Facebook Had Years to Fix the Flaw That Leaked 500M Users’ Data

Facebook Had Years to Fix the Flaw That Leaked 500M Users’ Data

That incident differs from the more recent Facebook controversy, in which attackers were able to "scrape” Facebook by enumerating batches of possible phone numbers from more than 100 countries, submitting them to the contact import tool, and manipulating it to return the names, Facebook IDs, and other data users had posted on their profiles.

What the Great Personal Data Leak of 2021 tells us about Facebook, the GDPR, and privacy

What the Great Personal Data Leak of 2021 tells us about Facebook, the GDPR, and privacy

The fact that personal details of dozens of EU officials are among the latest leak may help to concentrate minds at the DPC.

Dual-use digital surveillance technologies finally get regulated – a little

Dual-use digital surveillance technologies finally get regulated – a little

“Out of Control: Failing EU Laws for Digital Surveillance Export”, noted that “The current European Union export regulation framework fails to protect human rights.” The document provides a good introduction to the region’s digital surveillance exports, and how these tools are already being abused, notably by the Chinese authorities in Xinjiang.

EU police spy on 70,000 encrypted phones

EU police spy on 70,000 encrypted phones

Police agencies were able to monitor the encrypted communications of about 70,000 people in a second major hack by European law enforcement in the last year.Sky ECC has rejected the claim its app has been unlocked by European agencies and said it was cloned devices running a fake application that were hacked.

Apple Now Rejecting App Updates That Defy iOS 14.5 App Tracking Transparency Rules

Apple Now Rejecting App Updates That Defy iOS 14.5 App Tracking Transparency Rules

Apple has begun rejecting app updates that do not comply with the App Tracking Transparency rules that the company is enforcing starting with iOS 14.5, according to a new report from Forbes.

PayPal will let United States users pay with Bitcoin, Ethereum and Litecoin

PayPal will let United States users pay with Bitcoin, Ethereum and Litecoin

After rolling out the ability for US users to directly buy and sell cryptocurrency directly from their accounts last November, PayPal’s new “Checkout with Crypto” allows users to instantly convert their Bitcoin, Ethereum, Litecoin, or Bitcoin Cash to US dollars that PayPal then uses to complete the transaction.However, you can only use one type of cryptocurrency for each purchase you make.

Telegram Raises $1Bln, With Russian Direct Investment Fund Buying Bonds

Telegram Raises $1Bln, With Russian Direct Investment Fund Buying Bonds

Telegram has sold more than $1 billion in bonds to international investors, founder Pavel Durov announced Tuesday — with Russia’s state-run Direct Investment Fund (RDIF) now among the firm's backers.RDIF did not take part in the initial bond auction, a Telegram representative told The Moscow Times.

EU nations’ attempt to water down privacy protections could increase tension with US over personal data flows across the Atlantic

EU nations’ attempt to water down privacy protections could increase tension with US over personal data flows across the Atlantic

On 6 October 2020, the EU’s highest court, the Court of Justice of the European Union (CJEU), issued its judgments for three related cases: the Court of Justice of the European Union ruled that mass data retention and collection practices for national security purposes undertaken by member states, must comply with EU law, and therefore have to be subjected to its privacy safeguards.

Judge rules that California can continue with its net neutrality law

Judge rules that California can continue with its net neutrality law

“Today’s federal court ruling allowing California to enforce our net neutrality law is a huge victory for open access to the Internet, our democracy, and our economy.

TikTok hit with consumer law breaches complaints across Europe

TikTok hit with consumer law breaches complaints across Europe

It said the company’s virtual item policy where users can purchase coins to use for virtual gifts for TikTok celebrities whose performance they like, contains unfair terms and misleading practices.“TikTok fails to protect children and teenagers from hidden advertising and potentially harmful content on its platform,” BEUC said.

10 SIM Swappers Arrested for Stealing $100M in Crypto from Celebrities

10 SIM Swappers Arrested for Stealing $100M in Crypto from Celebrities

Ten people belonging to a criminal network have been arrested in connection with a series of SIM-swapping attacks that resulted in the theft of more than $100 million by hijacking the mobile phone accounts of high-profile individuals in the U.S. The Europol-coordinated year-long investigation was jointly conducted by law enforcement authorities from the U.K., U.S., Belgium, Malta, and Canada.

EU privacy agency urges more safeguards to curb U.S. tech giants

EU privacy agency urges more safeguards to curb U.S. tech giants

DMA fines can be as much as 10% of global turnover and 6% for DSA breaches.“The EDPS welcomes the (DMA) proposal, as it seeks to promote fair and open markets and the fair processing of personal data,” the EU watchdog, which ensures that EU institutions comply with the bloc’s privacy rules, said in an opinion.

Facebook and Instagram Link Previews Would Break EU Privacy Law, Say Security Researchers

Facebook and Instagram Link Previews Would Break EU Privacy Law, Say Security Researchers

A follow-up report by security researchers Talal Haj Bakry and Tommy Mysk has alleged that Facebook Messenger and Instagram are collecting and using data from link previews in a way that would breach European privacy law.

It's time for Europe to take private data from the hands of powerful tech monopolies and give it back to the people

It's time for Europe to take private data from the hands of powerful tech monopolies and give it back to the people

In it I described the danger that a platform like Google poses for the individual rights of citizens, for pluralist competition, and for freedom of expression when it remains unchecked by regulations.

EU Parliament under fire over ‘illegal US data transfers’ from COVID website

EU Parliament under fire over ‘illegal US data transfers’ from COVID website

European Parliament services are coming under pressure from a group of lawmakers working with privacy activist Max Schrems over allegations that the institution’s coronavirus test management website is illegally siphoning data to US-based firms.

Is the GDPR finally going to get some teeth?

Is the GDPR finally going to get some teeth?

The Irish DPC finds itself in this position because of the way that the GDPR works: when there are privacy problems, the cases are brought by the data protection authority of the EU nation in which the company concerned is based.

Europol and the European Commission inaugurate new decryption platform to tackle the challenge of encrypted material for law enforcement investigations

Europol and the European Commission inaugurate new decryption platform to tackle the challenge of encrypted material for law enforcement investigations

This week Europol launched an innovative decryption platform, developed in close cooperation with the European Commission's Joint Research Centre.The new Europol Decryption Platform, funded by the European Commission, will allow us to further enhance our support for Member State investigations.

New report shows Google tracks 80% of the Web, with Amazon likely to overtake Facebook as second-worst privacy threat

New report shows Google tracks 80% of the Web, with Amazon likely to overtake Facebook as second-worst privacy threat

The contrast is stark when comparing to our 2017 Tracking the Trackers study which found Google to have a 64.4% reach on US sites.In the EU, Google trackers exist on 87.5% of Web sites compared to 86.4% in the US.

French watchdog fines Google, Amazon for breaching cookies rules

French watchdog fines Google, Amazon for breaching cookies rules

PARIS (Reuters) - France’s data privacy watchdog has handed out its biggest ever fine of 100 million euros ($121 million) to Alphabet’s Google for breaching the country’s rules on online advertising trackers (cookies).

How privacy activists are fighting on multiple fronts to strengthen EU privacy laws that will have a global impact

How privacy activists are fighting on multiple fronts to strengthen EU privacy laws that will have a global impact

This is similar to a case that Privacy News Online wrote about last year, where the CJEU ruled that pre-ticked boxes for cookies are not valid for consent .

Europe is adopting stricter rules on surveillance tech

Europe is adopting stricter rules on surveillance tech

The European Union has agreed to stricter rules on the sale and export of cyber-surveillance technologies like facial recognition and spyware.

EU continues to push for lawful access (aka backdoors) to end-to-end encrypted data

EU continues to push for lawful access (aka backdoors) to end-to-end encrypted data

A leaked draft resolution from the Council of the European Union highlights that the government is planning to crack down on the end-to-end (e2e) encryption used by messaging apps such as Signal and WhatsApp. What the EU is calling for is a “balance” between regular encryption use and lawful access to encrypted data.

The next big privacy battles: cross-border data flows and data localization

The next big privacy battles: cross-border data flows and data localization

The EDPS strongly encourages [European Union Institutions] to ensure that any new processing operations or new contracts with any service providers does not involve transfers of personal data to the United States.

EU politicians want Europe’s next big digital law to tackle micro-targeted advertising, by regulating or even banning it

EU politicians want Europe’s next big digital law to tackle micro-targeted advertising, by regulating or even banning it

As part of the preparatory work for drafting the DSA, three of the European Parliament’s specialist committees have drawn up recommendations for what should be included: those for the Internal Market and Consumer Protection, Legal Affairs, and Civil Liberties.

Google Nest hacker finds evidence of Google considering getting rid of 'Hey Google' hot words

Google Nest hacker finds evidence of Google considering getting rid of 'Hey Google' hot words

He demonstrates that by setting this option to "on," his Nest Hub ceases requiring him to say "Hey, Google" before making commands or queries.But the find certainly suggests Google is exploring giving users the choice of using the option or not.

Google tests smart displays that activate without a wake word

Google tests smart displays that activate without a wake word

Instead, the feature codenamed “Blue Steel” could allow the device to simply sense your presence, and proactively listen for commands without first needing to hear the wake word.

French data protection authority says it can’t trust top US Internet companies with EU personal data – even if they keep it in the EU

French data protection authority says it can’t trust top US Internet companies with EU personal data – even if they keep it in the EU

CNIL points out that its conclusions apply not only to Microsoft hosting the Health Data Hub, but also to all the other kinds of French health data held on systems run by US companies.

Q&A: EU's top court rules that UK, French and Belgian mass surveillance regimes must respect privacy

Q&A: EU's top court rules that UK, French and Belgian mass surveillance regimes must respect privacy

Now that the CJEU has decided on the application of EU law in relation to bulk data retention and collection, the cases will be sent back to the national courts for a final decision.

EU laws may not require general and indiscriminate data retention

EU laws may not require general and indiscriminate data retention

On the plus side, the CJEU does say that information and evidence obtained as a result of indiscriminate retention of traffic and location data in breach of EU law should be disregarded in court cases.

EU’s top court limits government spying on citizens’ mobile and internet data

EU’s top court limits government spying on citizens’ mobile and internet data

The groups specifically took issue with the U.K.'s Investigatory Powers Act, a 2015 French decree related to specialized intelligence services, and a Belgian law on collection and retention of communications data that was introduced in 2016.