gdpr

A deep dive into stalkerware's creepy marketing, illegal privacy invasions, and terrible security

Stalkerware -- spyware sold to people as a means of keeping tabs on their romantic partners, kids, employees, etc -- is a dumpster fire of terrible security (compounded by absentee management), sleazy business practices, and gross marketing targeted at abusive men who want to spy on women. Read the rest

Snap employees used the company's internal 'SnapLion' tool to access Snapchat user data

Abuse happened at Snapchat a "few times," staff tells Motherboard

Facebook hands hundreds of contractors in India access to its users' private messages and private Instagram posts in order to help train an AI

Facebook gave "as many as" 260 contractors at Wipro, Ltd in Hyderabad, India access to users' private messages and private Instagram posts so that the contractors could label them prior to their inclusion in an AI training-data set. Read the rest

Ireland sits idly by as GDPR goes unenforced

Politico shares an investigation into why the GDPR's lead regulator Ireland has failed to bring a single enforcement action against the big tech companies it is supposed to watchdog.

Politico:

Last May, Europe imposed new data privacy guidelines that carry the hopes of hundreds of millions of people around the world — including in the United States — to rein in abuses by big tech companies.

Almost a year later, it’s apparent that the new rules have a significant loophole: The designated lead regulator — the tiny nation of Ireland — has yet to bring an enforcement action against a big tech firm.

That’s not entirely surprising. Despite its vows to beef up its threadbare regulatory apparatus, Ireland has a long history of catering to the very companies it is supposed to oversee, having wooed top Silicon Valley firms to the Emerald Isle with promises of low taxes, open access to top officials, and help securing funds to build glittering new headquarters.

Now, data-privacy experts and regulators in other countries alike are questioning Ireland’s commitment to policing imminent privacy concerns like Facebook’s reintroduction of facial recognition software and data sharing with its recently purchased subsidiary WhatsApp, and Google’s sharing of information across its burgeoning number of platforms.

(Thanks, Antoin!) Read the rest

EU’s Parliament signs off on disastrous internet law: what happens next?

In a stunning rejection of the will five million online petitioners, and over 100,000 protestors this weekend, the European Parliament has abandoned common-sense and the advice of academics, technologists, and UN human rights experts, and approved the Copyright in the Digital Single Market Directive in its entirety. Read the rest

Mobile apps built with Facebook's SDK secretly shovel mountains of personal information into the Zuckermouth

If you need to build an app quickly and easily, you might decide to use Facebook's SDK, which has lots of bells and whistles, including easy integration of Facebook ads in your app's UI. Read the rest

Germany just deleted Facebook

Germany's Federal Cartel Office (Bundeskartellamt, the country's antitrust regulator) has ruled that Facebook can't combine user data aggregated from different sources (Facebook usage data, data from pages with Facebook Like buttons, data purchased from third parties, etc), because users can't reasonably anticipate the way these different datastreams might be combined, nor the kinds of inferences that could be gleaned thereby. Read the rest

How Facebook tracks Android users, even those without Facebook accounts

Facebook provides a suite of turnkey app-building tools for Android that are widely used among the most popular Google Play apps, with billions of combined installs; naturally, these tools create incredibly data-hungry defaults in the apps that incorporate them, so that even before you do anything with an app, it has already snaffled up a titanic amount of data, tied it into your Google Ad ID (which is recycled by Facebook to join up data from different sources) and sent it to Facebook. Read the rest

"Owning your data" will not save you from data capitalism

The fight against surveillance capitalism and mass state surveillance has reached a tipping point, the peak-indifference moment, when new privacy advocates are self-radicalizing as they witness firsthand the undeniable risks of overcollection, over-retention, and secret manipulation of personal data. Read the rest

Facebook gave third party developers access to 6.8 million users' private photos

Facebook has notified 6.8 million users that, due to a bug, the company allowed its third-party developers to access all the users' photos, including those marked as private. Read the rest

The EU can #fixcopyright, but they're not

The European Union's new Copyright Directive contains two hugely controversial, poorly drafted and dangerous clauses: Article 11, which limits who can link to news articles and under which circumstances (and also bans Creative Commons licenses); and Article 13, which mandates that all platforms for public communications surveil all user posts and censor anything that matches (or partially matches) a crowdsourced, unaccountable database of allegedly copyrighted works. Read the rest

Britons! Tell the UK government that the compulsory porn-viewing logs need compulsory privacy standards

The British government has decreed that adult sites must collect age-verification data on everyone who looks at material rated for 18-and-over viewing; this amounts to a database of the porn-viewing habits of every adult in the UK. Read the rest

EU Parliament demands Facebook audit after breach hits 87 million users

MEPs in European Parliament want Facebook to submit to a full audit by European Union bodies to determine whether the U.S. based social media company adequately protects users’ personal data. The demand made in the form of an EU resolution adopted Thursday, October 25, 2018, follows the company's recent breach scandal, in which data belonging to 87 million Facebook users around the world were improperly obtained and misused. Read the rest

Deleting Facebook is not enough: without antitrust, the company will be our lives' "operating system"

Facebook is the poster-child for the techlash, the worst offender in the monopolistic bunch, and recent books like Antisocial Media: How Facebook Disconnects Us and Undermines Democracy by Siva Vaidhyanathan (previously) and Ten Arguments for Deleting Your Social Media Accounts Right Now by Jaron Lanier present variations on the main critiques of Facebook with some prescriptions for what to do about it. Read the rest

GDPR: Good for privacy, even better for Google's dominance

The European Union's General Data Protection Regulation is a gnarly hairball of regulation; on the one hand, it makes it virtually impossible to collect mountains of data and buy/sell/trade/mine it to a corporation's heart's content; on the other hand, it imposes a ton of expensive compliance steps on its targets like high-cost record-keeping, and it apportions liability to website operators whose advertisers are out of compliance with the regulation. Read the rest

App for UK Conservative Party conference exposes all attendees' private info

The UK Conservative Party's annual conference is about to kick off in Birmingham, and the Tories have distributed an app ahead of time to all attendees: senior ministers, government officials, members of the press, party members, and others. Read the rest

Google, Amazon, Twitter, other Big Tech to Congress: New California data privacy rules too tough

Executives from Google, Twitter, AT&T, Amazon, Apple, and other big tech companies told a U.S. Senate panel today they support updating federal law to protect data privacy, but they want Congress to block California's tough new privacy rules. Read the rest

Next page

:)