fbpx

Download free GDPR compliance checklist!

Tag Archives for " data "

How the U.S. Military Buys Location Data from Ordinary Apps

A Muslim prayer app with over 98 million downloads is one of the apps connected to a wide-ranging supply chain that sends ordinary people’s personal data to brokers, contractors, and the military.

The U.S. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned. The most popular app among a group Motherboard analyzed connected to this sort of data sale is a Muslim prayer and Quran app that has more than 98 million downloads worldwide. Others include a Muslim dating app, a popular Craigslist app, an app for following storms, and a “level” app that can be used to help, for example, install shelves in a bedroom.

Source: How the U.S. Military Buys Location Data from Ordinary Apps

How the NYPD gets people’s personal data with no oversight

The NYPD has used tens of thousands of questionable subpoenas over the last decade to intimidate private companies into handing over the personal information of cops and civilians alike — all with no oversight from the city or the courts.

While most of the subpoenas are believed to target cops, some have also gone after journalists in an attempt to uncover their sources — and the four orders obtained by The Post reveal they can be sweeping in nature, potentially creating a trove of personal data on cops and those in their orbit.

Source: How the NYPD gets people’s personal data with no oversight

The Covid App Ecosystem Has Become a Privacy Minefield

An analysis of nearly 500 Covid-related apps worldwide shows major differences in how much data they expect you to give up.

The results show that only 47 of that subset of 359 apps – that handle contact tracing, exposure notification, screening, reporting, workplace monitoring, and Covid information from public health authorities around the globe- use Google and Apple’s more privacy-friendly exposure-notification system, which restricts apps to only Bluetooth data collection.

More than six out of seven Covid-focused iOS apps worldwide are free to request whatever privacy permissions they want, with 59 percent asking for a user’s location when in use and 43 percent tracking location at all times. Albright found that 44 percent of Covid apps on iOS asked for access to the phone’s camera, 22 percent of apps asked for access to the user’s microphone, 32 percent asked for access to their photos, and 11 percent asked for access to their contacts.

Source: The iOS Covid App Ecosystem Has Become a Privacy Minefield | WIRED

Border officer provides device passwords to police

A Canadian border officer who dealt with Meng Wanzhou at Vancouver’s airport in the hours before her arrest said he made an “embarrassing” and “heart-wrenching” mistake, when his handwritten note with the passwords of Meng’s electronic devices ended up in police hands, breaching privacy laws.

Meng’s lawyers say it was part of a covert plot by the Canada Border Services Agency (CBSA) and the Royal Canadian Mounted Police (RCMP), to gather evidence for the American FBI.

Source: Canada border officer says giving police Meng Wanzhou’s device passwords was ‘embarrassing, heart-wrenching’ blunder

DHS Authorities Are Buying Moment-By-Moment Geolocation Cellphone Data To Track People

The Department of Homeland Security is purchasing consumer cellphone data that allows authorities to track immigrants trying to cross the southern border, which privacy advocates say could lead to a vast “surveillance partnership” between the government and private corporations.

In an internal memo obtained by BuzzFeed News, the DHS’s top attorney, Chad Mizelle, outlined how ICE officials can look up locations and track cellphone data activity to make decisions on enforcement.

Mizelle also believes the agency can use the data without obtaining a warrant or violating the Fourth Amendment, which protects the public against unreasonable searches and seizures. That logic could lay the groundwork for the government to use the same data to track everyday Americans, raising red flags among privacy advocates.

Source: DHS Authorities Are Buying Moment-By-Moment Geolocation Cellphone Data To Track People

Folksam data breach leaks info of 1M Swedes to Google, Facebook, more

Folksam, one of the largest insurance companies in Sweden, today disclosed a data breach affecting around 1 million Swedes after sharing customers’ personal info with multiple technology giants.

The insurer discovered the data breach after an internal audit according and reported the incident to the Swedish Data Protection Authority.

The personal data shared by Folksam includes various types of info such as social security numbers or that an individual purchased union or pregnancy insurance.

Source: Folksam data breach leaks info of 1M Swedes to Google, Facebook, more

23,600 hacked databases have leaked from a defunct ‘data breach index’ site

Site archive of Cit0day.in has now leaked on two hacking forums after the service shut down in September.

Cit0day operated by collecting hacked databases and then providing access to usernames, emails, addresses, and even cleartext passwords to other hackers for a daily or monthly fee.

In total, 23,618 hacked databases were provided for download via the MEGA file-hosting portal. The link was live only for a few hours before being taken down following an abuse report. Dataset is estimated at around 50GB and 13 billion user records.

Source: 23,600 hacked databases have leaked from a defunct ‘data breach index’ site | ZDNet

Real estate company collected 5 million shoppers’ images

Cadillac Fairview – one of North America’s largest commercial real estate companies – embedded cameras inside their digital information kiosks at 12 shopping malls across Canada and used facial recognition technology without their customers’ knowledge or consent, an investigation by the federal, Alberta and BC Privacy Commissioners has found.

The goal, the company said, was to analyze the age and gender of shoppers and not to identify individuals. Cadillac Fairview also asserted that shoppers were made aware of the activity via decals it had placed on shopping mall entry doors that referred to their privacy policy – a measure the Commissioners determined was insufficient.

Source: News release: Cadillac Fairview collected 5 million shoppers’ images – Office of the Privacy Commissioner of Canada

Experian vows to drag UK’s Information Commissioner’s Office to court after being told off for data-slurping practices

Experian has been rapped over the knuckles by the UK’s Information Commissioner’s Office (ICO) after it discovered the credit reference agency was trading “millions” of people’s data for marketing purposes.

Instead of issuing a monetary fine, however, the data regulator wrapped up a two-year probe yesterday by merely insisting Experian tweaks its online privacy policies and informs consumers it acquired data about them.

In an aggressive response, Experian chief exec Brian Cassin claimed the ICO enforcement notice against his employer “risks damaging the services that help consumers, thousands of small businesses and charities, particularly as they try to recover from the COVID-19 crisis.”

Source: Experian vows to drag UK’s Information Commissioner’s Office to court after being told off for data-slurping practices • The Register

EU data transfer laws might destroy Transatlantic commerce

Data privacy decisions from Europe this summer may have a large impact Transatlantic commerce.

In fact, if the U.S. and the EU don’t find a way to overcome the sudden hurdles placed in front of Transatlantic commerce, billions of dollars in trade are in jeopardy. Whether Congress takes the easy way, or trade representatives and courts are compelled to take the hard way, the cost of not seeking a resolution to this uncertainty is enormous.

Full article: EU data transfer laws might destroy Transatlantic commerce | TheHill

>