Category: Surveillance & Privacy

When then-prime minister Malcolm Turnbull called for heads to roll after the 2016 census was pulled offline – amid fears IBM’s data servers hosting the survey had been infiltrated – the American enterprise technology giant made an important decision. IBM ran most of the big mainframe systems that had powered core government functions for several decades, earning it billions of dollars a year in fees and making the Australian government one of its top global clients. No census data was…

(Washington, DC) – President Andrés Manuel López Obrador and legislators from his party have effectively paralyzed the country’s independent transparency and data protection agency by blocking nominations to fill vacant seats on its board, Human Rights Watch said today. The Senate should move swiftly to fill the three vacant seats. The National Institute for Transparency, Access to Information, and Data Protection (INAI) is the independent agency charged with enforcing transparency and data protection rules in Mexico. It has played an…

Most of us wouldn’t argue that private companies can’t run their businesses the way they prefer. The gold standard has been the right to refuse service to anyone — something that covers everything from refusing paper checks from certain customers to booting people off social media services for refusing to stop behaving like inveterate assholes. When private companies do things, they rarely mess with constitutional protections. There are guardrails in place to prevent discrimination against minorities and other historically oppressed…

LONDON – Meta on Monday was fined a record 1.2 billion euros (S$1.75 billion) and ordered to stop transferring data collected from Facebook users in Europe to the United States, in a major ruling against the social media giant for violating European Union (EU) data protection rules. The penalty, which eclipses a 746 million euro EU fine previously doled out to Amazon.com, was announced by Ireland’s Data Protection Commission. It is potentially one of the most consequential in the five…

Adam Kovacevich is the CEO and founder of a center-left tech industry coalition called Chamber of Progress and has worked at the intersection of tech and politics for 20 years, leading public policy at Google and Lime and serving as a Democratic Hill aide. When the Biden administration proposed new protections earlier this month to prevent law enforcement from demanding reproductive healthcare data from companies, they took a critical first step in protecting our personal data. But there remains a…

  Corruption Ledger editorial note: Privacy technology and strategies have the ability to help all oppressed people, whether male, female, underprivileged or targeted by corrupt corporate or government establishments. Here’s one case in point. TEGUCIGALPA, Honduras (AP) — Inside a little wooden house among the pine and oak forests of western Honduras’ coffee-growing mountains, a woman opened a tiny package of pills, delivered to a nearby town. She didn’t know it, but the medication had more than likely entered the…

  It turns out that if you fire basically all of the competent trust & safety people at your website, you end up with a site that is neither trustworthy, nor safe. We’ve spent months covering ways in which you cannot trust anything from Twitter or Elon Musk, and there have been some indications of real safety problems on the site, but it’s been getting worse lately, with two somewhat terrifying stories that show just how unsafe the site has…

Apple’s App Store team prevented more than $2 billion in transactions tagged as potentially fraudulent and blocked almost 1.7 million app submissions for privacy, security, and content policy violations in 2022. As part of its ongoing efforts to fend off account fraud, the company also terminated 428,000 developer accounts for potentially fraudulent activity, deactivated 282 million fraudulent customer accounts, and blocked 105 million developer account creations for suspected fraudulent activities. The App Store team also protected Apple users from hundreds of…

  One of the largest pharmacy service providers in the United States has confirmed that hackers accessed the personal data of almost six million patients. PharMerica operates over 2,500 facilities across the U.S. and offers more than 3,100 pharmacy and healthcare programs. In a data breach notification filed with Maine’s attorney general, PharMerica said it learned of suspicious activity on its computer network on March 14. An internal investigation revealed that an “unknown third party” accessed its systems days earlier…

PARIS – The traces of genetic material that humans constantly shed wherever they go could soon be used to track individual people, or even whole ethnic groups, scientists said on Monday, warning of a looming “ethical quagmire”.

A recently developed technique can glean a huge amount of information from tiny samples of genetic material called environmental DNA, or eDNA, that humans and animals leave behind everywhere – including in the air.

The tool could lead to a range of medical and scientific advances, and could even help track down criminals, according to the authors of a new study published in the journal Nature Ecology & Evolution.

But it also poses a vast range of concerns around consent, privacy and surveillance, they added.

Pharmacy services provider PharMerica has disclosed a massive data breach impacting over 5.8 million patients, exposing their medical data to hackers.

PharMerica is a pharmacy services provider in 50 U.S. states, operating 180 local and 70,000 backup pharmacies, and serving 3,100 medical facilities nationwide.

According to a data breach notification submitted to the Office of the Maine Attorney General, hackers breached PharMerica’s system on March 12th, 2023, stealing the full names, addresses, dates of birth, social security numbers (SSNs), medications, and health insurance information of 5,815,591 people.

The firm discovered the intrusion on March 14th, 2023, and its investigation determined on March 21st that client data had been stolen. However, notices of a data breach were sent to impacted individuals only last Friday, May 12th, 2023.

airBaltic, Latvia’s flag carrier has acknowledged that a ‘technical error’ exposed reservation details of some of its passengers to other airBaltic passengers. Passengers also reported receiving unexpected emails which addressed them by the name of another customer. The Riga-based airline, incorporated as AS Air Baltic Corporation operates flights to 80 destinations and is 97% government-owned. Although the air carrier says the leak impacts a small percentage of its customers and that no financial or payment data was exposed, the airline has…

WASHINGTON (AP) — China was the biggest global jailer of journalists last year with more than 100 behind bars, according to a press freedom group, as President Xi Jinping’s government tightened control over society. Xi’s government also was one of the biggest exporters of propaganda content, according to Reporters without Boarders. China ranked second to last on the group’s annual index of press freedom, behind only neighbor North Korea. The ruling Communist Party has tightened already strict controls on media…

The European Union’s top court has handed down a couple of notable rulings today in the arena of data protection. One (Case C-300/21) deals with compensation for breaches of the bloc’s General Data Protection Regulation (GDPR); and the second (Case C-487/21) clarifies the nature of information that individuals exercising GDPR rights to obtain a copy of data held on them should expect to receive. Read on for a summary of the judgements and some potential implications. No automatic right to…

The U.S. Federal Trade Commission is alleging Facebook “repeatedly violated its privacy promises” and is proposing a “blanket prohibition” on parent company Meta’s monetization of data of users under 18. The company, meanwhile, called the move “a political stunt.” The FTC on Wednesday moved to expand its USD5 billion privacy order with then-Facebook from 2020, claiming the company failed to comply with the order and the Children’s Online Privacy Protection Act Rule, misrepresented access to private user data it provided…

In a class-action lawsuit filed March 16 by an Amazon Go customer, Amazon was accused of not properly notifying its New York Amazon Go store customers that it was tracking and collecting their biometric data.

Amazon Go stores are cashierless stores operated by Amazon, com that allow customers to enter the store, pick up the products they want, and walk out without having to wait in a checkout line or scan their items. The stores use a combination of computer vision, sensor fusion, and deep-learning technologies to detect which products customers take off the shelves and then charge their Amazon accounts accordingly.

According to the lawsuit, Amazon Go collects biometric data “by scanning the palms of some customers to identify them and by applying computer vision, deep learning algorithms, and sensor fusion that measure the shape and size of each customer’s body to identify customers, track where they move in the stores, and determine what they have purchased.”

There is reasonable concern that the biometric data allegedly collected by Amazon might find their way into federal databases, as Amazon also provides server space to the federal government.