By Jackson Chen
Despite the world being disrupted in an unprecedented manner in 2020, the privacy world still saw many significant events and developments.
Early this year, COVID-19 led to privacy concerns over rushed contact-tracing apps and data breaches at overtaxed health care operations.
Nearly halfway into 2020, the European Union evaluated the effectiveness of its General Data Protection Regulation (GDPR), while a wave of racial-justice protests in the U.S. reinvigorated concerns about facial-recognition technology.
To cap off the year, Congress held several hearings with Big Tech CEOs, while many regulatory actions took place against them by federal and state governmental agencies.
Continue reading “A Dizzying Year in Privacy: From Antitrust to a Lack of Trust”
By Patrick McShane
In these occasional reports, Digital Privacy News examines the fallout from China’s new “national security law” on Hong Kong.
Early last month, Hong Kong Police announced a new dedicated “hotline” for the public to report anyone — neighbors, classmates, colleagues, parents, even adult children — who may have broken the National Security Law, enacted by Beijing on June 30.
But even before the hotline’s sudden Nov. 5 launch, Hongkongers pushed back on what they considered an egregious assault on personal privacy.
“This will be a serious blow to freedom in Hong Kong,” former Democratic Party legislator James To told local radio in late October, warning that the effect of the new tip line would be “disastrous” for Hong Kong.
Continue reading “Anxious Hong Kong Residents Balk at New Police ‘Hotline’”
Huge Coordinated Ransomware Attack Hits 22 Texas Towns Last Year
By Najmeh Tima
“What Happened?” is an occasional feature by Digital Privacy News that looks back on some of the tech industry’s biggest data breaches last year.
More than a year later, Texas officials still are not saying who was behind a massive ransomware that paralyzed the digital operations of 22 communities for a week in August 2019, though one expert told Digital Privacy News that the culprit most likely was a hacker-for-hire with ties outside of the United States.
“The identity or organization of one single threat actor has not been clarified yet,” said Allan Liska, an intelligence analyst with Recorded Future, a Boston corporate-security research firm. “It’s almost impossible to determine who the attacker was due to Ransomware-as-a-Service (RaaS).”
Liska defined RaaS as when a person or group develops ransomware and then rents it out to others for execution. “The person who developed the ransomware may be in Estonia, but people carrying out the attacks could be anywhere,” he said.
“The attack was carried out by the REvil/Sodinokibi team,” Liska added, “but we didn’t know which of their affiliates it was.”
Continue reading “What Happened? Texas Breach”