EU Hits Russian, Chinese, NKorean Firms With First-Ever Sanctions for Cyberattacks; Facebook Sues EU Antitrust Regulator for ‘Excessive’ Data Requests; Canada’s LifeLabs Sues to Block Results of Probe Into Last Year’s Privacy Breach; Rival Triller Sues TikTok for Patent Infringement. Click “Continue reading” below.Continue reading “Daily Digest (7/31)”
By Jackson Chen
More advocacy groups are suing law-enforcement agencies to get more information about their surveillance use of cell-site simulator technology.
The California-based Oakland Privacy citizens group in June accused the City of Vallejo of allegedly breaking the state’s privacy law in allowing its police department to spend $766,018 for a cell-site simulator device, also known as Stingrays.
The group’s court action noted that the city should have first approved a usage policy in a public setting — and that the posted policy on the city’s website just days after the purchase violated state requirements for getting a warrant prior to the device’s use.
“If we prevail, I hope it’ll set a good precedent,” Michael Katz-Lacabe, Oakland Privacy’s research director, told Digital Privacy News. “I see this as a warning shot to cities to take implementation of their policies that are complying with state law very seriously.”Continue reading “Groups Suing Police for Transparency on Stingray Surveillance Use”
Lawmakers Hit Facebook, Google Hard in Rare Hearing With Big Tech CEOs; Sen. Josh Hawley Introduces Bill to Curb Personalized Online Ads; US Judge Dismisses Part of Restaurant Group’s Data-Breach Suit; 2.5M Online Accounts of Alcohol Delivery Service Compromised in Data Breach. Click “Continue reading” below.Continue reading “Daily Digest (7/30)”
By Robert Bateman
The U.K. government has admitted that its COVID-19 “test and trace” program was begun in May without an appropriate “data-protection impact assessment” (DPIA) in place, with experts telling Digital Privacy News that the omission represented a serious breach of privacy law.
The revelation came in a July 15 letter from the government’s legal department, shared with Digital Privacy News via a news release from U.K. campaigning organization the Open Rights Group.
A DPIA is required under U.K. law before commencing any project carrying a high risk to individual privacy. The government claimed to have conducted several DPIAs covering aspects of the program but admitted it should have completed an overarching assessment before it launched on May 28.Continue reading “UK Government Admits Failing to Assess ‘Test and Trace’ Privacy Risks Properly”
13 Dem Lawmakers Seek Aid for Privacy Protections in Coronavirus Stimulus Package; Texas Probing Facebook for Harvesting Biometric Data from Users; WH Proceeds Move Forward With Plans to Regulate Social Media; Garmin Says App and Services Were Halted by Ransomware. Click “Continue reading” below.Continue reading “Daily Digest (7/29)”
By Patrick McShane
First of a series.
Last month, China imposed a sweeping new “security law” on Hong Kong — threatening the personal privacy of more than 7.5 million citizens and sending shivers throughout the global business community, which includes more than 1,500 U.S. companies.
In this series of weekly reports, Digital Privacy News examines the ramifications of Beijing’s actions — beginning with today’s discussion of the historical events leading to China’s decision.
Twenty-three years ago this summer, the former British colony of Hong Kong was returned to Chinese sovereignty.
However, this extraordinary international event — popularly described as “The Hong Kong Handover” — only came about after more than a dozen years of often acrimonious negotiations between London and Beijing.Continue reading “Why China’s New ‘Security Law’ Is a Dangerous Threat to Privacy in Hong Kong”
Election Officials Vulnerable to Email Attacks, Report Says; Australian Watchdog Sues Google for Collecting Data Without Informed Consent; Consumer Reports Study Calls for Greater Privacy and Security Protections in Genetic Testing; Apple Sued for Inaction Over iTunes Gift-Card Scams. Click “Continue reading” below.Continue reading “Daily Digest (7/28)”
By Joanne Cleaver
One of the first things Stephanie Genkin did as a new certified financial planner was establish her business-financial accounts separate from her personal accounts.
That’s a proactive step she fears some last-minute entrepreneurs might overlook in the scramble to earn extra income to get through the economic crisis induced by the coronavirus pandemic.
“No matter what deal you get for your personal finances, don’t mix that with business,” the Brooklyn-based planner told Digital Privacy News.
That goes for credit cards, bank accounts and, currently, loans through U.S. government programs intended to aid households and small businesses.Continue reading “COVID Forcing Small Businesses to Address Privacy Issues”
Tech CEO Hearing Moved to Next Month; Rep. Adam Schiff Seeks Briefing on Reports of US Surveillance of Protesters; Facebook Close to $650M BIPA Settlement; Apple launches Security Research Device Program. Click “Continue reading” below.Continue reading “Daily Digest (7/27)”
How Your Death Affects Your Privacy
By Bree Brouwer
Speaker and psychologist Elaine Kasket is a longtime scholar of death in the digital age.
Her recent book — “All the Ghosts in the Machine: The Digital Afterlife of Your Personal Data” — addresses modern privacy challenges from birth to beyond death.
Kasket told Digital Privacy News that privacy proponents should know everything possible about their digital afterlife and how to manage it.Continue reading “Q&A: Psychologist Elaine Kasket”
By Robert Bateman
The world of digital privacy was shaken this month, when the Court of Justice of the European Union (CJEU) invalidated the Privacy Shield framework, which allows certain businesses to freely transfer personal information from the E.U. to the U.S.
The E.U. court ruled July 16 in Luxembourg that U.S. surveillance laws violated the privacy of European citizens. International data transfers to the U.S. can still take place, however, subject to standard contractual clauses to protect personal information, written by the European Commission.
Experts on both sides of the Atlantic told Digital Privacy News that the U.K., which has similarly intrusive surveillance laws to the United States, could be disproportionately affected by the decision.Continue reading “EU Strikes Down Privacy Shield, With Major Implications for UK Economy”
Over 1,000 Twitter Employees, Contractors Could Have Helped in Hacking Accounts; States Probing Apple for Potential Consumer-Protection Law Violation; Website Security Breach Exposes 1M DNA Profiles; NY Lawmakers Vote to Pause Facial Recognition in Schools for 2 Years. Click “Continue reading” below.Continue reading “Daily Digest (7/24)”
By Aishwarya Jagani
Facebook recently debuted its Messenger Rooms group video-chat service, touting it as a safer alternative to the Zoom’s embattled video-conferencing platform, but experts tell Digital Privacy News that’s not the case.
“In terms of privacy, I would consider FBMR to be slightly higher-risk than Microsoft Teams and definitely better than Zoom, but on a par with Google Meet,” said U.K. privacy expert Rowenna Fielding.
“Both Facebook and Google’s business model is based on harvesting people’s data to profile them for microtargeting of advertising,” she explained, “whereas Microsoft doesn’t data-mine enterprise products — and Zoom has clarified that they don’t data-mine user content at all.”
Fielding, head of individuals’ rights and freedoms at the data-protection consultancy Protecture in Bristol, was just as ambivalent about Messenger’s security features.Continue reading “Facebook Touts Messenger Rooms as Zoom Alternative, But Experts Question Claims”
College Recruitment Database Leaking 1M Student GPAs, SAT Scores, Other Data; Facebook Asking to Use Personal Data in Brazil; Nielsen to Change Rating Tools Out of Privacy Concerns; University of Chicago Develops Image ‘Cloaking’ for Personal Privacy. Click “Continue reading” below.Continue reading “Daily Digest (7/23)”
By Tammy Joyner
As a demographer, Alexis Santos relies heavily on census data to track public-health disparities, especially in communities of color.
But a proposed change by the U.S. Census Bureau designed to further safeguard the confidentiality of its data threatens to upend the work of Santos and other researchers.
The bureau wants to use a new algorithm called differential privacy, beginning with this year’s census.
“Differential privacy is more concrete,” Maria Filippelli, a public-interest technology fellow at the New America think tank in Washington, told Digital Privacy News. “It’s more technical.
“In the end, a set of mathematical equations or algorithms will process the data, so that it’s more secure,” she said.Continue reading “Researchers Wary of Census Bureau’s Plan to Use ‘Differential Privacy’ in 2020 Count”
US Researchers Monitor Russian Military Sites Using Location Data; DHS Authorizes Surveillance to Protect US Statues and Monuments; Privacy Claims on Mask Questions Unfounded; FBI Secretly Using a $2 Billion Travel Company as Global Surveillance Tool. Click “Continue reading” below.Continue reading “Daily Digest (7/22)”
By Charles McDermid
Two most-recent privacy bills introduced to Congress indicate an increasingly partisan approach to surveillance technology, adding yet another stumbling block for U.S. lawmakers who have not passed a significant federal data-protection law in two decades, experts told Digital Privacy News.
More than a dozen privacy bills now are before Congress, including the additions last month of the Democratic-backed Facial Recognition and Biometric Technology Moratorium Act of 2020 and the Lawful Access to Encrypted Data Act, which was put forth by Republicans.
In the past, bipartisanship had emerged around national surveillance issues — such as the USA Freedom Act of 2015, which updated parts of the Patriot Act — but privacy advocates now worry that today’s polarized political arena could worsen the legislative logjam.
The U.S. remains one of the last developed countries that does not have any national consumer privacy or data-security laws, or its own federal data-protection agency.Continue reading “The US Hasn’t Passed a Strong Data-Privacy Law in 20 Years. It’s Not Getting Easier”
DHS Fears Widespread Mask-Wearing Will Break Facial-Recognition Software; UK Admits Breaking Privacy Law With NHS Test-and-Trace Program; 7 ‘No Log’ VPN Providers Accused of Leaking 1.2TB of User Logs Onto Internet; Twitter Hack Targeted 130 Accounts, Breached Personal Information. Click “Continue reading” below.Continue reading “Daily Digest (7/21)”
By Samantha Stone
It was a birthday celebration. Or was it a post-divorce party? Either way, the evening ended with flashing lights in the rear-view mirror.
Highway patrol officers asked the driver for a blood sample. She was within her legal rights to refuse. Authorities then scrambled for a warrant to take her blood without consent.
“In the old days, if you refused, they were just out of luck,” attorney Paul Burglin, dean of the National College for DUI Defense in Montgomery, Ala., told Digital Privacy News.
Or, they ended up in court.
“There were cases in Arizona where the cops were sticking a needle in suspects in the back of the patrol car,” Burglin said. “They were holding people down in California and forcibly taking a sample.”Continue reading “Electronic Warrants Aid Police, But Post-Arrest Privacy Is Not Assured”
Russia Conducted Widespread Surveillance During COVID Lockdown; German Authorities Have Too Much Access to Online Data, Top Court Rules; Israeli Ministry Admits Over 12,000 Mistakenly Quarantined by Phone Tracking; Amazon, Google, Microsoft Sued Over Photos in Facial-Recognition Database. Click “Continue reading” below.Continue reading “Daily Digest (7/20)”