The Digital Identity Wallet approved by parliament and council

On the 28th February, The European Parliament gave its final approval to the Digital Identity Regulation, with 335 votes to 190, with 31 abstentions. It was adopted by the EU Council of Ministers on 26th of March. The next step will be its publication in the Official Journal and its entry into force 20 days Read more about The Digital Identity Wallet approved by parliament and council[…]

Soofa Digital Kiosks Snatch Your Phone’s Data When You Walk By, sell it on

Digital kiosks from Soofa seem harmless, giving you bits of information alongside some ads. However, these kiosks popping up throughout the United States take your phone’s information and location data whenever you walk near them, and sell them to local governments and advertisers, first reported by NBC Boston Monday. “At Soofa, we developed the first Read more about Soofa Digital Kiosks Snatch Your Phone’s Data When You Walk By, sell it on[…]

Mass claim CUIC against virus scanner (but really tracking sypware) Avast

Privacy First has teamed up with Austrian NOYB (the organisation of privacy activist Max Schrems) to form the new mass claim organisation CUIC founded. CUIC stands for Consumers United in Court, also pronounceable as ‘CU in Court’ (see you in court). […] Millions spied on by virus scanner CUIC today filed subpoenas against software company Read more about Mass claim CUIC against virus scanner (but really tracking sypware) Avast[…]

Age Verification Laws Drag Us Back to the Dark Ages of the Internet

The fundamental flaw with the age verification bills and laws passing rapidly across the country is the delusional, unfounded belief that putting hurdles between people and pornography is going to actually prevent them from viewing porn. What will happen, and is already happening, is that people–including minors–will go to unmoderated, actively harmful alternatives that don’t Read more about Age Verification Laws Drag Us Back to the Dark Ages of the Internet[…]

Project Ghostbusters: Facebook Accused of Using Your Phone to Wiretap Snapchat, Youtube, Amazon through Onavo VPN

Court filings unsealed last week allege Meta created an internal effort to spy on Snapchat in a secret initiative called “Project Ghostbusters.” Meta did so through Onavo, a Virtual Private Network (VPN) service the company offered between 2016 and 2019 that, ultimately, wasn’t private at all. “Whenever someone asks a question about Snapchat, the answer Read more about Project Ghostbusters: Facebook Accused of Using Your Phone to Wiretap Snapchat, Youtube, Amazon through Onavo VPN[…]

General Motors Quits Sharing Driving Behavior With Data Brokers – Now sells it directly to insurance companies?

General Motors said Friday that it had stopped sharing details about how people drove its cars with two data brokers that created risk profiles for the insurance industry. The decision followed a New York Times report this month that G.M. had, for years, been sharing data about drivers’ mileage, braking, acceleration and speed with the Read more about General Motors Quits Sharing Driving Behavior With Data Brokers – Now sells it directly to insurance companies?[…]

VPN Demand Surges 234.8% After Adult Site Restriction on Texas-Based Users

VPN demand in Texas skyrocketed by 234.8% on March 15, 2024, after state authorities enacted a law requiring adult sites to verify users’ ages before granting them access to the websites’ content. Texas’ age verification law was passed in June 2023 and was set to take effect in September of the same year. However, a Read more about VPN Demand Surges 234.8% After Adult Site Restriction on Texas-Based Users[…]

Pornhub disables website in Texas after AG sues for not verifying users’ ages

Pornhub has disabled its site in Texas to object to a state law that requires the company to verify the age of users to prevent minors from accessing the site. Texas residents who visit the site are met with a message from the company that criticizes the state’s elected officials who are requiring them to Read more about Pornhub disables website in Texas after AG sues for not verifying users’ ages[…]

car with eye in sky

Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies

Kenn Dahl says he has always been a careful driver. The owner of a software company near Seattle, he drives a leased Chevrolet Bolt. He’s never been responsible for an accident. So Mr. Dahl, 65, was surprised in 2022 when the cost of his car insurance jumped by 21 percent. Quotes from other insurance companies Read more about Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies[…]

European Commission broke data protection law with Microsoft Office 365 – duh

The European Commission has been reprimanded for infringing data protection regulations when using Microsoft 365. The rebuke came from the European Data Protection Supervisor (EDPS) and is the culmination of an investigation that kicked off in May 2021, following the Schrems II judgement. According to the EDPS, the EC infringed several data protection regulations, including Read more about European Commission broke data protection law with Microsoft Office 365 – duh[…]

Biden executive order aims to stop a few countries from buying Americans’ personal data – a watered down EU GDPR

[…] President Joe Biden will issue an executive order that aims to limit the mass-sale of Americans’ personal data to “countries of concern,” including Russia and China. The order specifically targets the bulk sale of geolocation, genomic, financial, biometric, health and other personally identifying information. During a briefing with reporters, a senior administration official said Read more about Biden executive order aims to stop a few countries from buying Americans’ personal data – a watered down EU GDPR[…]

Investigators seek push notification metadata in 130 cases – this is scarier than you think

More than 130 petitions seeking access to push notification metadata have been filed in US courts, according to a Washington Post investigation – a finding that underscores the lack of privacy protection available to users of mobile devices. The poor state of mobile device privacy has provided US state and federal investigators with valuable information Read more about Investigators seek push notification metadata in 130 cases – this is scarier than you think[…]

Scammers Are Now Scanning Faces To Defeat Age verification Biometric Security Measures

For quite some time now we’ve been pointing out the many harms of age verification technologies, and how they’re a disaster for privacy. In particular, we’ve noted that if you have someone collecting biometric information on people, that data itself becomes a massive risk since it will be targeted. And, remember, a year and a Read more about Scammers Are Now Scanning Faces To Defeat Age verification Biometric Security Measures[…]

Meta will start collecting much more “anonymized” data about Quest headset usage

Meta will soon begin “collecting anonymized data” from users of its Quest headsets, a move that could see the company aggregating information about hand, body, and eye tracking; camera information; “information about your physical environment”; and information about “the virtual reality events you attend.” In an email sent to Quest users Monday, Meta notes that Read more about Meta will start collecting much more “anonymized” data about Quest headset usage[…]

Canadian college M&M Vending machines secretly scanning faces – revealed by error message

[…] The scandal started when a student using the alias SquidKid47 posted an image on Reddit showing a campus vending machine error message, “Invenda.Vending.FacialRecognitionApp.exe,” displayed after the machine failed to launch a facial recognition application that nobody expected to be part of the process of using a vending machine. Enlarge / Reddit post shows error Read more about Canadian college M&M Vending machines secretly scanning faces – revealed by error message[…]

a picture of an eye staring at your from your mobile phone

European human rights court says backdooring encrypted comms is against human rights

The European Court of Human Rights (ECHR) has ruled that laws requiring crippled encryption and extensive data retention violate the European Convention on Human Rights – a decision that may derail European data surveillance legislation known as Chat Control. The Court issued a decision on Tuesday stating that “the contested legislation providing for the retention Read more about European human rights court says backdooring encrypted comms is against human rights[…]

23andMe Thinks ‘Mining’ Your DNA Data Is Its Last Hope

23andMe is in a death spiral. Almost everyone who wants a DNA test already bought one, a nightmare data breach ruined the company’s reputation, and 23andMe’s stock is so close to worthless it might get kicked off the Nasdaq. CEO Anne Wojcicki is on a crisis tour, promising investors the company isn’t going out of Read more about 23andMe Thinks ‘Mining’ Your DNA Data Is Its Last Hope[…]

The EU wants to criminalize AI-generated deepfakes and the non-consensual sending of intimate images

[…] the European Council and Parliament have agreed with the proposal to criminalize, among other things, different types of cyber-violence. The proposed rules will criminalize the non-consensual sharing of intimate images, including deepfakes made by AI tools, which could help deter revenge porn. Cyber-stalking, online harassment, misogynous hate speech and “cyber-flashing,” or the sending of Read more about The EU wants to criminalize AI-generated deepfakes and the non-consensual sending of intimate images[…]

Hundreds of thousands of EU citizens ‘wrongly fined for driving in London Ulez’ in one of EUs largest privacy breaches

Hundreds of thousands of EU citizens were wrongly fined for driving in London’s Ulez clean air zone, according to European governments, in what has been described as “possibly one of the largest data breaches in EU history”. The Guardian can reveal Transport for London (TfL) has been accused by five EU countries of illegally obtaining Read more about Hundreds of thousands of EU citizens ‘wrongly fined for driving in London Ulez’ in one of EUs largest privacy breaches[…]

iPhone Apps Secretly Harvest Data When They Send You Notifications, Researchers Find

iPhone apps including Facebook, LinkedIn, TikTok, and X/Twitter are skirting Apple’s privacy rules to collect user data through notifications, according to tests by security researchers at Mysk Inc., an app development company. Users sometimes close apps to stop them from collecting data in the background, but this technique gets around that protection. The data is Read more about iPhone Apps Secretly Harvest Data When They Send You Notifications, Researchers Find[…]

France fines Amazon $35 million over intrusive employee surveillance

France’s data privacy watchdog organization, the CNIL, has fined a logistics subsidiary of Amazon €32 million, or $35 million in US dollars, over the company’s use of an “overly intrusive” employee surveillance system. The CNIL says that the system employed by Amazon France Logistique “measured work interruptions with such accuracy, potentially requiring employees to justify Read more about France fines Amazon $35 million over intrusive employee surveillance[…]

a map of the netherlands with cellphone towers

Dutch phones can be easily tracked online: ‘Extreme security risk’

BNR received more than 80 gigabytes of location data from data traders: the coordinates of millions of telephones, often registered dozens of times a day. The gigantic mountain of data also includes movements of people with functions in which safety plays an important role. A senior army officer could be followed as he drove from Read more about Dutch phones can be easily tracked online: ‘Extreme security risk’[…]

Drivers would prefer to buy a low-tech car than one that shares their data

According to a survey of 2,000 Americans conducted by Kaspersky in November and published this week, 72 percent of drivers are uncomfortable with automakers sharing their data with advertisers, insurance companies, subscription services, and other third-party outfits. Specifically, 37.3 percent of those polled are “very uncomfortable” with this data sharing, and 34.5 percent are “somewhat Read more about Drivers would prefer to buy a low-tech car than one that shares their data[…]

Google agrees to settle $5 billion lawsuit accusing it of tracking Incognito users

In 2020, Google was hit with a lawsuit that accused it of tracking Chrome users’ activities even when they were using Incognito mode. Now, after a failed attempt to get it dismissed, the company has agreed to settle the complaint that originally sought $5 billion in damages. According to Reuters and The Washington Post, neither Read more about Google agrees to settle $5 billion lawsuit accusing it of tracking Incognito users[…]

a verizon technician giving away a large binder of documents to an ugly orc

Verizon Once Again Busted Handing Out Sensitive Wireless Subscriber Information To Any Nitwit Who Asks For It – because no US enforcement of any kind

Half a decade ago we documented how the U.S. wireless industry was caught over-collecting sensitive user location and vast troves of behavioral data, then selling access to that data to pretty much anybody with a couple of nickels to rub together. It resulted in no limit of abuse from everybody from stalkers to law enforcement Read more about Verizon Once Again Busted Handing Out Sensitive Wireless Subscriber Information To Any Nitwit Who Asks For It – because no US enforcement of any kind[…]