Secret CIA Data Collection Program

Schneier on Security

Two US Senators claim that the CIA has been running an unregulated — and almost certainly illegal — mass surveillance program on Americans. The senator’s statement. Some declassified information from the CIA. No real details yet

Avast Announces Termination of Data Collection Subsidiary

Adam Levin

Avast will phase out Jumpshot, a subsidiary that sells user browsing data gleaned from its antivirus and security products. . “I The article resulted in a torrent of negative publicity for the company, especially for its promise to deliver data on “every search.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Google sued over biometric data collection without consent

Bleeping Computer

Texas attorney general Ken Paxton has sued Google for allegedly collecting and using biometric data belonging to millions of Texans without proper consent. [.].

Passport scam foxing Texas populace with data collection

CyberSecurity Insiders

Moreover, they are seen collecting card details to help the victims get the money transferred into the account of HSI Department of Texas quickly. The post Passport scam foxing Texas populace with data collection appeared first on Cybersecurity Insiders.

John Oliver on Data Brokers

Schneier on Security

John Oliver has an excellent segment on data brokers and surveillance capitalism. Uncategorized data collection national security policy privacy video

TikTok Sued Over Data Collection of Minors | Avast

Security Boulevard

Former children’s commissioner of England Anne Longfield is suing TikTok on behalf of millions of children in the UK over data collection that Longfield maintains is without sufficient warning and transparency.

Google fined $60 million over Android location data collection

Bleeping Computer

The Australian Competition and Consumer Commission (ACCC) announced that Google was fined $60 million for misleading Australian Android users regarding the collection and use of their location data for almost two years, between January 2017 and December 2018. [.].

Surveillance of Your Car

Schneier on Security

TheMarkup has an extensive analysis of connected vehicle data and the companies that are collecting it. Uncategorized cars data collection privacy surveillance

ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection

Security Affairs

users for illegal data collection. The Chinese firm was accused to have failed to get the users’ consent to collect data in compliance with the Illinois biometric privacy law. ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S.

Facebook Launches 'Privacy Center' to Educate Users on Data Collection and Privacy Options

The Hacker News

Meta Platforms, the company formerly known as Facebook, on Friday announced the launch of a centralized Privacy Center that aims to "educate people" about its approach with regards to how it collects and processes personal information across its family of social media apps.

Differences in App Security/Privacy Based on Country

Schneier on Security

Depending on where you are when you download your Android apps, it might collect more or less data about you. Users in countries not covered by data protection regulations, such as GDPR in the EU and the California Consumer Privacy Act in the U.S.,

Google, Apple fined by Italian authority for aggressive data collection

Bleeping Computer

Italy's competition authority (Autorita Garante della Concorrenza e del Mercato) has announced a fine of 10 million Euros ($11.3 million) against Google and Apple. [.]. Legal Technology Apple Google

New survey shows US adults split on COVID-19 cell phone tracking and data collection

Tech Republic Security

Governments and organizations are unleashing new technologies to fight the spread of the coronavirus, adding to privacy and data collection concerns

Biometric Data Collection Demands Scrutiny of Privacy Law

Dark Reading

An IT lawyer digs into the implications of collecting biometric data, why it can't be anonymized, and what nations are doing about it

Clearview AI gets third €20 million fine for illegal data collection

Bleeping Computer

France's data protection authority (CNIL) has fined Clearview AI with €20 million for illegal collection and processing of biometric data belonging to French citizens. [.].

ProtonMail Now Keeps IP Logs

Schneier on Security

” Uncategorized anonymity courts data collection data protection e-mail privacyAfter being compelled by a Swiss court to monitor IP logs for a particular user, ProtonMail no longer claims that “we do not keep any IP logs.”

Introducing continuous remote worker visibility and expanded data collection with Secure Network Analytics Release 7.3.2

Cisco Retail

Are employees exfiltrating sensitive proprietary data? by introducing endpoint Network Visibility Module (NVM) data as a primary telemetry source to provide organizations with continuity in remote worker monitoring and visibility without requiring NetFlow telemetry to be present.

Introducing continuous remote worker visibility and expanded data collection with Secure Network Analytics Release 7.3.2

Cisco Retail

Are employees exfiltrating sensitive proprietary data? by introducing endpoint Network Visibility Module (NVM) data as a primary telemetry source to provide organizations with continuity in remote worker monitoring and visibility without requiring NetFlow telemetry to be present.

Websites that Collect Your Data as You Type

Schneier on Security

A surprising number of websites include JavaScript keyloggers that collect everything you type as you type it, not just when you submit a form. Uncategorized academic papers data collection key logging privacy

OSINT Data Collection: You Still Need Humans, but Automation is Well Worth the Investment

Security Boulevard

OSINT data collection automation ensures that teams are gathering the most relevant data as quickly and efficiently as possible, while keeping investigations – and investigators – secure.

Facebook Has No Idea What Data It Has

Schneier on Security

This is from a court deposition : Facebook’s stonewalling has been revealing on its own, providing variations on the same theme: It has amassed so much data on so many billions of people and organized it so confusingly that full transparency is impossible on a technical level.

Commercial Location Data Used to Out Priest

Schneier on Security

A Catholic priest was outed through commercially available surveillance data. There is a whole industry devoted to re-identifying anonymized data. Uncategorized cell phones data collection data mining de-anonymization geolocation privacy surveillance

Changes in WhatsApp’s Privacy Policy

Schneier on Security

In 2016, WhatsApp gave users a one-time ability to opt out of having account data turned over to Facebook. Some of the data that WhatsApp collects includes: User phone numbers. Diagnostic data collected from app logs.

China’s Olympics App Is Horribly Insecure

Schneier on Security

MY2022 is fairly straightforward about the types of data it collects from users in its public-facing documents. However, as the app collects a range of highly sensitive medical information, it is unclear with whom or which organization(s) it shares this information.

ThreatList: Google’s Advertising Network Dominates Global Data Collection

Threatpost

With DoubleClick, Analytics and AdWords under its belt, Google continues dominating when it comes to global data collection for advertising, a new report found. Most Recent ThreatLists Privacy Adsense Advertising advertising network AdWords Analytics aol advertising data collection DoubleClick google moat tracking

Are Fake COVID Testing Sites Harvesting Data?

Schneier on Security

Speculation centered around data harvesting, but that didn’t make sense because it was far too labor intensive for that and — sorry to break it to you — your data isn’t worth all that much. Uncategorized COVID-19 data collection fraud healthcare

Interview with the Head of the NSA’s Research Directorate

Schneier on Security

There’s a lot of talk about quantum computing, monitoring 5G networks, and the problems of big data: The math department, often in conjunction with the computer science department, helps tackle one of NSA’s most interesting problems: big data.

De-anonymization Story

Schneier on Security

The data that resulted in Burrill’s ouster was reportedly obtained through legal means. Carriers were caught in 2018 selling real-time location data to brokers , drawing the ire of Congress. Location data is not anonymous.

The Power of Data Analysis in Threat Intelligence – Part 1: Data Collection and Data Mining

Digital Shadows

In 2020, there was an estimated 59 trillion gigabytes of data in the world. The post The Power of Data Analysis in Threat Intelligence – Part 1: Data Collection and Data Mining first appeared on Digital Shadows. Threat Intelligence Data Analysis

Microsoft Products Under EU Investigation About Data Collection

Dark Reading

A new inquiry aims to determine whether contracts between Microsoft and EU organizations violate GDPR

The Dark Sides of Modern Cars: Hacking and Data Collection

Threatpost

How features such as infotainment and driver-assist can give others a leg up on car owners. Privacy Vulnerabilities Web Security Audi BMW Charlie Miller Chris Valasek driverless vehicles electronic control units smart cars Society of Automotive Engineers

Poland and Lithuania fear that data collected via FaceApp could be misused

Security Affairs

Many security experts are warning of the risks of using the popular app, threat actors could be potentially interested in data collected by FaceApp. Poland’s digital affairs ministry is investigating into the app and it is evaluating the security risks posed by FaceApp to the personal data of its users. FaceApp CEO Yaroslav Goncharov attempted to reassure privacy advocates by explaining that Russian authorities did not have access to any user data.

On Executive Order 12333

Schneier on Security

Although electronic surveillance programs authorized by EO 12333 generally target foreign intelligence from foreign targets, its permissive targeting standards allow for the substantial collection of Americans’ communications containing little to no foreign intelligence value.

89% of Android Users Didn't Consent to Facebook Data Collection

Dark Reading

A new survey shows most Android users did not give Facebook permission to collect their call and text data

The US Military Buys Commercial Location Data

Schneier on Security

Vice has a long article about how the US military buys commercial location data worldwide. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned.

How Data Privacy Affects Business Growth

Security Boulevard

The modern world is data-driven. Consequently, thriving businesses have access to lots of data—financial data, logistic data, employee data, customer data and more. Data privacy simply refers to how your business ensures that it.

Ethics in Data Collection

SecureWorld News

Yet, in no small part, nearly every action taken by consumers in the marketplace requires them to input personal or semi-personal data about themselves. One thing is clear: the current state of domestic laws and regulations addressing consumer data protection will not solve this issue.

Online Retailers That Cancel Purchases Continue To Utilize Personal Information Gathered During The Attempted Transactions

Joseph Steinberg

Furthermore, if we allow parties to use data collected in such a fashion is it not possible that we will encourage scammers to offer items for sale at “erroneous” prices specifically in order to collect data without having to deliver anything?

Retail 160

China’s Olympics App Is Horribly Insecure

Security Boulevard

Endpoint Security Bloggers Network cell phones china Data Collection encryption Privacy sports surveillance UncategorizedChina is mandating that athletes download and use a health and travel app when they attend the Winter Olympics next month.

Windows 10 snooping: Microsoft gets more time to tackle 'excessive' data collection

Tech Republic Security

Microsoft has been granted more time to change how Windows 10 collects data about users in order to comply with the French data protection act

Differences in App Security/Privacy Based on Country

Security Boulevard

Depending on where you are when you download your Android apps, it might collect more or less data about you. Mobile Security Security Bloggers Network academic papers android censorship Data Collection geolocation Privacy Uncategorized

VPN 52

TikTok Surreptitiously Collected Android User Data Using Google-Prohibited Tactic

Threatpost

data collection Encryption google mobile apps mobile devices Smartphones tiktok Wall Street JournalApp concealed the practice of gathering device unique identifiers using an added layer of encryption. Government Mobile Security Privacy Android ByteDance Ltd.

Data collection cheat sheet: how Parler, Twitter, Facebook, MeWe’s data policies compare

Security Affairs

CyberNews researchers analyzed data from multiple social platforms like Parler, Twitter, Facebook, MeWe’s to compare data policies. Users would need to read both Triller’s and Quickblox’ privacy policies to get a good idea of how their data is being collected and processed.