Journalist's Resource published this great comic by Josh Neufeld, explaining the basic concepts behind differential privacy, the data collection method used to prevent bad actors from de-anonymizing the information gleaned from the 2020 Census.

The original source includes some other great resources on differential privacy, but since the comic itself is made available under a Creative Commons Attribution-NoDerivatives 4.0 International License, we've re-posted it here in full.

A brief introduction to differential privacy: A data protection plan for the 2020 census [Josh Neufeld / Journalist's Resource] Read the rest

Researchers at Carnegie Mellon have come up with this new IoT Assistant app (available for both iOS and Android) that will supposedly inform you about what Internet-connected smart devices are around you at any point in time, and what kind of information they might be collecting.

“Because of new laws like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), people need to be informed about what data is collected about them and they need to be given some choices over these processes,” says Professor Norman Sadeh, a CyLab faculty member in Carnegie Mellon’s Institute for Software Research and the principal investigator on the project. “We have built an infrastructure that enables owners of IoT technologies to comply with these laws, and an app that takes advantage of this infrastructure to empower people to find out about and control data collected by these technologies.”

I've downloaded the app myself, and I plan on adding my own smart home devices to their database, just to see what I can find. I don't know how well it will actually work, but I'm certainly intrigued by the idea.

New infrastructure will enhance privacy in today’s Internet of Things [Daniel Tkacik / CyLab, the Carnegie Mellon University Security and Privacy Institute] Read the rest

The DEA is suing states for warrantless access to millions of individuals' medical records, so they can inflict more misery on people in chronic pain or other legitimate needs for controlled substances.

Daily Beast:

In his 2014 ruling against the DEA, District Court Judge Ancer L. Haggerty called warrantless searches of such data an egregious invasion of privacy.

“It is difficult to conceive of information that is... more deserving of Fourth Amendment protection,” Haggerty said. “By obtaining the prescription records for individuals like John Does 2 and 4, a person would know that they have used testosterone in particular quantities and by extension, that they have gender identity disorder and are treating it through hormone therapy.

“Although there is not an absolute right to privacy in prescription information... it is more than reasonable for patients to believe that law enforcement agencies will not have unfettered access to their records,” he added.

The Obama administration disagrees, and argues that since the records have already been submitted to a third party (Oregon’s PDMP) that patients no longer enjoy an expectation of privacy.