The Data Drop News for Wednesday, July 27, 2022
Updated: Sep 1, 2022
Google targeted in fresh EU consumer groups' privacy complaints.
Further EU DPA orders stop of Google Analytics.
U.S. communications regulator wants TikTok removed from app stores
Former Amazon Employee Found Guilty in 2019 Capital One Data Breach.
Google will delete location history data for abortion clinic visits.
Teslas Banned From China Communist Party Resort Town.
Plus the latest in PrivTech news!
Pro tip: All stories featured in the show plus an archive of thousands are available to discover, bookmark, and share from the free Privacy Newsfeed app.
Google targeted in fresh EU consumer groups' privacy complaints
Google has been targeted by a French consumer group and its peers in complaints to privacy watchdogs over its vast trove of users' personal data harvested via their Google accounts, European consumer organisation BEUC said on Thursday.
In addition to the French consumer group, others in Greece, the Czech Republic, Norway and Slovenia have taken their complaints to their data protection authorities, BEUC said.
Further EU DPA orders stop of Google Analytics
In other Google news, Italy has become the third country to ban Google Analytics officially. The news broke today after a careful examination concluded that Google Analytics violated GDPR law. Italy is the third country to ban Google Analytics.
This was concluded by Garante (the Italian Data Protection Authority) after a complex investigation in coordination with other European privacy authorities.
It reached the same conclusion as the DSB (Austrian Data Protection Authority), which was the first to rule the use of Google Analytics illegal. This has been the starting point for a chain reaction that led the French and now Italians to follow, and we’ll see more in the coming months.
U.S. communications regulator wants TikTok removed from app stores over spying concerns
A commissioner with the U.S. communications regulator is asking Apple and Google to consider banning TikTok from their app stores over data security concerns related to the Chinese-owned company.
Brendan Carr, a commissioner with the Federal Communications Commission (FCC), has written a letter to the CEOs of both companies, alerting them that the wildly popular video-sharing app does not comply with the requirements of their app store policies. "TikTok is not what it appears to be on the surface. It is not just an app for sharing funny videos or meme. That's the sheep's clothing," Carr said in the letter. "At its core, TikTok functions as a sophisticated surveillance tool that harvests extensive amounts of personal and sensitive data."
Former Amazon Employee Found Guilty in 2019 Capital One Data Breach
A 36-year-old former Amazon employee was convicted of wire fraud and computer intrusions in the U.S. for her role in the theft of personal data of no fewer than 100 million people in the 2019 Capital One breach.
Paige Thompson, who operated under the online alias "erratic" and worked for the tech giant till 2016, was found guilty of wire fraud, five counts of unauthorized access to a protected computer, and damaging a protected computer. The seven-day trial saw the jury acquitted her of other charges, including access device fraud and aggravated identity theft. She is scheduled for sentencing on September 15, 2022. Cumulatively, the offenses are punishable by up to 25 years in prison.
Google will delete location history data for abortion clinic visits
Google will delete location data showing when users visit an abortion clinic, the online search company said on Friday, after concern that a digital trail could inform law enforcement if an individual terminates a pregnancy illegally.
As state laws limiting abortions set in after the US supreme court decided last month that they are no longer guaranteed by the constitution, the technology industry has fretted police could obtain warrants for customers’ search history, geolocation and other information revealing pregnancy plans.
Teslas Banned From China Communist Party Resort Town
Tesla Inc.’s cars will from July 1 be barred from entering Beidaihe, a coastal district east of Beijing that hosts the Communist Party’s summer retreats, Reuters reported Monday, citing a local traffic police official.
The ban will last for at least two months, according to the report, which cited the official as saying the decision concerned “national affairs” and that an announcement would be made soon. Tesla uses several small cameras, mainly located on the outside of the vehicle, to help guide parking, autopilot and self-driving functions. Most models also have an interior camera mounted above the rear-view mirror.
‘Asleep at the wheel’: Canada police’s spyware admission raises alarm
An admission from Canada’s national police force that it routinely uses powerful spyware to surveil citizens has prompted concern from experts, who warn the country is “asleep at the wheel” when it comes to regulating and reining in use of the technology.
During a parliamentary session in late June, the Royal Canadian Mounted Police submitted a document, first reported in Politico, outlining how a special investigative team covertly infiltrates the mobile devices of Canadians. The tools, which have been used on at least 10 investigations between 2018 and 2020, give the police access to text messages, email, photos, videos, audio files, calendar entries and financial records.
The software can also remotely turn on the camera and microphone of a suspect’s phone or laptop.
UK unveils Data Reform Bill, scrapping parts of GDPR and promising £1 billion in savings
The UK government has unveiled the details behind its widely anticipated proposals to replace the General Data Protection Regulation (GDPR) with more flexible and less stringent data protection laws.
The EU’s “highly complex” GDPR, which came into force four years ago, has held back businesses from using data “as dynamically as they could”, according to the Department for Digital, Culture, Media and Sport (DCMS).
The Data Reform Bill will scrap what the government decries as “red tape and pointless paperwork”, while lowering the barrier for personal data to be used in scientific research. As part of this package, the Information Commissioner’s Office (ICO) will also be restructured.
Daycare Apps Are Dangerously Insecure
A recent study looking at a number of popular daycare and early education apps has found more issues than just the lack of two-factor authorization.
Through static and dynamic analysis of several apps, they uncovered not just security issues but privacy-compromising features as well. Issues like weak password policies, Facebook tracking, cleartext traffic enabled, and vectors for malicious apps to view sensitive data.
Supercookies Have Privacy Experts Sounding the Alarm
Customers of some phone companies in Germany, including Vodafone and Deutsche Telekom, have had a slightly different browsing experience from those on other providers since early April. Rather than seeing ads through regular third-party tracking cookies stored on devices, they’ve been part of a trial called TrustPid.
Apple Announces 'Extreme' Privacy Mode for Targets of Government Spyware
In an attempt to protect its most vulnerable users, Apple has announced an upcoming feature designed to thwart hacking attempts from government malware.
Apple’s announcement specifically called malware created by the Israeli spyware firm NSO Group, which was recently caught spying on dozens of journalists, government officials, and dissidents.. The new feature is called “Lockdown Mode” and Apple described it as “extreme” and “groundbreaking” security capability.
In practice, Lockdown Mode turns off several features that can be exploited by hackers who use government spyware made by companies such as NSO Group or Candiru.
Privacy-focused Brave Search grew by five thousand percent in a year
Since launching in June 2021, Brave Search grew by almost 5,000%, starting with 8.1 Million search queries in June 2021 and growing to 411.7 million by the end of May 2022. Brave says it grew its current query volume four times quicker than DuckDuckGo, likely assisted by its large community of Brave Browser users.
Data ownership podcast
The Data Drop is a production of the Data Collaboration Community where members access free privacy apps and crowdsource app-for-good projects from a digital hub that supports the Zero-Copy Integration framework. The show is published bi-weekly, alternating between 5 minute privacy news roundups and a panel format that features leading privacy pros in conversation about the recent developments in data privacy, data protection, and data governance that made them sit up and take notice.
Data Collaboration Alliance
The Data Collaboration Alliance is a nonprofit that’s dedicated to establishing CONTROL as the basis for meaningful data ownership and global collaborative intelligence. Our approach of eliminating copies to achieve this goal is similar to how societies already protect the value of currency, identity, and intellectual property - and it works for data, too. Our advisors include the Executive Director of the Mozilla Foundation and the ex-CIO of Dropbox.
In concert with our partners, we're accelerating the establishment of new technologies, standards, and methodologies in data management and application development in order to support a future for technology that's more controlled, collaborative, and efficient.
Community - our members access free privacy apps and data crowdsourcing
Partner Success - amplifying products, content, and leaders
Advocacy - we support 'zero copy' technologies, standards, and methodologies
Research - we support proofs of concept for web3 interoperability
Software For Good - our partners support data-centric research teams
Speakers Bureau - thought leaders available for media and events