Private Domain

Privacy, personalized.

The US wants to collect DNA from immigrant detainees for a federal criminal database

Nicole Narea, writing for Vox »

The Trump administration plans to vastly expand a program to collect DNA information from migrants in detention and enter it in a database designed to identify criminal suspects, under an upcoming rule from the Department of Justice.

Administration officials say the DNA tests are necessary to determine whether adult migrants and the children they travel with are genetically proven to be a family. They also say the testing is needed to enforce a 2005 law requiring DNA samples be taken from people in federal custody.

More » NY Times, The Verge, Gizmodo, Axios

Facebook privacy investigation leads to tens of thousands of app suspensions

Nicole Lindsey at CPO Magazine writes »

As part of its ongoing privacy investigation into the way third-party app developers use data, Facebook announced in a blog post that it has suspended “tens of thousands” of apps. Such a wide-scale app suspension initiative, of course, is entirely unprecedented. Just 12 months earlier, Facebook said that the app suspension initiative, which was launched in the wake of the Cambridge Analytica data scandal, had only impacted 400 apps. So what led to this massive app suspension by Facebook over the past year?

European Court of Justice » Active consent is required for tracking cookies

Natasha Lomas at TechCrunch writes »

Europe’s top court has ruled that pre-checked consent boxes for dropping cookies are not legally valid.

Consent must be obtained prior to storing or accessing non-essential cookies, such as tracking cookies for targeted advertising. Consent cannot be implied or assumed.

AFP via SecurityWeek »

Online companies in the EU can no longer present internet users with a pre-checked box telling them cookies will be planted on their smartphone or computer if they don’t deselect the option, under a ruling issued Tuesday.

The decision by the European Court of Justice means that users need to give “active consent” — rather than opt-out of an automatic default that would otherwise plant cookies in their device’s system.

Google Street View is largely unavailable in Germany or Austria due to privacy concerns

Frank Jacobs at Big Think writes »

It’s because Germans are famously jealous of their privacy – an attitude that also resonates with their culturally close neighbors in Austria. But it all depends on what you mean by “privacy.” For example, Germans are not that private about their private parts.

While public nudity is a big no-no in the United States for example, Germany has a long tradition with what is known as FKK – short for Freikörperkultur, or “Free Body Culture.” Certain beaches and areas of city parks are dedicated to nude sunbathing, and even Nacktwanderung (“nude rambling”) is a thing.

On the other hand, Germans are extremely possessive of their personal data — and are shocked by the readiness with which Americans (and others) share their names, addresses, friends’ lists, and purchase histories online.

According to research presented in the Harvard Business Review, the average German is willing to pay as much as $184 to protect their personal health data. For the average Brit, the privacy of that information is only worth $59. For Americans and Chinese, that value declines to single-digit figures.

Why? Because Germans carry the trauma of not one, but two totalitarian systems in their recent past: the fascist Third Reich, and communist East Germany.

Read more »

New US online privacy legislation unlikely this year

Reuters writes »

A U.S. online privacy bill is not likely to come before Congress this year, three sources said, as lawmakers disagree over issues like whether the bill should preempt state rules, forcing companies to deal with much stricter legislation in California that goes into effect on Jan. 1.

Read more »

DoorDash data breach compromised 5 million people

Users who joined DoorDash before April 5, 2018 had their name, email, delivery addresses, order history, phone numbers, banking, and credit card details stolen. The breach happened May 4, but the company didn’t reveal why it took them 5 months to discover the breach.

DoorDash would have you believe they are the victim, and blamed an unnamed subcontractor, but shoddy security practices yet again appear to be the root cause, leaving the door wide open for enterprising cybercriminals.

DoorDash, a food delivery company, operates in 4,000 cities, including 92 markets scattered across every Canadian province.

Zack Whittaker at TechCrunch writes »

The news comes almost exactly a year after DoorDash customers complained that their accounts had been hacked. The company at the time denied a data breach and claimed attackers were running credential stuffing attacks, in which hackers take lists of stolen usernames and passwords and try them on other sites that use the same passwords. But many of the customers we spoke to said their passwords were unique to DoorDash, ruling out such an attack.

There’s an important difference with this hack that Cory Doctorow at Boing Boing notes »

Doordash, by its nature, includes the home addresses of people who otherwise avoid disclosing where they live.

People at risk from doxing, swatting, stalking, and other forms of privacy invasion take great pains to keep their home addresses secret, such as renting private mailboxes and having all correspondence and deliveries sent to those addresses.

More » DoorDash, Ars Technica, The Next Web, Android Police, Security Affairs, Security Week, Business Insider, CBC

Amazon’s favourite new word is ‘Privacy,’ but do they know what it means?

Amazon today rolled out a marathon of products at its fall 2019 devices event. Privacy was mentioned throughout the presentation. Amazon is acutely aware that a large segment of consumers are troubled by Amazon’s personal invasions and lack of transparency.

Dell Cameron at Gizmodo writes »

Today, so-called “privacy” policies are little more than legal disclosures vaguely articulating the numerous ways in which companies, like Amazon, intend to track their customers and gather their personal information

If privacy is dead, we can thank Amazon (among plenty of other companies, of course) for helping arrange its demise.

and »

An in-depth investigation by Bloomberg in April revealed that thousands of human beings were listening to recordings of Alexa users in an attempt to improve its performance. Naturally, the company hid this from everyone, burying the language about it deep in its service terms—which, let’s be honest, no has the time to read.

The company fessed up but also attempted to downplay the invasion…

and »

Privacy advocates have basically given up on Amazon, believing that its promises about protecting its customers are too little and too late. Evan Greer, deputy director of digital rights group Fight for the Future, said in a statement that the company simply cannot be trusted.

“Amazon claims ‘customers control their data’ yet they had plans for 911 calls to trigger all Ring cameras in the surrounding neighborhood to wake up and start recording,” she said. “This is what Amazon does. They make empty statements to sell their products and then continue to build a for-profit, surveillance dragnet without oversight and accountability.”

Read the whole article at Gizmodo »

NYT shows how to make the most of Apple’s privacy tools in iOS 13

Well… it’s not perfect.

Brian X. Chen at The NY Times »

When you use it to register for a website or app, iOS 13 will present you with an option to hide your email address that is linked to your Apple ID. If you choose to use it, Apple will create what is essentially a burner email address so that you can sign up for the app or website while hiding your real email address from the third party.

and »

This is a brute-force approach to shutting out robocallers, which makes it imperfect. When I tested this feature, I blocked six spam calls — but also missed several important work-related calls from people who were not yet in my address book.

and »

In the past, when opening a newly downloaded app that wanted access to your location, you had the option of always sharing location data, sharing it only when the app was in use or never sharing location. Now when you open an app that is asking for your location, you can tap “Allow Once.”

If you tap it, you are explicitly giving the app permission to share your location that one time. That eliminates the app’s ability to continue pulling your location data in the background when you are not using it.

and »

When you take photos, the camera records metadata by default, including where the photo was taken. Photo apps use this feature to automatically organize your photo albums by place. But if you share an image containing location metadata on social media or in messages, you could give away sensitive information like where you live or work.

With iOS 13, you can strip metadata from a photo before sharing it.

Read the whole article for more explanation » with Warp is here with WARP 3.0 makes your Internet more private and safer. It hardens your connection and snoopers will be less likely to see what you do on the Internet.

Download and start using WARP on your Android or iOS devices for free. If you already have the App on your device, you may need to update to the latest version to enable Warp.

» More details from Cloudflare »

More at MacObserver, XDA-Developers, Cloudflare (again), 9to5Mac

Top European court rules ‘Right to be forgotten’ does not apply outside Europe

This is a victory for free speech and the free press outside of Europe, but not for privacy.

Leo Kelion at the BBC writes »

The EU’s top court has ruled that Google does not have to apply the right to be forgotten globally.

It means the firm only needs to remove links from its search results in Europe – and not elsewhere – after receiving an appropriate request.

More at The Guardian, ZDNet, CNET, NYTimes, Thurrott, Axios, TechCrunch

« Older posts

© 2019 Private Domain

Theme by Anders NorenUp ↑