Your Exercise Gear Reserves The Right To Track And Sell Data On How You Smell
(techdirt.com)
A new Consumer Reports study unsurprisingly finds that popular exercise equipment makers collect way more data on users than is necessary, then sell access to that data to a wide variety of dodgy and largely unregulated data brokers and middle men, who in turn generally play fast and loose with it.
A new Consumer Reports study unsurprisingly finds that popular exercise equipment makers collect way more data on users than is necessary, then sell access to that data to a wide variety of dodgy and largely unregulated data brokers and middle men, who in turn generally play fast and loose with it.
Texas Sues Allstate over Its Collection of Driver Data
(nytimes.com)
The State of Texas sued Allstate on Monday, accusing the insurer of illegally tracking drivers by way of their phones through a subsidiary called Arity that claimed to have the “world’s largest driving behavior database.”
The State of Texas sued Allstate on Monday, accusing the insurer of illegally tracking drivers by way of their phones through a subsidiary called Arity that claimed to have the “world’s largest driving behavior database.”
PostgreSQL Anonymizer
(readthedocs.io)
PostgreSQL Anonymizer is an extension to mask or replace personally identifiable information (PII) or commercially sensitive data from a Postgres database.
PostgreSQL Anonymizer is an extension to mask or replace personally identifiable information (PII) or commercially sensitive data from a Postgres database.
Ministers mull allowing private firms to make profit from NHS data in AI push
(theguardian.com)
Ministers are considering allowing private companies to make profits from NHS data as part of a push to revolutionise the health service using artificial intelligence, government officials have indicated.
Ministers are considering allowing private companies to make profits from NHS data as part of a push to revolutionise the health service using artificial intelligence, government officials have indicated.
China: Chinese biometrics data exposed on unsecured server
(medium.com)
This is a new chapter of my responsible disclosures to entities that have accidentally left unprotected data exposed in the cloud by “mistake”.
This is a new chapter of my responsible disclosures to entities that have accidentally left unprotected data exposed in the cloud by “mistake”.
Is there such a thing as "private, interactive databases" for SaaS's
(ycombinator.com)
So i've been building a product and my clients really hate the idea that their code is stored on my database (unencrypted). The problem is that I need to process the data in the background often and thus I cannot store it end-to-end encrypted. Is there any service that allows you to deploy some sort of database that only the client accesses and at the same time allows me to process it somehow maybe via apis?
So i've been building a product and my clients really hate the idea that their code is stored on my database (unencrypted). The problem is that I need to process the data in the background often and thus I cannot store it end-to-end encrypted. Is there any service that allows you to deploy some sort of database that only the client accesses and at the same time allows me to process it somehow maybe via apis?
38c3 Talk: Volkswagen, we know where you parked your car [German]
(events.ccc.de)
Bewegungsdaten von 800.000 E-Autos sowie Kontaktinformationen zu den Besitzern standen ungeschützt im Netz. Sichtbar war, wer wann zu Hause parkt, beim BND oder vor dem Bordell.
Bewegungsdaten von 800.000 E-Autos sowie Kontaktinformationen zu den Besitzern standen ungeschützt im Netz. Sichtbar war, wer wann zu Hause parkt, beim BND oder vor dem Bordell.
German watchdog orders Sam Altman's biometric ID project World to delete data
(euronews.com)
World, a biometrics identification project cofounded by OpenAI’s Sam Altman, has been told it did not meet European data protection rules and has been issued with a corrective measure.
World, a biometrics identification project cofounded by OpenAI’s Sam Altman, has been told it did not meet European data protection rules and has been issued with a corrective measure.
Illegal Political Microtargeting by EU Commission
(noyb.eu)
noyb win against European Commission: EDPS (European Data Protection Supervisor) issues decision finding that the European Commission has illegally targeted advertisement on citizens using "sensitive" personal data on their political views.
noyb win against European Commission: EDPS (European Data Protection Supervisor) issues decision finding that the European Commission has illegally targeted advertisement on citizens using "sensitive" personal data on their political views.
Experian plans to sell more of your data
(den.dev)
If you’re in the US and have a Social Security Number, congratulations - Experian, the multinational consumer credit reporting and data aggregator company, is planning to sell off more of your data to third-parties starting February 5, 2025.
If you’re in the US and have a Social Security Number, congratulations - Experian, the multinational consumer credit reporting and data aggregator company, is planning to sell off more of your data to third-parties starting February 5, 2025.
Chinese insiders steal data scooped by President Xi's national surveillance sys
(theregister.com)
Feature Chinese tech company employees and government workers are siphoning off user data and selling it online - and even high-ranking Chinese Communist Party officials and FBI-wanted hackers' sensitive information is being peddled by the Middle Kingdom's thriving illegal data ecosystem.
Feature Chinese tech company employees and government workers are siphoning off user data and selling it online - and even high-ranking Chinese Communist Party officials and FBI-wanted hackers' sensitive information is being peddled by the Middle Kingdom's thriving illegal data ecosystem.
Booking.com says typos giving strangers access to private trip info is not a bug
(arstechnica.com)
You may want to be extra careful if you're booking holiday travel for family and friends this year through Booking.com. A stunned user recently discovered that a typo in an email address could inadvertently share private trip info with strangers, who can then access sensitive information and potentially even take over bookings that Booking.com automatically adds to their accounts.
You may want to be extra careful if you're booking holiday travel for family and friends this year through Booking.com. A stunned user recently discovered that a typo in an email address could inadvertently share private trip info with strangers, who can then access sensitive information and potentially even take over bookings that Booking.com automatically adds to their accounts.
Data brokers may be banned from selling your social security number
(theverge.com)
In the wake of high-profile hacks affecting hundreds of millions of Americans, the Consumer Financial Protection Bureau (CFPB) is proposing a rule limiting data brokers’ ability to sell Americans’ sensitive personal and financial information.
In the wake of high-profile hacks affecting hundreds of millions of Americans, the Consumer Financial Protection Bureau (CFPB) is proposing a rule limiting data brokers’ ability to sell Americans’ sensitive personal and financial information.
Bluesky's open API means anyone can scrape your data for AI training
(techcrunch.com)
Bluesky might not be training AI systems on user content as other social networks are doing, but there’s little stopping third parties from doing so.
Bluesky might not be training AI systems on user content as other social networks are doing, but there’s little stopping third parties from doing so.
OpenAI accidentally erases potential evidence in training data lawsuit
(theverge.com)
In a stunning misstep, OpenAI engineers accidentally erased critical evidence gathered by The New York Times and other major newspapers in their lawsuit over AI training data, according to a court filing Wednesday.
In a stunning misstep, OpenAI engineers accidentally erased critical evidence gathered by The New York Times and other major newspapers in their lawsuit over AI training data, according to a court filing Wednesday.
Strava's Big Changes Aim to Kill Off Apps
(dcrainmaker.com)
Yesterday Strava sent out an e-mail to users, outlining a change that’s occurring almost immediately, regarding 3rd party apps and the way apps are allowed to access and process data from Strava.
Yesterday Strava sent out an e-mail to users, outlining a change that’s occurring almost immediately, regarding 3rd party apps and the way apps are allowed to access and process data from Strava.
DNA testing company vanishes along with its customers' genetic data
(malwarebytes.com)
A DNA testing company that promised clients insights into their genetic disposition has suddenly disappeared.
A DNA testing company that promised clients insights into their genetic disposition has suddenly disappeared.
DNA firm [Atlas Biomed] holding highly sensitive data 'vanishes' without warning
(bbc.co.uk)
A DNA-testing firm appears to have ceased trading - without telling its customers what has happened to the highly sensitive data they shared with it.
A DNA-testing firm appears to have ceased trading - without telling its customers what has happened to the highly sensitive data they shared with it.
ActBlue Isn't Selling Your Data
(matthodges.com)
You constantly see posts among Democratic supporters that look something like this:
You constantly see posts among Democratic supporters that look something like this:
Understanding privacy risk with k-anonymity and l-diversity
(marcusolsson.dev)
Imagine you’re a data analyst at a global company who’s been asked to provide employee statistics for a survey on remote working and distributed teams. You’ve extracted the relevant employee data, but sharing it as-is could violate privacy laws. How can you anonymize this data while ensuring it’s still useful? In this article, you’ll learn about k-anonymity and l-diversity—two valuable techniques in privacy engineering to help you reduce the privacy risk in datasets.
Imagine you’re a data analyst at a global company who’s been asked to provide employee statistics for a survey on remote working and distributed teams. You’ve extracted the relevant employee data, but sharing it as-is could violate privacy laws. How can you anonymize this data while ensuring it’s still useful? In this article, you’ll learn about k-anonymity and l-diversity—two valuable techniques in privacy engineering to help you reduce the privacy risk in datasets.
'Open banking' rules will put your financial data back where it belongs
(theregister.com)
The US Consumer Financial Protection Bureau (CFPB) has finalized a rule that requires banks, credit card issuers, and most other financial firms to provide consumers with access to their personal financial data - and to help them transfer it, generally at no cost.
The US Consumer Financial Protection Bureau (CFPB) has finalized a rule that requires banks, credit card issuers, and most other financial firms to provide consumers with access to their personal financial data - and to help them transfer it, generally at no cost.
Freeing Glucose Data from Freestyle
(frdmtoplay.com)
The Abbott Freestyle Libre 3 v3.4.2 iOS and Android apps do not provide a way to export blood glucose data without syncing to a cloud account. The data is stored on device in an encrypted RealmDB with a wrapped encryption key also stored on the device. Frida is used to hook the Android APK and unwrap the key to decrypt the RealmDB.
The Abbott Freestyle Libre 3 v3.4.2 iOS and Android apps do not provide a way to export blood glucose data without syncing to a cloud account. The data is stored on device in an encrypted RealmDB with a wrapped encryption key also stored on the device. Frida is used to hook the Android APK and unwrap the key to decrypt the RealmDB.
The Tragedy of Google Books (2017)
(theatlantic.com)
“Somewhere at Google there is a database containing 25 million books and nobody is allowed to read them.”
“Somewhere at Google there is a database containing 25 million books and nobody is allowed to read them.”
TikTok executives know about app's effect on teens, lawsuit documents allege
(npr.org)
For the first time, internal TikTok communications have been made public that show a company unconcerned with the harms the app poses for American teenagers. This is despite its own research validating many child safety concerns.
For the first time, internal TikTok communications have been made public that show a company unconcerned with the harms the app poses for American teenagers. This is despite its own research validating many child safety concerns.
Car brands are collecting and sharing your data with third parties
(abc.net.au)
Popular car brands are collecting and sharing driver data from braking patterns and odometer readings to vehicle location and voice recognition information, consumer advocacy group Choice has found.
Popular car brands are collecting and sharing driver data from braking patterns and odometer readings to vehicle location and voice recognition information, consumer advocacy group Choice has found.
What happens to all of 23andMe's genetic DNA data?
(npr.org)
As 23andMe struggles for survival, customers like Wiles have one pressing question: What is the company’s plan for all the data it has collected since it was founded in 2006?
As 23andMe struggles for survival, customers like Wiles have one pressing question: What is the company’s plan for all the data it has collected since it was founded in 2006?