Suche
Beiträge, die mit Dataprotection getaggt sind
"After the United Kingdom demanded that Apple create a backdoor that would allow government officials globally to spy on encrypted data, Apple decided to simply turn off encryption services in the UK rather than risk exposing its customers to snooping.
Apple had previously allowed end-to-end encryption of data on UK devices through its Advanced Data Protection (ADP) tool, but that ended Friday, a spokesperson said in a lengthy statement.
"Apple can no longer offer Advanced Data Protection (ADP) in the United Kingdom to new users and current UK users will eventually need to disable this security feature," Apple said."
https://arstechnica.com/tech-policy/2025/02/apple-pulls-data-protection-tool-instead-of-caving-to-uk-demand-for-a-backdoor/
#UK #CyberSecurity #Apple #Encryption #Backdoors #DataProtection #Surveillance
Apple had previously allowed end-to-end encryption of data on UK devices through its Advanced Data Protection (ADP) tool, but that ended Friday, a spokesperson said in a lengthy statement.
"Apple can no longer offer Advanced Data Protection (ADP) in the United Kingdom to new users and current UK users will eventually need to disable this security feature," Apple said."
https://arstechnica.com/tech-policy/2025/02/apple-pulls-data-protection-tool-instead-of-caving-to-uk-demand-for-a-backdoor/
#UK #CyberSecurity #Apple #Encryption #Backdoors #DataProtection #Surveillance
Apple pulls end-to-end encryption in UK, spurning backdoors for gov’t spying
Apple abruptly yanks privacy tool in UK, taking bold stance against snooping law.Ashley Belanger (Ars Technica)
"t can be challenging to sift through the flood of headlines and updates. We’re here to help make sense of that flood—starting with what we see happening with data during the first 30 days of the administration, including weakened oversight of U.S. surveillance, the elimination of consumer data protection tools, and improper access and misuse of data.
As the Trump administration concludes its first 30 days in office, three worrying trends emerge at the intersection of technology and democratic governance. New America’s Open Technology Institute has long championed democratically accountable tech policymaking, and over the past month, we have tracked federal actions that run counter to this objective:
- The weakening of oversight of U.S. government surveillance
- The elimination of institutions that protect American consumers and their data
- Systematic efforts to access some of America’s most vital data systems without regard for individual privacy or data security"
https://www.newamerica.org/oti/blog/trumps-tech-governance-making-sense-of-the-administrations-first-30-days/
#USA #Trump #Surveillance #ConsumerRights #Privacy #DataProtection #CyberSecurity
As the Trump administration concludes its first 30 days in office, three worrying trends emerge at the intersection of technology and democratic governance. New America’s Open Technology Institute has long championed democratically accountable tech policymaking, and over the past month, we have tracked federal actions that run counter to this objective:
- The weakening of oversight of U.S. government surveillance
- The elimination of institutions that protect American consumers and their data
- Systematic efforts to access some of America’s most vital data systems without regard for individual privacy or data security"
https://www.newamerica.org/oti/blog/trumps-tech-governance-making-sense-of-the-administrations-first-30-days/
#USA #Trump #Surveillance #ConsumerRights #Privacy #DataProtection #CyberSecurity
Trump’s Tech Governance: Making Sense of the Administration’s First 30 Days
As the Trump administration concludes the first 30 days, three worrying trends emerge at the intersection of tech and democracy.New America
"For 37 years, Congress has completely failed to pass another consumer privacy law. Which is how we got here – to this moment where you can target ads to suicidal teens, gambling addicted soldiers in Minuteman silos, grannies with Alzheimer's, and every Congressional staffer on the Hill.
Some people think the problem with mass surveillance is a kind of machine-driven, automated mind-control ray. They believe the self-aggrandizing claims of tech bros to have finally perfected the elusive mind-control ray, using big data and machine learning.
But you don't need to accept these outlandish claims – which come from Big Tech's sales literature, wherein they boast to potential advertisers that surveillance ads are devastatingly effective – to understand how and why this is harmful. If you're struggling with opioid addiction and I target an ad to you for a fake cure or rehab center, I haven't brainwashed you – I've just tricked you. We don't have to believe in mind-control to believe that targeted lies can cause unlimited harms.
And those harms are indeed grave."
https://pluralistic.net/2025/02/20/privacy-first-second-third/#malvertising
#USA #AdTech #DataBrokers #DataBrokerage #Privacy #BigTech #MassSurveillance #DataProtection
Some people think the problem with mass surveillance is a kind of machine-driven, automated mind-control ray. They believe the self-aggrandizing claims of tech bros to have finally perfected the elusive mind-control ray, using big data and machine learning.
But you don't need to accept these outlandish claims – which come from Big Tech's sales literature, wherein they boast to potential advertisers that surveillance ads are devastatingly effective – to understand how and why this is harmful. If you're struggling with opioid addiction and I target an ad to you for a fake cure or rehab center, I haven't brainwashed you – I've just tricked you. We don't have to believe in mind-control to believe that targeted lies can cause unlimited harms.
And those harms are indeed grave."
https://pluralistic.net/2025/02/20/privacy-first-second-third/#malvertising
#USA #AdTech #DataBrokers #DataBrokerage #Privacy #BigTech #MassSurveillance #DataProtection
"Privacy campaigners have called Google's new rules on tracking people online "a blatant disregard for user privacy."
Changes which come in on Sunday permit so-called "fingerprinting", which allows online advertisers to collect more data about users including their IP addresses and information about their devices.
Google says this data is already widely used by other companies, and it continues to encourage responsible data use.
However the company had previously come out strongly against this kind of data collection, saying in a 2019 blog that fingerprinting "subverts user choice and is wrong."
But in a post announcing the new rule changes, Google said the way people used the internet - such as devices like smart TVs and consoles - meant it was harder to target ads to users using conventional data collection, which users control with cookie consent."
https://www.bbc.com/news/articles/cm21g0052dno
#Google #AdTech #Privacy #Fingerprinting #DataProtection
Changes which come in on Sunday permit so-called "fingerprinting", which allows online advertisers to collect more data about users including their IP addresses and information about their devices.
Google says this data is already widely used by other companies, and it continues to encourage responsible data use.
However the company had previously come out strongly against this kind of data collection, saying in a 2019 blog that fingerprinting "subverts user choice and is wrong."
But in a post announcing the new rule changes, Google said the way people used the internet - such as devices like smart TVs and consoles - meant it was harder to target ads to users using conventional data collection, which users control with cookie consent."
https://www.bbc.com/news/articles/cm21g0052dno
#Google #AdTech #Privacy #Fingerprinting #DataProtection
Fingerprinting: Critics say Google rules put profits over privacy
Google is allowing advertisers to collect more personal information, which is harder for users to control.Imran Rahman-Jones (BBC News)
The biggest lie in tech? “If you have nothing to hide, you have nothing to fear.”
#Privacy isn’t about hiding - it’s about control.
Your medical history, political views, private conversations - do you want corporations or governments deciding how to use them?
Mass surveillance isn’t about safety. It’s about power. Take yours back.
#KeepDataPrivate #dataprivacy #SecureByDesign #dataprotection #privacyMatters #StopSurveillance
#Privacy isn’t about hiding - it’s about control.
Your medical history, political views, private conversations - do you want corporations or governments deciding how to use them?
Mass surveillance isn’t about safety. It’s about power. Take yours back.
#KeepDataPrivate #dataprivacy #SecureByDesign #dataprotection #privacyMatters #StopSurveillance
X challenges German court decision that forces it to share election data https://www.politico.eu/article/x-challenges-german-court-decision-that-would-force-it-to-share-data-with-researchers/?utm_source=RSS_Feed&utm_medium=RSS&utm_campaign=RSS_Syndication #DigitalServicesAct #Contentmoderation #Onlineadvertising #Electionsecurity #ConsumerPolicy #Dataprotection #Transparency #SocialMedia #Algorithms #Regulation #Technology #Democracy #Elections #Platforms #Research #Services #Courts #Media #Data
X challenges German court decision that forces it to share election data
Elon Musk’s X has challenged a German court decision that instructed the platform to share data with researchers, the court confirmed to POLITICO. In an urgent injunction, the Berlin Regional…Eliza Gkritsi (POLITICO)
"Parts of the US bureaucracy are no doubt bloated and inefficient, and need modernisation. Most American voters support this idea. Reforming creaking bureaucracies often requires radical efforts. Yet it also needs detailed planning, transparency and oversight. All these are missing from what the Trump administration is now doing.
The Department of Government Efficiency that Musk heads is not a government agency established by Congress but an opaque body created by executive order. Senate minority leader Chuck Schumer has argued it has no authority to make spending decisions or shut down programmes — let alone entire agencies.
In their quest to find savings and root out “woke” policies, Musk’s team of 20-something coders have nonetheless managed to infiltrate agencies including the US Treasury and the state and health departments; the $40bn USAID agency has in effect closed down. Tens of thousands of civil servants have been fired or suspended. Doge operatives have accessed troves of data, from intelligence records to employees’ bank details and health records, raising risks for privacy and national security. Handing such power to a corporate boss with an interest in shaping policies and regulation creates clear conflicts."
https://www.ft.com/content/f7665ee1-dcda-4c35-9209-735094054482
#USA #DOGE #Musk #Bureaucracy #Privacy #DataProtection
The Department of Government Efficiency that Musk heads is not a government agency established by Congress but an opaque body created by executive order. Senate minority leader Chuck Schumer has argued it has no authority to make spending decisions or shut down programmes — let alone entire agencies.
In their quest to find savings and root out “woke” policies, Musk’s team of 20-something coders have nonetheless managed to infiltrate agencies including the US Treasury and the state and health departments; the $40bn USAID agency has in effect closed down. Tens of thousands of civil servants have been fired or suspended. Doge operatives have accessed troves of data, from intelligence records to employees’ bank details and health records, raising risks for privacy and national security. Handing such power to a corporate boss with an interest in shaping policies and regulation creates clear conflicts."
https://www.ft.com/content/f7665ee1-dcda-4c35-9209-735094054482
#USA #DOGE #Musk #Bureaucracy #Privacy #DataProtection
Elon Musk’s assault on the US federal bureaucracy
Supposed efficiency drive is providing cover for a power grab by the executive branchThe editorial board (Financial Times)
Our data shouldn’t be used in a game where the house always wins 🎰
🚷 Big Tech shouldn't track your every move across the Internet to profile you as a product.
✅ Consent is a must – we should be able to opt-out of all targeted advertising on these platforms.
#adtech #Meta #dataprotection #GDPR #advertising #ukpolitics #ukpol
https://www.theguardian.com/society/2025/feb/08/gambling-firms-secretly-shared-users-data-with-facebook-without-permission
🚷 Big Tech shouldn't track your every move across the Internet to profile you as a product.
✅ Consent is a must – we should be able to opt-out of all targeted advertising on these platforms.
#adtech #Meta #dataprotection #GDPR #advertising #ukpolitics #ukpol
https://www.theguardian.com/society/2025/feb/08/gambling-firms-secretly-shared-users-data-with-facebook-without-permission
"A 25-year-old engineer named Marko Elez, who previously worked for two Elon Musk companies, has direct access to Treasury Department systems responsible for nearly all payments made by the US government, three sources tell WIRED.
Two of those sources say that Elez’s privileges include the ability not just to read but to write code on two of the most sensitive systems in the US government: the Payment Automation Manager and Secure Payment System at the Bureau of the Fiscal Service (BFS). Housed on a secure mainframe, these systems control, on a granular level, government payments that in their totality amount to more than a fifth of the US economy.
Despite reporting that suggests that Musk’s so-called Department of Government Efficiency (DOGE) task force has access to these Treasury systems on a “read-only” level, sources say Elez, who has visited a Kansas City office housing BFS systems, has many administrator-level privileges. Typically, those admin privileges could give someone the power to log in to servers through secure shell access, navigate the entire file system, change user permissions, and delete or modify critical files. That could allow someone to bypass the security measures of, and potentially cause irreversible changes to, the very systems they have access to."
https://www.wired.com/story/elon-musk-associate-bfs-federal-payment-system/
#USA #CyberSecurity #Privacy #DataProtection #BFS #Musk
Two of those sources say that Elez’s privileges include the ability not just to read but to write code on two of the most sensitive systems in the US government: the Payment Automation Manager and Secure Payment System at the Bureau of the Fiscal Service (BFS). Housed on a secure mainframe, these systems control, on a granular level, government payments that in their totality amount to more than a fifth of the US economy.
Despite reporting that suggests that Musk’s so-called Department of Government Efficiency (DOGE) task force has access to these Treasury systems on a “read-only” level, sources say Elez, who has visited a Kansas City office housing BFS systems, has many administrator-level privileges. Typically, those admin privileges could give someone the power to log in to servers through secure shell access, navigate the entire file system, change user permissions, and delete or modify critical files. That could allow someone to bypass the security measures of, and potentially cause irreversible changes to, the very systems they have access to."
https://www.wired.com/story/elon-musk-associate-bfs-federal-payment-system/
#USA #CyberSecurity #Privacy #DataProtection #BFS #Musk
A 25-Year-Old With Elon Musk Ties Has Direct Access to the Federal Payment System
The Bureau of the Fiscal Service is a sleepy part of the Treasury Department. It’s also where, sources say, a 25-year-old engineer tied to Elon Musk has admin privileges over the code that controls Social Security payments, tax returns, and more.Vittoria Elliott (WIRED)
Privacy? Data Protection? Respect for Civil Liberties? "404 Not Found" when it comes to scumbags who love scifi dystopias...
"Thomas Shedd, a Musk-associate and now head of the General Services Administration’s Technology Transformation Services (TTS), told government tech workers in a meeting this week that the administration plans to widely deploy AI throughout the government. Shedd also said the administration would need help altering login.gov, a government login system, to further integrate with sensitive systems like social security “to further identify individuals and detect and prevent fraud,” which employees identified on the meeting as “an illegal task.”
Shedd, who is a former Tesla engineer, said the government should “try to get consent,” regarding login.gov changes but that “we should still push forward and see what we can do.”
WIRED and the New York Times previously reported on aspects of the meeting. 404 Media has now obtained audio of the full meeting and quotes it extensively below. Shedd told TTS workers that the administration would need help making radical changes to various government systems: “Things are going to get intense,” he said."
https://www.404media.co/things-are-going-to-get-intense-how-a-musk-ally-plans-to-push-ai-on-the-government/
#USA #Musk #Surveillance #DOGE #AI #Privacy #DataProtection #TTS
"Thomas Shedd, a Musk-associate and now head of the General Services Administration’s Technology Transformation Services (TTS), told government tech workers in a meeting this week that the administration plans to widely deploy AI throughout the government. Shedd also said the administration would need help altering login.gov, a government login system, to further integrate with sensitive systems like social security “to further identify individuals and detect and prevent fraud,” which employees identified on the meeting as “an illegal task.”
Shedd, who is a former Tesla engineer, said the government should “try to get consent,” regarding login.gov changes but that “we should still push forward and see what we can do.”
WIRED and the New York Times previously reported on aspects of the meeting. 404 Media has now obtained audio of the full meeting and quotes it extensively below. Shedd told TTS workers that the administration would need help making radical changes to various government systems: “Things are going to get intense,” he said."
https://www.404media.co/things-are-going-to-get-intense-how-a-musk-ally-plans-to-push-ai-on-the-government/
#USA #Musk #Surveillance #DOGE #AI #Privacy #DataProtection #TTS
‘Things Are Going to Get Intense:’ How a Musk Ally Plans to Push AI on the Government
404 Media has obtained audio of a meeting held by Thomas Shedd, a Musk-associate who is now heading a team of government coders. In the call one employee pushed back and said one of the planned moves is an “illegal task.”Jason Koebler (404 Media)
"The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak, which contains LinkedIn, Twitter, Weibo, Tencent, and other platforms’ user data, is almost certainly the largest ever discovered.
There are data leaks, and then there’s this. A supermassive Mother of all Breaches (MOAB for short) includes records from thousands of meticulously compiled and reindexed leaks, breaches, and privately sold databases. The full and searchable list is included at the end of this article.
Bob Dyachenko, cybersecurity researcher and owner at SecurityDiscovery.com, together with the Cybernews team, has discovered billions upon billions of exposed records on an open instance.
Even though at first the owner of the database was unknown, Leak-Lookup, a data breach search engine, said it was the holder of the leaked dataset. The platform posted a message on X, saying the problem behind the leak was a “firewall misconfiguration,” which was fixed."
https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/
#CyberSecurity #DataBreaches #Privacy #DataProtection
There are data leaks, and then there’s this. A supermassive Mother of all Breaches (MOAB for short) includes records from thousands of meticulously compiled and reindexed leaks, breaches, and privately sold databases. The full and searchable list is included at the end of this article.
Bob Dyachenko, cybersecurity researcher and owner at SecurityDiscovery.com, together with the Cybernews team, has discovered billions upon billions of exposed records on an open instance.
Even though at first the owner of the database was unknown, Leak-Lookup, a data breach search engine, said it was the holder of the leaked dataset. The platform posted a message on X, saying the problem behind the leak was a “firewall misconfiguration,” which was fixed."
https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/
#CyberSecurity #DataBreaches #Privacy #DataProtection
Your vote isn't won. It's predicted.
UK Political Parties collect and use data to profile you as a voter, tailoring their message accordingly.
Our new report finds that canvassing apps used by the Parties create risks to voters’ privacy.
Find out more ⬇️
#dataprotection #GDPR #privacy #data #democracy #ukpolitics #ukpol
https://www.openrightsgroup.org/press-releases/new-report-voter-data-privacy-concerns-over-apps-used-by-political-parties/
UK Political Parties collect and use data to profile you as a voter, tailoring their message accordingly.
Our new report finds that canvassing apps used by the Parties create risks to voters’ privacy.
Find out more ⬇️
#dataprotection #GDPR #privacy #data #democracy #ukpolitics #ukpol
https://www.openrightsgroup.org/press-releases/new-report-voter-data-privacy-concerns-over-apps-used-by-political-parties/
New report: Voter data privacy concerns over apps used by political parties
Moral Hazard A new report, Moral Hazard: Voter Data Privacy and Politics in Election Canvassing Apps, raises concerns about the privacy and security of canvassing apps used by political parties.Open Rights Group
Concerned about UK Political Parties using your data?
Use our tool to opt-out of them processing your data, meaning you'll likely receive fewer communications from them.
In a democracy, your voice should be heard.
Take action today ➡️ https://action.openrightsgroup.org/opt-out-political-parties-processing-your-data-0
(ORG doesn't retain any uploaded documents)
#dataprotection #GDPR #privacy #democracy #data #politicalparties #ukpolitics
Use our tool to opt-out of them processing your data, meaning you'll likely receive fewer communications from them.
In a democracy, your voice should be heard.
Take action today ➡️ https://action.openrightsgroup.org/opt-out-political-parties-processing-your-data-0
(ORG doesn't retain any uploaded documents)
#dataprotection #GDPR #privacy #democracy #data #politicalparties #ukpolitics
Opt-out of political parties processing your data
Political parties are hungry for sensitive personal data about your views, opinions, voting preferences and ideological outlook. Parties will actively seek to obtain this information from surveys and canvassing.Open Rights Group
"The Federal Trade Commission announced a proposed settlement agreeing that General Motors and its subsidiary, OnStar, will be banned from selling geolocation and driver behavior data to credit agencies for five years. That’s good news for G.M. owners. Every car owner and driver deserves to be protected.
Last year, a New York Times investigation highlighted how G.M. was sharing information with insurance companies without clear knowledge from the driver. This resulted in people’s insurance premiums increasing, sometimes without them realizing why that was happening. This data sharing problem was common amongst many carmakers, not just G.M., but figuring out what your car was sharing was often a Sisyphean task, somehow managing to be more complicated than trying to learn similar details about apps or websites."
https://www.eff.org/deeplinks/2025/01/ftcs-ban-gm-and-onstar-selling-driver-behavior-good-first-step
#USA #FTC #GM #OnStar #Privacy #LocationData #GeoLocation #DataProtection
Last year, a New York Times investigation highlighted how G.M. was sharing information with insurance companies without clear knowledge from the driver. This resulted in people’s insurance premiums increasing, sometimes without them realizing why that was happening. This data sharing problem was common amongst many carmakers, not just G.M., but figuring out what your car was sharing was often a Sisyphean task, somehow managing to be more complicated than trying to learn similar details about apps or websites."
https://www.eff.org/deeplinks/2025/01/ftcs-ban-gm-and-onstar-selling-driver-behavior-good-first-step
#USA #FTC #GM #OnStar #Privacy #LocationData #GeoLocation #DataProtection
"The Federal Trade Commission’s initial findings from its surveillance pricing market study revealed that details like a person’s precise location or browser history can be frequently used to target individual consumers with different prices for the same goods and services.
The staff perspective is based on an examination of documents obtained by FTC staff’s 6(b) orders sent to several companies in July aiming to better understand the shadowy market that third-party intermediaries use to set individualized prices for products and services based on consumers’ characteristics and behaviors, like location, demographics, browsing patterns and shopping history.
Staff found that consumer behaviors ranging from mouse movements on a webpage to the type of products that consumers leave unpurchased in an online shopping cart can be tracked and used by retailers to tailor consumer pricing."
https://www.ftc.gov/news-events/news/press-releases/2025/01/ftc-surveillance-pricing-study-indicates-wide-range-personal-data-used-set-individualized-consumer
#USA #FTC #SurveillancePricing #Surveillance #DataProtection
The staff perspective is based on an examination of documents obtained by FTC staff’s 6(b) orders sent to several companies in July aiming to better understand the shadowy market that third-party intermediaries use to set individualized prices for products and services based on consumers’ characteristics and behaviors, like location, demographics, browsing patterns and shopping history.
Staff found that consumer behaviors ranging from mouse movements on a webpage to the type of products that consumers leave unpurchased in an online shopping cart can be tracked and used by retailers to tailor consumer pricing."
https://www.ftc.gov/news-events/news/press-releases/2025/01/ftc-surveillance-pricing-study-indicates-wide-range-personal-data-used-set-individualized-consumer
#USA #FTC #SurveillancePricing #Surveillance #DataProtection
"Without federal legislative action, many US states are taking privacy matters into their own hands.
In 2025, eight new state privacy laws will take effect, making a total of 25 around the country. A number of other states—like Vermont and Massachusetts—are considering passing their own privacy bills next year, and such laws could, in theory, force national legislation, says Woodrow Hartzog, a technology law scholar at Boston University School of Law. “Right now, the statutes are all similar enough that the compliance cost is perhaps expensive but manageable,” he explains. But if one state passed a law that was different enough from the others, a national law could be the only way to resolve the conflict. Additionally, four states—California, Texas, Vermont, and Oregon—already have specific laws regulating data brokers, including the requirement that they register with the state.
Along with new laws, says Justin Brookman, the director of technology policy at Consumer Reports, comes the possibility that “we can put some more teeth on these laws.”
Brookman points to Texas, where some of the most aggressive enforcement action at the state level has taken place under its Republican attorney general, Ken Paxton. Even before the state’s new consumer privacy bill went into effect in July, Paxton announced the creation of a special task force focused on enforcing the state’s privacy laws. He has since targeted a number of data brokers—including National Public Data, which exposed millions of sensitive customer records in a data breach in August, as well as companies that sell to them, like Sirius XM."
https://www.technologyreview.com/2025/01/07/1109301/privacy-protection-data-brokers-personal-information/
#USA #Privacy #DataProtection #DataBrokers #DataBrokerage
In 2025, eight new state privacy laws will take effect, making a total of 25 around the country. A number of other states—like Vermont and Massachusetts—are considering passing their own privacy bills next year, and such laws could, in theory, force national legislation, says Woodrow Hartzog, a technology law scholar at Boston University School of Law. “Right now, the statutes are all similar enough that the compliance cost is perhaps expensive but manageable,” he explains. But if one state passed a law that was different enough from the others, a national law could be the only way to resolve the conflict. Additionally, four states—California, Texas, Vermont, and Oregon—already have specific laws regulating data brokers, including the requirement that they register with the state.
Along with new laws, says Justin Brookman, the director of technology policy at Consumer Reports, comes the possibility that “we can put some more teeth on these laws.”
Brookman points to Texas, where some of the most aggressive enforcement action at the state level has taken place under its Republican attorney general, Ken Paxton. Even before the state’s new consumer privacy bill went into effect in July, Paxton announced the creation of a special task force focused on enforcing the state’s privacy laws. He has since targeted a number of data brokers—including National Public Data, which exposed millions of sensitive customer records in a data breach in August, as well as companies that sell to them, like Sirius XM."
https://www.technologyreview.com/2025/01/07/1109301/privacy-protection-data-brokers-personal-information/
#USA #Privacy #DataProtection #DataBrokers #DataBrokerage
What’s next for our privacy?
The US still has no federal privacy law. But recent enforcement actions against data brokers may offer some new protections for Americans’ personal information.Eileen Guo (MIT Technology Review)
"Hackers claim to have compromised Gravy Analytics, the parent company of Venntel which has sold masses of smartphone location data to the U.S. government. The hackers said they have stolen a massive amount of data, including customer lists, information on the broader industry, and even location data harvested from smartphones which show peoples’ precise movements, and they are threatening to publish the data publicly.
The news is a crystalizing moment for the location data industry. For years, companies have harvested location information from smartphones, either through ordinary apps or the advertising ecosystem, and then built products based on that data or sold it to others. In many cases, those customers include the U.S. government, with arms of the military, DHS, the IRS, and FBI using it for various purposes. But collecting that data presents an attractive target to hackers.
“A location data broker like Gravy Analytics getting hacked is the nightmare scenario all privacy advocates have feared and warned about. The potential harms for individuals is haunting, and if all the bulk location data of Americans ends up being sold on underground markets, this will create countless deanonymization risks and tracking concerns for high risk individuals and organizations,” Zach Edwards, senior threat analyst at cybersecurity firm Silent Push, and who has followed the location data industry closely, told 404 Media. “This may be the first major breach of a bulk location data provider, but it won't be the last.”"
https://www.404media.co/hackers-claim-massive-breach-of-location-data-giant-threaten-to-leak-data/
#CyberSecurity #USA #Venntel #DataBreaches #LocationData #Surveillance #Privacy #DataProtection
The news is a crystalizing moment for the location data industry. For years, companies have harvested location information from smartphones, either through ordinary apps or the advertising ecosystem, and then built products based on that data or sold it to others. In many cases, those customers include the U.S. government, with arms of the military, DHS, the IRS, and FBI using it for various purposes. But collecting that data presents an attractive target to hackers.
“A location data broker like Gravy Analytics getting hacked is the nightmare scenario all privacy advocates have feared and warned about. The potential harms for individuals is haunting, and if all the bulk location data of Americans ends up being sold on underground markets, this will create countless deanonymization risks and tracking concerns for high risk individuals and organizations,” Zach Edwards, senior threat analyst at cybersecurity firm Silent Push, and who has followed the location data industry closely, told 404 Media. “This may be the first major breach of a bulk location data provider, but it won't be the last.”"
https://www.404media.co/hackers-claim-massive-breach-of-location-data-giant-threaten-to-leak-data/
#CyberSecurity #USA #Venntel #DataBreaches #LocationData #Surveillance #Privacy #DataProtection
Hackers Claim Massive Breach of Location Data Giant, Threaten to Leak Data
Gravy Analytics has been one of the most important companies in the location data industry for years, collating smartphone location data from around the world selling some to the U.S. government. Hackers say they stole a mountain of data.Joseph Cox (404 Media)
"A global spy tool exposed the locations of billions of people to anyone willing to pay. A Catholic group bought location data about gay dating app users in an effort to out gay priests. A location data broker sold lists of people who attended political protests.
What do these privacy violations have in common? They share a source of data that’s shockingly pervasive and unregulated: the technology powering nearly every ad you see online.
Each time you see a targeted ad, your personal information is exposed to thousands of advertisers and data brokers through a process called “real-time bidding” (RTB). This process does more than deliver ads—it fuels government surveillance, poses national security risks, and gives data brokers easy access to your online activity. RTB might be the most privacy-invasive surveillance system that you’ve never heard of."
https://www.eff.org/deeplinks/2025/01/online-behavioral-ads-fuel-surveillance-industry-heres-how
#Privacy #Surveillance #CyberSecurity #AdTargeting #DataProtection #DataBrokers #DataBrokerage #RTB
What do these privacy violations have in common? They share a source of data that’s shockingly pervasive and unregulated: the technology powering nearly every ad you see online.
Each time you see a targeted ad, your personal information is exposed to thousands of advertisers and data brokers through a process called “real-time bidding” (RTB). This process does more than deliver ads—it fuels government surveillance, poses national security risks, and gives data brokers easy access to your online activity. RTB might be the most privacy-invasive surveillance system that you’ve never heard of."
https://www.eff.org/deeplinks/2025/01/online-behavioral-ads-fuel-surveillance-industry-heres-how
#Privacy #Surveillance #CyberSecurity #AdTargeting #DataProtection #DataBrokers #DataBrokerage #RTB
"In tumultuous times, we believe in being prepared, not scared. Sound digital security practice often involves forming and relying on good habits. Building these reflexes now will help keep you better protected. This is why we’ve distilled advice our trainers have shared with thousands of journalists over the years into the actionable, concrete steps below.
Before you dive in, know that there are many ways to shore up your safety and privacy. It’s OK to take them on slowly but surely, one at a time. If you run into any challenges, remember: the Digital Security Training team at Freedom of the Press Foundation (FPF) is here to help. Reach out here."
https://freedom.press/digisec/blog/journalists-digital-security-checklist/
#USA #PressFreedom #Journalism #CyberSecurity #Privacy #DataProtection
Before you dive in, know that there are many ways to shore up your safety and privacy. It’s OK to take them on slowly but surely, one at a time. If you run into any challenges, remember: the Digital Security Training team at Freedom of the Press Foundation (FPF) is here to help. Reach out here."
https://freedom.press/digisec/blog/journalists-digital-security-checklist/
#USA #PressFreedom #Journalism #CyberSecurity #Privacy #DataProtection
The 2025 journalist’s digital security checklist
Our digital security training team's checklist to help journalists secure their digital life.Freedom of the Press
"Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users' privacy using its voice-activated Siri assistant.
The development was first reported by Reuters.
The settlement applies to U.S.-based individuals current or former owners or purchasers of a Siri-enabled device who had their confidential voice communications with the assistant "obtained by Apple and/or were shared with third-parties as a result of an unintended Siri activation" between September 17, 2014, and December 31, 2024.
Eligible individuals can submit claims for up to five Siri devices – iPhone, iPad, Apple Watch, MacBook, iMac, HomePod, iPod touch, or Apple TV – on which they claim to have experienced an accidental Siri activation during a conversation intended to be confidential or private. Class members who submit valid claims can receive $20 per device."
https://thehackernews.com/2025/01/apple-to-pay-siri-users-20-per-device.html
#Apple #Siri #Privacy #USA #DataProtection
The development was first reported by Reuters.
The settlement applies to U.S.-based individuals current or former owners or purchasers of a Siri-enabled device who had their confidential voice communications with the assistant "obtained by Apple and/or were shared with third-parties as a result of an unintended Siri activation" between September 17, 2014, and December 31, 2024.
Eligible individuals can submit claims for up to five Siri devices – iPhone, iPad, Apple Watch, MacBook, iMac, HomePod, iPod touch, or Apple TV – on which they claim to have experienced an accidental Siri activation during a conversation intended to be confidential or private. Class members who submit valid claims can receive $20 per device."
https://thehackernews.com/2025/01/apple-to-pay-siri-users-20-per-device.html
#Apple #Siri #Privacy #USA #DataProtection
"In the years to come, the federal government and many state governments might engage in surveillance and data gathering as they round up immigrants, punish people for seeking, providing, or assisting abortions, and attack gender-affirming health care. The government might use personal data in its effort to retaliate against those who stand in its way. Such efforts might be assisted by mobs of vigilantes who will use personal data to dox, threaten, embarrass, and harm anyone they don’t like — much like the way many people eagerly assisted totalitarian regimes in finding “undesirables” and rooting out and punishing dissenters.
Our best hope for protection is that legislators in Massachusetts and other states who are concerned about these risks take steps now to upgrade their privacy laws."
https://teachprivacy.com/privacy-in-authoritarian-times/
#Privacy #CyberSecurity #Surveillance #Authoritarianism #DataProtection
Our best hope for protection is that legislators in Massachusetts and other states who are concerned about these risks take steps now to upgrade their privacy laws."
https://teachprivacy.com/privacy-in-authoritarian-times/
#Privacy #CyberSecurity #Surveillance #Authoritarianism #DataProtection
Privacy in Authoritarian Times - TeachPrivacy
I just published an op-ed in the Boston Globe entitled "States can fight authoritarianism by shoring up privacy laws." Boston Globe (Dec. 23, 2024). It'sDaniel Solove (TeachPrivacy)
"Of course, this user never requested that my on-device experiences be "enriched" by phoning home to Cupertino. This choice was made by Apple, silently, without my consent.
From my own perspective, computing privacy is simple: if something happens entirely on my computer, then it's private, whereas if my computer sends data to the manufacturer of the computer, then it's not private, or at least not entirely private. Thus, the only way to guarantee computing privacy is to not send data off the device.
I don't understand most of the technical details of Apple's blog post. I have no way to personally evaluate the soundness of Apple's implementation of Enhanced Visual Search. One thing I do know, however, is that Apple computers are constantly full of privacy and security vulnerabilities, as proved by Apple's own security release notes. You don't even have to hypothesize lies, conspiracies, or malicious intentions on the part of Apple to be suspicious of their privacy claims. A software bug would be sufficient to make users vulnerable, and Apple can't guarantee that their software includes no bugs. (To the contrary, Apple's QA nowadays is atrocious.)
It ought to be up to the individual user to decide their own tolerance for the risk of privacy violations. In this specific case, I have no tolerance for risk, because I simply have no interest in the Enhanced Visual Search feature, even if it happened to work flawlessly. There's no benefit to outweigh the risk. By enabling the "feature" without asking, Apple disrespects users and their preferences. I never wanted my iPhone to phone home to Apple.
Remember this advertisement? "What happens on your iPhone, stays on your iPhone.""
https://lapcatsoftware.com/articles/2024/12/3.html
#Apple #ApplePhotos #Privacy #DataProtection #Encryption #iOS #iPhone
From my own perspective, computing privacy is simple: if something happens entirely on my computer, then it's private, whereas if my computer sends data to the manufacturer of the computer, then it's not private, or at least not entirely private. Thus, the only way to guarantee computing privacy is to not send data off the device.
I don't understand most of the technical details of Apple's blog post. I have no way to personally evaluate the soundness of Apple's implementation of Enhanced Visual Search. One thing I do know, however, is that Apple computers are constantly full of privacy and security vulnerabilities, as proved by Apple's own security release notes. You don't even have to hypothesize lies, conspiracies, or malicious intentions on the part of Apple to be suspicious of their privacy claims. A software bug would be sufficient to make users vulnerable, and Apple can't guarantee that their software includes no bugs. (To the contrary, Apple's QA nowadays is atrocious.)
It ought to be up to the individual user to decide their own tolerance for the risk of privacy violations. In this specific case, I have no tolerance for risk, because I simply have no interest in the Enhanced Visual Search feature, even if it happened to work flawlessly. There's no benefit to outweigh the risk. By enabling the "feature" without asking, Apple disrespects users and their preferences. I never wanted my iPhone to phone home to Apple.
Remember this advertisement? "What happens on your iPhone, stays on your iPhone.""
https://lapcatsoftware.com/articles/2024/12/3.html
#Apple #ApplePhotos #Privacy #DataProtection #Encryption #iOS #iPhone
"This article uses the case study of an insurance product linked to a health and wellbeing program—the Vitality scheme—as a lens to examine the limited regulation of collection and use of non-personal (de-identified/anonymised) information and the impacts it has on individuals, as well as society at large. Vitality is an incentive-based engagement program that mobilises online assessment tools, preventive health screening, and physical activity and wellness tracking through smart fitness technologies and apps. Vitality then uses the data generated through these activities, mainly in an aggregated, non-personal form, to make projections about changes in behaviour and future health outcomes, aiming at reducing risk in the context of health, life, and other insurance products. Non-personal data has been traditionally excluded from the scope of legal protections, and in particular privacy and data regimes, as it is thought not to contain information about specific, identifiable people, and thus its potential to affect individuals in any meaningful way has been understood to be minimal. However, digitalisation and ensuing ubiquitous data collection are proving these traditional assumptions wrong. We show how the response of the legal systems is limited in relation to non-personal information collection and use, and we argue that irrespective of the (possibly) beneficial nature of insurance innovation, the current lack of comprehensive regulation of non-personal data use potentially leads to individual, collective and societal data harms, as the example of the Vitality scheme illustrates."
https://www.sciencedirect.com/science/article/pii/S0267364924001614
#Australia #HealthInsurance #Anonymization #Privacy #DataProtection #GDPR #Insurance
https://www.sciencedirect.com/science/article/pii/S0267364924001614
#Australia #HealthInsurance #Anonymization #Privacy #DataProtection #GDPR #Insurance
"The findings, presented in November in Madrid at the Internet Measurement Conference (IMC 2024) and published in the Proceedings of the 2024 ACM on Internet Measurement Conference, highlight the frequency with which these screenshots are transmitted to the servers of the brands analyzed: Samsung and LG. Specifically, the research showed that Samsung TVs sent this information every minute, while LG devices did so every 15 seconds.
"This gives us an idea of the intensity of the monitoring and shows that smart TV platforms collect large volumes of data on users, regardless of how they consume content, whether through traditional TV viewing or devices connected via HDMI, like laptops or gaming consoles," Callejo emphasizes.
To test the ability of TVs to block ACR tracking, the research team experimented with various privacy settings on smart TVs. The results demonstrated that, while users can voluntarily block the transmission of this data to servers, the default setting is for TVs to perform ACR."
https://techxplore.com/news/2024-12-smart-tvs-viewing-external-screens.html
#TVs #SmartTVs #Surveillance #DataProtection #Privacy
"This gives us an idea of the intensity of the monitoring and shows that smart TV platforms collect large volumes of data on users, regardless of how they consume content, whether through traditional TV viewing or devices connected via HDMI, like laptops or gaming consoles," Callejo emphasizes.
To test the ability of TVs to block ACR tracking, the research team experimented with various privacy settings on smart TVs. The results demonstrated that, while users can voluntarily block the transmission of this data to servers, the default setting is for TVs to perform ACR."
https://techxplore.com/news/2024-12-smart-tvs-viewing-external-screens.html
#TVs #SmartTVs #Surveillance #DataProtection #Privacy
Smart TVs collect viewing data even when used as external screens, according to research
A team from Universidad Carlos III de Madrid (UC3M), in collaboration with University College London (England) and the University of California, Davis (U.S.), has found that smart TVs send viewing data to their servers.Carlos III University of Madrid (Tech Xplore)
"While I once hoped 2017 would be the year of privacy, 2024 closes on a troubling note, a likely decrease in privacy standards across the web. I was surprised by the recent Information Commissioner’s Office post, which criticized Google’s decision to introduce device fingerprinting for advertising purposes from February 2025. According to ICO, this change risks undermining user control and transparency in how personal data is collected and used. Could this mark the end of nearly a decade of progress in internet and web privacy? It would be unfortunate if the newly developing AI economy started from a decrease of privacy and data protection standards. Some analysts or observers might then be inclined to wonder whether this approach to privacy online might signal similar attitudes in other future Google products, like AI.
I can confidently raise this question, having observed and analyzed this area for over 15 years from various perspectives. My background includes experience in web browser security and privacy, including in standardization. I served in the W3C Technical Architecture Group, and have authored scientific papers on privacy, tracking, and fingerprinting, as well as assessments of technologies like Web APIs. This includes the Privacy Sandbox’s Protected Audience API. I was looking forward to the architectural improvements of web privacy. In other words, I am deeply familiar with this context. The media so far have done a great job bringing attention to the issue, but they frame this development as a controversy between Google’s policy change and the UK ICO’s concerns. I believe that the general public and experts alike would benefit from a broader perspective."
https://blog.lukaszolejnik.com/biggest-privacy-erosion-in-10-years-on-googles-policy-change-towards-fingerprinting/
#Google #Surveillance #AdTracking #Privacy #DataProtection
I can confidently raise this question, having observed and analyzed this area for over 15 years from various perspectives. My background includes experience in web browser security and privacy, including in standardization. I served in the W3C Technical Architecture Group, and have authored scientific papers on privacy, tracking, and fingerprinting, as well as assessments of technologies like Web APIs. This includes the Privacy Sandbox’s Protected Audience API. I was looking forward to the architectural improvements of web privacy. In other words, I am deeply familiar with this context. The media so far have done a great job bringing attention to the issue, but they frame this development as a controversy between Google’s policy change and the UK ICO’s concerns. I believe that the general public and experts alike would benefit from a broader perspective."
https://blog.lukaszolejnik.com/biggest-privacy-erosion-in-10-years-on-googles-policy-change-towards-fingerprinting/
#Google #Surveillance #AdTracking #Privacy #DataProtection
"Microsoft’s Recall feature recently made its way back to Windows Insiders after having been pulled from test builds back in June, due to security and privacy concerns. The new version of Recall encrypts the screens it captures and, by default, it has a “Filter sensitive information,” setting enabled, which is supposed to prevent it from recording any app or website that is showing credit card numbers, social security numbers, or other important financial / personal info. In my tests, however, this filter only worked in some situations (on two e-commerce sites), leaving a gaping hole in the protection it promises.
When I entered a credit card number and a random username / password into a Windows Notepad window, Recall captured it, despite the fact that I had text such as “Capital One Visa” right next to the numbers. Similarly, when I filled out a loan application PDF in Microsoft Edge, entering a social security number, name and DOB, Recall captured that. Note that all info in these screenshots is made up, but I also tested with an actual credit card number of mine and the results were the same."
#Microsoft #MicrosoftRecall #DataProtection #Privacy
https://www.tomshardware.com/software/windows/microsoft-recall-screenshots-credit-cards-and-social-security-numbers-even-with-the-sensitive-information-filter-enabled
When I entered a credit card number and a random username / password into a Windows Notepad window, Recall captured it, despite the fact that I had text such as “Capital One Visa” right next to the numbers. Similarly, when I filled out a loan application PDF in Microsoft Edge, entering a social security number, name and DOB, Recall captured that. Note that all info in these screenshots is made up, but I also tested with an actual credit card number of mine and the results were the same."
#Microsoft #MicrosoftRecall #DataProtection #Privacy
https://www.tomshardware.com/software/windows/microsoft-recall-screenshots-credit-cards-and-social-security-numbers-even-with-the-sensitive-information-filter-enabled
Microsoft Recall screenshots credit cards and Social Security numbers, even with the "sensitive information" filter enabled
Despite promising to filter personal data out, Recall still captures it.Avram Piltch (Tom's Hardware)
"The UK’s data protection regulator has criticised Google over its decision to allow advertisers to use technology to track users which is harder to control or block.
The Information Commissioner’s Office (ICO) said Google’s decision was “irresponsible” and accused the company of a U-turn, having previously prohibited the use of so-called fingerprinting technology.
Fingerprinting involves collecting pieces of information about a device’s software and hardware which can be combined to uniquely identify a device and its user – and the ICO has warned that this technology is harder to wipe than clearing cookies or site data from a web browser, meaning users could continue to be identified by advertisers."
https://www.independent.co.uk/business/ico-criticises-google-over-irresponsible-advertising-tracking-change-b2667072.html
#UK #ICO #Google #AdTracking #FingerPrinting #DataProtection #Privacy
The Information Commissioner’s Office (ICO) said Google’s decision was “irresponsible” and accused the company of a U-turn, having previously prohibited the use of so-called fingerprinting technology.
Fingerprinting involves collecting pieces of information about a device’s software and hardware which can be combined to uniquely identify a device and its user – and the ICO has warned that this technology is harder to wipe than clearing cookies or site data from a web browser, meaning users could continue to be identified by advertisers."
https://www.independent.co.uk/business/ico-criticises-google-over-irresponsible-advertising-tracking-change-b2667072.html
#UK #ICO #Google #AdTracking #FingerPrinting #DataProtection #Privacy
ICO criticises Google over ‘irresponsible’ advertising tracking change
The UK’s data protection regulator has criticised the tech giant over its decision to allow advertisers to ‘fingerprint’ user devices for tracking.Martyn Landi (The Independent)
UK data regulator criticises Google for ‘irresponsible’ ad tracking change https://www.theguardian.com/technology/2024/dec/19/google-advertisers-digital-fingerprints-ico-uk-data-regulator #Dataprotection #Searchengines #Advertising #Technology #Regulators #Alphabet #Business #Internet #Privacy #Google #UKnews #Media
Quadrant has launched a FREE Dark Web report tool for small and medium-sized businesses! 🛡️ This innovative service provides critical insights into compromised credentials, helping organizations stay ahead of cyber threats. Early detection can prevent costly data breaches! 💼🔍 Check it out here: https://www.techradar.com/pro/This-free-tool-offers-SMBs-critical-insights-into-compromised-credential-found-on-the-dark-web #CyberSecurity #DarkWeb #SMBs #DataProtection
#newz
#newz
This free tool offers SMBs critical insights into compromised credentials found on the dark web
Offers actionable insights to keep SMBs protectedEfosa Udinmwen (TechRadar pro)
Ransomware defenses are at risk! 🛡️ TechRadar highlights how outdated backup tech, limited data encryption, and failed backups are weakening our defenses. It's time to upgrade and secure our data! 💾🔒 Read more here: https://www.techradar.com/pro/Ransomware-defenses-are-being-weakened-by-outdated-backup-technology-limited-backup-data-encryption-and-failed-data-backups #CyberSecurity #DataProtection #Ransomware #newz
Ransomware defenses are being weakened by outdated backup technology, limited backup data encryption, and failed data backups
Immutable storage solutions recommended to boost cybersecurityEfosa Udinmwen (TechRadar pro)
"Donald Trump has threatened to go after a lot of people—journalists, political rivals and undocumented immigrants to name a few—and starting next year, he’ll have the entire national security apparatus at his disposal. What’s the best way to keep your personal information secure from surveillance, not just by the government, but also data brokers, tech companies, and online scammers? Leah talks with WIRED business editor Louise Matsakis and security editor Andrew Couts about what to expect and practical tips for your phone, computer, and life."
https://www.wired.com/story/politics-lab-keeping-your-personal-data-safe/
#USA #Trump #DataProtection #Privacy #Surveillance #PoliceState
https://www.wired.com/story/politics-lab-keeping-your-personal-data-safe/
#USA #Trump #DataProtection #Privacy #Surveillance #PoliceState
"The Federal Trade Commission (FTC) announced sweeping action against some of the most important companies in the location data industry on Tuesday, including those that power surveillance tools used by a wide spread of U.S. law enforcement agencies and demanding they delete data related to certain sensitive areas like health clinics and places of worship.
Venntel, through its parent company Gravy Analytics, takes location data from smartphones, either through ordinary apps installed on them or through the advertising ecosystem, and then provides that data feed to other companies who sell location tracking technology to the government or sells the data directly itself. Venntel is the company that provides the underlying data for a variety of other government contractors and surveillance tools, including Locate X. 404 Media and a group of other journalists recently revealed Locate X could be used to pinpoint phones that visited abortion clinics.
The FTC says in a proposed order that Gravy and Venntel will be banned from selling, disclosing, or using sensitive location data, except in “limited circumstances” involving national security or law enforcement."
#USA #FTC #LocationData #Venntel #Gravy #DataBrokers #DataBrokerage #DataProtection #Privacy #Surveillance
https://www.404media.co/ftc-bans-location-data-company-that-powers-the-surveillance-ecosystem/
Venntel, through its parent company Gravy Analytics, takes location data from smartphones, either through ordinary apps installed on them or through the advertising ecosystem, and then provides that data feed to other companies who sell location tracking technology to the government or sells the data directly itself. Venntel is the company that provides the underlying data for a variety of other government contractors and surveillance tools, including Locate X. 404 Media and a group of other journalists recently revealed Locate X could be used to pinpoint phones that visited abortion clinics.
The FTC says in a proposed order that Gravy and Venntel will be banned from selling, disclosing, or using sensitive location data, except in “limited circumstances” involving national security or law enforcement."
#USA #FTC #LocationData #Venntel #Gravy #DataBrokers #DataBrokerage #DataProtection #Privacy #Surveillance
https://www.404media.co/ftc-bans-location-data-company-that-powers-the-surveillance-ecosystem/
FTC Bans Location Data Company That Powers the Surveillance Ecosystem
Venntel is a primary provider of location data to the government or other companies that sell to U.S. agencies. The FTC is banning Venntel from selling data related to health clinics, refugee shelters, and much more.Joseph Cox (404 Media)
"A new lawsuit filed by a current Apple employee accuses the company of spying on its workers via their personal iCloud accounts and non-work devices.
The suit, filed Sunday evening in California state court, alleges Apple employees are required to give up the right to personal privacy, and that the company says it can “engage in physical, video and electronic surveillance of them” even when they are at home and after they stop working for Apple.
Those requirements are part of a long list of Apple employment policies that the suit contends violate California law.
The plaintiff in the case, Amar Bhakta, has worked in advertising technology for Apple since 2020. According to the suit, Apple used its privacy policies to harm his employment prospects. For instance, it forbade Bhakta from participating in public speaking about digital advertising and forced him to remove information from his LinkedIn page about his job at Apple.
“For Apple employees, the Apple ecosystem is not a walled garden. It is a prison yard. A panopticon where employees, both on and off duty, are subject to Apple’s all-seeing eye,” the lawsuit says."
https://www.semafor.com/article/12/02/2024/employee-lawsuit-accuses-apple-of-spying-on-its-workers
#Apple #iCloud #WorkerSurveillance #Privacy #DataProtection
The suit, filed Sunday evening in California state court, alleges Apple employees are required to give up the right to personal privacy, and that the company says it can “engage in physical, video and electronic surveillance of them” even when they are at home and after they stop working for Apple.
Those requirements are part of a long list of Apple employment policies that the suit contends violate California law.
The plaintiff in the case, Amar Bhakta, has worked in advertising technology for Apple since 2020. According to the suit, Apple used its privacy policies to harm his employment prospects. For instance, it forbade Bhakta from participating in public speaking about digital advertising and forced him to remove information from his LinkedIn page about his job at Apple.
“For Apple employees, the Apple ecosystem is not a walled garden. It is a prison yard. A panopticon where employees, both on and off duty, are subject to Apple’s all-seeing eye,” the lawsuit says."
https://www.semafor.com/article/12/02/2024/employee-lawsuit-accuses-apple-of-spying-on-its-workers
#Apple #iCloud #WorkerSurveillance #Privacy #DataProtection
"Workers should have the right to know which of their data is being collected, who it's being shared by, and how it's being used. We all should have that right. That's what the actors' strike was partly motivated by: actors who were being ordered to wear mocap suits to produce data that could be used to produce a digital double of them, "training their replacement," but the replacement was a deepfake.
With a Trump administration on the horizon, the future of the FTC is in doubt. But the coalition for a new privacy law includes many of Trumpland's most powerful blocs – like Jan 6 rioters whose location was swept up by Google and handed over to the FBI. A strong privacy law would protect their Fourth Amendment rights – but also the rights of BLM protesters who experienced this far more often, and with far worse consequences, than the insurrectionists.
The "we do it with an app, so it's not illegal" ruse is wearing thinner by the day. When you have a boss for an app, your real boss gets an accountability sink, a convenient scapegoat that can be blamed for your misery.
The fact that this makes you worse at your job, that it loses your boss money, is no guarantee that you will be spared. Rich people make great marks, and they can remain irrational longer than you can remain solvent. Markets won't solve this one – but worker power can."
https://pluralistic.net/2024/11/26/hawtch-hawtch/#you-treasure-what-you-measure
#Work #WageSlavery #WorkerSurveillance #Bossware #Privacy #AI #DataProtection #FTC #USA
With a Trump administration on the horizon, the future of the FTC is in doubt. But the coalition for a new privacy law includes many of Trumpland's most powerful blocs – like Jan 6 rioters whose location was swept up by Google and handed over to the FBI. A strong privacy law would protect their Fourth Amendment rights – but also the rights of BLM protesters who experienced this far more often, and with far worse consequences, than the insurrectionists.
The "we do it with an app, so it's not illegal" ruse is wearing thinner by the day. When you have a boss for an app, your real boss gets an accountability sink, a convenient scapegoat that can be blamed for your misery.
The fact that this makes you worse at your job, that it loses your boss money, is no guarantee that you will be spared. Rich people make great marks, and they can remain irrational longer than you can remain solvent. Markets won't solve this one – but worker power can."
https://pluralistic.net/2024/11/26/hawtch-hawtch/#you-treasure-what-you-measure
#Work #WageSlavery #WorkerSurveillance #Bossware #Privacy #AI #DataProtection #FTC #USA
"Don’t judge a book by its cover – how a technology is named doesn’t tell you how it is used. This is the case with Data Clean Rooms (“DCRs”), which are not rooms, do not clean data, and have complicated implications for user privacy, despite their squeaky-clean name.
Data Clean Rooms are cloud data processing services that let companies exchange and analyze data, restrained by rules that limit data use. They are typically used when two companies want to exchange limited information about their customers. For example, a newspaper and a grocery store might use a DCR to evaluate the efficacy of an advertisement by identifying grocery sales made to newspaper subscribers. However, a close examination of DCRs yields an evergreen lesson: even if privacy enhancing technologies alone can’t protect privacy and even if they address some privacy risks, they can contribute to others.
In some cases, DCRs can add privacy protections to the handling of consumer data. In others, disclosure of consumer data via DCRs presents the same privacy risks as disclosure through other means like tracking pixels. DCRs, like other technologies that claim to protect privacy, can also be used to obfuscate privacy harms."
https://www.ftc.gov/policy/advocacy-research/tech-at-ftc/2024/11/data-clean-rooms-separating-fact-fiction
#USA #FTC #DataCleanRooms #DCRs #Privacy #DataProtection
Data Clean Rooms are cloud data processing services that let companies exchange and analyze data, restrained by rules that limit data use. They are typically used when two companies want to exchange limited information about their customers. For example, a newspaper and a grocery store might use a DCR to evaluate the efficacy of an advertisement by identifying grocery sales made to newspaper subscribers. However, a close examination of DCRs yields an evergreen lesson: even if privacy enhancing technologies alone can’t protect privacy and even if they address some privacy risks, they can contribute to others.
In some cases, DCRs can add privacy protections to the handling of consumer data. In others, disclosure of consumer data via DCRs presents the same privacy risks as disclosure through other means like tracking pixels. DCRs, like other technologies that claim to protect privacy, can also be used to obfuscate privacy harms."
https://www.ftc.gov/policy/advocacy-research/tech-at-ftc/2024/11/data-clean-rooms-separating-fact-fiction
#USA #FTC #DataCleanRooms #DCRs #Privacy #DataProtection
"Officials inside the Secret Service clashed over whether they needed a warrant to use location data harvested from ordinary apps installed on smartphones, with some arguing that citizens have agreed to be tracked with such data by accepting app terms of service, despite those apps often not saying their data may end up with the authorities, according to hundreds of pages of internal Secret Service emails obtained by 404 Media.
The emails provide deeper insight into the agency’s use of Locate X, a powerful surveillance capability that allows law enforcement officials to follow a phone, and person’s, precise movements over time at the click of a mouse. In 2023, a government oversight body found that the Secret Service, Customs and Border Protection, and Immigration and Customs Enforcement all used their access to such location data illegally. The Secret Service told 404 Media in an email last week it is no longer using the tool."
https://www.404media.co/fyi-a-warrant-isnt-needed-secret-service-says-you-agreed-to-be-tracked-with-location-data/
#USA #LocationData #Geolocation #Surveillance #Privacy #DataProtection #Intelligence #LocateX
The emails provide deeper insight into the agency’s use of Locate X, a powerful surveillance capability that allows law enforcement officials to follow a phone, and person’s, precise movements over time at the click of a mouse. In 2023, a government oversight body found that the Secret Service, Customs and Border Protection, and Immigration and Customs Enforcement all used their access to such location data illegally. The Secret Service told 404 Media in an email last week it is no longer using the tool."
https://www.404media.co/fyi-a-warrant-isnt-needed-secret-service-says-you-agreed-to-be-tracked-with-location-data/
#USA #LocationData #Geolocation #Surveillance #Privacy #DataProtection #Intelligence #LocateX
'FYI. A Warrant Isn’t Needed': Secret Service Says You Agreed To Be Tracked With Location Data
The Secret Service has used a technology called Locate X which uses location data harvested from ordinary apps installed on phones. Because users agreed to an opaque terms of service page, the Secret Service believes it doesn't need a warrant.Joseph Cox (404 Media)
"On Monday Amazon confirmed a breach of employee data which was published on a crime-focused forum, according to a statement from Amazon to 404 Media.
The data includes the employees’ name, work contact information, and what location they work at, and has more than 2.8 million lines of data, according to the post on Breach Forums. The post says the source of the data was MOVEit, which is suite of cloud data management tools.
“Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about [a] security event at one of our property management vendors that impacted several of its customers including Amazon. The only Amazon information involved was employee work contact information, for example work email addresses, desk phone numbers, and building locations,” an Amazon spokesperson told 404 Media in an email."
https://www.404media.co/amazon-confirms-breach-of-employee-data/
#Amazon #DataBreach #DataProtection #Privacy #Hacking #CyberSecurity
The data includes the employees’ name, work contact information, and what location they work at, and has more than 2.8 million lines of data, according to the post on Breach Forums. The post says the source of the data was MOVEit, which is suite of cloud data management tools.
“Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about [a] security event at one of our property management vendors that impacted several of its customers including Amazon. The only Amazon information involved was employee work contact information, for example work email addresses, desk phone numbers, and building locations,” an Amazon spokesperson told 404 Media in an email."
https://www.404media.co/amazon-confirms-breach-of-employee-data/
#Amazon #DataBreach #DataProtection #Privacy #Hacking #CyberSecurity
Amazon Confirms Breach of Employee Data
The breach includes the employees’ name, work contact information, and what location they work at.Joseph Cox (404 Media)
"The FBI is warning that hackers are obtaining private user information — including emails and phone numbers — from U.S.-based tech companies by compromising government and police email addresses to submit “emergency” data requests.
The FBI’s public notice filed this week is a rare admission from the federal government about the threat from fraudulent emergency data requests, a legal process designed to help police and federal authorities obtain information from companies to respond to immediate threats affecting someone’s life or property. The abuse of emergency data requests is not new, and has been widely reported in recent years. Now, the FBI warns that it saw an “uptick” around August in criminal posts online advertising access to or conducting fraudulent emergency data requests, and that it was going public for awareness.
“Cyber-criminals are likely gaining access to compromised US and foreign government email addresses and using them to conduct fraudulent emergency data requests to US based companies, exposing the personal information of customers to further use for criminal purposes,” reads the FBI’s advisory."
https://techcrunch.com/2024/11/08/fbi-says-hackers-are-sending-fraudulent-police-data-requests-to-tech-giants-to-steal-peoples-private-information/
#USA #CyberSecurity #FBI #Hacking #Privacy #DataProtection #DataBreaches
The FBI’s public notice filed this week is a rare admission from the federal government about the threat from fraudulent emergency data requests, a legal process designed to help police and federal authorities obtain information from companies to respond to immediate threats affecting someone’s life or property. The abuse of emergency data requests is not new, and has been widely reported in recent years. Now, the FBI warns that it saw an “uptick” around August in criminal posts online advertising access to or conducting fraudulent emergency data requests, and that it was going public for awareness.
“Cyber-criminals are likely gaining access to compromised US and foreign government email addresses and using them to conduct fraudulent emergency data requests to US based companies, exposing the personal information of customers to further use for criminal purposes,” reads the FBI’s advisory."
https://techcrunch.com/2024/11/08/fbi-says-hackers-are-sending-fraudulent-police-data-requests-to-tech-giants-to-steal-peoples-private-information/
#USA #CyberSecurity #FBI #Hacking #Privacy #DataProtection #DataBreaches
FBI says hackers are sending fraudulent police data requests to tech giants to steal people's private information | TechCrunch
The warning is a rare admission from the FBI about the threat from fake emergency data requests submitted by hackers with access to police email accounts.Zack Whittaker (TechCrunch)
Weekly Update 📰
▶️ We published a new article: "The New German #Security Package: #Digital #Surveillance and #DataProtection". More in our #blog: https://www.vioffice.de/blog/sicherheitspaket-digitale-ueberwachung/ 🇬🇧🇩🇪
▶️ ViOffice Cloud for free! Use our full ViOffice #Cloud with up to 3GB storage including all functions (storage, chat, videocall, groupware, taskboard, polls and more) for free. Register at: https://cloud01.vioffice.de/apps/registration/ 🚀
▶️ We published a new article: "The New German #Security Package: #Digital #Surveillance and #DataProtection". More in our #blog: https://www.vioffice.de/blog/sicherheitspaket-digitale-ueberwachung/ 🇬🇧🇩🇪
▶️ ViOffice Cloud for free! Use our full ViOffice #Cloud with up to 3GB storage including all functions (storage, chat, videocall, groupware, taskboard, polls and more) for free. Register at: https://cloud01.vioffice.de/apps/registration/ 🚀
The new German Security Package: Digital Surveillance and Data Protection - ViOffice
The new German security package: far-reaching digital surveillance and possible intrusions into citizens' privacy.Pascal Langer (ViOffice)
From last month - 23andMe settles data breach lawsuit for $30 million
By Jonathan Stempel
https://www.reuters.com/technology/cybersecurity/23andme-settles-data-breach-lawsuit-30-million-2024-09-13/
#biotech #dataprotection #privacy #classaction #settlement
By Jonathan Stempel
https://www.reuters.com/technology/cybersecurity/23andme-settles-data-breach-lawsuit-30-million-2024-09-13/
#biotech #dataprotection #privacy #classaction #settlement