Lao Dongyan is a professor specializing in Criminal Law at Tsinghua University; on Oct 31, she posted a long, thoughtful piece to their public Wechat account about the announcement that Beijing's metro system will soon deploy facial recognition to "improve efficiency of passenger traffic." Prof Lao makes a smart, thorough argument against this, drawing on both China's rule of law, international privacy norms, and lack of meaningful consent. Read the rest

Yesterday Bytedance, the company that acquired the tween-centric app Musica.ly and relaunched it as Tiktok, was been sued by a parents' group for violating the Children's Online Privacy Protection Act by gathering, storing, and selling private information about their children. Today, they settled the case on terms that have not been disclosed. Read the rest

Reps Anna Eshoo [D-CA] and Zoe Lofgren [D-CA] have introduced HR 4978, the "Online Privacy Act," which is a comprehensive set of federal rules for privacy, interoperability, and protection from algorithmic discrimination and manipulation. Read the rest

Chrome's incognito mode is useful if you don't want your browsing history saved to your account, don't want websites to access your cookies, or if you want to troubleshoot your browser. But it doesn't do much to protect your privacy. Your ISP can see what websites you visit, and services like Twitter can figure out who you are even without cookies.

From Tech Talks:

The easiest way for web applications to track users is to use cookies. But it is not the only way they can track you. Other bits of information can point to your device. For instance, I’ve seen some users use the Incognito window to browse Twitter, thinking that it will preserve their privacy and hide their identity. The premise is, since Incognito doesn’t carry over their browser cookies, Twitter won’t be able to associate their activity to their account.

But Twitter also keeps track of IP address, device type, device ID and browser type and version. Technically, it will be able to use all those factors to link your activity to your account. Facebook goes further and even tracks your activity across other websites when you’re not logged in to your account.

EFF's Behind the One-Way Mirror: A Deep Dive Into the Technology of Corporate Surveillance is a long, comprehensive look at corporate tracking, particularly invisible, third-party tracking, as with ad-networks, license-plate readers and facial recognition. Read the rest

In a decision released late Tuesday night, a federal judge ruled that up to 29 million Facebook users whose personal info was stolen in a September 2018 data breach are not entitled to sue Facebook as a group for damages -- but the users may be entitled to demand better personal data security at Facebook. Read the rest

China-based technology company ByteDance is on a charm offensive, reports Reuters, ramping up efforts to distance its popular social app TikTok from the rest of its Chinese operations. Read the rest

Back in September, a Congressional committee investigating anticompetitive conduct by America's tech giants sent a letter to Apple (among other Big Tech firms) asking it for details of business practices that seem nakedly anticompetitive; Apple's response seeks to justify much of that conduct by saying that it is essential to protecting its users' privacy. Read the rest

As with last year, the Mozilla Foundation's privacy researchers have produced a guide to electronic gifts called "Privacy Not Included," which rates gadgets on a "creepiness" scale, with devices like the Sonos One SL dumb "smart speaker" (Sonos ripped out all the junk that isn't about playing music) getting top marks, and Ring Security Cams, Nest Cams, Amazon Echos, and other cam/mic-equipped gadgets coming in as "Super Creepy!" (the exclamation point is part of the rating). Read the rest

It's not just Florida: Motherboard sent public records requests to DMVs across America and found that they were routinely selling off access to drivers' license databases to some of the sweatiest, sketchiest companies and individuals, on the cheap, and doing so much of it that they're making millions (California's DMV makes $50m/year selling off driver's license data). Read the rest

No one knows who owns the Google Cloud drive that exposed 1.2 billion user records, seemingly merged from data-brokers like People Data Labs and Oxydata, who may have simply sold the data to a customer that performed the merge operation and then stuck the resulting files on an unprotected server, which was discovered in October by researcher Vinny Troia using Binaryedge and Shodan. Read the rest

Today, the Electronic Frontier Foundation launched About Face, a new national campaign to end governmental use of facial recognition technology for surveillance at all levels -- city, state and federal. Read the rest

T-Mobile today admitted that a recent "criminal hack" accessed personal data of some prepaid wireless customers' accounts. Read the rest

Consumer Reports' Digital Lab does groundbreaking privacy research: they're hiring for eight positions including technologists ("resident hacker," "digital standard manager," "information security researcher," "program manager, security and testing," and "privacy testing project leader"); journalists ("digital content manager"); policy and comms ("senior researcher, digital competition" and "associate director, strategic communications — technology and privacy"). Most of the positions are NYC or SF or DC based, several allow for remote workers. (Thanks, Ben)!) Read the rest

[Rosemary Frei is an independent journalist who broke the story that Google's Sidewalk Labs had quietly sewn up the rights to turn most of Toronto's lakeshore into a surveilling "smart city" (Google/Sidewalk lied about this at first, were cornered, admitted it, and rolled back the plan). Now she's back with a report on last night's "Public Update on Quayside" meeting, where any hope anyone nursed that Google would be pursuing humane urbanism, rather than surveillance and extraction, were firmly dashed. -Cory]

At Waterfront Toronto’s first meeting for the public after its board of directors voted Oct. 31 to continue negotiating with Sidewalk Labs on the parameters of a 12-acre surveillance district, officials from the public agency made it clear they’re already wedded to the Google sister company.

The hundreds of attendees of last night’s ‘Public Update on Quayside’ were each given a package that included a copy of an Oct. 29 letter from Waterfront Toronto President and CEO George Zegarac to Sidewalk Labs’s Chief Development Officer Josh Sirefman. Zegarac lays out in the letter how the two bodies will work closely together -- with Waterfront Toronto taking the lead in on such things as negotiations with all three levels of government – to "develop an ‘Innovation Plan’ to advance and achieve Waterfront Toronto’s priority outcomes." Based on this newly arrived at ‘realignment of Master Innovation and Development Plan threshold issues,’ Waterfront Toronto’s final decision on whether to proceed with the plan will be taken by its board by March 31, 2020. Read the rest

A Pew Study found that 60% of Americans believe that they are being continuously tracked by companies and the government, 69% mistrust the companies doing the tracking, 80% believe that advertisers and social media sites are collecting worrisome data, 79% think the companies lie about breaches, and 80% believe that nothing they do will make a difference. Read the rest

An Australian woman's creepy, violent ex-boyfriend hacked her phone using stalkerware, then used that, along with her car's VIN number, to hack the remote control app for her car (possibly Landrover's Incontrol app), which allowed him to track her location, stop and start her car, and adjust the car's temperature. Read the rest