers required[…]

Today’s story is about Philips Hue by Signify. They will soon start forcing accounts on all users and upload user data to their cloud. For now, Signify says you’ll still be able to control your Hue lights locally as you’re currently used to, but we don’t know if this may change in the future. The Read more about Philips Hue will force users to upload their data to Hue cloud – changing their TOS after you bought the product for not needing an account[…]

T-Mobile US has had another bad week on the infosec front – this time stemming from a system glitch that exposed customer account data, followed by allegations of another breach the carrier denied. According to customers who complained of the issue on Reddit and X, the T-Mobile app was displaying other customers’ data instead of Read more about T-Mobile US exposes some customer data, but don’t say breach[…]

The Dutch Data Protection Foundation (SDBN) wants to enforce a mass claim for 11 million people through the courts against social media company X, the former Twitter. Between 2013 and 2021, that company owned the advertising platform MoPub, which, according to the privacy foundation, illegally traded in data from users of more than 30,000 free Read more about Dutch privacy watchdog SDBN sues twitter for collecting and selling data via Mohub (wordfeud, duolingo, etc) without notifying users[…]

[…] Specifically, the web giant’s Privacy Sandbox APIs, a set of ad delivery and analysis technologies, now function in the latest version of the Chrome browser. Website developers can thus write code that calls those APIs to deliver and measure ads to visitors with compatible browsers. That is to say, sites can ask Chrome directly Read more about Google Chrome’s Privacy Sandbox: any site can now query all your habits[…]

The Foundation for the Protection of Privacy Interests and the Consumers’ Association are taking the next step in their fight against Google. The tech company is being taken to court today for ‘large-scale privacy violations’. The proceedings demand, among other things, that Google stop its constant surveillance and sharing of personal data through online advertising Read more about Google taken to court in NL for large scale privacy breaches[…]

[…] The foundation, the Firefox browser maker’s netizen-rights org, assessed the privacy policies and practices of 25 automakers and found all failed its consumer privacy tests and thereby earned its Privacy Not Included (PNI) warning label. If you care even a little about privacy, stay as far away from Nissan’s cars as you possibly can Read more about Mozilla investigates 25 major car brands and finds privacy is shocking[…]

In the past I’ve sometimes described Australia as the land where internet policy is completely upside down. Rather than having a system that protects intermediaries from liability for third party content, Australia went the opposite direction. Rather than recognizing that a search engine merely links to content and isn’t responsible for the content at those Read more about Australian Government, Of All Places, Says Age Verification Is A Privacy & Security Nightmare[…]

Is Achmea or Bol.com customer service putting you on hold? Then everything you say can still be heard by some of their employees. This is evident from research by Radar. When you call customer service, you often hear: “Please note: this conversation may be recorded for training purposes.” Nothing special. But if you call the Read more about Companies are recording your conversations whilst you are on hold with them[…]

China has released draft regulations to govern the country’s facial recognition technology that include prohibitions on its use to analyze race or ethnicity. According to the the Cyberspace Administration of China(CAC), the purpose is to “regulate the application of face recognition technology, protect the rights and interests of personal information and other personal and property Read more about China floats rules for facial recognition technology – they are good and be great if the govt was bound by them too![…]

This weekend, a federal court tossed a subpoena in a case against the internet service provider Grande that would require Reddit to reveal the identities of anonymous users that torrent movies. The case was originally filed in 2021 by 20 movie producers against Grande Communications in the Western District of Texas federal court. The lawsuit Read more about Reddit Wins, Doesn’t Have to NARC on Users Who Discussed Torrenting[…]

Nearly three years after a 2020 court decision threatened to grind transatlantic e-commerce to a halt, the European Union has adopted a plan that will allow US tech giants to continue storing data about European users on American soil. In a decision announced Monday, the European Commission approved the Trans-Atlantic Data Privacy Framework. Under the Read more about New privacy deal allows US tech giants to continue storing European user data on American servers[…]

Google updated its privacy policy over the weekend, explicitly saying the company reserves the right to scrape just about everything you post online to build its AI tools. If Google can read your words, assume they belong to the company now, and expect that they’re nesting somewhere in the bowels of a chatbot. “Google uses Read more about Google Says It’ll Scrape Everything You Post Online for AI[…]

In 2015, Democratic Elk Grove Assemblyman Jim Cooper voted for Senate Bill 34, which restricted law enforcement from sharing automated license plate reader (ALPR) data with out-of-state authorities. In 2023, now-Sacramento County Sheriff Cooper appears to be doing just that. The Electronic Frontier Foundation (EFF) a digital rights group, has sent Cooper a letter requesting Read more about Sacramento Sheriff is sharing license plate reader data with anti-abortion states, records show[…]