Template:News/Updates


 * September 22, 2021 - Reports emerge that even NSA and CIA block ads due to the malvertising risks to privacy and security. [VICE]
 * September 22, 2021 - Research claims that deanonymising users of Apples recently launched VPN is relatively trivial. [PortSwiggers ]
 * September 21, 2021 - Google enables a new idle user detection API and Mozilla criticises it for opening yet another avenue for websites and advertises to spy on the said users. [HowToGeek]
 * September 21, 2021 - 🇱🇹 Lituanian government audit accuses Xiaomi and Huawei of shipping a 'censorship module' and a 'surreptitious data collection' module in it's phones. [TheRecord ]
 * September 21, 2021 - 🇬🇧 UK's Ministry of Defence's data breach puts lives of 250 Aghan interperters in danger. [The Guardian ]
 * September 20, 2021 - The domain registrar Epik loses control of 15 million user records. [ArsTechnica ]
 * September 14, 2021 - ExpressVPN, a VPN service mainly known for their omnipresent advertising presence, is bought by an adware company. [The Register ]
 * September 6, 2021 - Protonmail, oft recommended privacy-aware email provider, gets in hot water over a Swiss court order that forced them to log IP address of French environmental activists - something they committed not to do in all of their prior public statements. [TechCrunch]
 * September 2, 2021 - WhatsApp is fined €225m for GDPR breaches - one of the largest such fines levied to date. [RTE.ie]
 * August 28, 2021 - Google engineer admits that Google's smoke and mirrors privacy initiative FLoC not only fails to solve web's privacy woes, but instead makes its users even more identifiable. [ IETF talk via Forbes]|undefined
 * August 27, 2021 - 🇦🇺 Australian parliament passes a sweeping new surveillance legislation which gives police the ability to takeover online accounts and add, delete or modify any account data; all without even a judge's warrant. [Crikey]
 * August 26, 2021 - 🇬🇧 United Kingdom announces it will overhaul it's privacy rules - hopefully to make them even stronger - in a departure from EU's GDRP framework it has transposed into its own legislation following Brexit. [The Guardian]
 * August 24, 2021 - Researchers with Citizen Lab observe a new zero-click iMessage vulnerability being used by 🇧🇭 Bahrain against political dissidents - with the help of NSO group and their hacking tool Pegasus. [Threatpost]
 * August 20, 2021 - 🇨🇳 China passes one of the strongest data privacy laws in the world, largely modelled on GDPR. [Reuters]
 * August 17, 2021 - 🇦🇫 Afghanistani residents race to delete online evidence of their pre-Taliban lives following the fall of Kabul and collapse of the US-backed Afghanistani government - undoubtedly, they also had nothing to hide. [WIRED]
 * 🇺🇸 United States mobile carriers are having a free-for-all with their user's data.
 * August 20, 2021 - AT&T denies that is has suffered a breach affecting 70 million users - but data auctioned by the supposed hackers appears to be legit. [BleepingComputer]
 * August 15, 2021 - T-Mobile confirm that it has been hacked, yet again, and has lost control of records covering 100 million customers. [VICE]
 * August 17, 2021 - Researchers disclose a severe bugs affecting millions of IoT devices from many brands - including security cameras and baby monitors - which could enable hackers to hijack the devices and directly spy on the users. [BleepingComputer]
 * August 10, 2021 - Privacy-promoting non-profit NOYB files 422 GDPR complaints against websites engaging in deceptive and illegal dark patterns which are pushing users into accepting invasive tracking. [NOYB]
 * August 5, 2021 - Apple plans to scan everyon's iPhone's camera roll for child abuse materials, since everyone is now presumed guilty until proven innocent.[Financial Times]
 * August 4, 2021 - Google has reportedly fired dozens of employees between 2018 and 2020 for abusing their privileged access to internal tools and customer data. [VICE]
 * August 3, 2021 - 🇪🇺 EU is gearing up to clamp down on cash use in an effort to gain absolute control over it's citizens' financial lives. [Independent.ie]
 * August 3, 2021 - A report claims that Facebook is attempting to analyse encrypted data without decrypting it in an effort to find novel and innovative ways to violate their user's privacy. [TECHSPOT]
 * August 2, 2021 - Zoom settles a privacy class action in the USA for US$86 million. [BBC]
 * July 30, 2021 - EU fines Amazon record 746 million euro for GDPR breaches - still a drop in the bucket of Amazon's 100 billion USD second quarter. [Mashable]
 * July 26, 2021 - Executive director of Europol and a New York County District Attorney pen a 'won't somebody please think of the children' missive entirely devoid of any meaningful solutions aside from banning math.[POLITICO.eu]
 * July 25, 2021 - Researches discover 4 encryption flaws in Telegram.[PortSwigger]
 * July 23, 2021 - Australian Privacy Commissioner accuses Uber of privacy breaches affecting over 1 million Australians. [ZDNet]
 * July 14, 2021 - Majority of iOS users deny tracking prompts, devastating the surveillance business that big tech companies like Facebook are running, proving that people care about privacy when they do have meaningful choices to make. [Bloomberg]
 * July 14, 2021 - New reporting suggest that various data brokers have the ability to link the supposedly pseudonymous advertising IDs with real life identities 'at scale' thus offering fine grained insight into the lives of anyone with a smartphone to any willing buyer. [Vice]
 * July 10, 2021 - Oft recommended privacy conscious US mobile carrier Mint Mobile suffers a data breach. [BleepingComputer]
 * July 9, 2021 - New York's new biometric transparency law goes into effect, requiring businesses to prominently disclose if they're processing your biometric data.[TechCrunch]
 * July 7, 2021 - A routine prenatal test of Chinese origin, developed in collaboration with People's Liberation Army, is being used to collect vast amounts of DNA data. [Reuter]
 * July 6, 2021 - New EU law relaxes the rules around message privacy to allow service providers to rummage through your messages looking for child sexual abuse materials. No word yet on how EU intends to force child abusers to use these compromised platforms when they already use darkweb and strong crypto which won't be affected by this law. [EURACTIV]
 * July 5, 2021 - Popular FOSS audio editor Audacity is in hot water after the new owner of the project changes the privacy policy and adds data collection mechanisms. [PCMag]
 * July 3, 2021 - Amsterdam District Court rejects Facebook's arguments regarding the litigation brought by two Dutch non-profits, Data Privacy Foundation and Consumentenbond, who claim that Facebook does not have a proper legal basis for data processing in the Netherlands, clearing the way for the case to be heard in October. [TechCrunch]
 * June 30, 2021 - US state of Maine bans facial recognition tech possession and its use by virtually all public officials and employees. [EPIC]
 * June 28, 2021 - Data scrape of 700 million LinkedIn users appears for sale online. [threatpost]
 * June 25, 2021 - US Supreme Court limits standing to sue for victims of credit-related privacy data breaches. [Electronic Privacy Information Center (EPIC)]
 * June 24, 2021 - Full bench of 4th U.S. Circuit Court of Appeals rules that Baltimore's police's drone surveillance of the whole city violates the Fourth Amendment to the United States Constitution. [Reuters]
 * June 24, 2021 - Google delays blocking of third party cookies due to regulatory pressure. [Reuters]
 * June 21, 2021 - Texas power companies secretly raised temperature on customers' 'smart' thermostats to help with grid load during summer.[Business Insider]
 * June 19, 2021 - Google force-installs Massachusetts' contact tracing app for some users, without consent.[BleepingComputer]
 * June 17, 2021 - Colorado becomes the third US state to pass a comprehensive consumer privacy legislation, following California and Virginia. [The Colorado Sun]
 * June 17, 2021 - CVS Pharmacy exposes health records of 1.1 billion customers. [Threatpost]
 * June 17, 2021 - Carnival Cruise, after getting hit by ransomware twice in one year, exposes data of guests, employees, and crew in an email hack. [BleepingComputer] As if cruise industry was not awful enough...
 * June 15, 2021 - European Union's highest court, European Court of Justice rules that Facebook may be taken to court by any member state's privacy watchdog, not just Ireland's where it's European arm is incorporated.[The Associated Press]
 * June 14, 2021 - Irish government is expected to unveil new laws criminalising refusal to provide a password when executing a search warrant. Exercising your human right to privacy may result in up to 5 years in prison. It is not clear yet whether Irish government understand that hardened criminals will rather take 5 years over a more serious conviction and only victims of this will be law abiding citizens. [RTE.ie]
 * June 14, 2021 - Reports suggests that open source end-to-end encrypted Matrix protocol has become the backbone of French goverments's instant communications network, [WIRED]
 * June 11, 2021 - Volkswagen discloses a data breach impacting 3.6 million customers' records in North America, including 90 thousand customers' sensitive financial records. [Reuters]
 * June 10, 2021 - US DOJ shuts down the largest market trading in stolen login credentials. [BleepingComputer]
 * June 6, 2021 - Apple pays out millions after its repair tech posted customer's explicit photos online (in 2016, no less). [The Telegraph]
 * June 6, 2021 - Doctors in UK rally against government's plan to sell health data to third parties through NHS Digital. Opt out instructions. [The Guardian]
 * June 4, 2021 - Germany ponders use of state-sponsored malware against anyone, wanting to deputise service providers to serve their customers malware, even when they're not suspected of a crime. [EURACTIV]
 * May 31, 2021 - Privacy-promoting non-profit None of Your Business (NOYB) unleashes a wave of 500 complaint against websites which do not comply with GDPR in regards to how they present their cookie banners. [NOYB]
 * June 1, 2021 - A Facebook funded study finds that new iOS privacy controls are bad for you. 😲 [University of Florida via PocketNow]
 * May 30, 2021 - Court documents show that Google intentionally hid privacy controls behind dark patterns. [AndroidPolice]
 * May 25, 2021 - European Court of Human Rights rules against UK's spy agency GCHQ in a lawsuit based on Edward Snowden leaks. ECHR says that GCHQ must implement 'meaningful safeguards' to protect the individuals who are not subject to its investigations. [The Guardian]
 * May 24, 2021 - A German court rules that the encrypted email provider must monitor the email of two users involved in a blackmail case. [Cyberscoop]