What Do Those Pesky ‘Cookie Preferences’ Pop-Ups Really Mean?

As part of GDPR, companies based outside Europe can be hit with enormous fines if they track and analyze EU visitors to their website. In other words, say your company resides in New York, but that company has European visitors and customers, or collects their data. If that’s the case, they can be penalized to the tune of tens of millions in fines if they don’t disclose their data collection and obtain the user’s consent.

Understandably, American companies want to avoid huge fines, which is why US users are seeing more and more of these permission boxes.

The boxes are designed to offer users more control over their data, as the EU law was put into place to protect all data belonging to EU citizens and residents. The confusion within the US market exists because the country doesn’t have similar laws to protect the privacy of its citizens.

In February 2022, Saryu Nayyar  [...]  read more

Google Urged to Stop Tracking Location Data Ahead of Roe Reversal

More than 40 Democratic members of Congress called on Google to stop collecting and retaining customer location data that prosecutors could use to identify women who obtain abortions.

“We are concerned that, in a world in which abortion could be made illegal, Google’s current practice of collecting and retaining extensive records of cell phone location data will allow it to become a tool for far-right extremists looking to crack down on people seeking reproductive health care. That’s because Google stores historical location information about hundreds of millions of smartphone users, which it routinely shares with government agencies,” Democrats wrote May 24 in a letter led by Senator Ron Wyden (D-Ore.) and Rep. Anna Eshoo (D-Calif.). The letter was sent to Google CEO Sundar Pichai.

Specifically, Google should stop collecting “unnecessary customer location data” or “any non-aggregate location data about individual customers, whether in identifiable or anonymized [...]  read more

Proton Is Trying to Become Google—Without Your Data

Since its founding in 2014, ProtonMail has become synonymous with user-friendly encrypted email. Now the company is trying to be synonymous with a whole lot more. On Wednesday morning, it announced that it’s changing its name to, simply, Proton—a nod at its broader ambitions within the universe of online privacy. The company will now offer an “ecosystem” of linked products, all accessed via one paid subscription. Proton subscribers will have access not just to encrypted email, but also an encrypted calendar, file storage platform, and VPN.

This is all part of CEO Andy Yen’s master plan to give Proton something close to a fighting chance against tech giants like Google. A Taiwanese-born former particle physicist, Yen moved to Geneva, Switzerland, after grad school to work at CERN, the nuclear research facility. Geneva proved a natural place to pivot to a privacy-focused startup, thanks to both Switzerland’s privacy-friendly legal regime and to a steady crop [...]  read more

The Surveillance State Is Primed for Criminalized Abortion

In the three weeks since a draft opinion leaked from the United States Supreme Court promising to roll back the federal constitutional right to abortion in the United States, reproductive rights activists and privacy advocates have been working to understand the reality of how such a shift will impact Americans. And a new report from the Surveillance Technology Oversight Project, published on Tuesday, lays out the ways in which police, prosecutors, and private litigants will be able to lean on existing data-access mechanisms and tracking tools to enforce state abortion bans.

The research underscores what privacy advocates have been warning about for decades: A surveillance state built to track certain types of behavior can easily, and inevitably, be adapted to other ends.

“None of the tactics we will see used to target pregnant people will be new,” says Albert Fox Cahn, executive director of the Surveillance Technology Oversight Project. “We’ve seen these same surveillance [...]  read more

How GDPR Is Failing

The French data regulator has, in some ways, sidestepped the international GDPR process by directly pursuing companies’ use of cookies. Despite common beliefs, annoying cookie pop-ups don’t come from GDPR—they’re governed by the EU’s separate E-Privacy law, and the French regulator has taken advantage of this. Marie-Laure Denis, the head of French regulator CNIL, has hit Google, Amazon, and Facebook with hefty fines for bad cookie practices. Perhaps more importantly, it has forced companies to change their behavior. Google is altering its cookie banners across the whole of Europe following the French enforcement.

“We are starting to see really concrete changes to the digital ecosystems and evolution of practices, which is really what we are looking [for],” Denis says. She explains that CNIL will next look at data collection by mobile apps under the E-Privacy law, and cloud data transfers under GDPR. The cookie enforcement effort wasn’t to avoid GDPR’s [...]  read more

Do People Caught on Ring Cameras Have Privacy Rights?

Big picture, there’s no legal issue with posting surveillance cam content. Experts agree that it is generally legal to post video footage captured in a public space where the subject of the video lacks a reasonable expectation of privacy. (Things get a bit trickier with audio recordings, where states vary in consent rules, but, again, these rules often don’t apply when a person is in a public space, like on a sidewalk.) While a person’s front door area is legally considered “private” for Fourth Amendment purposes—meaning the police can’t snoop around without a warrant—a homeowner can surveil their own space. Accordingly, the decision to post content is almost entirely at the discretion of the camera’s owner, who also carries the burden of ensuring that their use of surveillance devices does not violate local privacy ordinances, according to Ring’s terms of service.

For its part, Ring warns users against using cam footage in a manner that is “harmful, [...]  read more

If Tech Fails to Design for the Most Vulnerable, It Fails Us All

What do Russian protesters have in common with Twitter users freaked out about Elon Musk reading their DMs and people worried about the criminalization of abortion? It would serve them all to be protected by a more robust set of design practices from companies developing technologies.

Let’s back up. Last month, Russian police coerced protesters into unlocking their phones to search for evidence of dissent, leading to arrests and fines. What’s worse is that Telegram, one of the main chat-based apps used in Russia, is vulnerable to these searches. Even just having the Telegram app on a personal device might imply that its owner doesn’t support the Kremlin’s war. But the builders of Telegram have failed to design the app with considerations for personal safety in high-risk environments, and not just in the Russian context. Telegram can thus be weaponized against its users.

Likewise, amid the back and forth about Elon [...]  read more

The NSA Swears It Has ‘No Backdoors’ in Next-Gen Encryption

A group of human rights lawyers and investigators called on the Hague this week to bring what would be the first ever “cyber war crimes” charges. The group is urging the International Criminal Court to bring charges against the dangerous and destructive Russian hacking group known as Sandworm, which is run by Russia’s military intelligence agency GRU. Meanwhile, activists are working to block Russia from using satellites controlled by the French company Eutelsat to broadcast its state-run propaganda programming.

Researchers released findings this week that thousands of popular websites record data that users type into forms on the site before they hit the Submit button—even if the user closes the page without submitting anything. Google released a report on an in-depth security analysis [...]  read more

2 Visions Clash Over How to Fight Online Child Abuse in Europe

Encrypted messenger services have been quick to condemn the Commission’s proposal. Julia Weiss, a spokesperson for the Swiss messenger app Threema, says the company was not willing to undermine its users’ privacy in any way. “Building a surveillance system to proactively scan all private content was a terrible idea when Apple proposed it, and it’s a terrible idea now,” added Will Cathcart, head of WhatsApp, in a Twitter post. In August 2021, Apple announced a proposal to scan its users’ photos for child sexual abuse material but, after intense criticism, indefinitely delayed those plans a month later.

But Europe’s home affairs commissioner Ylva Johansson has been dogged in her pursuit of this law. “I’m prepared to hear criticism from companies, because detecting child sex abuse material and protecting children is maybe not profitable, but it’s necessary,” she said in a press conference Wednesday. Tools used to carry out any scanning have [...]  read more

Exit mobile version