article thumbnail

Secret CIA Data Collection Program

Schneier on Security

Two US Senators claim that the CIA has been running an unregulated — and almost certainly illegal — mass surveillance program on Americans. The senator’s statement. Some declassified information from the CIA. No real details yet

article thumbnail

Avast Announces Termination of Data Collection Subsidiary

Adam Levin

Avast will phase out Jumpshot, a subsidiary that sells user browsing data gleaned from its antivirus and security products. . “I The article resulted in a torrent of negative publicity for the company, especially for its promise to deliver data on “every search.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Passport scam foxing Texas populace with data collection

CyberSecurity Insiders

Moreover, they are seen collecting card details to help the victims get the money transferred into the account of HSI Department of Texas quickly. The post Passport scam foxing Texas populace with data collection appeared first on Cybersecurity Insiders.

article thumbnail

Google sued over biometric data collection without consent

Bleeping Computer

Texas attorney general Ken Paxton has sued Google for allegedly collecting and using biometric data belonging to millions of Texans without proper consent. [.].

article thumbnail

John Oliver on Data Brokers

Schneier on Security

John Oliver has an excellent segment on data brokers and surveillance capitalism. Uncategorized data collection national security policy privacy video

article thumbnail

New survey shows US adults split on COVID-19 cell phone tracking and data collection

Tech Republic Security

Governments and organizations are unleashing new technologies to fight the spread of the coronavirus, adding to privacy and data collection concerns

article thumbnail

Apple Fined $8.0M in France for Data Collecting Issues

Heimadal Security

Commission Nationale de l’Informatique et des Libertés (CNIL), the French data protection authority, fined Apple €8,000,000 ($8.5M) for collecting user data without the user’s consent. The data was used to better target advertising in the App Store.

article thumbnail

Colorado Passes Consumer Privacy Law

Schneier on Security

Uncategorized data collection data protection privacyFirst California. Then Virginia. Now Colorado. Here’s a good comparison of the three states’ laws.

article thumbnail

ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection

Security Affairs

users for illegal data collection. The Chinese firm was accused to have failed to get the users’ consent to collect data in compliance with the Illinois biometric privacy law. ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S.

article thumbnail

Surveillance of Your Car

Schneier on Security

TheMarkup has an extensive analysis of connected vehicle data and the companies that are collecting it. Uncategorized cars data collection privacy surveillance

article thumbnail

Facebook Launches 'Privacy Center' to Educate Users on Data Collection and Privacy Options

The Hacker News

Meta Platforms, the company formerly known as Facebook, on Friday announced the launch of a centralized Privacy Center that aims to "educate people" about its approach with regards to how it collects and processes personal information across its family of social media apps.

article thumbnail

Google fined $60 million over Android location data collection

Bleeping Computer

The Australian Competition and Consumer Commission (ACCC) announced that Google was fined $60 million for misleading Australian Android users regarding the collection and use of their location data for almost two years, between January 2017 and December 2018. [.].

article thumbnail

Biometric Data Collection Demands Scrutiny of Privacy Law

Dark Reading

An IT lawyer digs into the implications of collecting biometric data, why it can't be anonymized, and what nations are doing about it

article thumbnail

Differences in App Security/Privacy Based on Country

Schneier on Security

Depending on where you are when you download your Android apps, it might collect more or less data about you. Users in countries not covered by data protection regulations, such as GDPR in the EU and the California Consumer Privacy Act in the U.S.,

article thumbnail

ProtonMail Now Keeps IP Logs

Schneier on Security

” Uncategorized anonymity courts data collection data protection e-mail privacyAfter being compelled by a Swiss court to monitor IP logs for a particular user, ProtonMail no longer claims that “we do not keep any IP logs.”

article thumbnail

Websites that Collect Your Data as You Type

Schneier on Security

A surprising number of websites include JavaScript keyloggers that collect everything you type as you type it, not just when you submit a form. Uncategorized academic papers data collection key logging privacy

article thumbnail

Commercial Location Data Used to Out Priest

Schneier on Security

A Catholic priest was outed through commercially available surveillance data. There is a whole industry devoted to re-identifying anonymized data. Uncategorized cell phones data collection data mining de-anonymization geolocation privacy surveillance

article thumbnail

Google, Apple fined by Italian authority for aggressive data collection

Bleeping Computer

Italy's competition authority (Autorita Garante della Concorrenza e del Mercato) has announced a fine of 10 million Euros ($11.3 million) against Google and Apple. [.]. Legal Technology Apple Google

article thumbnail

Changes in WhatsApp’s Privacy Policy

Schneier on Security

In 2016, WhatsApp gave users a one-time ability to opt out of having account data turned over to Facebook. Some of the data that WhatsApp collects includes: User phone numbers. Diagnostic data collected from app logs.

article thumbnail

OSINT Data Collection: You Still Need Humans, but Automation is Well Worth the Investment

Security Boulevard

OSINT data collection automation ensures that teams are gathering the most relevant data as quickly and efficiently as possible, while keeping investigations – and investigators – secure.

article thumbnail

China’s Olympics App Is Horribly Insecure

Schneier on Security

MY2022 is fairly straightforward about the types of data it collects from users in its public-facing documents. However, as the app collects a range of highly sensitive medical information, it is unclear with whom or which organization(s) it shares this information.

article thumbnail

Are Fake COVID Testing Sites Harvesting Data?

Schneier on Security

Speculation centered around data harvesting, but that didn’t make sense because it was far too labor intensive for that and — sorry to break it to you — your data isn’t worth all that much. Uncategorized COVID-19 data collection fraud healthcare

article thumbnail

De-anonymization Story

Schneier on Security

The data that resulted in Burrill’s ouster was reportedly obtained through legal means. Carriers were caught in 2018 selling real-time location data to brokers , drawing the ire of Congress. Location data is not anonymous.

article thumbnail

Facebook Has No Idea What Data It Has

Schneier on Security

This is from a court deposition : Facebook’s stonewalling has been revealing on its own, providing variations on the same theme: It has amassed so much data on so many billions of people and organized it so confusingly that full transparency is impossible on a technical level.

article thumbnail

Interview with the Head of the NSA’s Research Directorate

Schneier on Security

There’s a lot of talk about quantum computing, monitoring 5G networks, and the problems of big data: The math department, often in conjunction with the computer science department, helps tackle one of NSA’s most interesting problems: big data.

article thumbnail

Introducing continuous remote worker visibility and expanded data collection with Secure Network Analytics Release 7.3.2

Cisco Security

Are employees exfiltrating sensitive proprietary data? by introducing endpoint Network Visibility Module (NVM) data as a primary telemetry source to provide organizations with continuity in remote worker monitoring and visibility without requiring NetFlow telemetry to be present.

article thumbnail

The Power of Data Analysis in Threat Intelligence – Part 1: Data Collection and Data Mining

Digital Shadows

In 2020, there was an estimated 59 trillion gigabytes of data in the world. The post The Power of Data Analysis in Threat Intelligence – Part 1: Data Collection and Data Mining first appeared on Digital Shadows. Threat Intelligence Data Analysis

article thumbnail

Clearview AI gets third €20 million fine for illegal data collection

Bleeping Computer

France's data protection authority (CNIL) has fined Clearview AI with €20 million for illegal collection and processing of biometric data belonging to French citizens. [.].

article thumbnail

On Executive Order 12333

Schneier on Security

Although electronic surveillance programs authorized by EO 12333 generally target foreign intelligence from foreign targets, its permissive targeting standards allow for the substantial collection of Americans’ communications containing little to no foreign intelligence value.

article thumbnail

ThreatList: Google’s Advertising Network Dominates Global Data Collection

Threatpost

With DoubleClick, Analytics and AdWords under its belt, Google continues dominating when it comes to global data collection for advertising, a new report found. Most Recent ThreatLists Privacy Adsense Advertising advertising network AdWords Analytics aol advertising data collection DoubleClick google moat tracking

article thumbnail

Microsoft Products Under EU Investigation About Data Collection

Dark Reading

A new inquiry aims to determine whether contracts between Microsoft and EU organizations violate GDPR

article thumbnail

The Dark Sides of Modern Cars: Hacking and Data Collection

Threatpost

How features such as infotainment and driver-assist can give others a leg up on car owners. Privacy Vulnerabilities Web Security Audi BMW Charlie Miller Chris Valasek driverless vehicles electronic control units smart cars Society of Automotive Engineers

article thumbnail

Introducing continuous remote worker visibility and expanded data collection with Secure Network Analytics Release 7.3.2

Cisco Security

Are employees exfiltrating sensitive proprietary data? by introducing endpoint Network Visibility Module (NVM) data as a primary telemetry source to provide organizations with continuity in remote worker monitoring and visibility without requiring NetFlow telemetry to be present.

Retail 67
article thumbnail

Windows 10 snooping: Microsoft gets more time to tackle 'excessive' data collection

Tech Republic Security

Microsoft has been granted more time to change how Windows 10 collects data about users in order to comply with the French data protection act

article thumbnail

Poland and Lithuania fear that data collected via FaceApp could be misused

Security Affairs

Many security experts are warning of the risks of using the popular app, threat actors could be potentially interested in data collected by FaceApp. Poland’s digital affairs ministry is investigating into the app and it is evaluating the security risks posed by FaceApp to the personal data of its users. FaceApp CEO Yaroslav Goncharov attempted to reassure privacy advocates by explaining that Russian authorities did not have access to any user data.

article thumbnail

The US Military Buys Commercial Location Data

Schneier on Security

Vice has a long article about how the US military buys commercial location data worldwide. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned.

article thumbnail

89% of Android Users Didn't Consent to Facebook Data Collection

Dark Reading

A new survey shows most Android users did not give Facebook permission to collect their call and text data

article thumbnail

How Data Privacy Affects Business Growth

Security Boulevard

The modern world is data-driven. Consequently, thriving businesses have access to lots of data—financial data, logistic data, employee data, customer data and more. Data privacy simply refers to how your business ensures that it.

article thumbnail

China’s Olympics App Is Horribly Insecure

Security Boulevard

Endpoint Security Bloggers Network cell phones china Data Collection encryption Privacy sports surveillance UncategorizedChina is mandating that athletes download and use a health and travel app when they attend the Winter Olympics next month.

article thumbnail

Online Retailers That Cancel Purchases Continue To Utilize Personal Information Gathered During The Attempted Transactions

Joseph Steinberg

Furthermore, if we allow parties to use data collected in such a fashion is it not possible that we will encourage scammers to offer items for sale at “erroneous” prices specifically in order to collect data without having to deliver anything?

Retail 171
article thumbnail

TikTok Surreptitiously Collected Android User Data Using Google-Prohibited Tactic

Threatpost

data collection Encryption google mobile apps mobile devices Smartphones tiktok Wall Street JournalApp concealed the practice of gathering device unique identifiers using an added layer of encryption. Government Mobile Security Privacy Android ByteDance Ltd.

article thumbnail

Amazon Fires Employee Who Leaked Customer Names, Emails

Threatpost

Breach Privacy amazon amazon data Amazon privacy customer notification data breach data collection Data sharing email address employee fired insider threat law enforcementAmazon notified customers and law enforcement of the insider-threat incident this week.

article thumbnail

Data collection cheat sheet: how Parler, Twitter, Facebook, MeWe’s data policies compare

Security Affairs

CyberNews researchers analyzed data from multiple social platforms like Parler, Twitter, Facebook, MeWe’s to compare data policies. Users would need to read both Triller’s and Quickblox’ privacy policies to get a good idea of how their data is being collected and processed.