Google Faces $2.5B Lawsuit Over YouTube’s Collection of Children’s Data

By Robert Bateman

Google faces a $2.5 billion class-action lawsuit in the U.K., over allegations that its YouTube video-sharing platform is “breaching millions of young peoples’ privacy and data rights.” 

The case is on behalf of an estimated 5 million children under 13 across England and Wales, according to a Sept.14 news release from the case’s legal team.

If successful, it would be the first class-action lawsuit against a tech company in Europe. 

Google, which acquired YouTube in 2006, is accused of violating U.K. law, which states that children under 13 are unable to consent to the collection of their personal information.

“They’re using this data to capture the attention of our children,” Duncan McCann, the representative claimant in the case, told Digital Privacy News. 

He has three children aged 13 or under, and McCann said he was concerned about how Google used their personal information on YouTube.

Continue reading “Google Faces $2.5B Lawsuit Over YouTube’s Collection of Children’s Data”

‘Trusted Technology Partner’?

Privacy Experts Alarmed at Oracle’s Role in Proposed TikTok Deal

By Charles McDermid

The impact of the White House’s decision to ban TikTok and WeChat that began Sunday remained unclear, but global privacy experts were alarmed that Oracle Corp. could still become the “trusted technology partner” of the Chinese owner of the two widely popular apps.

They told Digital Privacy News that the possible deal marked the start of a global era of data localization, as nations scrambled to keep citizens’ personal data within their own borders. 

“It’s easier for a government to request data stored on its territory, provided that its laws authorize it,” said Emmanuel Pernot-Leplay, a researcher in data-protection law at Tilburg University in the Netherlands. “It’s much more difficult when it has to make a request for such data when they are stored abroad.

Continue reading “‘Trusted Technology Partner’?”

Q&A: University of Texas’ Murat Kantarcioglu

Online Voting Is Not Safe

By Patrick W. Dunne

With the concerns surrounding a U.S. Postal Service slowdown and voter suppression, discussions continue to grow about online voting for the 2020 election.

But many cybersecurity experts are skeptical, including Murat Kantarcioglu, a professor of computer science at the University of Texas at Dallas.

Kantarcioglu, who holds a doctorate in computer science from Perdue University, told Digital Privacy News that online voting lacked a meaningful method of self-auditing, which eroded trust in the system. 

Continue reading “Q&A: University of Texas’ Murat Kantarcioglu”

Daily Digest (9/22)

Minn. Hospital Patients, Donors Hit in State’s Second-Largest Data Breach

Patients and donors to the Allina Health Hospitals or Children’s Minnesota, a two-hospital pediatric health system in the Twin Cities, were notified that their data may have been exposed in the second-largest healthcare data breach in state history.

The breach followed a ransomware attack on third-party vendor Blackbaud, one of the world’s largest providers of education administration, fundraising, and financial management software in May, Infosecurity Magazine reports.

More than 3 million people in the U.S. have been affected by the Blackbaud attack. 

Hackers gained access to copies of a backup fundraising database stored by the Children’s Minnesota Foundation on Blackbaud’s cloud-computing systems, according to the report. 

“Based on our investigation and review of the affected Blackbaud database, the incident involved limited patient information that the foundation received in connection with its fundraising efforts,” Children’s Minnesota said in a statement.

The data included “full names, addresses, phone numbers, age, dates of birth, gender, medical record numbers, dates of treatment, locations of treatment, names of treating clinicians, and health-insurance status.”

Sources (all external links):

Hackers Leak Information on 1,000 Top Belarus Officers 

Hackers leaked the names and personal details of 1,000 high-ranking Belarusian police officers over the weekend in a response to violent police crackdowns. 

Details including, names, dates of birth, and the officers’ departments and job titles were exposed Saturday via a Google spreadsheet, ZDNet reports. 

The hackers leaked the data to Nexta, an independent Belarusian news agency, who published an unredacted version on Saturday.

The news agency asked followers to help verify the list’s accuracy and help expand it with additional details, according to the report.

“If you know facts about the crimes of specific people on the list — as well as their personal information (addresses, phones, car numbers, habits, mistresses/lovers) — write to the bot (REDACTED),” Nexta told readers. 


US Judge Approves Delay on WH’s WeChat Ban 

A federal judge has approved a request from a group of U.S. WeChat users to delay federal government restrictions on the Chinese-owned app.

U.S. Magistrate Judge Laurel Beeler in California said in a Saturday ruling that the government’s actions to block WeChat from app stores would affect users’ First Amendment rights by restricting their communication on the platform, The Associated Press reports.

The WeChat users requested an injunction after the Commerce Department said Friday it would bar WeChat from U.S. app stores beginning Sunday.

WeChat and another Chinese-owned app, TikTok, have been targeted by the Trump administration for national security and data-privacy concerns.

President Donald Trump said Saturday that he supported a proposed deal that would have TikTok partner with Oracle and Walmart to form a U.S. company, but TikTok still could be banned in the U.S. on Nov. 12 if the deal was not completed, according to AP.


Google and Apple to Limit Third-Party Tracking for Advertising

Google and Apple said they would shield users from hundreds of companies that compile profiles based on online behavior. 

Google said it would phase out third-party cookies on its Chrome browser, starting in January, to make it harder for advertisers to track browsing habits but would continue to collect data from its own search engine, Wired reports.

Apple will require apps in a forthcoming version of iOS to ask users before tracking them across services. 

Abhishek Sen, cofounder of the NumberEight intelligence startup in the UK, said that Apple’s decision meant that “consumers (were) getting more conscious of privacy” and that it marked “the death of the cookie.”

NumberEight and similar companies use sensor data to categorize and contextualize user behavior to push targeted ads. 

With the new steps, rather than knowing user demographics or personal preferences, Google and Apple’s services will combine what they know on their own apps with information on what the user is physically doing at the time, Wired reports.


By DPN Staff

Workers, Homeowner Associations Square Off Over Rules in Pandemic

By Joanne Cleaver 

A home-based doggy boarding business nearly cost Dianna Sells her house.  

Sells didn’t realize that her retirement business of taking in sedate older dogs for short periods violated the rules and regulations of the homeowners association (HOA) in which her house is situated in Round Rock, Texas.

After all, her yard is big, the geriatric dogs were quiet — and many of her clients were neighbors. 

Then someone — Sells told Digital Privacy News she still doesn’t know who — complained to the association’s board.

Continue reading “Workers, Homeowner Associations Square Off Over Rules in Pandemic”

Back to School, Back to Crime?

Schools See Rise in Cyberthreats With Online Learning

By Samantha Cleaver

This fall, back to school means back on defense.

Schools in Haywood County, N.C., started remote learning last month. They then closed abruptly because of a cyberattack.

Later in the month, Palm Springs Unified Schools in California, also virtual, reported having to clear a hacking attack. The district addressed it with teacher, student and parent training.

This is the landscape for schools for the 2020-21 year. With networks branching out into households, and hackers well aware of the value of education data, phishing and ransomware attacks are expected to be a common occurrence, experts told Digital Privacy News.

Continue reading “Back to School, Back to Crime?”