fbpx

Download free GDPR compliance checklist!

Tag Archives for " Facebook "

Facebook Had Years to Fix the Flaw That Leaked 500M Users’ Data

The profile names, email addresses, and phone numbers of over 500 million Facebook users have been circulating publicly online for nearly a week. It took days for Facebook to finally acknowledge the root cause, an issue the company says it fixed in 2019. But now researchers are saying Facebook knew about similar vulnerabilities for years before that, and it could have made a far greater effort to prevent the mass scraping in the first place.

At issue is Facebook’s “content importer,” a feature that combs a user’s address book to find people they know who also use Facebook. Many social networks and communication apps offer some version of this as a sort of social lubricant. But Facebook’s contact import tool in particular has had a number of known problems, and supposed fixes, over the years.

Source: Facebook Had Years to Fix the Flaw That Leaked 500M Users’ Data | WIRED

Government puts Facebook under pressure to stop end-to-end encryption over child abuse risks

Home secretary Priti Patel uses a conference organised by the National Society for the Prevention of Cruelty to Children (NSPCC) to warn that end-to-end encryption will severely erode the ability of tech companies to police illegal content, including child abuse and terrorism.

The Home Office estimates that 12 million reports of potential child abuse could be lost if Facebook introduces end-to-end encryption on Facebook Messenger and Instagram, significantly increasing the risk of child exploitation or other serious harm.

End-to-end encryption is widely used by internet messaging services such as Signal, Telegram, email services including Protonmail and mailbox.org, and Facebook’s own WhatsApp messaging service, to protect the privacy of personal data and messages.

Source: Government puts Facebook under pressure to stop end-to-end encryption over child abuse risks

Facebook faces ‘mass action’ lawsuit in Europe over 2019 breach

Facebook is to be sued in Europe over the major leak of user data that dates back to 2019 but which only came to light recently after information on more than 533 million accounts was found posted for free download on a hacker forum.

Today Digital Rights Ireland (DRI) announced it’s commencing a “mass action” to sue Facebook, citing the right to monetary compensation for breaches of personal data that’s set out in the European Union’s General Data Protection Regulation (GDPR).

Source: Facebook faces ‘mass action’ lawsuit in Europe over 2019 breach | TechCrunch

German DPA investigates WhatsApp Terms of Use

The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) has brought proceedings against Facebook Ireland Ltd. which aims to issue an immediately executable order requesting not to collect any data from WhatsApp users to process it for their own purposes.

The case stems for WhatsApp’s new terms of use announced earlier this year. Terms of use contain extensive passages with which the service is granted the right to share user data with other Facebook companies. The HmbBfDI is responsible for Facebook in Germany, as the German branch of Facebook is based in Hamburg.

Source: Dringlichkeitsverfahren gegen Facebook

Irish DPC probes whether Facebook data leak falls under GDPR time frame

The Irish Data Protection Commission (DPC) is probing whether any of the data records of 533 million Facebook users published over the weekend were leaked after the implementation of the General Data Protection Regulation (GDPR).

A dataset, appearing to be sourced from Facebook, appeared on a hacking website containing records of 533 million individuals, including phone numbers and email addresses. The DPC said a significant number of users were European Union residents and much of the data appears to have been scraped from Facebook profiles.

These leaks were before the implementation of GDPR in May 2018 and therefore Facebook did not notify the DPC. However, the DPC is saying that there also “additional records” in the newly published dataset “which may be from a later period” and therefore under the scope of GDPR.

Source: Irish DPC probes whether Facebook data leak falls under GDPR time frame | News | GRC World Forums

Data on 533 million Facebook users leaked on hacking forum

A threat actor has published the phone numbers and account details for an estimated 533 million Facebook users —about a fifth of the entire social network’s user pool— on a publicly accessible cybercrime forum.

The leaked data includes information that users posted on their profiles. Information leaked today includes Facebook ID numbers, profile names, email addresses, location information, gender details, job data, and anything else users might have entered in their profiles.

Furthermore, the database also contains phone numbers for all users, information that is not always public for most profiles.

Source: Phone numbers for 533 million Facebook users leaked on hacking forum | The Record by Recorded Future

UK may force Facebook services to allow backdoor police access

UK Ministers are considering forcing Facebook to implement a backdoor to allow security agencies and police to read the contents of messages sent across its Messenger, WhatsApp and Instagram chat services.

“End-to-end encryption poses an unacceptable risk to user safety and society. It would prevent any access to messaging content and severely erode tech companies’ ability to tackle the most serious illegal content on their own platforms, including child abuse and terrorism,” they said.

Source: UK may force Facebook services to allow backdoor police access | Technology | The Guardian

Competition challenge to Facebook’s ‘superprofiling’ of users sparks referral to Europe’s top court

A German court that’s considering Facebook’s appeal against a pioneering pro-privacy order by the country’s competition authority to stop combining user data without consent has said it will refer questions to Europe’s top court.

The latest development means another long wait to see whether competition law innovation can achieve what the EU’s privacy regulators have so far failed to do — with multiple GDPR challenges against Facebook still sitting undecided on the desk of the Irish Data Protection Commission. Referrals to the EU’s Court of Justice can take years to return a final interpretation.

Source: Competition challenge to Facebook’s ‘superprofiling’ of users sparks referral to Europe’s top court | TechCrunch

Facebook Is Building An Instagram For Kids

Executives at Instagram are planning to build a version of the popular photo-sharing app that can be used by children under the age of 13, according to an internal company post obtained by BuzzFeed News.

Current Instagram policy forbids children under the age of 13 from using the service. The internal announcement comes two days after Instagram said it needs to do more to protect its youngest users.  The development of an Instagram product for kids follows the 2017 launch of Messenger Kids, a Facebook product aimed at children between the ages of 6 and 12.

Source: Facebook Is Building An Instagram For Kids

Schrems vs. Facebook: Dispute over advertising consent could soon end up before the ECJ

Max Schrems’ legal dispute with Facebook is entering the next round. The data protection activist has called the Supreme Court (OGH) and hopes that it will submit the questions he raised about data processing by Facebook to the European Court of Justice. The social media group thinks that users conclude a “contract” because they receive personalized advertising. That is why the General Data Protection Regulation (GDPR) is only applicable to a limited extent.

Schrems is convinced that the online giant violates the EU’s General Data Protection Regulation (GDPR) when handling its users’ data. However, the two Austrian courts involved in the matter up to now saw it differently. The civil regional court ruled in the summer that the data processing was in conformity with the contract and the law. The OLG also shared this view.

Now the case, which has already been pending in court since 2014 and which has landed before the Supreme Court twice without a result due to ambiguities about jurisdiction, is again at the local highest court.

Source: Schrems vs. Facebook: Dispute over advertising consent could soon end up before the ECJ – Netzpolitik – derStandard.at ›Web

1 2 3 47
>