Template:News/Updates
Jump to navigation
Jump to search
- 22 September 2021 - Reports emerge that even NSA and CIA block ads due to the malvertising risks to privacy and security. [VICE]
- 22 September 2021 - Research claims that deanonymising users of Apples recently launched VPN is relatively trivial. [PortSwiggers]
- 21 September 2021 - Google enables a new idle user detection API and Mozilla criticises it for opening yet another avenue for websites and advertises to spy on the said users. [HowToGeek]
- 21 September 2021 -
Lituanian government audit accuses Xiaomi and Huawei of shipping a 'censorship module' and a 'surreptitious data collection' module in it's phones. [TheRecord] - 21 September 2021 -
UK's Ministry of Defence's data breach puts lives of 250 Aghan interperters in danger. [The Guardian] - 20 September 2021 - The domain registrar Epik loses control of 15 million user records. [ArsTechnica]
- 14 September 2021 - ExpressVPN, a VPN service mainly known for their omnipresent advertising presence, is bought by an adware company. [The Register]
- 6 September 2021 - Protonmail, oft recommended privacy-aware email provider, gets in hot water over a Swiss court order that forced them to log IP address of French environmental activists - something they committed not to do in all of their prior public statements. [TechCrunch]
- 2 September 2021 - WhatsApp is fined €225m for GDPR breaches - one of the largest such fines levied to date. [RTE.ie]
- 28 August 2021 - Google engineer admits that Google's smoke and mirrors privacy initiative FLoC not only fails to solve web's privacy woes, but instead makes its users even more identifiable. [IETF talk via Forbes]
- 27 August 2021 -
Australian parliament passes a sweeping new surveillance legislation which gives police the ability to takeover online accounts and add, delete or modify any account data; all without even a judge's warrant. [Crikey] - 26 August 2021 - United Kingdom announces it will overhaul it's privacy rules - hopefully to make them even stronger - in a departure from EU's GDRP framework it has transposed into its own legislation following Brexit. [The Guardian]
- 24 August 2021 - Researchers with Citizen Lab observe a new zero-click iMessage vulnerability being used by
Bahrain against political dissidents - with the help of NSO group and their hacking tool Pegasus. [Threatpost] - 20 August 2021 -
China passes one of the strongest data privacy laws in the world, largely modelled on GDPR. [Reuters] - 17 August 2021 -
Afghanistani residents race to delete online evidence of their pre-Taliban lives following the fall of Kabul and collapse of the US-backed Afghanistani government - undoubtedly, they also had nothing to hide. [WIRED] 
United States mobile carriers are having a free-for-all with their user's data.
- 20 August 2021 - AT&T denies that is has suffered a breach affecting 70 million users - but data auctioned by the supposed hackers appears to be legit. [BleepingComputer]
- 15 August 2021 - T-Mobile confirm that it has been hacked, yet again, and has lost control of records covering 100 million customers. [VICE]
- 17 August 2021 - Researchers disclose a severe bugs affecting millions of IoT devices from many brands - including security cameras and baby monitors - which could enable hackers to hijack the devices and directly spy on the users. [BleepingComputer]
- 10 August 2021 - Privacy-promoting non-profit NOYB files 422 GDPR complaints against websites engaging in deceptive and illegal dark patterns which are pushing users into accepting invasive tracking. [NOYB]
- 5 August 2021 - Apple plans to scan everyon's iPhone's camera roll for child abuse materials, since everyone is now presumed guilty until proven innocent.[Financial Times]
- 4 August 2021 - Google has reportedly fired dozens of employees between 2018 and 2020 for abusing their privileged access to internal tools and customer data. [VICE]
- 3 August 2021 -
EU is gearing up to clamp down on cash use in an effort to gain absolute control over it's citizens' financial lives. [Independent.ie] - 3 August 2021 - A report claims that Facebook is attempting to analyse encrypted data without decrypting it in an effort to find novel and innovative ways to violate their user's privacy. [TECHSPOT]
- 2 August 2021 - Zoom settles a privacy class action in the USA for US$86 million. [BBC]
- 30 July 2021 - EU fines Amazon record 746 million euro for GDPR breaches - still a drop in the bucket of Amazon's 100 billion USD second quarter. [Mashable]
- 26 July 2021 - Executive director of Europol and a New York County District Attorney pen a 'won't somebody please think of the children' missive entirely devoid of any meaningful solutions aside from banning math.[POLITICO.eu]
- 25 July 2021 - Researches discover 4 encryption flaws in Telegram.[PortSwigger]
- 23 July 2021 - Australian Privacy Commissioner accuses Uber of privacy breaches affecting over 1 million Australians. [ZDNet]
- 14 July 2021 - Majority of iOS users deny tracking prompts, devastating the surveillance business that big tech companies like Facebook are running, proving that people care about privacy when they do have meaningful choices to make. [Bloomberg]
- 14 July 2021 - New reporting suggest that various data brokers have the ability to link the supposedly pseudonymous advertising IDs with real life identities 'at scale' thus offering fine grained insight into the lives of anyone with a smartphone to any willing buyer. [Vice]
- 10 July 2021 - Oft recommended privacy conscious US mobile carrier Mint Mobile suffers a data breach. [BleepingComputer]
- 9 July 2021 - New York's new biometric transparency law goes into effect, requiring businesses to prominently disclose if they're processing your biometric data.[TechCrunch]
- 7 July 2021 - A routine prenatal test of Chinese origin, developed in collaboration with People's Liberation Army, is being used to collect vast amounts of DNA data. [Reuter]
- 6 July 2021 - New EU law relaxes the rules around message privacy to allow service providers to rummage through your messages looking for child sexual abuse materials. No word yet on how EU intends to force child abusers to use these compromised platforms when they already use darkweb and strong crypto which won't be affected by this law. [EURACTIV]
- 5 July 2021 - Popular FOSS audio editor Audacity is in hot water after the new owner of the project changes the privacy policy and adds data collection mechanisms. [PCMag]
- 3 July 2021 - Amsterdam District Court rejects Facebook's arguments regarding the litigation brought by two Dutch non-profits, Data Privacy Foundation and Consumentenbond, who claim that Facebook does not have a proper legal basis for data processing in the Netherlands, clearing the way for the case to be heard in October. [TechCrunch]
- 30 June 2021 - US state of Maine bans facial recognition tech possession and its use by virtually all public officials and employees. [EPIC]
- 28 June 2021 - Data scrape of 700 million LinkedIn users appears for sale online. [threatpost]
- 25 June 2021 - US Supreme Court limits standing to sue for victims of credit-related privacy data breaches. [Electronic Privacy Information Center (EPIC)]
- 24 June 2021 - Full bench of 4th U.S. Circuit Court of Appeals rules that Baltimore's police's drone surveillance of the whole city violates the Fourth Amendment to the United States Constitution. [Reuters]
- 24 June 2021 - Google delays blocking of third party cookies due to regulatory pressure. [Reuters]
- 21 June 2021 - Texas power companies secretly raised temperature on customers' 'smart' thermostats to help with grid load during summer.[Business Insider]
- 19 June 2021 - Google force-installs Massachusetts' contact tracing app for some users, without consent.[BleepingComputer]
- 17 June 2021 - Colorado becomes the third US state to pass a comprehensive consumer privacy legislation, following California and Virginia. [The Colorado Sun]
- 17 June 2021 - CVS Pharmacy exposes health records of 1.1 billion customers. [Threatpost]
- 17 June 2021 - Carnival Cruise, after getting hit by ransomware twice in one year, exposes data of guests, employees, and crew in an email hack. [BleepingComputer] As if cruise industry was not awful enough...
- 15 June 2021 - European Union's highest court, European Court of Justice rules that Facebook may be taken to court by any member state's privacy watchdog, not just Ireland's where it's European arm is incorporated.[The Associated Press]
- 14 June 2021 - Irish government is expected to unveil new laws criminalising refusal to provide a password when executing a search warrant. Exercising your human right to privacy may result in up to 5 years in prison.
It is not clear yet whether Irish government understand that hardened criminals will rather take 5 years over a more serious conviction and only victims of this will be law abiding citizens. [RTE.ie] - 14 June 2021 - Reports suggests that open source end-to-end encrypted Matrix protocol has become the backbone of French goverments's instant communications network, [WIRED]
- 11 June 2021 - Volkswagen discloses a data breach impacting 3.6 million customers' records in North America, including 90 thousand customers' sensitive financial records. [Reuters]
- 10 June 2021 - US DOJ shuts down the largest market trading in stolen login credentials. [BleepingComputer]
- 6 June 2021 - Apple pays out millions after its repair tech posted customer's explicit photos online (in 2016, no less). [The Telegraph]
- 6 June 2021 - Doctors in UK rally against government's plan to sell health data to third parties through NHS Digital. Opt out instructions. [The Guardian]
- 4 June 2021 - Germany ponders use of state-sponsored malware against anyone, wanting to deputise service providers to serve their customers malware, even when they're not suspected of a crime. [EURACTIV]
- 31 May 2021 - Privacy-promoting non-profit None of Your Business (NOYB) unleashes a wave of 500 complaint against websites which do not comply with GDPR in regards to how they present their cookie banners. [NOYB]
- 1 June 2021 - A Facebook funded study finds that new iOS privacy controls are bad for you. 😲 [University of Florida via PocketNow]
- 30 May 2021 - Court documents show that Google intentionally hid privacy controls behind dark patterns. [AndroidPolice]
- 25 May 2021 - European Court of Human Rights rules against UK's spy agency GCHQ in a lawsuit based on Edward Snowden leaks. ECHR says that GCHQ must implement 'meaningful safeguards' to protect the individuals who are not subject to its investigations. [The Guardian]
- 24 May 2021 - A German court rules that the encrypted email provider must monitor the email of two users involved in a blackmail case. [Cyberscoop]